cf96820.tw1.ru Open in urlscan Pro
2a03:6f00:1::5c35:6079  Malicious Activity! Public Scan

URL: https://cf96820.tw1.ru/
Submission Tags: phishing
Submission: On June 07 via api from JP — Scanned from JP

Summary

This website contacted 42 IPs in 4 countries across 32 domains to perform 130 HTTP transactions. The main IP is 2a03:6f00:1::5c35:6079, located in Russian Federation and belongs to TIMEWEB-AS, RU. The main domain is cf96820.tw1.ru.
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on January 11th 2024. Valid for: a year.
This is the only time cf96820.tw1.ru was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: au Jibun Bank (Financial)

Domain & IP information

IP Address AS Autonomous System
1 2a03:6f00:1::... 9123 (TIMEWEB-AS)
1 104.71.152.232 16625 (AKAMAI-AS)
2 183.79.248.252 24572 (YAHOO-JP-...)
1 52.194.138.20 16509 (AMAZON-02)
9 2404:6800:400... 15169 (GOOGLE)
1 2600:9000:26f... 16509 (AMAZON-02)
5 2620:1ec:c11:... 8068 (MICROSOFT...)
1 23.62.185.138 16625 (AKAMAI-AS)
1 23.32.224.34 16625 (AKAMAI-AS)
1 151.101.228.157 54113 (FASTLY)
14 23.62.20.91 20940 (AKAMAI-ASN1)
1 15 172.217.26.226 15169 (GOOGLE)
1 172.217.161.66 15169 (GOOGLE)
2 183.79.255.12 24572 (YAHOO-JP-...)
1 3.114.207.150 16509 (AMAZON-02)
1 54.65.115.213 16509 (AMAZON-02)
2 2600:9000:26a... 16509 (AMAZON-02)
2 13.251.181.147 16509 (AMAZON-02)
3 184.26.218.115 16625 (AKAMAI-AS)
9 151.101.129.91 54113 (FASTLY)
1 2a04:4e42:200... 54113 (FASTLY)
2 52.196.189.61 16509 (AMAZON-02)
1 2600:9000:26a... 16509 (AMAZON-02)
1 2600:9000:235... 16509 (AMAZON-02)
1 15 172.217.175.68 15169 (GOOGLE)
15 142.250.196.131 15169 (GOOGLE)
4 147.92.191.92 38631 (LINE LINE...)
2 34.102.157.207 396982 (GOOGLE-CL...)
1 2600:140b:a00... 20940 (AKAMAI-ASN1)
1 54.249.167.126 16509 (AMAZON-02)
1 3.164.110.92 16509 (AMAZON-02)
1 57.180.94.75 16509 (AMAZON-02)
1 13.225.183.52 16509 (AMAZON-02)
1 3.165.39.26 16509 (AMAZON-02)
1 2 103.132.192.30 138552 (RTBHOUSE-...)
2 2a03:2880:f00... 32934 (FACEBOOK)
1 2 35.78.35.33 16509 (AMAZON-02)
1 3.164.110.129 16509 (AMAZON-02)
1 3.164.134.66 16509 (AMAZON-02)
4 2a03:2880:f10... 32934 (FACEBOOK)
1 52.69.201.129 16509 (AMAZON-02)
130 42
Apex Domain
Subdomains
Transfer
17 jibunbank.co.jp
sib.jibunbank.co.jp
www.jibunbank.co.jp
2 MB
15 google.co.jp
www.google.co.jp — Cisco Umbrella Rank: 20792
960 B
15 google.com
www.google.com — Cisco Umbrella Rank: 5
920 B
15 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 63
21 KB
11 karte.io
cdn-edge.karte.io — Cisco Umbrella Rank: 155460
cdn-issues.karte.io — Cisco Umbrella Rank: 628238
b.karte.io — Cisco Umbrella Rank: 159296
bs.karte.io — Cisco Umbrella Rank: 262321
static.karte.io — Cisco Umbrella Rank: 267763
142 KB
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
749 KB
5 bing.com
bat.bing.com — Cisco Umbrella Rank: 361
14 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 119
4 KB
4 line.me
tr.line.me — Cisco Umbrella Rank: 14989
2 KB
4 yahoo.co.jp
b98.yahoo.co.jp — Cisco Umbrella Rank: 78637
yjtag.yahoo.co.jp — Cisco Umbrella Rank: 46791
b99.yahoo.co.jp — Cisco Umbrella Rank: 22878
am.yahoo.co.jp — Cisco Umbrella Rank: 20943
24 KB
4 smartnews-ads.com
cdn.smartnews-ads.com — Cisco Umbrella Rank: 78129
i.smartnews-ads.com — Cisco Umbrella Rank: 79152
i6.smartnews-ads.com — Cisco Umbrella Rank: 83124
4 KB
3 ladsp.com
px.ladsp.com — Cisco Umbrella Rank: 108019
um.ladsp.com — Cisco Umbrella Rank: 227383
1 KB
3 usergram.info
code.usergram.info — Cisco Umbrella Rank: 264168
config-code.usergram.info — Cisco Umbrella Rank: 402315
tr.usergram.info — Cisco Umbrella Rank: 354545
17 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 205
72 KB
2 creativecdn.com
asia.creativecdn.com — Cisco Umbrella Rank: 25435
1 KB
2 fraud-alert.net
static.fraud-alert.net
p.fraud-alert.net
21 KB
2 digicert.com
seal.digicert.com — Cisco Umbrella Rank: 12561
8 KB
2 dynalyst.jp
fledge.dynalyst.jp — Cisco Umbrella Rank: 556292
2 KB
2 ebis.ne.jp
rec.ebis.ne.jp — Cisco Umbrella Rank: 315627
taj1.ebis.ne.jp — Cisco Umbrella Rank: 215005
10 KB
1 valis-cpx.jp
cd.valis-cpx.jp — Cisco Umbrella Rank: 340978
3 KB
1 csolution.jp
tk.csolution.jp
2 KB
1 yjtag.jp
s.yjtag.jp — Cisco Umbrella Rank: 79230
14 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 824
82 KB
1 amoad.com
mk.ca-conv.amoad.com — Cisco Umbrella Rank: 487753
894 B
1 adtdp.com
dynalyst-mk.adtdp.com — Cisco Umbrella Rank: 513731
1 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 137
2 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 907
15 KB
1 line-scdn.net
d.line-scdn.net — Cisco Umbrella Rank: 15261
10 KB
1 yimg.jp
s.yimg.jp — Cisco Umbrella Rank: 6996
11 KB
1 kaizenplatform.net
cdn.kaizenplatform.net — Cisco Umbrella Rank: 537862
101 KB
1 tw1.ru
cf96820.tw1.ru
8 KB
0 goo.ne.jp Failed
adcdn.goo.ne.jp Failed
130 32
Domain Requested by
15 www.google.co.jp cf96820.tw1.ru
15 www.google.com 1 redirects cf96820.tw1.ru
15 googleads.g.doubleclick.net 1 redirects cf96820.tw1.ru
www.googletagmanager.com
14 sib.jibunbank.co.jp cf96820.tw1.ru
sib.jibunbank.co.jp
9 www.googletagmanager.com cf96820.tw1.ru
s.yjtag.jp
5 bat.bing.com cf96820.tw1.ru
4 www.facebook.com
4 tr.line.me cf96820.tw1.ru
3 static.karte.io bs.karte.io
3 cdn-edge.karte.io cf96820.tw1.ru
cdn-edge.karte.io
3 www.jibunbank.co.jp cf96820.tw1.ru
2 px.ladsp.com 1 redirects
2 connect.facebook.net cf96820.tw1.ru
connect.facebook.net
2 asia.creativecdn.com 1 redirects cf96820.tw1.ru
2 b.karte.io cdn-edge.karte.io
2 cdn-issues.karte.io cdn-edge.karte.io
cdn-issues.karte.io
2 i.smartnews-ads.com cf96820.tw1.ru
2 seal.digicert.com cf96820.tw1.ru
2 fledge.dynalyst.jp cf96820.tw1.ru
1 tr.usergram.info
1 um.ladsp.com px.ladsp.com
1 config-code.usergram.info code.usergram.info
1 am.yahoo.co.jp s.yimg.jp
1 b99.yahoo.co.jp
1 cd.valis-cpx.jp cf96820.tw1.ru
1 tk.csolution.jp s.yjtag.jp
1 code.usergram.info cf96820.tw1.ru
1 bs.karte.io cdn-edge.karte.io
1 p.fraud-alert.net static.fraud-alert.net
1 yjtag.yahoo.co.jp s.yjtag.jp
1 i6.smartnews-ads.com cf96820.tw1.ru
1 s.yjtag.jp cf96820.tw1.ru
1 static.fraud-alert.net sib.jibunbank.co.jp
1 code.jquery.com cf96820.tw1.ru
1 mk.ca-conv.amoad.com cf96820.tw1.ru
1 dynalyst-mk.adtdp.com cf96820.tw1.ru
1 b98.yahoo.co.jp cf96820.tw1.ru
1 www.googleadservices.com cf96820.tw1.ru
1 static.ads-twitter.com cf96820.tw1.ru
1 cdn.smartnews-ads.com cf96820.tw1.ru
1 d.line-scdn.net cf96820.tw1.ru
1 taj1.ebis.ne.jp cf96820.tw1.ru
1 rec.ebis.ne.jp cf96820.tw1.ru
1 s.yimg.jp cf96820.tw1.ru
1 cdn.kaizenplatform.net cf96820.tw1.ru
1 cf96820.tw1.ru
0 adcdn.goo.ne.jp Failed s.yjtag.jp
130 47

This site contains links to these domains. Also see Links.

Domain
help.jibunbank.co.jp
www.jibunbank.co.jp
Subject Issuer Validity Valid
*.tw1.ru
GlobalSign GCC R3 DV TLS CA 2020
2024-01-11 -
2025-02-11
a year crt.sh
*.kaizenplatform.net
GeoTrust RSA CA 2018
2024-03-04 -
2025-03-07
a year crt.sh
edge01.yahoo.co.jp
Cybertrust Japan SureServer CA G4
2024-02-02 -
2025-03-01
a year crt.sh
rec.ebis.ne.jp
Amazon RSA 2048 M02
2023-11-05 -
2024-12-03
a year crt.sh
*.google-analytics.com
WR2
2024-05-21 -
2024-08-13
3 months crt.sh
*.ebis.ne.jp
Amazon RSA 2048 M03
2024-02-05 -
2025-03-05
a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 02
2024-05-01 -
2024-06-27
2 months crt.sh
line-apps.com
DigiCert TLS RSA SHA256 2020 CA1
2023-11-13 -
2024-11-13
a year crt.sh
*.smartnews-ads.com
DigiCert TLS RSA SHA256 2020 CA1
2024-02-14 -
2025-02-14
a year crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-21 -
2024-07-19
a year crt.sh
sib.jibunbank.co.jp
DigiCert G5 TLS RSA4096 SHA384 2021 CA1
2023-06-30 -
2024-07-30
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-05-21 -
2024-08-13
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2024-05-21 -
2024-08-13
3 months crt.sh
mscedge01.yahoo.co.jp
Cybertrust Japan SureServer CA G4
2023-11-20 -
2024-12-19
a year crt.sh
*.dynalyst-mk.adtdp.com
Amazon RSA 2048 M03
2024-01-10 -
2025-02-07
a year crt.sh
*.ca-conv.amoad.com
Amazon RSA 2048 M02
2024-01-03 -
2025-01-31
a year crt.sh
*.dynalyst.jp
Amazon RSA 2048 M03
2024-01-03 -
2025-01-31
a year crt.sh
seal.digicert.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-14 -
2025-01-30
a year crt.sh
www.jibunbank.co.jp
DigiCert G5 TLS RSA4096 SHA384 2021 CA1
2024-03-01 -
2025-04-01
a year crt.sh
*.karte.io
GlobalSign Atlas R3 DV TLS CA 2023 Q4
2023-12-01 -
2025-01-01
a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
*.fraud-alert.net
Amazon RSA 2048 M02
2023-09-28 -
2024-10-27
a year crt.sh
*.tgm.yahoo-net.jp
Cybertrust Japan SureServer CA G4
2023-11-30 -
2024-12-29
a year crt.sh
*.google.com
GTS CA 1C3
2024-05-21 -
2024-08-13
3 months crt.sh
*.google.co.jp
GTS CA 1C3
2024-05-21 -
2024-08-13
3 months crt.sh
*.line.me
GlobalSign RSA OV SSL CA 2018
2023-08-10 -
2024-09-10
a year crt.sh
b.karte.io
GTS CA 1D4
2024-06-05 -
2024-09-03
3 months crt.sh
yjtag.yahoo.co.jp
Cybertrust Japan SureServer CA G4
2023-11-30 -
2024-12-29
a year crt.sh
*.usergram.info
Amazon RSA 2048 M02
2023-08-15 -
2024-09-11
a year crt.sh
*.csolution.jp
Amazon RSA 2048 M03
2024-03-25 -
2025-04-23
a year crt.sh
*.valis-cpx.jp
GlobalSign RSA OV SSL CA 2018
2023-10-17 -
2024-11-17
a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1
2024-04-05 -
2025-04-30
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-03-17 -
2024-06-15
3 months crt.sh
*.ladsp.com
GlobalSign RSA OV SSL CA 2018
2024-05-21 -
2025-06-22
a year crt.sh

This page contains 3 frames:

Primary Page: https://cf96820.tw1.ru/
Frame ID: 653E263188A011B5C7D649C0856AFEE1
Requests: 128 HTTP requests in this frame

Frame: https://asia.creativecdn.com/tags?type=iframe&id=pr_hxYam9TowYWyYdrw8cSX&id=pr_hxYam9TowYWyYdrw8cSX_lid_T8tV75SEM8kDHMBPQx8A&su=https%3A%2F%2Fcf96820.tw1.ru%2F&sr=&ts=1717795217284&tc=1
Frame ID: C1E8F48B0FDAC72F12BB4F8CE127C031
Requests: 1 HTTP requests in this frame

Frame: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1717795217331&svid=48
Frame ID: 79D5A19FDCC93AF5A402A5CF64D09C16
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • lodash.*\.js

Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

130
Requests

98 %
HTTPS

27 %
IPv6

32
Domains

47
Subdomains

42
IPs

4
Countries

3244 kB
Transfer

5894 kB
Size

54
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721159065/?random=673058264&cv=11&fst=1717789132076&bg=ffffff&guid=ON&async=1&gtm=45be4650z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&label=PTZ1CMeM7eUYEJmH8NcC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&value=0&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ3RyaWdnZXIsIGV2ZW50LXNvdXJjZTtuYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&eitems=ChAI8N-KswYQrqO3xMfHuug-Eh0A7AT2PTp1KwEW002GViMv0IuF09rRtOY9_reSPg&pscrd=IhMI_JnO7bXKhgMVuMgWBR31bzHfMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vY2Y5NjgyMC50dzEucnUv HTTP 302
  • https://www.google.com/pagead/1p-conversion/721159065/?random=673058264&cv=11&fst=1717789132076&bg=ffffff&guid=ON&async=1&gtm=45be4650z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&label=PTZ1CMeM7eUYEJmH8NcC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&value=0&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ3RyaWdnZXIsIGV2ZW50LXNvdXJjZTtuYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI_JnO7bXKhgMVuMgWBR31bzHfMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vY2Y5NjgyMC50dzEucnUv&is_vtc=1&cid=CAQSKQDaQooLYe2qBHxfKcue3bmn0_3cVY-QYfYscimOXbOnQvtpmoxA3NDX&eitems=ChAI8N-KswYQrqO3xMfHuug-Eh0A7AT2Pd8juTEFUmEw-dln93q4QITjbYxv4cRh4A&random=4153409732 HTTP 302
  • https://www.google.co.jp/pagead/1p-conversion/721159065/?random=673058264&cv=11&fst=1717789132076&bg=ffffff&guid=ON&async=1&gtm=45be4650z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&label=PTZ1CMeM7eUYEJmH8NcC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&value=0&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ3RyaWdnZXIsIGV2ZW50LXNvdXJjZTtuYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI_JnO7bXKhgMVuMgWBR31bzHfMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vY2Y5NjgyMC50dzEucnUv&is_vtc=1&cid=CAQSKQDaQooLYe2qBHxfKcue3bmn0_3cVY-QYfYscimOXbOnQvtpmoxA3NDX&eitems=ChAI8N-KswYQrqO3xMfHuug-Eh0A7AT2Pd8juTEFUmEw-dln93q4QITjbYxv4cRh4A&random=4153409732&ipr=y
Request Chain 99
  • https://asia.creativecdn.com/tags?type=iframe&id=pr_hxYam9TowYWyYdrw8cSX&id=pr_hxYam9TowYWyYdrw8cSX_lid_T8tV75SEM8kDHMBPQx8A&su=https%3A%2F%2Fcf96820.tw1.ru%2F&sr=&ts=1717795217284 HTTP 302
  • https://asia.creativecdn.com/tags?type=iframe&id=pr_hxYam9TowYWyYdrw8cSX&id=pr_hxYam9TowYWyYdrw8cSX_lid_T8tV75SEM8kDHMBPQx8A&su=https%3A%2F%2Fcf96820.tw1.ru%2F&sr=&ts=1717795217284&tc=1
Request Chain 107
  • https://px.ladsp.com/pixel?advertiser_id=00011736&su=2&site_url=https%3A%2F%2Fcf96820.tw1.ru%2F&sua=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwibW9kZWwiOiIiLCJtb2JpbGUiOmZhbHNlLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsImZ1bGxWZXJzaW9uTGlzdCI6W119 HTTP 302
  • https://px.ladsp.com/pixel?cr=true&advertiser_id=00011736&su=2&site_url=https%3A%2F%2Fcf96820.tw1.ru%2F&sua=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwibW9kZWwiOiIiLCJtb2JpbGUiOmZhbHNlLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsImZ1bGxWZXJzaW9uTGlzdCI6W119

130 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
cf96820.tw1.ru/
40 KB
8 KB
Document
General
Full URL
https://cf96820.tw1.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:6f00:1::5c35:6079 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
c416db33405a27396b6ada4b33b0e8b1582eb987eb72693db75cdc75b65e8e76

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 07 Jun 2024 21:20:16 GMT
server
nginx/1.24.0
vary
Accept-Encoding
8c9dd94c00f839.js
cdn.kaizenplatform.net/s/df/
317 KB
101 KB
Script
General
Full URL
https://cdn.kaizenplatform.net/s/df/8c9dd94c00f839.js?kz_namespace=kzs
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.152.232 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-152-232.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a71e1e5b38c0016fa7125db40021d544b5de7fa423c8a6cf578a7dfb7b08559d

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Fri, 07 Jun 2024 21:20:16 GMT
x-amz-request-id
PZ93VX5WF3WB9KV2
x-amz-server-side-encryption
AES256
content-length
102764
x-amz-id-2
mHzrEC9PIXWBe5ZR+0J3qMNpWHhWldOi8xOn/nVl6+cQ1mq2a/NYrIOb3XLDiiS5nmYGDiqnrCk=
last-modified
Fri, 07 Jun 2024 01:56:24 GMT
server
AmazonS3
etag
"c6cb6fbb150ba704612abc7cb92bce68"
vary
Accept-Encoding
access-control-max-age
3000
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
cache-control
max-age=300
accept-ranges
bytes
ytag.js
s.yimg.jp/images/listing/tool/cv/
32 KB
11 KB
Script
General
Full URL
https://s.yimg.jp/images/listing/tool/cv/ytag.js
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.248.252 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
nghttpx /
Resource Hash
b5a034ead112699878b523b7cd97438c7799f6392fc5378749d5c8a69166fa9c

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

ats-carp-promotion
1
date
Fri, 07 Jun 2024 21:18:34 GMT
content-encoding
gzip
last-modified
Tue, 21 May 2024 02:06:25 GMT
server
nghttpx
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
age
102
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-ntap-sg-trace-id
20460373c586f650
cache-control
public, max-age=600
permissions-policy
ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
content-length
10672
rec.php
rec.ebis.ne.jp/
39 B
377 B
Script
General
Full URL
https://rec.ebis.ne.jp/rec.php?ebisV=6.12&argument=3FYeHBQU&referrer=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&pagetitle=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&pageurl=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ebisUA=Mozilla%2F5.0%20(Windows%20NT%2015.0.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F125.0.0.0%20Safari%2F537.36&lstd=2.1qmhn9fp2xx.1717444974&ctd=2.1qmhn9fp2xx.1717444974&td=1qmhn9fp2xx.1717444974&ebisAccessTypes=pv&ebisRand=1717789133289.0&pids=&js=cb
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.194.138.20 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-194-138-20.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
6ee08153c9a97ceaa6a0c382f82b35327aa68e4b4bbe6544c2657631a80c236e

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

content-type
application/javascript; charset=UTF-8
date
Fri, 07 Jun 2024 21:20:16 GMT
x-ebis-measured-access-types
pv
cross-origin-resource-policy
cross-origin
server
Apache
content-length
39
p3p
policyref="/w3c/p3p.xml", CP="NOI OUR PSA IND DSP COR ADM DEV UNI COM NAV INT STA"
js
www.googletagmanager.com/gtag/
225 KB
81 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-612303449&l=dataLayer&cx=c
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ccb6aa3cf3c69a97f9c8b3e9fa831216f1987771f4da241b37fadbce2d719a27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date
Fri, 07 Jun 2024 21:20:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83116
x-xss-protection
0
last-modified
Fri, 07 Jun 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 07 Jun 2024 21:20:16 GMT
cmt.js
taj1.ebis.ne.jp/3FYeHBQU/
29 KB
10 KB
Script
General
Full URL
https://taj1.ebis.ne.jp/3FYeHBQU/cmt.js
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26f2:5000:1e:513c:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
2af1d7b0e3dada1e08de57f2731c68a0f935ad9db19b81e584cc7a336afd2767

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date
Fri, 07 Jun 2024 21:19:19 GMT
content-encoding
gzip
via
1.1 189f0789364cbb2c95361ac530c7dbe8.cloudfront.net (CloudFront)
last-modified
Fri, 31 May 2024 10:16:03 GMT
server
Apache
x-amz-cf-pop
NRT12-P5
age
57
etag
W/"7405-619bd455934f5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
no-store, s-maxage=60, public
cross-origin-resource-policy
cross-origin
x-amz-cf-id
p_wpGEImg0KyoZzFZ_qShgVrCUdFQgNwcHR1CyT10ie2ns65x7rY_w==
bat.js
bat.bing.com/
45 KB
13 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Fri, 07 Jun 2024 21:20:16 GMT
last-modified
Thu, 29 Feb 2024 19:58:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A96C78FFC3BF4A909D523608B38BB4CE Ref B: TYO01EDGE2010 Ref C: 2024-06-07T21:20:16Z
etag
"01b4e9c496bda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13261
lt.js
d.line-scdn.net/n/line_tag/public/release/v1/
32 KB
10 KB
Script
General
Full URL
https://d.line-scdn.net/n/line_tag/public/release/v1/lt.js
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.62.185.138 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-185-138.deploy.static.akamaitechnologies.com
Software
VOS /
Resource Hash
d504f72375bcfb65fbf8dbf79ad313aa21df0953bb1efef82695708ba70922b1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

x-amz-version-id
aLHCm1toaevjRzyK9ZlkfyErvpEL9I2
strict-transport-security
max-age=15768000
content-encoding
gzip
date
Fri, 07 Jun 2024 21:20:16 GMT
x-amz-request-id
tx00000a010788432711387-00651a6065-13de0d6f-jp2
content-length
9865
x-amz-expiration
expiry-date="Sat, 02 Dec 2023 00:00:00 GMT", rule-id="bucket_lifecycle"
last-modified
Mon, 02 Oct 2023 06:16:39 GMT
server
VOS
etag
"02e4691c0dcc2f7ecef2712fb0f24921"
vary
Accept-Encoding
content-type
application/javascript
x-rgw-object-type
Normal
cache-control
max-age=2097282
accept-ranges
bytes
expires
Tue, 02 Jul 2024 03:54:58 GMT
pixel.js
cdn.smartnews-ads.com/i/
5 KB
2 KB
Script
General
Full URL
https://cdn.smartnews-ads.com/i/pixel.js
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.224.34 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-224-34.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
58dcb9b4c4a8af93d049784e1be829d690b870d33cb49c693565f38e982ed5b6

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

x-amz-version-id
U_040zL3HHLQ_Xb5czsQ1qGGPFoW.rFj
content-encoding
gzip
date
Fri, 07 Jun 2024 21:20:16 GMT
last-modified
Mon, 21 Nov 2022 09:11:10 GMT
etag
"709c82eb76cb41d00bb431534c33b6ff"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-amz-meta-version
8.4.6
content-type
application/javascript
cache-control
max-age=128
accept-ranges
bytes
content-length
1922
expires
Fri, 07 Jun 2024 21:22:24 GMT
destination
www.googletagmanager.com/gtag/
225 KB
81 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-460162144&l=dataLayer&cx=c
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
443c9e65beb2fe9db625ba5dde6dca5147f157ce951349065012238299c25fb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date
Fri, 07 Jun 2024 21:20:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83198
x-xss-protection
0
last-modified
Fri, 07 Jun 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 07 Jun 2024 21:20:16 GMT
destination
www.googletagmanager.com/gtag/
236 KB
84 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-856479406&l=dataLayer&cx=c
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cfa09e6c41e2dedee077c48c47c547797beb1aea55147c233cc4b096312e2429
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date
Fri, 07 Jun 2024 21:20:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85909
x-xss-protection
0
last-modified
Fri, 07 Jun 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 07 Jun 2024 21:20:16 GMT
destination
www.googletagmanager.com/gtag/
236 KB
84 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-721159065&l=dataLayer&cx=c
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1f9db7c8179b8ee39d57d226053e582fd050177e227f3ee3cdc7232d63d8b07d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date
Fri, 07 Jun 2024 21:20:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85885
x-xss-protection
0
last-modified
Fri, 07 Jun 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 07 Jun 2024 21:20:16 GMT
destination
www.googletagmanager.com/gtag/
236 KB
84 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-709179453&l=dataLayer&cx=c
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
df0490975598ac04676187866062347a04e855232ed03e80ff146d771d35f54c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date
Fri, 07 Jun 2024 21:20:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85981
x-xss-protection
0
last-modified
Fri, 07 Jun 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 07 Jun 2024 21:20:16 GMT
uwt.js
static.ads-twitter.com/
56 KB
15 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.228.157 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date
Fri, 07 Jun 2024 21:20:16 GMT
content-encoding
gzip
last-modified
Wed, 27 Mar 2024 23:09:36 GMT
x-amz-server-side-encryption
AES256
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15412
x-served-by
cache-iad-kiad7000135-IAD, cache-hnd18721-HND
all.js
sib.jibunbank.co.jp/js/
256 KB
256 KB
Script
General
Full URL
https://sib.jibunbank.co.jp/js/all.js?2024060804
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.20.91 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-62-20-91.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e8881877c2878d17c77087ae8395eeb362b57e2c41aa0970eca42ee2ad3cecbf
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date
Fri, 07 Jun 2024 21:20:16 GMT
Last-Modified
Thu, 17 Dec 2020 11:46:45 GMT
Server
Apache
ETag
"3fe02-5b6a78bde2593"
X-FRAME-OPTIONS
DENY
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
261634
app.js
sib.jibunbank.co.jp/js/
190 KB
190 KB
Script
General
Full URL
https://sib.jibunbank.co.jp/js/app.js?2024060804
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.20.91 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-62-20-91.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4cf9036abe69464fdacd45e96d84ef45400515e75cfa4a1411b2a6d23e286fc8
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date
Fri, 07 Jun 2024 21:20:16 GMT
Last-Modified
Sat, 11 Dec 2021 13:00:55 GMT
Server
Apache
ETag
"2f731-5d2de6e1914d4"
X-FRAME-OPTIONS
DENY
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
194353
style.css
sib.jibunbank.co.jp/css/
516 KB
516 KB
Stylesheet
General
Full URL
https://sib.jibunbank.co.jp/css/style.css?2024060804
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.20.91 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-62-20-91.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b655d409d1d1b439c2e548b988bbf519f523500114eb1e38604d7e67febe43a1
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date
Fri, 07 Jun 2024 21:20:16 GMT
Last-Modified
Sat, 09 Mar 2024 16:27:11 GMT
Server
Apache
ETag
"810f0-6133cc7c9469f"
X-FRAME-OPTIONS
DENY
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
528624
common.js
sib.jibunbank.co.jp/js/
4 KB
5 KB
Script
General
Full URL
https://sib.jibunbank.co.jp/js/common.js?2024060804
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.20.91 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-62-20-91.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf13c4419977d2f686600b263e163329da325e3291a0a66d0de22b9808066d15
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date
Fri, 07 Jun 2024 21:20:16 GMT
Last-Modified
Wed, 28 Apr 2021 05:39:42 GMT
Server
Apache
ETag
"11eb-5c101ce317fce"
X-FRAME-OPTIONS
DENY
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4587
extended_timeout.js
sib.jibunbank.co.jp/js/
3 KB
4 KB
Script
General
Full URL
https://sib.jibunbank.co.jp/js/extended_timeout.js?2024060804
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.20.91 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-62-20-91.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7644ed95768ef11745d9721a02060a8cddc9d99ff6e6abfc79f24d6093e3e4cc
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date
Fri, 07 Jun 2024 21:20:16 GMT
Last-Modified
Wed, 28 Apr 2021 05:39:42 GMT
Server
Apache
ETag
"d06-5c101ce318f6e"
X-FRAME-OPTIONS
DENY
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3334
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/460162144/
4 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/460162144/?random=1717789131970&cv=11&fst=1717789131970&bg=ffffff&guid=ON&async=1&gtm=45be4650z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&rfmt=3&fmt=4
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ed92ea5ecc441438194a08e31c912361fe9ca009347dce68a5a3fa363207cee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1495
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/709179453/
4 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/709179453/?random=1717789132022&cv=11&fst=1717789132022&bg=ffffff&guid=ON&async=1&gtm=45be4650z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&rfmt=3&fmt=4
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
2b21dcaaa1c1ed769d1a4323d619d72059651be40be3c2d95ab18a37a0b2842c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1495
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/721159065/
4 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721159065/?random=1717789132073&cv=11&fst=1717789132073&bg=ffffff&guid=ON&async=1&gtm=45be4650z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&rfmt=3&fmt=4
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
2cb7df87962541d661e113e0045120be429479e3309719f2058474276351f8c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1494
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/721159065/
3 KB
2 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/721159065/?random=1717789132076&cv=11&fst=1717789132076&bg=ffffff&guid=ON&async=1&gtm=45be4650z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&label=PTZ1CMeM7eUYEJmH8NcC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&value=0&bttype=purchase&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&capi=1&rfmt=3&fmt=4
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.161.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f2.1e100.net
Software
cafe /
Resource Hash
3d365a6395b9f0e62b9cc914189d1e462843e780eede59b14c7407f875ce04e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1740
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/856479406/
4 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/856479406/?random=1717789132086&cv=11&fst=1717789132086&bg=ffffff&guid=ON&async=1&gtm=45be4650v9173729797z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&rfmt=3&fmt=4
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
c35fd6a485324a59e51beadca1d4bd9908ee96786265e519816cb9ad9446483f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1521
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
97022402.js
bat.bing.com/p/action/
0
118 B
Script
General
Full URL
https://bat.bing.com/p/action/97022402.js
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Fri, 07 Jun 2024 21:20:16 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3945DCA1515841789D3DC5FBC31DD2DC Ref B: TYO01EDGE2010 Ref C: 2024-06-07T21:20:16Z
x-cache
CONFIG_NOCACHE
97114338.js
bat.bing.com/p/action/
0
117 B
Script
General
Full URL
https://bat.bing.com/p/action/97114338.js
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Fri, 07 Jun 2024 21:20:16 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3CA0BFBB185B46AD8C3511F4134FBCC2 Ref B: TYO01EDGE2010 Ref C: 2024-06-07T21:20:16Z
x-cache
CONFIG_NOCACHE
97050327.js
bat.bing.com/p/action/
0
118 B
Script
General
Full URL
https://bat.bing.com/p/action/97050327.js
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Fri, 07 Jun 2024 21:20:16 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F221CDCDC0354E4CAE440B1F830FB01B Ref B: TYO01EDGE2010 Ref C: 2024-06-07T21:20:16Z
x-cache
CONFIG_NOCACHE
97050325.js
bat.bing.com/p/action/
0
117 B
Script
General
Full URL
https://bat.bing.com/p/action/97050325.js
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Fri, 07 Jun 2024 21:20:16 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 08073AA17F834051A6868835D2259845 Ref B: TYO01EDGE2010 Ref C: 2024-06-07T21:20:16Z
x-cache
CONFIG_NOCACHE
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/709179453/
4 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/709179453/?random=1717789132689&cv=11&fst=1717789132689&bg=ffffff&guid=ON&async=1&gtm=45be4650za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
411bff450d9a7ff9aa950233a52c17b3feb575b554a8dfe8236948f9171c2108
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1515
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/723623815/
4 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/723623815/?random=1717789132701&cv=11&fst=1717789132701&bg=ffffff&guid=ON&async=1&gtm=45be4650za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
be2f241cecf2cc48e86598fcde8c642e782cd3db9870a042eae183faa3d5e1d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1514
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion_async.js
b98.yahoo.co.jp/pagead/
53 KB
20 KB
Script
General
Full URL
https://b98.yahoo.co.jp/pagead/conversion_async.js
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
183.79.255.12 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
cafe /
Resource Hash
95c3a41dc0300691569690f968222223b3cf13c9c950e6ac2f0c48003b71f8bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date
Fri, 07 Jun 2024 21:20:16 GMT
Content-Encoding
br
X-Content-Type-Options
nosniff
Age
0
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Connection
close
X-XSS-Protection
0
Server
cafe
Accept-CH
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
ETag
13397053139491029127
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript; charset=UTF-8
Cache-Control
private, max-age=3600
Permissions-Policy
unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
Timing-Allow-Origin
*
Expires
Fri, 07 Jun 2024 21:20:16 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/709209482/
4 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/709209482/?random=1717789132916&cv=11&fst=1717789132916&bg=ffffff&guid=ON&async=1&gtm=45be4650za200zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
bf27f60cc41bd253f9fc274661a5d1fa9a00ad82dd0b76e4d3838163ff6d685d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1530
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/942787950/
4 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/942787950/?random=1717789132928&cv=11&fst=1717789132928&bg=ffffff&guid=ON&async=1&gtm=45be4650za200zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
41223816ca838c8d0795cab48948d68a6c04d8171445ce77ba747595ad316444
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1527
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/612303449/
4 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/612303449/?random=1717789132939&cv=11&fst=1717789132939&bg=ffffff&guid=ON&async=1&gtm=45be4650za200zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
49dfc4a033d974b6f20c2b5343757673c7588bf9ef65c99383a63be53011b0fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1525
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/721159065/
4 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721159065/?random=1717789132951&cv=11&fst=1717789132951&bg=ffffff&guid=ON&async=1&gtm=45be4650za200zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
bec54132b336b6183d12e2da783cd20dcf37524785df0d4c4c9552d94e601902
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1522
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/721477044/
4 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721477044/?random=1717789132962&cv=11&fst=1717789132962&bg=ffffff&guid=ON&async=1&gtm=45be4650za200zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
3febc80c27bc363e6498cf16d6c5a0e98c0c88ee1606979a18bc68a2f3533bdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1523
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ext
dynalyst-mk.adtdp.com/site/game/
4 KB
1 KB
Script
General
Full URL
https://dynalyst-mk.adtdp.com/site/game/ext?dtype=1&advid=3383&an=jibun-ginko&cty=JPN&tz=JST&ext=%7B%7D&tp=game/ext&uq=81ac29d3-d21e-4863-8f98-305216f849b2&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&swh=2560x1440&scd=24
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.114.207.150 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-114-207-150.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
217728cd2bd1c1f3ad6928ec142241336f13446f214366ce2cfde4d7cfb680a6

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date
Fri, 07 Jun 2024 21:20:16 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Content-Length
732
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
ext
mk.ca-conv.amoad.com/site/game/
4 KB
894 B
Script
General
Full URL
https://mk.ca-conv.amoad.com/site/game/ext?dtype=2&advid=3383&an=jibun-ginko&cty=JPN&tz=JST&ext=%7B%7D&tp=game/ext&uq=81ac29d3-d21e-4863-8f98-305216f849b2&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&swh=2560x1440&scd=24
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.65.115.213 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-65-115-213.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dbb9069d2de94b007afc3107774af3bd02aa6e0cece82b1f9396d7b395aef9e2

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date
Fri, 07 Jun 2024 21:20:16 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Content-Length
553
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
widget.js
fledge.dynalyst.jp/join-ad-interest-group/
564 B
932 B
Script
General
Full URL
https://fledge.dynalyst.jp/join-ad-interest-group/widget.js
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26a7:8e00:2:a84d:5700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
48395747738ae23158701c30d1f14a385d855d154661747974a16fc4d2d2a5bd

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date
Fri, 07 Jun 2024 04:00:55 GMT
via
1.1 c383634e01fa17a4ab3a0d27cbdf5f0c.cloudfront.net (CloudFront)
last-modified
Thu, 06 Jun 2024 03:52:54 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-P2
age
62362
x-amz-server-side-encryption
AES256
etag
"3baedeea55bd9e3e2e325745da5da154"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
564
x-amz-cf-id
FjwBKQKcdfVKvFf9w4Sq2CKSVZ6oPMKO4dpFFebaWPtHaR1q2zttWw==
img_site-logo_pc.png
sib.jibunbank.co.jp/images/img/
2 KB
2 KB
Image
General
Full URL
https://sib.jibunbank.co.jp/images/img/img_site-logo_pc.png?2024060804
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.20.91 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-62-20-91.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c4da264867121b9f488748d2536849b092ba8df1e0529b45c4fa146d20d54b4c
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date
Fri, 07 Jun 2024 21:20:16 GMT
Last-Modified
Thu, 17 Dec 2020 11:46:45 GMT
Server
Apache
ETag
"86a-5b6a78bda8001"
X-FRAME-OPTIONS
DENY
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2154
img_site-logo_sp.png
sib.jibunbank.co.jp/images/img/
2 KB
2 KB
Image
General
Full URL
https://sib.jibunbank.co.jp/images/img/img_site-logo_sp.png?2024060804
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.20.91 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-62-20-91.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e557e6c5f8c1025b144bbca671c314820302284a1ab5c6f4151bc39de0d7b413
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date
Fri, 07 Jun 2024 21:20:16 GMT
Last-Modified
Thu, 17 Dec 2020 11:46:45 GMT
Server
Apache
ETag
"725-5b6a78bda87cb"
X-FRAME-OPTIONS
DENY
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1829
before_auth.css
sib.jibunbank.co.jp/css/
447 B
714 B
Stylesheet
General
Full URL
https://sib.jibunbank.co.jp/css/before_auth.css?2024060804
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.20.91 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-62-20-91.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6b2cfc91bcb1bcdf077aad92873045da05e3fc81706797e120ff7384a8cdbd3d
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date
Fri, 07 Jun 2024 21:20:16 GMT
Last-Modified
Thu, 17 Dec 2020 11:46:45 GMT
Server
Apache
ETag
"1bf-5b6a78bd4175d"
X-FRAME-OPTIONS
DENY
Content-Type
text/css
X-N
S
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
447
question.svg
sib.jibunbank.co.jp/images/icon/16x16/
717 B
981 B
Image
General
Full URL
https://sib.jibunbank.co.jp/images/icon/16x16/question.svg?2024060804
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.20.91 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-62-20-91.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1dffa14ea00339fb59b13b3e2aa769fdb769d5d67bd3d8238ee5cdcb14bf0f49
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date
Fri, 07 Jun 2024 21:20:16 GMT
Last-Modified
Thu, 17 Dec 2020 11:46:45 GMT
Server
Apache
ETag
"2cd-5b6a78bd5ec1d"
X-FRAME-OPTIONS
DENY
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
717
seal.min.js
seal.digicert.com/seals/cascade/
8 KB
8 KB
Script
General
Full URL
https://seal.digicert.com/seals/cascade/seal.min.js
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.251.181.147 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-181-147.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
81f277888d1ee510668666fb819bcf637e488b613dac15cf78cbe9d1ac41658c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date
Fri, 07 Jun 2024 21:20:17 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
last-modified
Tue, 04 Jun 2024 20:13:25 GMT
Server
nginx
etag
"1e3d-61a16150c6340"
Content-Type
text/javascript
x-envoy-upstream-service-time
1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7741
X-XSS-Protection
1; mode=block
p_img04.png
www.jibunbank.co.jp/bs_banner/
21 KB
21 KB
Image
General
Full URL
https://www.jibunbank.co.jp/bs_banner/p_img04.png
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.26.218.115 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-26-218-115.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
436f5fd01b87b021f1dea366566da470d0c4398050592ba2b00c66513ed8ed92
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' ai-translate.com;
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' ai-translate.com;
Date
Fri, 07 Jun 2024 21:20:16 GMT
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=600
Last-Modified
Mon, 03 Jun 2024 10:40:06 GMT
Server
Apache
ETag
"28c15b-5288-619f9f4dded80"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21128
p_img05.png
www.jibunbank.co.jp/bs_banner/
16 KB
16 KB
Image
General
Full URL
https://www.jibunbank.co.jp/bs_banner/p_img05.png
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.26.218.115 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-26-218-115.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
543ab792369cfc31207e44598c95badbb85e68752009b647f4e08a3121b227d3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' ai-translate.com;
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' ai-translate.com;
Date
Fri, 07 Jun 2024 21:20:16 GMT
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=600
Last-Modified
Mon, 03 Jun 2024 10:40:06 GMT
Server
Apache
ETag
"2481f7-3ef0-619f9f4dded80"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16112
p_img06.png
www.jibunbank.co.jp/bs_banner/
17 KB
17 KB
Image
General
Full URL
https://www.jibunbank.co.jp/bs_banner/p_img06.png
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.26.218.115 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-26-218-115.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4ee5949392f439d6fa7dbc590d5b4c066e3b7224c30e4936a5f7bc696fa160d9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' ai-translate.com;
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' ai-translate.com;
Date
Fri, 07 Jun 2024 21:20:16 GMT
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=600
Last-Modified
Mon, 03 Jun 2024 10:40:06 GMT
Server
Apache
ETag
"236863-4282-619f9f4dded80"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17026
pc_cachcard_back.gif
sib.jibunbank.co.jp/images/icon/other/
76 KB
77 KB
Image
General
Full URL
https://sib.jibunbank.co.jp/images/icon/other/pc_cachcard_back.gif?2024060804
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.20.91 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-62-20-91.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d8252990d0b9cbcdec180720728a3be252cd124a9a96784cd64d57bda6e35e41
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date
Fri, 07 Jun 2024 21:20:16 GMT
Last-Modified
Thu, 17 Dec 2020 11:46:45 GMT
Server
Apache
ETag
"13183-5b6a78bda58ef"
X-FRAME-OPTIONS
DENY
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
78211
fraudalert_form.js
sib.jibunbank.co.jp/js/
950 B
1 KB
Script
General
Full URL
https://sib.jibunbank.co.jp/js/fraudalert_form.js?2024060804
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.20.91 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-62-20-91.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
79b58b88d2400e693ed7c89099cffe25a471b83c372ba638284503a72b2406f4
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date
Fri, 07 Jun 2024 21:20:16 GMT
Last-Modified
Sat, 11 Nov 2023 16:43:24 GMT
Server
Apache
ETag
"3b6-609e322af3e0e"
X-FRAME-OPTIONS
DENY
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
950
js
www.googletagmanager.com/gtag/
236 KB
84 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-709179453
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0bf819a265baa5f631bbceec41c94baea23383751a9d20b0d204dfb10d9a1c41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date
Fri, 07 Jun 2024 21:20:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86012
x-xss-protection
0
last-modified
Fri, 07 Jun 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 07 Jun 2024 21:20:16 GMT
js
www.googletagmanager.com/gtag/
224 KB
81 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-723623815
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
245c5ce05d63cf9f1a3342ee3cde30366752ba5dc63e65732641ee46226c5721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date
Fri, 07 Jun 2024 21:20:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83101
x-xss-protection
0
last-modified
Fri, 07 Jun 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 07 Jun 2024 21:20:16 GMT
edge.js
cdn-edge.karte.io/79189f281f13ea9187560e2ed5ed02b2/
85 KB
18 KB
Script
General
Full URL
https://cdn-edge.karte.io/79189f281f13ea9187560e2ed5ed02b2/edge.js
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4261fecbdca755ec080fb25e98f26f2ca3afda2c057490d5fc1c39d98d4ab5b8

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

x-amz-version-id
DiUgbByLLq_ttNtdekmp_qstOrh.kY.N
content-encoding
br
via
1.1 varnish
date
Fri, 07 Jun 2024 21:20:16 GMT
x-amz-request-id
YN4YERT2GXCQVK7G
age
41
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
18084
x-amz-id-2
8gNndWSUdc4jyP5E3noDoUPHhfiDY++SdgxPw6pkr8OHLZPU3I8HuGXNSXeWuum0ZeK1Axef9rM=
x-served-by
cache-tyo11937-TYO
last-modified
Tue, 04 Jun 2024 00:16:21 GMT
server
AmazonS3
x-timer
S1717795217.756404,VS0,VE0
etag
"db5be99a4dd2d62b77c7582fdd09e77e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=10,s-maxage=60
accept-ranges
bytes
x-cache-hits
2
jquery-3.7.1.js
code.jquery.com/
279 KB
82 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.7.1.js
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
78a85aca2f0b110c29e0d2b137e09f0a1fb7a8e554b499f740d6744dc8962cfe

Request headers

Referer
https://cf96820.tw1.ru/
Origin
https://cf96820.tw1.ru
Accept-Language
ja-JP,ja;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date
Fri, 07 Jun 2024 21:20:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
15173061
x-cache
HIT, HIT
content-length
83619
x-served-by
cache-lga21929-LGA, cache-tyo11929-TYO
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1717795217.724665,VS0,VE0
etag
W/"28feccc0-45a82"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
2297, 3848
pe
i.smartnews-ads.com/
0
611 B
Image
General
Full URL
https://i.smartnews-ads.com/pe?b=%7B%22name%22%3A%22Error%22%2C%22message%22%3A%22SmartnewsAds%20does%20not%20defined.%22%2C%22stack%22%3A%22Error%3A%20SmartnewsAds%20does%20not%20defined.%5Cn%20%20%20%20at%20https%3A%2F%2Fcdn.smartnews-ads.com%2Fi%2Fpixel.js%3A1%3A4762%5Cn%20%20%20%20at%20https%3A%2F%2Fcdn.smartnews-ads.com%2Fi%2Fpixel.js%3A1%3A4960%5Cn%20%20%20%20at%20https%3A%2F%2Fcdn.smartnews-ads.com%2Fi%2Fpixel.js%3A1%3A4978%22%2C%22url%22%3A%22https%3A%2F%2Fcf96820.tw1.ru%2F%22%2C%22userAgent%22%3A%22Mozilla%2F5.0%20(Linux%3B%20Android%2010%3B%20K)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.0.0%20Mobile%20Safari%2F537.36%22%7D
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.189.61 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-189-61.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date
Fri, 07 Jun 2024 21:20:16 GMT
content-length
0
trigger-attribution
fledge.dynalyst.jp/
2 B
707 B
Other
General
Full URL
https://fledge.dynalyst.jp/trigger-attribution?adv_id=3383
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26a7:8e00:2:a84d:5700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date
Fri, 07 Jun 2024 21:20:17 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"2"}],"aggregatable_trigger_data":[{"key_piece":"0x50000000000000000000000000000000","source_keys":["purchase_count_for_test"]}],"aggregatable_values":{"purchase_count_for_test":2700},"aggregatable_deduplication_keys":[{"deduplication_key":"3383"}],"debug_key":"15054409352320009467","filters":{"advertiser_ids":["3383"]}}
via
1.1 c383634e01fa17a4ab3a0d27cbdf5f0c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
NRT20-P2
x-cache
Miss from cloudfront
content-type
text/plain; charset=UTF-8
access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
content-length
2
x-amz-cf-id
Dl06TStFXW9QnCNUKoAJYaDhS17tBc4sAXZk9a_gmkV44flVj9wlUw==
f.js
static.fraud-alert.net/
56 KB
20 KB
Script
General
Full URL
https://static.fraud-alert.net/f.js
Requested by
Host: sib.jibunbank.co.jp
URL: https://sib.jibunbank.co.jp/js/fraudalert_form.js?2024060804
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26a7:6400:10:3572:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
af27551b9848d5372f44520be54c67c2bc0fd9f759aee442943a543d30232b7f

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date
Fri, 07 Jun 2024 19:01:02 GMT
content-encoding
gzip
via
1.1 0351cfe7ed552069eb05c4ac51dbf9cc.cloudfront.net (CloudFront)
last-modified
Sun, 22 Oct 2023 12:05:34 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-P2
age
8356
x-amz-server-side-encryption
AES256
etag
W/"f98f7793266711a8689fe211e9d65b52"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
yinBpsOk2gXWqpSPUkUurY_0qrEu20igl64e5ey8sFtKGen_ab2ghw==
tag.js
s.yjtag.jp/
43 KB
14 KB
Script
General
Full URL
https://s.yjtag.jp/tag.js
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2352:a000:8:dcbf:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7398b866493b0b2db87edfd1c11abb5d29687fab805c59ae427fc8e3714f520

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

x-amz-version-id
AYP__hvbqkf5dPE0F3Ao.4CvkXcwg3MX
content-encoding
gzip
via
1.1 5cf2560f7c8afa4de402da0380c23964.cloudfront.net (CloudFront)
date
Fri, 07 Jun 2024 20:19:13 GMT
last-modified
Thu, 16 Mar 2023 06:19:07 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P4
age
3665
etag
W/"a41306fdba90953fd540045823303db5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=14400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
Xms5kNLeCNbKO5uPcSxPNYpgJOKdg2rLXU2-GRVuEVd1_tL7_M6CEQ==
/
www.google.com/pagead/1p-user-list/460162144/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/460162144/?random=1717789131970&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLlNUUnTzMG9gvfgTnko_Lh6eKIeIymA&random=3732726662&rmt_tld=0&ipr=y
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.jp/pagead/1p-user-list/460162144/
42 B
64 B
Image
General
Full URL
https://www.google.co.jp/pagead/1p-user-list/460162144/?random=1717789131970&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLlNUUnTzMG9gvfgTnko_Lh6eKIeIymA&random=3732726662&rmt_tld=1&ipr=y
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/709179453/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/709179453/?random=1717789132022&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLb1imWJide-NzO5IkvSn6nKcoijqPnw&random=1444823103&rmt_tld=0&ipr=y
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.jp/pagead/1p-user-list/709179453/
42 B
64 B
Image
General
Full URL
https://www.google.co.jp/pagead/1p-user-list/709179453/?random=1717789132022&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLb1imWJide-NzO5IkvSn6nKcoijqPnw&random=1444823103&rmt_tld=1&ipr=y
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/721159065/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/721159065/?random=1717789132073&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLX994kyrsO1jHkS1N3j1tHE7ayB9nOA&random=3558977178&rmt_tld=0&ipr=y
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.jp/pagead/1p-user-list/721159065/
42 B
64 B
Image
General
Full URL
https://www.google.co.jp/pagead/1p-user-list/721159065/?random=1717789132073&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLX994kyrsO1jHkS1N3j1tHE7ayB9nOA&random=3558977178&rmt_tld=1&ipr=y
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.jp/pagead/1p-conversion/721159065/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721159065/?random=673058264&cv=11&fst=1717789132076&bg=ffffff&guid=ON&async=1&gtm=45be4650z8812496802za201zb812496802&gcd=13l3l3l3l1...
  • https://www.google.com/pagead/1p-conversion/721159065/?random=673058264&cv=11&fst=1717789132076&bg=ffffff&guid=ON&async=1&gtm=45be4650z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=...
  • https://www.google.co.jp/pagead/1p-conversion/721159065/?random=673058264&cv=11&fst=1717789132076&bg=ffffff&guid=ON&async=1&gtm=45be4650z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_...
42 B
64 B
Image
General
Full URL
https://www.google.co.jp/pagead/1p-conversion/721159065/?random=673058264&cv=11&fst=1717789132076&bg=ffffff&guid=ON&async=1&gtm=45be4650z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&label=PTZ1CMeM7eUYEJmH8NcC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&value=0&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ3RyaWdnZXIsIGV2ZW50LXNvdXJjZTtuYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI_JnO7bXKhgMVuMgWBR31bzHfMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vY2Y5NjgyMC50dzEucnUv&is_vtc=1&cid=CAQSKQDaQooLYe2qBHxfKcue3bmn0_3cVY-QYfYscimOXbOnQvtpmoxA3NDX&eitems=ChAI8N-KswYQrqO3xMfHuug-Eh0A7AT2Pd8juTEFUmEw-dln93q4QITjbYxv4cRh4A&random=4153409732&ipr=y
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H3
Server
142.250.196.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.co.jp/pagead/1p-conversion/721159065/?random=673058264&cv=11&fst=1717789132076&bg=ffffff&guid=ON&async=1&gtm=45be4650z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&label=PTZ1CMeM7eUYEJmH8NcC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&value=0&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ3RyaWdnZXIsIGV2ZW50LXNvdXJjZTtuYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI_JnO7bXKhgMVuMgWBR31bzHfMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vY2Y5NjgyMC50dzEucnUv&is_vtc=1&cid=CAQSKQDaQooLYe2qBHxfKcue3bmn0_3cVY-QYfYscimOXbOnQvtpmoxA3NDX&eitems=ChAI8N-KswYQrqO3xMfHuug-Eh0A7AT2Pd8juTEFUmEw-dln93q4QITjbYxv4cRh4A&random=4153409732&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/856479406/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/856479406/?random=1717789132086&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650v9173729797z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLy8MdMnbHiN2KGxkyADJCyiAOSOeTqa8knXSh1PRSGgiEdBxW&random=1685819686&rmt_tld=0&ipr=y
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.jp/pagead/1p-user-list/856479406/
42 B
64 B
Image
General
Full URL
https://www.google.co.jp/pagead/1p-user-list/856479406/?random=1717789132086&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650v9173729797z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLy8MdMnbHiN2KGxkyADJCyiAOSOeTqa8knXSh1PRSGgiEdBxW&random=1685819686&rmt_tld=1&ipr=y
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/709179453/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/709179453/?random=1717789132689&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLn5vLZZHOn0vIp-97u3B6HmKX_BOd1oLfiTRWYw7mtdvtfaXK&random=1411605253&rmt_tld=0&ipr=y
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.jp/pagead/1p-user-list/709179453/
42 B
64 B
Image
General
Full URL
https://www.google.co.jp/pagead/1p-user-list/709179453/?random=1717789132689&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLn5vLZZHOn0vIp-97u3B6HmKX_BOd1oLfiTRWYw7mtdvtfaXK&random=1411605253&rmt_tld=1&ipr=y
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/723623815/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/723623815/?random=1717789132701&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLqb0DsuBaChTdxoi1CwEsGdgU8dvZ5BMpbnZBuO5D_d06C1jc&random=3692486032&rmt_tld=0&ipr=y
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.jp/pagead/1p-user-list/723623815/
42 B
64 B
Image
General
Full URL
https://www.google.co.jp/pagead/1p-user-list/723623815/?random=1717789132701&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLqb0DsuBaChTdxoi1CwEsGdgU8dvZ5BMpbnZBuO5D_d06C1jc&random=3692486032&rmt_tld=1&ipr=y
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/709209482/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/709209482/?random=1717789132916&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650za200zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLpKjYMNKyWYdm6-M_DweGlMrMdYXqNxVBNMxUvymMp_o8m_Y9&random=2745528287&rmt_tld=0&ipr=y
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.jp/pagead/1p-user-list/709209482/
42 B
64 B
Image
General
Full URL
https://www.google.co.jp/pagead/1p-user-list/709209482/?random=1717789132916&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650za200zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLpKjYMNKyWYdm6-M_DweGlMrMdYXqNxVBNMxUvymMp_o8m_Y9&random=2745528287&rmt_tld=1&ipr=y
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/942787950/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/942787950/?random=1717789132928&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650za200zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooL6d7KWQFwopMR8es0glL22mTMDjYD1Q1IxxyW5Zwtlvq0TR8p&random=4190137259&rmt_tld=0&ipr=y
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.jp/pagead/1p-user-list/942787950/
42 B
64 B
Image
General
Full URL
https://www.google.co.jp/pagead/1p-user-list/942787950/?random=1717789132928&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650za200zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooL6d7KWQFwopMR8es0glL22mTMDjYD1Q1IxxyW5Zwtlvq0TR8p&random=4190137259&rmt_tld=1&ipr=y
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/612303449/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/612303449/?random=1717789132939&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650za200zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooL6GwWzdl5s0t7iBhlazuFwC7C_sE-agO9e4KEGazmFZiu3KN9&random=2751125883&rmt_tld=0&ipr=y
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.jp/pagead/1p-user-list/612303449/
42 B
64 B
Image
General
Full URL
https://www.google.co.jp/pagead/1p-user-list/612303449/?random=1717789132939&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650za200zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooL6GwWzdl5s0t7iBhlazuFwC7C_sE-agO9e4KEGazmFZiu3KN9&random=2751125883&rmt_tld=1&ipr=y
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/721159065/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/721159065/?random=1717789132951&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650za200zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLrDbt1F3ve4lEHmfDAOW5oxLV5TFt267gpunm0c7fgimTPH0V&random=647204921&rmt_tld=0&ipr=y
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.jp/pagead/1p-user-list/721159065/
42 B
64 B
Image
General
Full URL
https://www.google.co.jp/pagead/1p-user-list/721159065/?random=1717789132951&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650za200zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLrDbt1F3ve4lEHmfDAOW5oxLV5TFt267gpunm0c7fgimTPH0V&random=647204921&rmt_tld=1&ipr=y
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/721477044/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/721477044/?random=1717789132962&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650za200zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLhIgqqqVDIBg4JdZSjh45dhdBLwWLaTh0y2f5jA23GfqhIC2W&random=467941163&rmt_tld=0&ipr=y
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.jp/pagead/1p-user-list/721477044/
42 B
64 B
Image
General
Full URL
https://www.google.co.jp/pagead/1p-user-list/721477044/?random=1717789132962&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650za200zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLhIgqqqVDIBg4JdZSjh45dhdBLwWLaTh0y2f5jA23GfqhIC2W&random=467941163&rmt_tld=1&ipr=y
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
NotoSansCJKjp-RegularSubset.woff
sib.jibunbank.co.jp/fonts/
397 KB
397 KB
Font
General
Full URL
https://sib.jibunbank.co.jp/fonts/NotoSansCJKjp-RegularSubset.woff
Requested by
Host: sib.jibunbank.co.jp
URL: https://sib.jibunbank.co.jp/css/style.css?2024060804
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.20.91 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-62-20-91.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72b3d7d8470cd110a49af79433d12034574ec1af9ca0151635e0580a279cfe8e
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://sib.jibunbank.co.jp/css/style.css?2024060804
Origin
https://cf96820.tw1.ru
Accept-Language
ja-JP,ja;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date
Fri, 07 Jun 2024 21:20:17 GMT
Last-Modified
Thu, 17 Dec 2020 11:46:45 GMT
Server
Apache
ETag
"63348-5b6a78bd53c52"
X-FRAME-OPTIONS
DENY
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
406344
arrow_gray.svg
sib.jibunbank.co.jp/images/icon/16x16/
539 B
803 B
Image
General
Full URL
https://sib.jibunbank.co.jp/images/icon/16x16/arrow_gray.svg
Requested by
Host: sib.jibunbank.co.jp
URL: https://sib.jibunbank.co.jp/css/style.css?2024060804
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.20.91 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-62-20-91.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7dd771ade49a0a57e23c7791901ccbcde5cab2eacd117b248b9bc64c04799aba
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://sib.jibunbank.co.jp/css/style.css?2024060804
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date
Fri, 07 Jun 2024 21:20:17 GMT
Last-Modified
Thu, 17 Dec 2020 11:46:45 GMT
Server
Apache
ETag
"21b-5b6a78bd5962b"
X-FRAME-OPTIONS
DENY
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
539
NotoSansCJKjp-MediumSubset.woff
sib.jibunbank.co.jp/fonts/
397 KB
398 KB
Font
General
Full URL
https://sib.jibunbank.co.jp/fonts/NotoSansCJKjp-MediumSubset.woff
Requested by
Host: sib.jibunbank.co.jp
URL: https://sib.jibunbank.co.jp/css/style.css?2024060804
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.20.91 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-62-20-91.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6ed05b57ad40727d79d3c1d73aefca0e5d8c0406c76b057f6ce46348cd91d57c
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://sib.jibunbank.co.jp/css/style.css?2024060804
Origin
https://cf96820.tw1.ru
Accept-Language
ja-JP,ja;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date
Fri, 07 Jun 2024 21:20:17 GMT
Last-Modified
Thu, 17 Dec 2020 11:46:45 GMT
Server
Apache
ETag
"63594-5b6a78bd52cc5"
X-FRAME-OPTIONS
DENY
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
406932
index.js
cdn-edge.karte.io/__edge_plugins/context_event/
105 KB
28 KB
Script
General
Full URL
https://cdn-edge.karte.io/__edge_plugins/context_event/index.js
Requested by
Host: cdn-edge.karte.io
URL: https://cdn-edge.karte.io/79189f281f13ea9187560e2ed5ed02b2/edge.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f2cb37f40592d6d97db3379180c2bcb6883f0b4681424f7615503ff83b4301e

Request headers

Referer
Origin
https://cf96820.tw1.ru
Accept-Language
ja-JP,ja;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

x-amz-version-id
3g9bso4_anbYuWW1vsI0X2pJMBupE3QZ
content-encoding
br
via
1.1 varnish
date
Fri, 07 Jun 2024 21:20:17 GMT
x-amz-request-id
3V1P7Y0KWS6NHQ1Y
age
27
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
28785
x-amz-id-2
FIUi7KnLRbkx1dHdCvG4gPkAaKLw1iie8YrQioJVe+1XOj1UMNHJBadTPjck4M6wfBIWU1hRCIE=
x-served-by
cache-tyo11957-TYO
last-modified
Wed, 24 Apr 2024 07:30:42 GMT
server
AmazonS3
x-timer
S1717795217.116565,VS0,VE0
etag
"e5e14af2425841618dc788aa753a5263"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=10,s-maxage=60,stale-while-revalidate=10
accept-ranges
bytes
x-cache-hits
201
index.js
cdn-edge.karte.io/__edge_plugins/blitz_action_runner/
12 KB
5 KB
Script
General
Full URL
https://cdn-edge.karte.io/__edge_plugins/blitz_action_runner/index.js
Requested by
Host: cdn-edge.karte.io
URL: https://cdn-edge.karte.io/79189f281f13ea9187560e2ed5ed02b2/edge.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f02b309865012d2dbe5cf51d3eae8cd2cbfeb4d6b2a9b41b146fd7d809fa3ba8

Request headers

Referer
Origin
https://cf96820.tw1.ru
Accept-Language
ja-JP,ja;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

x-amz-version-id
lnzJF5ndf4ikI43T7hxBys7JxIkxSvvC
content-encoding
br
via
1.1 varnish
date
Fri, 07 Jun 2024 21:20:17 GMT
x-amz-request-id
5ZAN7FBH8VTBXX39
age
26
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
4737
x-amz-id-2
+VTypUcQtd9Lb0mJZvom4IvF+hD4J0h6rYUifTKW11lAd/2IKBWoAlg+V7YAsYmHICwohTWw5F4=
x-served-by
cache-tyo11957-TYO
last-modified
Thu, 25 Apr 2024 03:39:39 GMT
server
AmazonS3
x-timer
S1717795217.116556,VS0,VE0
etag
"8de35811fb874ea5ecc9d6220cbc5cdb"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=10,s-maxage=60,stale-while-revalidate=10
accept-ranges
bytes
x-cache-hits
197
action.js
cdn-issues.karte.io/actionjs/
36 KB
13 KB
Script
General
Full URL
https://cdn-issues.karte.io/actionjs/action.js
Requested by
Host: cdn-edge.karte.io
URL: https://cdn-edge.karte.io/79189f281f13ea9187560e2ed5ed02b2/edge.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
226db5b095d2f37d4783213e9286dc25ce181d3ecf26e94aa660b61f91acfd84

Request headers

Referer
Origin
https://cf96820.tw1.ru
Accept-Language
ja-JP,ja;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
br
via
1.1 varnish
date
Fri, 07 Jun 2024 21:20:17 GMT
x-amz-request-id
KFNEDY1QF29CRR6E
age
10
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
12882
x-amz-id-2
J759L/s5PrK94zEjJE/gnIVxin/JF5D/X+HmX0aHhd+0KiPvDm+ouFfIFyTPPvkrJ5JBwatRPq0=
x-served-by
cache-tyo11957-TYO
last-modified
Thu, 06 Jun 2024 12:40:11 GMT
server
AmazonS3
etag
"0ad11ab396414b0179014c8a6a4b717c"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=10
accept-ranges
bytes
x-cache-hits
11
tag.gif
tr.line.me/
43 B
425 B
Image
General
Full URL
https://tr.line.me/tag.gif?b_id=d4d6af33-02a7-4980-a18c-1cc8dd5f4ca6&b_u=https%3A%2F%2Fcf96820.tw1.ru%2F&b_d=cf96820.tw1.ru&b_p=%2F&b_t=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&c_t=lap&t_id=abc7e14b-e97c-4e6b-bf23-f49c61bb0e21&s_id=97360f70-68340ca4&x4=100&e=pv&v=3.4.1&_t=1717795217119
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
147.92.191.92 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date
Fri, 07 Jun 2024 21:20:17 GMT
Cache-Control
private, no-store, no-cache, must-revalidate
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
tag.gif
tr.line.me/
43 B
425 B
Image
General
Full URL
https://tr.line.me/tag.gif?b_id=d4d6af33-02a7-4980-a18c-1cc8dd5f4ca6&b_u=https%3A%2F%2Fcf96820.tw1.ru%2F&b_d=cf96820.tw1.ru&b_p=%2F&b_t=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&c_t=lap&t_id=33fcba51-9216-4b10-a9a7-4647b79bdecf&s_id=97360f70-68340ca4&x4=400&e=pv&v=3.4.1&_t=1717795217135
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
147.92.191.92 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date
Fri, 07 Jun 2024 21:20:17 GMT
Cache-Control
private, no-store, no-cache, must-revalidate
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
event
b.karte.io/
3 KB
2 KB
Fetch
General
Full URL
https://b.karte.io/event
Requested by
Host: cdn-edge.karte.io
URL: https://cdn-edge.karte.io/79189f281f13ea9187560e2ed5ed02b2/edge.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.157.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.157.102.34.bc.googleusercontent.com
Software
/
Resource Hash
a72d47b6f647b40a3135830e71d732c2b0a7e7c3a43d022fa9e454e7866dbe5c

Request headers

Accept
application/json
Referer
https://cf96820.tw1.ru/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 07 Jun 2024 21:20:17 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1478
p
i.smartnews-ads.com/
2 B
499 B
Image
General
Full URL
https://i.smartnews-ads.com/p?id=d650045319e0726eca67e9c1&t=1717795217&url=https%3A%2F%2Fcf96820.tw1.ru%2F&referrer=&e=PageView&v=1.0.0&exid=4b680d05-278b-4a73-a231-ff8fabfcaf9f
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.189.61 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-189-61.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date
Fri, 07 Jun 2024 21:20:17 GMT
content-length
2
content-type
text/plain; charset=utf-8
smallest.png
i6.smartnews-ads.com/
95 B
474 B
Image
General
Full URL
https://i6.smartnews-ads.com/smallest.png?id=d650045319e0726eca67e9c1&t=1717795217&url=https%3A%2F%2Fcf96820.tw1.ru%2F&referrer=&e=PageView&v=1.0.0&exid=4b680d05-278b-4a73-a231-ff8fabfcaf9f
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:29a::322 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date
Fri, 07 Jun 2024 21:20:17 GMT
Last-Modified
Wed, 09 Feb 2022 07:40:21 GMT
Server
AmazonS3
x-amz-request-id
HRGZGFDXS2H30R38
ETag
"71a50dbba44c78128b221b7df7bb51f1"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
95
x-amz-id-2
XAwmtoP8iYXhsZqir7s6tBjT0El+bap64Ie70CTeYcui9vZZI7NeKp+X0APUiJHQ9pnrs0kcBYU=
/
seal.digicert.com/seals/cascade/
155 B
560 B
Image
General
Full URL
https://seal.digicert.com/seals/cascade/?tag=BDWjGLpY&referer=cf96820.tw1.ru&format=png&lang=ja&seal_number=18&seal_size=s&an=min
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.251.181.147 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-181-147.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c3b78b1b07598ebf8d5b1575ebc0c93cf5f60a895fbc66e848a0c01a0ff913ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date
Fri, 07 Jun 2024 21:20:17 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
last-modified
Fri, 07 Jun 2024 20:35:42 GMT
Server
nginx
Content-Type
image/png
cache-control
max-age=7776000
x-envoy-upstream-service-time
34
Connection
keep-alive
Content-Length
155
X-XSS-Protection
1; mode=block
expires
Thu, 05 Sep 2024 20:35:43 GMT
tag
yjtag.yahoo.co.jp/
9 KB
3 KB
Script
General
Full URL
https://yjtag.yahoo.co.jp/tag?site=e2L7WxO%2CZ7ftF8X%2CFJReueG&referrer=https%3A%2F%2Fcf96820.tw1.ru%2F&H=26h37ao
Requested by
Host: s.yjtag.jp
URL: https://s.yjtag.jp/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.249.167.126 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-249-167-126.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
023c102bcec6505b6048e359ff5c7cc3d824065be74de48884b2996d0baf5f66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:17 GMT
x-bt-requestid
bcadd550-2513-11ef-a377-0000ac1c458e
x-content-type-options
nosniff
content-encoding
gzip
etag
5a048a9c662b864294201f24b1142993
vary
accept-encoding
content-type
text/javascript
cache-control
private, must-revalidate
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
accept
p.fraud-alert.net/
31 B
514 B
XHR
General
Full URL
https://p.fraud-alert.net/accept
Requested by
Host: static.fraud-alert.net
URL: https://static.fraud-alert.net/f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.110.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-110-92.nrt12.r.cloudfront.net
Software
/
Resource Hash
fcb92256c3e56256b54cc042e811cdb92728020e595c0fa3bf733f56cd53b531

Request headers

Referer
https://cf96820.tw1.ru/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 07 Jun 2024 21:20:17 GMT
via
1.1 36cf18acfba4fa4f3949b71621f2b1e8.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT12-P2
x-cache
Miss from cloudfront
access-control-allow-origin
https://cf96820.tw1.ru
access-control-allow-credentials
true
content-length
31
x-amz-cf-id
2ZSpokbc7QXaydNpaSiWIvQpZrzu7kQxn64SvK0Wh9SSuaquRVS8tg==
settings.json
cdn-issues.karte.io/79189f281f13ea9187560e2ed5ed02b2/
82 KB
8 KB
Fetch
General
Full URL
https://cdn-issues.karte.io/79189f281f13ea9187560e2ed5ed02b2/settings.json
Requested by
Host: cdn-issues.karte.io
URL: https://cdn-issues.karte.io/actionjs/action.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2159d7d822ac14048df7c20ec5d420cd82e9d8822f1e540bf37272a24ea5545b

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
br
via
1.1 varnish
date
Fri, 07 Jun 2024 21:20:17 GMT
x-amz-request-id
THKE90Y830S9JG8G
age
3
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
7745
x-amz-id-2
W+gwQyGye+PWvLYqKjTPQjQt/JbXmLxXp8jDu7DO8k1LNTY4Oq79Pc9vWwan+Bt3LxFCtKi9pWw=
x-served-by
cache-tyo11957-TYO
last-modified
Fri, 07 Jun 2024 08:44:25 GMT
server
AmazonS3
etag
"fc3630796ab2c796d61e52cae8d11037"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=10
accept-ranges
bytes
x-cache-hits
1
index.js
bs.karte.io/action/__script-action/latest/
9 KB
4 KB
Script
General
Full URL
https://bs.karte.io/action/__script-action/latest/index.js
Requested by
Host: cdn-edge.karte.io
URL: https://cdn-edge.karte.io/__edge_plugins/blitz_action_runner/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
effe56951344e9aaf32191bbb963c207d43f16fa85cf4e70b7b280e8b8d5b504

Request headers

Referer
https://cdn-edge.karte.io/
Origin
https://cf96820.tw1.ru
Accept-Language
ja-JP,ja;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date
Fri, 07 Jun 2024 21:20:17 GMT
content-encoding
br
via
1.1 varnish
x-amz-request-id
ZYQJBEGGZ7V1D40F
age
57
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
3946
x-amz-id-2
3VrmXAt+x2NMN+IdP36ngiFqEJf5VwKEH1ZsdvP3ZYMiAGhg5Nujc1/R9gBu9KjFmgH6lBp6+NNocoreUFo61A==
x-served-by
cache-tyo11957-TYO
last-modified
Mon, 08 May 2023 04:36:17 GMT
server
AmazonS3
etag
"73633fac02a5c2ddfee8d86154395d80"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=10,s-maxage=60,stale-while-revalidate=30
accept-ranges
bytes
x-cache-hits
9819455
usergram.js
code.usergram.info/js/
50 KB
16 KB
Script
General
Full URL
https://code.usergram.info/js/usergram.js
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
57.180.94.75 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-57-180-94-75.ap-northeast-1.compute.amazonaws.com
Software
Ug /
Resource Hash
d9c7daa07005267eb35152ef01ce3f08e29700db629abda4e96b52fcdbad31a6

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date
Fri, 07 Jun 2024 21:20:17 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 May 2024 00:00:00 GMT
Server
Ug
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=7200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16383
adme_tk.neo
tk.csolution.jp/
1 KB
2 KB
Script
General
Full URL
https://tk.csolution.jp/adme_tk.neo
Requested by
Host: s.yjtag.jp
URL: https://s.yjtag.jp/tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.183.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-183-52.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
105826eda8961b32f3856c547ab119e2685194f9491af047b9646009181880f8

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date
Fri, 07 Jun 2024 21:20:18 GMT
via
1.1 6ac16f976c05437e94521db1631451d8.cloudfront.net (CloudFront)
last-modified
Tue, 14 Jan 2020 06:27:43 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C4
etag
"01b42b52842905b667f426f1145dfab9"
x-cache
RefreshHit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
1231
x-amz-cf-id
o7l26_ONJ2tU0vSMrscdnujT0wgO7hlO8bxaI0libZkDBPiM2-hmzQ==
9pbn9i0a81.js
adcdn.goo.ne.jp/images/pix/
0
0

pb_pixel2.js
cd.valis-cpx.jp/script/
7 KB
3 KB
Script
General
Full URL
https://cd.valis-cpx.jp/script/pb_pixel2.js
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.165.39.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-165-39-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
628052ff7b7c472dc233bbbf997dc6daf9f61655d5a57d7dbfb7ac5ce826f83e

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date
Wed, 05 Jun 2024 08:58:20 GMT
content-encoding
gzip
via
1.1 27103d7e96cd7686e426419dcdf43292.cloudfront.net (CloudFront)
last-modified
Wed, 05 Jun 2024 08:42:50 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P5
age
217318
etag
"53896112a3e93cca75c18d1ed6007bc9"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
content-length
2608
x-amz-cf-id
DnKOkqWLSh3aO30dk9sG0XT1Wt1x5-lMQ9d-53RDqYH6TsNWokSY6Q==
tags
asia.creativecdn.com/ Frame C1E8
Redirect Chain
  • https://asia.creativecdn.com/tags?type=iframe&id=pr_hxYam9TowYWyYdrw8cSX&id=pr_hxYam9TowYWyYdrw8cSX_lid_T8tV75SEM8kDHMBPQx8A&su=https%3A%2F%2Fcf96820.tw1.ru%2F&sr=&ts=1717795217284
  • https://asia.creativecdn.com/tags?type=iframe&id=pr_hxYam9TowYWyYdrw8cSX&id=pr_hxYam9TowYWyYdrw8cSX_lid_T8tV75SEM8kDHMBPQx8A&su=https%3A%2F%2Fcf96820.tw1.ru%2F&sr=&ts=1717795217284&tc=1
0
0
Document
General
Full URL
https://asia.creativecdn.com/tags?type=iframe&id=pr_hxYam9TowYWyYdrw8cSX&id=pr_hxYam9TowYWyYdrw8cSX_lid_T8tV75SEM8kDHMBPQx8A&su=https%3A%2F%2Fcf96820.tw1.ru%2F&sr=&ts=1717795217284&tc=1
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Redirect headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST
access-control-allow-origin
*
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 07 Jun 2024 21:20:17 GMT Fri, 07 Jun 2024 21:20:17 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT Thu, 01 Jan 1970 00:00:00 GMT
location
https://asia.creativecdn.com/tags?type=iframe&id=pr_hxYam9TowYWyYdrw8cSX&id=pr_hxYam9TowYWyYdrw8cSX_lid_T8tV75SEM8kDHMBPQx8A&su=https%3A%2F%2Fcf96820.tw1.ru%2F&sr=&ts=1717795217284&tc=1
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
vary
Origin
js
www.googletagmanager.com/gtag/
236 KB
84 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-721484514
Requested by
Host: s.yjtag.jp
URL: https://s.yjtag.jp/tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
63462dc90c8be8e1f61c3ee7188facba5e4e2318f8adbda5bc8b993fe6ce1ef0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date
Fri, 07 Jun 2024 21:20:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85965
x-xss-protection
0
last-modified
Fri, 07 Jun 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 07 Jun 2024 21:20:17 GMT
fbevents.js
connect.facebook.net/en_US/
219 KB
59 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 07 Jun 2024 21:20:17 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57975
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=12, mss=1368, tbw=2796, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
8UypzclRK0l0/oNH4tO+kEZhZk9OrZ6h7w3jJvTufqFlxN5gOS1vLnTR6JqUOLIcjITWtek5ayNgW1Nh1XYhhg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/
236 KB
84 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-721521220
Requested by
Host: s.yjtag.jp
URL: https://s.yjtag.jp/tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
04f23277586478cbb986f3b6c22df02c83b00d596401dcc95528888b10050b6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date
Fri, 07 Jun 2024 21:20:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85948
x-xss-protection
0
last-modified
Fri, 07 Jun 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 07 Jun 2024 21:20:17 GMT
tag.gif
tr.line.me/
43 B
425 B
Image
General
Full URL
https://tr.line.me/tag.gif?b_id=d4d6af33-02a7-4980-a18c-1cc8dd5f4ca6&b_u=https%3A%2F%2Fcf96820.tw1.ru%2F&b_d=cf96820.tw1.ru&b_p=%2F&b_t=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&c_t=lap&t_id=0e9bcef0-dbe0-47cb-96a1-63e0c2cefa09&s_id=97360f70-68340ca4&x4=400&e=pv&v=3.4.1&_t=1717795217288
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
147.92.191.92 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date
Fri, 07 Jun 2024 21:20:17 GMT
Cache-Control
private, no-store, no-cache, must-revalidate
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
tag.gif
tr.line.me/
43 B
425 B
Image
General
Full URL
https://tr.line.me/tag.gif?b_id=d4d6af33-02a7-4980-a18c-1cc8dd5f4ca6&b_u=https%3A%2F%2Fcf96820.tw1.ru%2F&b_d=cf96820.tw1.ru&b_p=%2F&b_t=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&c_t=lap&t_id=0e9bcef0-dbe0-47cb-96a1-63e0c2cefa09&s_id=97360f70-68340ca4&x4=400&e=pv&v=3.4.1&_t=1717795217292
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
147.92.191.92 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date
Fri, 07 Jun 2024 21:20:17 GMT
Cache-Control
private, no-store, no-cache, must-revalidate
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
b99.yahoo.co.jp/pagead/conversion/1001088130/
42 B
742 B
Image
General
Full URL
https://b99.yahoo.co.jp/pagead/conversion/1001088130/?random=1717795217293&cv=9&fst=1717795217293&num=1&fmt=3&guid=ON&disvt=false&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=540&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcf96820.tw1.ru%2F&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
183.79.255.12 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date
Fri, 07 Jun 2024 21:20:17 GMT
Content-Security-Policy
script-src 'none'; object-src 'none'
X-Content-Type-Options
nosniff
Age
0
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Content-Length
42
X-XSS-Protection
0
Pragma
no-cache
Server
cafe
Accept-CH
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
Timing-Allow-Origin
*
Expires
Fri, 01 Jan 1990 00:00:00 GMT
/
am.yahoo.co.jp/rt/
0
0
Fetch
General
Full URL
https://am.yahoo.co.jp/rt/?p=VZFQ9QEGBW&label=&ref=https%3A%2F%2Fcf96820.tw1.ru%2F&rref=&pt=&item=&cat=&price=&quantity=&r=1717795218.274354&pvid=k998214vivmlx56x4ll&su=be278ea2-1dd5-4715-8b94-b981e35de328&__lt__cid_valid=true&_impl=ytag
Requested by
Host: s.yimg.jp
URL: https://s.yimg.jp/images/listing/tool/cv/ytag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.248.252 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
nghttpx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date
Fri, 07 Jun 2024 21:20:17 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
content-length
0
x-xss-protection
1;mode=block
pragma
no-cache
server
nghttpx
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
vary
Origin
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://cf96820.tw1.ru
cache-control
no-store, no-cache, max-age=0, must-revalidate, private
access-control-allow-credentials
true
permissions-policy
unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel
px.ladsp.com/
Redirect Chain
  • https://px.ladsp.com/pixel?advertiser_id=00011736&su=2&site_url=https%3A%2F%2Fcf96820.tw1.ru%2F&sua=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwibW9kZWwiOiIiLCJtb2JpbGUiOmZhbHNlLCJwbGF0Zm9ybSI6IiIsI...
  • https://px.ladsp.com/pixel?cr=true&advertiser_id=00011736&su=2&site_url=https%3A%2F%2Fcf96820.tw1.ru%2F&sua=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwibW9kZWwiOiIiLCJtb2JpbGUiOmZhbHNlLCJwbGF0Zm9yb...
1 KB
1 KB
Script
General
Full URL
https://px.ladsp.com/pixel?cr=true&advertiser_id=00011736&su=2&site_url=https%3A%2F%2Fcf96820.tw1.ru%2F&sua=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwibW9kZWwiOiIiLCJtb2JpbGUiOmZhbHNlLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsImZ1bGxWZXJzaW9uTGlzdCI6W119
Protocol
H2
Server
35.78.35.33 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-78-35-33.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
88bd4523beed41e732cca76652a5ab7d0a223dc324195f264c3caf00a215e1fe

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

expires
-1
pragma
no-cache
date
Fri, 07 Jun 2024 21:20:17 GMT
cache-control
private, no-store, no-cache, must-revalidate
content-encoding
gzip
vary
accept-encoding
content-type
text/javascript;charset=utf-8

Redirect headers

location
https://px.ladsp.com/pixel?cr=true&advertiser_id=00011736&su=2&site_url=https%3A%2F%2Fcf96820.tw1.ru%2F&sua=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwibW9kZWwiOiIiLCJtb2JpbGUiOmZhbHNlLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsImZ1bGxWZXJzaW9uTGlzdCI6W119
pragma
no-cache
date
Fri, 07 Jun 2024 21:20:17 GMT
cache-control
private, no-store, no-cache, must-revalidate
content-length
0
expires
-1
config.js
config-code.usergram.info/UgbXwE-1/
50 B
454 B
Script
General
Full URL
https://config-code.usergram.info/UgbXwE-1/config.js
Requested by
Host: code.usergram.info
URL: https://code.usergram.info/js/usergram.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.110.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-110-129.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87fc9597a23facc94ead8fe7e978d5d088c7dc7e050805c7cfa0dae8babe4539

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

x-amz-version-id
in6t.obzfq.fuVZGI44MI_HfqR4m5uDb
date
Fri, 07 Jun 2024 21:09:20 GMT
via
1.1 c3a2a3a54087ab055a943dd98dfac028.cloudfront.net (CloudFront)
last-modified
Mon, 16 Aug 2021 06:48:57 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P2
age
658
etag
"1ab647f567a02d4eb012034015e6305f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
50
x-amz-cf-id
8zCZFnz1UO_ggvyU8_pswXeLtXTC50VRpgpsR3eRk5YTdwpvqv9uAw==
2401863046519079
connect.facebook.net/signals/config/
58 KB
13 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/2401863046519079?v=2.9.157&r=stable&domain=cf96820.tw1.ru&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
65445eb8b3492446d2a99437da030393e716d2d67b4e63a8dfe08334485202ff
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 07 Jun 2024 21:20:17 GMT
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12709
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=61, mss=1368, tbw=63502, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
W3auTKiL9ZV3uCfeYgb4s7AUIy4JzRG6CkcqAVViW5eKl3U/qc7MhuooHW/X90yvoPfpVLN3Gkum3+YumbIKXA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
tracker.jquery.js
static.karte.io/libs/
83 KB
31 KB
XHR
General
Full URL
https://static.karte.io/libs/tracker.jquery.js
Requested by
Host: bs.karte.io
URL: https://bs.karte.io/action/__script-action/latest/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8cadf3c3a9253b0d06232619dc20082d865a3824667154df1429cd9bca7388ab

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date
Fri, 07 Jun 2024 21:20:17 GMT
content-encoding
br
via
1.1 varnish
x-amz-request-id
ZZJNCSZAJAHQBX7J
age
299
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
31376
x-amz-id-2
Tlr6vGG0vQ1M9kWIbs5JL5DTQUN4Q6/qpmQwZInLgTRiB9+7Xznp25DXQpDIsU0CO5VSM1pIQBQ=
x-served-by
cache-tyo11957-TYO
last-modified
Thu, 31 Aug 2023 04:06:05 GMT
server
AmazonS3
etag
"fd493063335f8b0d8aaa8754ad1cc2a9"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
x-cache-hits
340
tracker.lodash.js
static.karte.io/libs/
50 KB
20 KB
XHR
General
Full URL
https://static.karte.io/libs/tracker.lodash.js
Requested by
Host: bs.karte.io
URL: https://bs.karte.io/action/__script-action/latest/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
88b0fc3f9d2f307411b1a42d7d8e97f1b68325d0f5f4d1185910fb55f2af9f3a

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date
Fri, 07 Jun 2024 21:20:17 GMT
content-encoding
br
via
1.1 varnish
x-amz-request-id
ZZJJX88TV2PWDW69
age
118
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
19837
x-amz-id-2
u36b46uojPD861Q+UlgdnhKK76j6htdcO75D97U2B++5xSj8jYrbk98s7VwKDeNWVuiAX7sYnV4=
x-served-by
cache-tyo11957-TYO
last-modified
Thu, 31 Aug 2023 04:06:06 GMT
server
AmazonS3
etag
"a2da51c9eebb3e6712323e46b125cd2b"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
x-cache-hits
184
tracker.moment.js
static.karte.io/libs/
34 KB
13 KB
XHR
General
Full URL
https://static.karte.io/libs/tracker.moment.js
Requested by
Host: bs.karte.io
URL: https://bs.karte.io/action/__script-action/latest/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
325365d6ab2928e0202c292dbfc66ae24e682d018df6d62d7ea60f9a32e35938

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date
Fri, 07 Jun 2024 21:20:17 GMT
content-encoding
br
via
1.1 varnish
x-amz-request-id
YHSF2G24A96DDW77
age
221
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
13271
x-amz-id-2
MVjUMA3zFVfP+OMG8kbx70zBfzI55i8+RsTKV9+gjsEq3WRHkiHwpjvaPQsCas/U3cCR//svS3zvJARxI8ZFPg==
x-served-by
cache-tyo11957-TYO
last-modified
Thu, 31 Aug 2023 04:06:06 GMT
server
AmazonS3
etag
"bbd0cb012ec9b89c413647d8a1fd307b"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
x-cache-hits
278
iframe
um.ladsp.com/match/ Frame 79D5
0
0
Document
General
Full URL
https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1717795217331&svid=48
Requested by
Host: px.ladsp.com
URL: https://px.ladsp.com/pixel?advertiser_id=00011736&su=2&site_url=https%3A%2F%2Fcf96820.tw1.ru%2F&sua=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwibW9kZWwiOiIiLCJtb2JpbGUiOmZhbHNlLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsImZ1bGxWZXJzaW9uTGlzdCI6W119
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.134.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-134-66.nrt12.r.cloudfront.net
Software
Logicad /
Resource Hash

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

cache-control
private, no-store, no-cache, must-revalidate
content-type
text/html;charset=utf-8
date
Fri, 07 Jun 2024 21:20:17 GMT
expires
-1
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
pragma
no-cache
server
Logicad
via
1.1 f291bc63f914cded36807605199bda20.cloudfront.net (CloudFront)
x-amz-cf-id
4NZL6r_emOWKtOzJ4kGutNR8l9_6A4jOUFTgZ0c9-YhGPsbB_XMtww==
x-amz-cf-pop
NRT12-P3
x-cache
Miss from cloudfront
/
www.facebook.com/tr/
0
104 B
Image
General
Full URL
https://www.facebook.com/tr/?id=2401863046519079&ev=PageView&dl=https%3A%2F%2Fcf96820.tw1.ru&rl=&if=false&ts=1717795217343&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4124&fbp=fb.1.1717795217339.636670925176811508&pm=1&hrl=d23a7e&ler=empty&cdl=API_unavailable&it=1717795217325&coo=false&cs_cc=1&cs_cc=1&cas=7469710046409932&cas=7469710046409932&chmd=&chpv=&chfv=undefined&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=2, rtx=0, c=12, mss=1368, tbw=3166, tp=-1, tpl=-1, uplat=120, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 07 Jun 2024 21:20:17 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
3 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2401863046519079&ev=PageView&dl=https%3A%2F%2Fcf96820.tw1.ru&rl=&if=false&ts=1717795217343&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4124&fbp=fb.1.1717795217339.636670925176811508&pm=1&hrl=d23a7e&ler=empty&cdl=API_unavailable&it=1717795217325&coo=false&cs_cc=1&cs_cc=1&cas=7469710046409932&cas=7469710046409932&chmd=&chpv=&chfv=undefined&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Fri, 07 Jun 2024 21:20:17 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=2, rtx=0, c=12, mss=1368, tbw=3314, tp=-1, tpl=-1, uplat=130, ullat=0
pragma
no-cache
x-fb-debug
rCg1j9Qs5qaWuzlrogCbRUJp3GJHSw5LflE+5Msh0DPh1h3JOlVh2my+LimecXUIpdGub3jVXu4zbEMwsTCqyQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
273 B
Image
General
Full URL
https://www.facebook.com/tr/?id=2401863046519079&ev=CompleteRegistration&dl=https%3A%2F%2Fcf96820.tw1.ru&rl=&if=false&ts=1717795217344&sw=1600&sh=1200&v=2.9.157&r=stable&ec=1&o=4124&fbp=fb.1.1717795217339.636670925176811508&pm=1&hrl=db3312&ler=empty&cdl=API_unavailable&it=1717795217325&coo=false&tm=1&cs_cc=1&cs_cc=1&cas=6234696556613005&cas=6234696556613005&chmd=&chpv=&chfv=undefined&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1368, tbw=2849, tp=-1, tpl=-1, uplat=2, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 07 Jun 2024 21:20:17 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
272 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2401863046519079&ev=CompleteRegistration&dl=https%3A%2F%2Fcf96820.tw1.ru&rl=&if=false&ts=1717795217344&sw=1600&sh=1200&v=2.9.157&r=stable&ec=1&o=4124&fbp=fb.1.1717795217339.636670925176811508&pm=1&hrl=db3312&ler=empty&cdl=API_unavailable&it=1717795217325&coo=false&tm=1&cs_cc=1&cs_cc=1&cas=6234696556613005&cas=6234696556613005&chmd=&chpv=&chfv=undefined&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Fri, 07 Jun 2024 21:20:17 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=2, rtx=0, c=12, mss=1368, tbw=6729, tp=-1, tpl=-1, uplat=249, ullat=0
pragma
no-cache
x-fb-debug
QnTn8y1Ec7JyXZKcWCJ+Kd4DNs59l/obhqRqrSyNgBGyMi5667fBs40TfaeqtK7XaFR94ks6hgz7A3skpHaHUw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
_usergram.png
tr.usergram.info/
68 B
356 B
Image
General
Full URL
https://tr.usergram.info/_usergram.png?cid=UgbXwE-1&pid=UF37fcnQVsUiqxy0&t=pv&dr=&dl=https%3A%2F%2Fcf96820.tw1.ru%2F&dt=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&sr=1600x1200&nt=0&ct=1717795217348&tz=-540&wt=2080&v=js-3&_u=8vn08z
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.69.201.129 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-69-201-129.ap-northeast-1.compute.amazonaws.com
Software
Ug /
Resource Hash
bf326ce018ba6b9da2227dfa98e7f87f691946687f806f808b9c9879de9feba8

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 07 Jun 2024 21:20:17 GMT
Last-Modified
Tue, 14 May 2024 01:57:10 GMT
Server
Ug
Content-Type
image/png
Cache-control
no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68
Expires
-1
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/?random=1717795217411&cv=11&fst=1717795217411&bg=ffffff&guid=ON&async=1&gtm=45be4650za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcf96820.tw1.ru%2F&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=438082293.1717795217&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721484514
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
121f582e6a35f723dd0f97b5395baf10bc97c4d11399aa8ab8d20324dd58538a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1409
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/?random=1717795217426&cv=11&fst=1717795217426&bg=ffffff&guid=ON&async=1&gtm=45be4650za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcf96820.tw1.ru%2F&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=438082293.1717795217&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721484514
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
dec51aa91ccdc6953914f75dcb9acedd1081c2bca5082ebb455864d5dc39fb95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1410
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/721521220/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721521220/?random=1717795217469&cv=11&fst=1717795217469&bg=ffffff&guid=ON&async=1&gtm=45be4650v9100464315za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcf96820.tw1.ru%2F&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=438082293.1717795217&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721521220
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ebc38c1e9c2f3394d422c03a6b6a1dee9b07da0d952b8f57aa41a273742265af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1423
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/721484514/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/721484514/?random=1717795217411&cv=11&fst=1717794000000&bg=ffffff&guid=ON&async=1&gtm=45be4650za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcf96820.tw1.ru%2F&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=438082293.1717795217&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLad_auu1krfw3HuNzcpAtS3bppPu2xVgmcpXL0qVGdfpdSkT1&random=1481889170&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.jp/pagead/1p-user-list/721484514/
42 B
64 B
Image
General
Full URL
https://www.google.co.jp/pagead/1p-user-list/721484514/?random=1717795217411&cv=11&fst=1717794000000&bg=ffffff&guid=ON&async=1&gtm=45be4650za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcf96820.tw1.ru%2F&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=438082293.1717795217&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLad_auu1krfw3HuNzcpAtS3bppPu2xVgmcpXL0qVGdfpdSkT1&random=1481889170&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/721484514/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/721484514/?random=1717795217426&cv=11&fst=1717794000000&bg=ffffff&guid=ON&async=1&gtm=45be4650za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcf96820.tw1.ru%2F&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=438082293.1717795217&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLJgmZnznJt0Y-It1ch2ShxK2hH4lHaVUBraTC4HDJnl-m1IIi&random=662054229&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.jp/pagead/1p-user-list/721484514/
42 B
64 B
Image
General
Full URL
https://www.google.co.jp/pagead/1p-user-list/721484514/?random=1717795217426&cv=11&fst=1717794000000&bg=ffffff&guid=ON&async=1&gtm=45be4650za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcf96820.tw1.ru%2F&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=438082293.1717795217&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLJgmZnznJt0Y-It1ch2ShxK2hH4lHaVUBraTC4HDJnl-m1IIi&random=662054229&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/721521220/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/721521220/?random=1717795217469&cv=11&fst=1717794000000&bg=ffffff&guid=ON&async=1&gtm=45be4650v9100464315za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcf96820.tw1.ru%2F&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=438082293.1717795217&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLwllSaTaynxJUiNnTS0LIdwGwkVYrsh-SAMXzlTj-SG-q5Tvi&random=528564606&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.jp/pagead/1p-user-list/721521220/
42 B
64 B
Image
General
Full URL
https://www.google.co.jp/pagead/1p-user-list/721521220/?random=1717795217469&cv=11&fst=1717794000000&bg=ffffff&guid=ON&async=1&gtm=45be4650v9100464315za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcf96820.tw1.ru%2F&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=438082293.1717795217&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLwllSaTaynxJUiNnTS0LIdwGwkVYrsh-SAMXzlTj-SG-q5Tvi&random=528564606&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://cf96820.tw1.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
b.karte.io/
143 B
206 B
Fetch
General
Full URL
https://b.karte.io/event
Requested by
Host: cdn-edge.karte.io
URL: https://cdn-edge.karte.io/79189f281f13ea9187560e2ed5ed02b2/edge.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.157.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.157.102.34.bc.googleusercontent.com
Software
/
Resource Hash
65ad269abbe34f1b66b135692aa740eb2cf8c9e37d81739418e483bc502029fa

Request headers

Accept
application/json
Referer
https://cf96820.tw1.ru/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 07 Jun 2024 21:20:17 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
143
vary
Origin
content-type
application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
adcdn.goo.ne.jp
URL
https://adcdn.goo.ne.jp/images/pix/9pbn9i0a81.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: au Jibun Bank (Financial)

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| escapeString function| kzs object| yjDataLayer object| ytagapi function| _lt object| _ltc object| regeneratorRuntime object| twttr function| UET function| UET_init function| UET_push object| google_tag_manager object| google_tag_data object| dataLayer function| $ function| jQuery object| platform boolean| doubleClick undefined| winObj function| exeSubmitFormName function| exeSubmitFormNameArg function| exeSubmitFormNameOwn function| exeSubmitFormNameArgOwn function| exeSubmitMain function| delComma function| delDateString function| disabledOff function| editComma function| editDateString function| windowOpen function| setExtendedTimeout function| isUserAgentWebView function| GooglemKTybQhCsO function| google_trackConversion object| dynIG object| __dcid string| siteId string| cookieDomain string| urlForFA string| ct1 string| sessionIdForFA object| _cpaq function| krt object| __KARTE_EDGE_79189f281f13ea9187560e2ed5ed02b2 object| __KRT_DEVTOOLS__ object| _ltq object| __Cascade object| SmartnewsAds object| btnlogin function| retrieveUUID-0 function| retrieveUUID-1 string| prop undefined| _bt_url_prefix undefined| _bt_referrer undefined| _bt_site undefined| _bt_mode function| bt_log function| bt_eval function| bt_parameter function| bt_meta function| bt_cookie function| bt_data function| bt_handle_exception function| bt_data_escaped object| BrightTag function| btServe object| $jscomp object| JSON_PIWIK object| Piwik object| AnalyticsTracker function| piwik_log object| __RIGHT_SUPPORT_UTILS object| __RIGHT_SUPPORT_API object| __RIGHT_SUPPORT_INTERNAL_API function| ytag object| usergram object| Smn function| twq function| fbq function| _fbq object| yahoo_retargeting_sent_urls_counter string| yahoo_retargeting_pv_id function| get_params function| make_cid function| set_cookie function| set_cookie_v2 number| def_term object| params number| adterm number| adterm2 string| adsess string| adsess2 object| adsess_arr string| alpha_cid function| gtag object| GooglebQhCsO

54 Cookies

Domain/Path Name / Value
.amoad.com/ Name: uid
Value: AY_0kt1CCE8RSUrhG_E
.adtdp.com/ Name: uid
Value: AY_0kt1BJr_30ExISH8
.adtdp.com/ Name: dynid
Value: AY_0kt1BJr_30ExISH8
.ebis.ne.jp/ Name: TRACKING_DATA
Value: 1qmhn9fp2xx.1717444974
.yahoo.co.jp/ Name: XA
Value: 4bdfuthj66ucg&sd=A&t=1717795216&u=1717795216&v=1
.yahoo.co.jp/ Name: XB
Value: bc660a72-2513-11ef-a62d-f965bc313c61&v=6&u=1717795216&s=4c
.smartnews-ads.com/ Name: g
Value: AIZGmyKQZp_i9gxGndnXb578mK0Y2cZSe7nbbLh831126Lbr97BqbawJS8dZHz4kwnVkOeSp5ULcx8wyg9RHBCA%3D
.doubleclick.net/ Name: IDE
Value: AHWqTUnZ6GJCIiblFm7ZNiNA6wnP1oOSupMEW-mRE-EK_Lzr-zgZKtq-4QgE6ru7
fledge.dynalyst.jp/ Name: ar_debug
Value: 1
.tw1.ru/ Name: krt.vis
Value: qxQNlPauJ5b8YD2
.cf96820.tw1.ru/ Name: __lt__cid
Value: d4d6af33-02a7-4980-a18c-1cc8dd5f4ca6
.cf96820.tw1.ru/ Name: __lt__sid
Value: 97360f70-68340ca4
cf96820.tw1.ru/ Name: snexid
Value: 4b680d05-278b-4a73-a231-ff8fabfcaf9f
i.smartnews-ads.com/ Name: AWSALBTGCORS
Value: AOpnEcHgxkzzhVq65xv+WVCQoFMmxkUGmPmv/OPNepV5e1vBtRMdUaT3P7RWuaHBjyQKDQGI8KN0yLs+fBJ5KKeVH3Ne7ZtjGBESYUlsD38YC7gDVPzg2lvDQlRoAP3mb5tLod11FlsrjxsSgdhZT5k7NKMHMjlKonPwLtjj9LEyubCBFeg=
cf96820.tw1.ru/ Name: _pk_id.1077564906.9b16
Value: 2eec4c12d0a31af9.1717795217.1.1717795217.1717795217.
cf96820.tw1.ru/ Name: _pk_ses.1077564906.9b16
Value: *
.line.me/ Name: _ldbrbid
Value: tr__k1y/XGZjeZFrE3uorKX9Ag==
.fraud-alert.net/ Name: caulisCookie
Value: 1063931530856914944
.tw1.ru/ Name: rt_storage_writable
Value: true
.tw1.ru/ Name: rt_session_id
Value: 2ea01886aad14b42905c39bee50a82c0
.tw1.ru/ Name: rt_user_id
Value: 9af10ab16fbd4260898843b01fff7a0b
.tw1.ru/ Name: _yjsu_yjad
Value: 1717795217.be278ea2-1dd5-4715-8b94-b981e35de328
.tw1.ru/ Name: _ugpid
Value: UF37fcnQVsUiqxy0.2
.ladsp.com/ Name: cr
Value: 1
.ladsp.com/ Name: smn_uid
Value: LPJz2buM43F8_XML9qJUUyDXXnliEow
.ladsp.com/ Name: receive-cookie-deprecation
Value: 1
.tw1.ru/ Name: _fbp
Value: fb.1.1717795217339.636670925176811508
.ladsp.com/ Name: lum
Value: CMS_y6T_MRIFCAEQqAESBQgZEMABEgQIDRB4EgIIDhICCCoSBQgDEPABEgIICxICCA8SAggQEgIIERICCBQSAggbEgIIHBICCB4SAgggEgIIIhICCCsSBQgKEJAN
.bidswitch.net/ Name: tuuid
Value: 1fcacc7e-02d1-4a84-924a-e16ee384113b
.bidswitch.net/ Name: c
Value: 1717795217
.bidswitch.net/ Name: tuuid_lu
Value: 1717795217
.send.microad.jp/ Name: TR
Value: 3a1c22c88ba3e6aba6ff516913cee3a191a38fe50dac8780
.ad-stir.com/ Name: uid
Value: 33278630-df66-42d3-98cf-00ee868dc2d4
.ad-stir.com/ Name: d20
Value: AUMQshwvj6G2ks8AINdeeWISjM8AAAGP9JLfxA
.socdm.com/ Name: SOC
Value: ZmN5kcCo5uYAAF21rDgAAAAA
.adingo.jp/ Name: logicad
Value: AUMQshwvj6G2ks8AINdeeWISjM8AAAGP9JLf2A
.adn.caprofitx.com/ Name: pfxid
Value: 6617b542-495c-4663-8696-9d2f8f615ade
.adn.caprofitx.com/ Name: pfxids_logicad
Value: eyJpZCI6IkFVTVFzaHd2ajZHMmtzOEFJTmRlZVdJU2pNOEFBQUdQOUpMZjN3IiwidXBkYXRlZEF0IjoiMjAyNC0wNi0wN1QyMToyMDoxNy40MDRaIn0
.tw1.ru/ Name: _gcl_au
Value: 1.1.438082293.1717795217
.popin.cc/ Name: piuid
Value: 5197749af6494a1097a646fbcf3960ee
.popin.cc/ Name: p_logicad
Value: AUMQshwvj6G2ks8AINdeeWISjM8AAAGP9JLf5g
.as.amanad.adtdp.com/ Name: b1029
Value: AUMQshwvj6G2ks8AINdeeWISjM8AAAGP9JLf7g
.impact-ad.jp/ Name: tuuid
Value: b7e64f58-3b2d-45a3-b223-cb605d9cbc5f
.impact-ad.jp/ Name: c
Value: 1717795217
.impact-ad.jp/ Name: tuuid_lu
Value: 1717795217
y.one.impact-ad.jp/ Name: cmt
Value: !105=1fcacc7e-02d1-4a84-924a-e16ee384113b=1=489630017=487038017
.impact-ad.jp/ Name: psm
Value: 0
.creativecdn.com/ Name: g
Value: RWfXQPAIOxwyat18X1Xd_1717795217487
.creativecdn.com/ Name: c
Value: RWfXQPAIOxwyat18X1Xd_hxYam9TowYWyYdrw8cSX_1717795217487
.creativecdn.com/ Name: ts
Value: 1717795217
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.rubiconproject.com/ Name: khaos
Value: LX56X4ZZ-1D-KANV
.rubiconproject.com/ Name: audit
Value: 1|quLkLAqJaOHn258dgHIH/96fbTEbSqjFBf14+EuBzkPULEzLSiMGrZ5ILooJ08eyn4Qp/QiAAocwHTRO1/p4iL+YuzCqzjSQgXr7nSTpjJ3Z6rMoVGSjxzI6m2GwvSZBptn4hYLAuUdoiGAAxAsgKNC9FXOUkL+Mr/zZYMWcvAog1u3OEw5FU9APlTu0R9RN
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1

105 Console Messages

Source Level URL
Text
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/(Line 233)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
recommendation verbose URL: https://cf96820.tw1.ru/
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cf96820.tw1.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adcdn.goo.ne.jp
am.yahoo.co.jp
asia.creativecdn.com
b.karte.io
b98.yahoo.co.jp
b99.yahoo.co.jp
bat.bing.com
bs.karte.io
cd.valis-cpx.jp
cdn-edge.karte.io
cdn-issues.karte.io
cdn.kaizenplatform.net
cdn.smartnews-ads.com
cf96820.tw1.ru
code.jquery.com
code.usergram.info
config-code.usergram.info
connect.facebook.net
d.line-scdn.net
dynalyst-mk.adtdp.com
fledge.dynalyst.jp
googleads.g.doubleclick.net
i.smartnews-ads.com
i6.smartnews-ads.com
mk.ca-conv.amoad.com
p.fraud-alert.net
px.ladsp.com
rec.ebis.ne.jp
s.yimg.jp
s.yjtag.jp
seal.digicert.com
sib.jibunbank.co.jp
static.ads-twitter.com
static.fraud-alert.net
static.karte.io
taj1.ebis.ne.jp
tk.csolution.jp
tr.line.me
tr.usergram.info
um.ladsp.com
www.facebook.com
www.google.co.jp
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.jibunbank.co.jp
yjtag.yahoo.co.jp
adcdn.goo.ne.jp
103.132.192.30
104.71.152.232
13.225.183.52
13.251.181.147
142.250.196.131
147.92.191.92
151.101.129.91
151.101.228.157
172.217.161.66
172.217.175.68
172.217.26.226
183.79.248.252
183.79.255.12
184.26.218.115
23.32.224.34
23.62.185.138
23.62.20.91
2404:6800:400a:80e::2008
2600:140b:a00:29a::322
2600:9000:2352:a000:8:dcbf:c740:93a1
2600:9000:26a7:6400:10:3572:e540:93a1
2600:9000:26a7:8e00:2:a84d:5700:93a1
2600:9000:26f2:5000:1e:513c:d3c0:93a1
2620:1ec:c11::237
2a03:2880:f00f:8:face:b00c:0:1
2a03:2880:f10f:83:face:b00c:0:25de
2a03:6f00:1::5c35:6079
2a04:4e42:200::649
3.114.207.150
3.164.110.129
3.164.110.92
3.164.134.66
3.165.39.26
34.102.157.207
35.78.35.33
52.194.138.20
52.196.189.61
52.69.201.129
54.249.167.126
54.65.115.213
57.180.94.75
023c102bcec6505b6048e359ff5c7cc3d824065be74de48884b2996d0baf5f66
04f23277586478cbb986f3b6c22df02c83b00d596401dcc95528888b10050b6d
0bf819a265baa5f631bbceec41c94baea23383751a9d20b0d204dfb10d9a1c41
105826eda8961b32f3856c547ab119e2685194f9491af047b9646009181880f8
121f582e6a35f723dd0f97b5395baf10bc97c4d11399aa8ab8d20324dd58538a
1dffa14ea00339fb59b13b3e2aa769fdb769d5d67bd3d8238ee5cdcb14bf0f49
1f9db7c8179b8ee39d57d226053e582fd050177e227f3ee3cdc7232d63d8b07d
2159d7d822ac14048df7c20ec5d420cd82e9d8822f1e540bf37272a24ea5545b
217728cd2bd1c1f3ad6928ec142241336f13446f214366ce2cfde4d7cfb680a6
226db5b095d2f37d4783213e9286dc25ce181d3ecf26e94aa660b61f91acfd84
245c5ce05d63cf9f1a3342ee3cde30366752ba5dc63e65732641ee46226c5721
2af1d7b0e3dada1e08de57f2731c68a0f935ad9db19b81e584cc7a336afd2767
2b21dcaaa1c1ed769d1a4323d619d72059651be40be3c2d95ab18a37a0b2842c
2cb7df87962541d661e113e0045120be429479e3309719f2058474276351f8c9
325365d6ab2928e0202c292dbfc66ae24e682d018df6d62d7ea60f9a32e35938
3d365a6395b9f0e62b9cc914189d1e462843e780eede59b14c7407f875ce04e9
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3febc80c27bc363e6498cf16d6c5a0e98c0c88ee1606979a18bc68a2f3533bdc
411bff450d9a7ff9aa950233a52c17b3feb575b554a8dfe8236948f9171c2108
41223816ca838c8d0795cab48948d68a6c04d8171445ce77ba747595ad316444
4261fecbdca755ec080fb25e98f26f2ca3afda2c057490d5fc1c39d98d4ab5b8
436f5fd01b87b021f1dea366566da470d0c4398050592ba2b00c66513ed8ed92
443c9e65beb2fe9db625ba5dde6dca5147f157ce951349065012238299c25fb2
48395747738ae23158701c30d1f14a385d855d154661747974a16fc4d2d2a5bd
49dfc4a033d974b6f20c2b5343757673c7588bf9ef65c99383a63be53011b0fa
4cf9036abe69464fdacd45e96d84ef45400515e75cfa4a1411b2a6d23e286fc8
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4ee5949392f439d6fa7dbc590d5b4c066e3b7224c30e4936a5f7bc696fa160d9
543ab792369cfc31207e44598c95badbb85e68752009b647f4e08a3121b227d3
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58dcb9b4c4a8af93d049784e1be829d690b870d33cb49c693565f38e982ed5b6
5f2cb37f40592d6d97db3379180c2bcb6883f0b4681424f7615503ff83b4301e
628052ff7b7c472dc233bbbf997dc6daf9f61655d5a57d7dbfb7ac5ce826f83e
63462dc90c8be8e1f61c3ee7188facba5e4e2318f8adbda5bc8b993fe6ce1ef0
65445eb8b3492446d2a99437da030393e716d2d67b4e63a8dfe08334485202ff
65ad269abbe34f1b66b135692aa740eb2cf8c9e37d81739418e483bc502029fa
6b2cfc91bcb1bcdf077aad92873045da05e3fc81706797e120ff7384a8cdbd3d
6ed05b57ad40727d79d3c1d73aefca0e5d8c0406c76b057f6ce46348cd91d57c
6ee08153c9a97ceaa6a0c382f82b35327aa68e4b4bbe6544c2657631a80c236e
72b3d7d8470cd110a49af79433d12034574ec1af9ca0151635e0580a279cfe8e
7644ed95768ef11745d9721a02060a8cddc9d99ff6e6abfc79f24d6093e3e4cc
78a85aca2f0b110c29e0d2b137e09f0a1fb7a8e554b499f740d6744dc8962cfe
79b58b88d2400e693ed7c89099cffe25a471b83c372ba638284503a72b2406f4
7dd771ade49a0a57e23c7791901ccbcde5cab2eacd117b248b9bc64c04799aba
81f277888d1ee510668666fb819bcf637e488b613dac15cf78cbe9d1ac41658c
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
87fc9597a23facc94ead8fe7e978d5d088c7dc7e050805c7cfa0dae8babe4539
88b0fc3f9d2f307411b1a42d7d8e97f1b68325d0f5f4d1185910fb55f2af9f3a
88bd4523beed41e732cca76652a5ab7d0a223dc324195f264c3caf00a215e1fe
8cadf3c3a9253b0d06232619dc20082d865a3824667154df1429cd9bca7388ab
95c3a41dc0300691569690f968222223b3cf13c9c950e6ac2f0c48003b71f8bb
a71e1e5b38c0016fa7125db40021d544b5de7fa423c8a6cf578a7dfb7b08559d
a72d47b6f647b40a3135830e71d732c2b0a7e7c3a43d022fa9e454e7866dbe5c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
af27551b9848d5372f44520be54c67c2bc0fd9f759aee442943a543d30232b7f
b5a034ead112699878b523b7cd97438c7799f6392fc5378749d5c8a69166fa9c
b655d409d1d1b439c2e548b988bbf519f523500114eb1e38604d7e67febe43a1
be2f241cecf2cc48e86598fcde8c642e782cd3db9870a042eae183faa3d5e1d1
bec54132b336b6183d12e2da783cd20dcf37524785df0d4c4c9552d94e601902
bf27f60cc41bd253f9fc274661a5d1fa9a00ad82dd0b76e4d3838163ff6d685d
bf326ce018ba6b9da2227dfa98e7f87f691946687f806f808b9c9879de9feba8
c35fd6a485324a59e51beadca1d4bd9908ee96786265e519816cb9ad9446483f
c3b78b1b07598ebf8d5b1575ebc0c93cf5f60a895fbc66e848a0c01a0ff913ac
c416db33405a27396b6ada4b33b0e8b1582eb987eb72693db75cdc75b65e8e76
c4da264867121b9f488748d2536849b092ba8df1e0529b45c4fa146d20d54b4c
c7398b866493b0b2db87edfd1c11abb5d29687fab805c59ae427fc8e3714f520
ccb6aa3cf3c69a97f9c8b3e9fa831216f1987771f4da241b37fadbce2d719a27
cf13c4419977d2f686600b263e163329da325e3291a0a66d0de22b9808066d15
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa09e6c41e2dedee077c48c47c547797beb1aea55147c233cc4b096312e2429
d504f72375bcfb65fbf8dbf79ad313aa21df0953bb1efef82695708ba70922b1
d8252990d0b9cbcdec180720728a3be252cd124a9a96784cd64d57bda6e35e41
d9c7daa07005267eb35152ef01ce3f08e29700db629abda4e96b52fcdbad31a6
dbb9069d2de94b007afc3107774af3bd02aa6e0cece82b1f9396d7b395aef9e2
dec51aa91ccdc6953914f75dcb9acedd1081c2bca5082ebb455864d5dc39fb95
df0490975598ac04676187866062347a04e855232ed03e80ff146d771d35f54c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e557e6c5f8c1025b144bbca671c314820302284a1ab5c6f4151bc39de0d7b413
e8881877c2878d17c77087ae8395eeb362b57e2c41aa0970eca42ee2ad3cecbf
ebc38c1e9c2f3394d422c03a6b6a1dee9b07da0d952b8f57aa41a273742265af
ed92ea5ecc441438194a08e31c912361fe9ca009347dce68a5a3fa363207cee9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
effe56951344e9aaf32191bbb963c207d43f16fa85cf4e70b7b280e8b8d5b504
f02b309865012d2dbe5cf51d3eae8cd2cbfeb4d6b2a9b41b146fd7d809fa3ba8
fcb92256c3e56256b54cc042e811cdb92728020e595c0fa3bf733f56cd53b531