Report - www.1-sso-nifty.duckdns.org/ja-JP/login.php

Report Overview

Submitted URL
www.1-sso-nifty.duckdns.org/ja-JP/login.php
IP
20.169.107.39
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2022-09-23 18:08:10
Access
Website Title
Final URL
Tags
None
urlquery detections
DynDNS domain detected

Detections

urlquery
2
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	34.208.31.97
e82ad3bdc0551ca36cc3bc0485e3400f.safeframe.googlesyndication.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	548 B	4.0 kB	142.250.74.65
adservice.google.no	96969	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	408 B	1.1 kB	142.250.74.2
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	108.156.28.51
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	67 kB	34.120.237.76
ssocsp.cybertrust.ne.jp	21077	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	345 B	1.7 kB	116.118.230.85
pagead2.googlesyndication.com	101	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	12 kB	216.58.207.226
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	18.165.201.103
www.googletagservices.com	169	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	701 B	74 kB	142.250.74.162
adservice.google.com	76	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	382 B	779 B	216.58.207.226
sso.nifty.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.6 kB	39 kB	108.156.28.66
securepubads.g.doubleclick.net	190	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	406 B	132 kB	216.58.207.194
tpc.googlesyndication.com	126	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	375 B	7.2 kB	142.250.74.33
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	483 B	1.4 kB	142.250.74.164
www.1-sso-nifty.duckdns.org	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	362 B	10 kB	20.169.107.39
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	7.0 kB	142.250.74.3
adservice.google.co.jp	44140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	384 B	1.1 kB	142.250.74.2

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-09-14	medium	www.1-sso-nifty.duckdns.org/ja-JP/login.php	Generic/Spear Phishing

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-23	medium	www.1-sso-nifty.duckdns.org/ja-JP/login.php	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (25)

	URL	Size	First Seen	Last Seen
	www.1-sso-nifty.duckdns.org/ja-JP/login.php	887 B	2023-03-07	2023-03-17
Pretty URL www.1-sso-nifty.duckdns.org/ja-JP/login.php IP 20.169.107.39 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:48:42 Last Seen2023-03-17 12:47:38 Times Seen1 Hash f2e14a3a2e8a057687c4128a260e907a 9619e2c367e66b158088e33a421523eef17bb3a9 b5a2c456e38b9b8073ba46732fb6c0d1c7a160a51fc8efbe883a323c8e909034 Loading...

	www.1-sso-nifty.duckdns.org/ja-JP/login.php	19 B	2023-03-07	2024-04-28
Pretty URL www.1-sso-nifty.duckdns.org/ja-JP/login.php IP 20.169.107.39 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-28 15:38:42 Times Seen2235 Hash 65bb46e3f84073f672c022f98f42245e 2d0aed946f65bf94f57fe36798d2540727b212e3 375bc1a8808edc2a20b432f223e06e981b02feb9d34f558260aa537495f3533f Loading...

	www.1-sso-nifty.duckdns.org/ja-JP/login.php	14 kB	2023-03-07	2023-03-08
Pretty URL www.1-sso-nifty.duckdns.org/ja-JP/login.php IP 20.169.107.39 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:24:27 Last Seen2023-03-08 03:39:10 Times Seen1 Hash 979cf4df59966051a516aa59bb71ee35 2d5430f32ab855b2bfd32a30e514385bf698ee45 0c176ea7b8a219ca486a2c22728aecfccaedc1d10970150e63b8714c09383cd5 Loading...

	www.1-sso-nifty.duckdns.org/ja-JP/login.php	636 B	2023-03-07	2023-03-07
Pretty URL www.1-sso-nifty.duckdns.org/ja-JP/login.php IP 20.169.107.39 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:57:25 Last Seen2023-03-07 23:57:25 Times Seen1 Hash c020d939bf2e7ce01b5b0f0114b39bc1 0b17de7b4cb771402c8e20da145736a6f747d1c8 fc46b9ddb5c6d693922443e056d4d5f038b1f1e3eeae6520ec73bd1fa6d07f10 Loading...

	tpc.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite_fy2021.js	24 kB	2023-03-07	2023-03-08
Pretty URL tpc.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite_fy2021.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:24:28 Last Seen2023-03-08 03:39:10 Times Seen1 Hash 15faa075af40cd38e9c964751ae2ac29 976ebf95f39384652103e4db16ba7e38114e8ce5 d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05 Loading...

	www.1-sso-nifty.duckdns.org/ja-JP/login.php	169 B	2023-03-07	2023-03-07
Pretty URL www.1-sso-nifty.duckdns.org/ja-JP/login.php IP 20.169.107.39 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:57:25 Last Seen2023-03-07 23:57:25 Times Seen1 Hash 5ab7a0fa1cb732d5fafafd26c56329fd e9211d746de2643fba1c7fcd7e11b91f42626cf6 b42824dba81e26b529e9415e13f6a28f46bc92995e945554ca8370672f4bf43e Loading...

	tpc.googlesyndication.com/sodar/sodar2/225/runner.html	13 kB	2023-03-07	2024-02-23
Pretty URL tpc.googlesyndication.com/sodar/sodar2/225/runner.html IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-02-23 22:40:33 Times Seen4633 Hash 04889347291e33491547245846d18c4f fa0e1917fb2630c86eab067505751a72ba001c6a f4a5d6b45c241fa0ce6ba4ae8b035ad725d67c4091ce8a99bc9c2364295b8fd8 Loading...

	adservice.google.co.jp/adsid/integrator.js?domain=	107 B	2023-03-07	2024-02-03
Pretty URL adservice.google.co.jp/adsid/integrator.js?domain= IP 142.250.74.2 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-02-03 18:43:04 Times Seen27539 Hash d9c47f48660b656705d0ff86fc850de8 bceb9478f69cdfc2eb87ae6b80e95dbaac8b6769 a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Loading...

	www.1-sso-nifty.duckdns.org/ja-JP/login.php	425 B	2023-03-07	2023-05-01
Pretty URL www.1-sso-nifty.duckdns.org/ja-JP/login.php IP 20.169.107.39 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2023-05-01 14:54:53 Times Seen167 Hash 91500220bb249b39664727c6f65273b1 0a6d1dd3e1491c2901814e0f59a72c58b0594f9c 6330ba4346ba06b8cd93f3a69e4e4dbcb7d66b36d11eb39468f87300918dbb1f Loading...

	www.1-sso-nifty.duckdns.org/ja-JP/login.php	18 B	2023-03-07	2023-12-10
Pretty URL www.1-sso-nifty.duckdns.org/ja-JP/login.php IP 20.169.107.39 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2023-12-10 23:37:06 Times Seen1996 Hash 364903be35e41b2e14a841071c35f191 58dcb22af21e5f7fd6e5bef578eb1b9a7ddd34a5 b29dd4c3347306fe999d36cab04ed9a9ef863d885d11c86ebbb571802f25ff59 Loading...

	www.1-sso-nifty.duckdns.org/ja-JP/login.php	9 B	2023-03-07	2024-04-28
Pretty URL www.1-sso-nifty.duckdns.org/ja-JP/login.php IP 20.169.107.39 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-28 15:38:42 Times Seen2255 Hash c8308edb31948449adfea16b3e2d316d 38d59d97a7ea7498b50a40eabdfde6c3f446be3b 5c1324674560cf5a651810c1e7ad9643cd2472144d432b7a62a743a19f6f86c4 Loading...

	tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js	2.7 kB	2023-03-07	2023-03-17
Pretty URL tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2023-03-17 17:17:05 Times Seen1 Hash 2e8add037bbbab7de5282c243984efc2 2bed31fe5c27727f99ec1a7776c088eb8e09295a 8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14 Loading...

	tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/one_click_handler_one_afma_fy2021.js	33 kB	2023-03-07	2023-03-08
Pretty URL tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/one_click_handler_one_afma_fy2021.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:29:51 Last Seen2023-03-08 03:10:19 Times Seen1 Hash 4d93afc9da89e88b4cbc22e66af7fc78 6bcb6763b33602af381ddfb22aceaad2d480716c 01e9a6b83eabe383b954ff2ea312241161d6f422cca61b6531dd247028facd32 Loading...

	e82ad3bdc0551ca36cc3bc0485e3400f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html	5.9 kB	2023-03-07	2023-04-01
Pretty URL e82ad3bdc0551ca36cc3bc0485e3400f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html IP 142.250.74.65 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:42 Last Seen2023-04-01 11:14:51 Times Seen10 Hash 8c9167a12514e1f681071cf166eddbd8 0c7b266f0c37125c9e59739600fc7385ec3e7e9e 179fc08b148574b99ee971cc7fbad7cf22d425cd9ea82ff60b01e15d94b5f607 Loading...

	securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792	387 kB	2023-03-07	2023-03-08
Pretty URL securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792 IP 216.58.207.194 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:48:36 Last Seen2023-03-08 02:37:42 Times Seen1 Hash 0a1a8e78659ad7a4b7bf613460cedcf4 aa8003bb0ef1cc741cc3b47e786bfad9d7d2713a 47395347833919b1b83bb90b7487da0d9213502fb8f18af28230b9c4a199affa Loading...

	securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068517	386 kB	2023-03-07	2024-02-03
Pretty URL securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068517 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:48:42 Last Seen2024-02-03 18:43:04 Times Seen259 Hash b41bac584fe08db77aea42adb59b4f6d df14e1746f3c45a5f61257f89bdab1e5f075d7a3 fe7bd8cacf9680625b7da9649a92bee8ab705909190040bad2396b2d6ca9436e Loading...

	www.1-sso-nifty.duckdns.org/ja-JP/login.php	42 B	2023-03-07	2024-01-21
Pretty URL www.1-sso-nifty.duckdns.org/ja-JP/login.php IP 20.169.107.39 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-01-21 17:37:29 Times Seen5 Hash e521630b9cf7c42a35c3d2074d3482eb 1d1a7922d12f95864609708dc37f160fb4c78fa3 12fe0fff088c324128e7ed260a2018e7c55328dbb7926c870a75ba13b4b9008d Loading...

	unknown	0 B	2023-03-07	2024-05-02
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-02 00:10:33 Times Seen37258641 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	tpc.googlesyndication.com/sodar/sodar2.js	17 kB	2023-03-07	2024-05-01
Pretty URL tpc.googlesyndication.com/sodar/sodar2.js IP 142.250.74.33 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-05-01 19:09:47 Times Seen17716 Hash 2cc87e9764aebcbbf36ff2061e6a2793 b4f2ffdf4c695aa79f0e63651c18a88729c2407b 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Loading...

	www.googletagservices.com/tag/js/gpt.js	82 kB	2023-03-07	2023-03-08
Pretty URL www.googletagservices.com/tag/js/gpt.js IP 142.250.74.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:57:25 Last Seen2023-03-08 00:04:24 Times Seen1 Hash 9f3171416c5326d5834ccf82dcc5f2ed 3353f00d5ed7c5c95664ec8dd5782f0f301f2c77 c97ecbeef7b1ebc5acca6c3b216ac22291bbcb4c48b3de468482660244680f61 Loading...

	www.1-sso-nifty.duckdns.org/ja-JP/login.php	4.5 kB	2023-03-07	2023-03-17
Pretty URL www.1-sso-nifty.duckdns.org/ja-JP/login.php IP 20.169.107.39 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2023-03-17 12:55:21 Times Seen1 Hash 11c41f4c9bf2632e2a20ebf3f7772fa5 a8fa7aa53d7759909b540324d6e889ee42d8a5d5 9134a82074fc3e131ead408ea452d6ca3b4c64fb4fa3eb90e46f769e189ea03b Loading...

	www.1-sso-nifty.duckdns.org/ja-JP/login.php	636 B	2023-03-07	2024-01-21
Pretty URL www.1-sso-nifty.duckdns.org/ja-JP/login.php IP 20.169.107.39 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-01-21 17:37:29 Times Seen157 Hash 48033e63da5e60ce0ab250c10881611a 30232a488d0dabbd846e69868d6bfae177472580 853c65cb8f06491b1b30d7a131c57ba9263e8dff4e12cb6fe2965083ba33359d Loading...

	www.1-sso-nifty.duckdns.org/ja-JP/login.php	29 B	2023-03-07	2023-03-08
Pretty URL www.1-sso-nifty.duckdns.org/ja-JP/login.php IP 20.169.107.39 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:24:28 Last Seen2023-03-08 01:53:59 Times Seen1 Hash eb5aff48f6fc0947303c437f0fea79e4 b2a7fc310aafc22a2c832ac08576f22801280bb8 a24b3baab750162d9a7e2c40ffe5270f6a684eb6a80caba26f6aaefcd99d8171 Loading...

		Size	First Seen	Last Seen
	#1 Write - f0f2d816a51eeaa9ea2703fde0996c95	147 B	2023-03-07	2023-03-07
Pretty Observations First Seen2023-03-07 23:57:25 Last Seen2023-03-07 23:57:25 Times Seen1 Hash f0f2d816a51eeaa9ea2703fde0996c95 8cfbf90fd832296f5713063cacf6f623cde83719 9e2686fc3e55aeb3b5b2b70abbececb8026d5e6efbee8478a37994d9637df3e9 Loading...

	#2 Write - b81f800f9b07784e30c671a6fe80d153	44 kB	2023-03-07	2023-03-07
Pretty Observations First Seen2023-03-07 23:57:25 Last Seen2023-03-07 23:57:25 Times Seen1 Hash b81f800f9b07784e30c671a6fe80d153 93a0b44c8cd72b3572a780ffab32ad140ede3fce 650fff837eacb4dfb3ea8c84f3865f482a633bd03d5fa9607d1da82d7ee9ab32 Loading...

HTTP Transactions (51)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3100
Expires: Fri, 23 Sep 2022 18:59:39 GMT
Date: Fri, 23 Sep 2022 18:07:59 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

18.165.201.103

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
18.165.201.103:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 18:05:12 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 835f3c9e7c3bc0e7766edf13dac581de.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: H_SG4Y8IHACNPRnF-vVQj5YhAVQsAE3Q4qkFqzkcbr-ImyTDcgkC0w==
Age: 167

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

108.156.28.51

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
108.156.28.51:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 23 Sep 2022 04:13:03 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 7334e58f541a6f336bf4941e79456558.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: -oY5n66UbXMCPyygTw0riR4wIKZHQSUTGN5ySSIQzkGR4cu--q09TQ==
age: 50097
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 18:07:59 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

18.165.201.103

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
18.165.201.103:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Expires, Alert, Content-Length, ETag, Cache-Control, Content-Type, Backoff, Pragma, Last-Modified
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Fri, 23 Sep 2022 17:33:01 GMT
Expires: Fri, 23 Sep 2022 18:31:23 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4dd28c7d9439664c66fbf62f5cd00636.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: HvUrz9AKOmFBBoIgG8_uBMnfmZBQ0J-METJ56KFmf7vfq_T1o48-rA==
Age: 2098

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f714931cf870bfa33815fd259b7246fd
38e411ef8ca1b31ead8415ee5f21d98bd9653a86
897675130112daff8bdf6fa25b56faa4b9fdb367daca2b2645ed65c83a2e423f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5406
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:08:00 GMT
Last-Modified: Fri, 23 Sep 2022 16:37:54 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

34.208.31.97

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.208.31.97:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: RU4wTnjaOGeFPzd4bCqWZw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: cLuqX75wIDPBS/PixlmKXMs1GAg=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6163
Expires: Fri, 23 Sep 2022 19:50:44 GMT
Date: Fri, 23 Sep 2022 18:08:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6163
Expires: Fri, 23 Sep 2022 19:50:44 GMT
Date: Fri, 23 Sep 2022 18:08:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6163
Expires: Fri, 23 Sep 2022 19:50:44 GMT
Date: Fri, 23 Sep 2022 18:08:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6163
Expires: Fri, 23 Sep 2022 19:50:44 GMT
Date: Fri, 23 Sep 2022 18:08:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6163
Expires: Fri, 23 Sep 2022 19:50:44 GMT
Date: Fri, 23 Sep 2022 18:08:01 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10127 bytes)
Hash
b877ead4a15221fdd278ef27f281a7ec
48c10714503e8dfdd3e3c3d39b919ef2792f0d15
f4a1d5abcfa4092828e004b6c0605a7a24e4133d275312f613dceff875971daf

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10127
x-amzn-requestid: 456e3c6a-e173-433e-8d54-d787cb50b7e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0sHmCoAMFVSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-7a07b336571396533e48b4cb;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KKYAef15NoI3It5UfVcqhPx50Fr6IK7O2VFasuAILVN9PP8CH1_7Ng==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:58:25 GMT
age: 72576
etag: "48c10714503e8dfdd3e3c3d39b919ef2792f0d15"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (8029 bytes)
Hash
02a682b4703bb9d6381c762726c05531
1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5ur411n5hU7eWb68iExZCUrhpCybRyTBHCi72ra8dS2kd3UhW8sb1A==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:59:00 GMT
age: 72541
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8497 bytes)
Hash
7606ff88f05062b66970d9805f38987a
d47db5fcd83023b4a8de40a47d4510e183de387a
20f89dd859e5715e27c289040fac6a121248e5b6c06da0a7f186984ffb029eb2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8497
x-amzn-requestid: ab65ba93-aad5-4845-b471-c50c14057c47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YvqujEsIoAMF8sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632957f6-6d4635bf713fd25147948c7b;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 06:04:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: SZ6p5NLxuGUoEOZujwPbDGwUO0dZgiITud8RWOaSW_VciGRgBidY2A==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 19:36:01 GMT
age: 81120
etag: "d47db5fcd83023b4a8de40a47d4510e183de387a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5340 bytes)
Hash
3b318ea5c36d2b22b925f7dfe382df5f
0264e73c4cfff0bb255757c7e1c760a5ad3ece80
0c2f58ea4f5f32bb327f292e1b8fb5a4a60230bffc3abc440a624df27ec0d6bc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5340
x-amzn-requestid: b13bc974-e15d-43a4-a918-fbc35b09a36f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y19HljIAMFY8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4f2-2cb226ba4bd7c7e74d9ab2db;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8DCVWC4Ihr4R21i3ySyiWdUK0aGymTE22B842ZKolG-ZThiKSMX-uQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:04:45 GMT
age: 72196
etag: "0264e73c4cfff0bb255757c7e1c760a5ad3ece80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

15 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
15 kB (14579 bytes)
Hash
f10a12719b387d176497669ba75f0acc
16e42ba7b20555bf5a8615e5f4bb561204aeeb5a
0cb2231817387d43a490565b61e24ea7a3cfcff3281f4ab4379a882cc5c3173f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14579
x-amzn-requestid: bce2c126-0883-4255-9246-d8055860f898
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCj6FYCoAMF9Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e18-66ba2e5d64b6a5b32b7ab36b;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 92Pj9IQp3mBJQOW-XuHSK8laPqXOSBOmNbYcm4hSFzc1xqYscQKxMA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:05:08 GMT
age: 72173
etag: "16e42ba7b20555bf5a8615e5f4bb561204aeeb5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56968ed0-3207-4af0-8229-5f3698c6c55f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5936 bytes)
Hash
61059307f07edc4e2ba9d07a258bca43
370d166426ad83fc04ccb6e300238d8cb6ab644a
55ec802097ab49f275686e99844ff4a3b554c8998213bb9c3f0380709297c55b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56968ed0-3207-4af0-8229-5f3698c6c55f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5936
x-amzn-requestid: 39e79389-c158-4427-aae0-b1d0dc1d0377
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4VowElZoAMF2Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ccfd1-2da28eb66f876af76158b090;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:12:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: -DSp0__jaBzizsfagTtIpwhkPqkvjS1L6T17J0OS5W0QhZww03ywpw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:42:39 GMT
age: 69922
etag: "370d166426ad83fc04ccb6e300238d8cb6ab644a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.1-sso-nifty.duckdns.org/ja-JP/login.php

20.169.107.39

200 OK

9.8 kB

URL HTTP/1.1
www.1-sso-nifty.duckdns.org/ja-JP/login.php
IP
20.169.107.39:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1553), with CRLF line terminators
Size
9.8 kB (9791 bytes)
Hash
bb20b7a3e75ec2d04bb37b7c677538a7
b8fe11f4e135dafa74bb9d454b634fe713f615e5
9e83a86ba7e22e5e7a3290940f100a34662996bc278506146630b19e28f7da10

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
openphish	Generic/Spear Phishing
fortinet	Phishing

HTTP Headers

GET /ja-JP/login.php HTTP/1.1
Host: www.1-sso-nifty.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 18:08:04 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=b41df81a7c100e6e896612fb190c0ef3; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

www.googletagservices.com/tag/js/gpt.js

142.250.74.162

200 OK

28 kB

URL HTTP/1.1
www.googletagservices.com/tag/js/gpt.js
IP
142.250.74.162:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (45162)
Size
28 kB (27804 bytes)
Hash
8328987a7ee260230f9810164b48da82
f60d2633b9f45c0aafadd470d07485b073706f25
c5afde6158e00952ea7975665d4721db80b87242180b85d6e285f68dc4637572

HTTP Headers

GET /tag/js/gpt.js HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.1-sso-nifty.duckdns.org/

HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="ads-gpt-scs"
Report-To: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
Timing-Allow-Origin: *
Content-Length: 27804
Date: Fri, 23 Sep 2022 18:08:04 GMT
Expires: Fri, 23 Sep 2022 18:08:04 GMT
Cache-Control: private, max-age=900, stale-while-revalidate=3600
ETag: "1343 / 578 of 1000 / last-modified: 1663931382"
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f4589cef50f0426b60bf56a1fadb93a5
7db92337dc8c6161e31f89f49db18c4cd22b871f
db8b6e5f5a4e43b9e8e835e9434f0f94ead7965c04dc4641dad639ac778d8215

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:08:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7f2c70e4215d6943e9035ab89253faab
7a992b9f6663b6c24b55e0d2dd616b3212e16cd5
73910d5b1cb581dfc166dae22b22bafc0a11da141ad6d87e7d56f93c34d32143

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:08:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adservice.google.co.jp/adsid/integrator.js?domain=

142.250.74.2

200 OK

100 B

URL HTTP/2
adservice.google.co.jp/adsid/integrator.js?domain=
IP
142.250.74.2:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
100 B (100 bytes)
Hash
917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac

HTTP Headers

GET /adsid/integrator.js?domain= HTTP/1.1
Host: adservice.google.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.1-sso-nifty.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 23 Sep 2022 18:08:05 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

adservice.google.com/adsid/integrator.js?domain=

216.58.207.226

200 OK

100 B

URL HTTP/2
adservice.google.com/adsid/integrator.js?domain=
IP
216.58.207.226:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
100 B (100 bytes)
Hash
917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac

HTTP Headers

GET /adsid/integrator.js?domain= HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.1-sso-nifty.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 23 Sep 2022 18:08:05 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7f2c70e4215d6943e9035ab89253faab
7a992b9f6663b6c24b55e0d2dd616b3212e16cd5
73910d5b1cb581dfc166dae22b22bafc0a11da141ad6d87e7d56f93c34d32143

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:08:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
423331d8bae78ba045bea86f1e4c6e7f
8ed72a508ba25a95e6899569180a02728d5edb5c
fb27ab0f1591889639eff81fa012d5c185ecb1b04be5060af2e89e378fc264a6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:08:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

sso.nifty.com/static/css/modaal.min.css

108.156.28.66

200 OK

2.2 kB

URL HTTP/1.1
sso.nifty.com/static/css/modaal.min.css
IP
108.156.28.66:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (11936)
Size
2.2 kB (2237 bytes)
Hash
78ded5a18cde66cef8d0da4386c08502
eb95d9e3e3af1f01a8e400ba5ebee33d07f8237d
8c4ee02c6bf7bf89c764c7acf4370db776650aa941eb0ee385cf2e40f7cfd0a8

HTTP Headers

GET /static/css/modaal.min.css HTTP/1.1
Host: sso.nifty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.1-sso-nifty.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 2237
Connection: keep-alive
Date: Fri, 23 Sep 2022 18:08:06 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
X-Frame-Options: sameorigin
Last-Modified: Tue, 13 Sep 2022 01:46:55 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: no-store
X-Cache: Miss from cloudfront
Via: 1.1 cb8e2cd001e8928a49dc551941d5c7da.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P1
X-Amz-Cf-Id: bqDtdKxUri39FgNWiP-GswBRw_GoTbNjBV1lzyvGzsKfgk2mBwOzzw==

ssocsp.cybertrust.ne.jp/OcspServer

116.118.230.85

200 OK

1.5 kB

URL HTTP/1.1
ssocsp.cybertrust.ne.jp/OcspServer
IP
116.118.230.85:0
ASN
#58793 FUJITSU CLOUD TECHNOLOGIES LIMITED

File type
data
Size
1.5 kB (1477 bytes)
Hash
ca03190e03e6f1081add693fa8a4f65f
a200a29a0cf4d5371017252ecf40831a228afe3a
51b72a644775d46efa4da20ab6d454d4fbd6899f684fa12afe2869c841d5fc40

HTTP Headers

POST /OcspServer HTTP/1.1
Host: ssocsp.cybertrust.ne.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 87
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 18:08:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1477
Connection: keep-alive
Keep-Alive: timeout=2

sso.nifty.com/static/css/style.css

108.156.28.66

200 OK

4.7 kB

URL HTTP/1.1
sso.nifty.com/static/css/style.css
IP
108.156.28.66:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (20406), with no line terminators
Size
4.7 kB (4727 bytes)
Hash
e4de882e8038e143eb334233579ad21f
93f086352af516ad35c923c37fdceeffbecad642
25a2624e8a02bd11631a1728a7163d6cb3a519b3e417caf664b9be1eea141340

HTTP Headers

GET /static/css/style.css HTTP/1.1
Host: sso.nifty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.1-sso-nifty.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 4727
Connection: keep-alive
Date: Fri, 23 Sep 2022 18:08:06 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
X-Frame-Options: sameorigin
Last-Modified: Tue, 13 Sep 2022 01:46:55 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: no-store
X-Cache: Miss from cloudfront
Via: 1.1 d6030d5ab753695c0198f874d4276eb2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P1
X-Amz-Cf-Id: VNa274p8gPjVwdvHdL07vrclJGF6Q6SiKUuV47fqvSuH7hxXiQqmSw==

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
74699b8a18081d931bc11ce2d1d0764d
92133bf4512718a118b4bab6957092a1e8856abf
5b19e1304b7bec5dc60c9c1877e812cb27fd9b9aa66f94f92afbeb3702ed030d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:08:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792

216.58.207.194

200 OK

131 kB

URL HTTP/2
securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792
IP
216.58.207.194:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65439)
Size
131 kB (131075 bytes)
Hash
8a8861466466483105066efbe02bfc62
d37590ee583e85ad20b79b2c4c79314cb44773ff
63dcf2b36139cf00b286c8653b771e14d8495931e1b90e66e5f796cfca33fb00

HTTP Headers

GET /gpt/pubads_impl_2022092001.js?cb=31069792 HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.1-sso-nifty.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 131075
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 11:02:39 GMT
expires: Thu, 21 Sep 2023 11:02:39 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 20 Sep 2022 08:35:08 GMT
content-type: text/javascript
age: 198328
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e6561e23e9d181a4b18c7174cb89a590
221a300522f62c4bde7dd23420609a12ae3bd5b6
a66e6d4e834dfd29d86921222d86c7f8ac5d11a4e0c83ab40ff150629f2b9cec

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:08:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

sso.nifty.com/static/images/mail_banner_930_300.png

108.156.28.66

200 OK

3.6 kB

URL HTTP/1.1
sso.nifty.com/static/images/mail_banner_930_300.png
IP
108.156.28.66:0
ASN
#16509 AMAZON-02

File type
PNG image data, 930 x 70, 8-bit colormap, non-interlaced\012- data
Size
3.6 kB (3617 bytes)
Hash
b10c461b0137678a1ecf5df2d9b8199f
e5a5fefdec7f5c8323f1eca6dd54d9e7a447eb7c
90a9e1e816e2f938c8f9ea85523edab49f8977129130f41a557fda642f172e33

HTTP Headers

GET /static/images/mail_banner_930_300.png HTTP/1.1
Host: sso.nifty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.1-sso-nifty.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 3617
Connection: keep-alive
Date: Fri, 23 Sep 2022 18:08:07 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
X-Frame-Options: sameorigin
Last-Modified: Tue, 13 Sep 2022 01:46:55 GMT
Accept-Ranges: bytes
Cache-Control: no-store
X-Cache: Miss from cloudfront
Via: 1.1 cb8e2cd001e8928a49dc551941d5c7da.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P1
X-Amz-Cf-Id: 7_rIon9NlEPzt7QXVNzvyMqzIQiHWhlSxdCsGvyNhr46RVGG_25JvQ==

e82ad3bdc0551ca36cc3bc0485e3400f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

142.250.74.65

200 OK

3.1 kB

URL HTTP/2
e82ad3bdc0551ca36cc3bc0485e3400f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
IP
142.250.74.65:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5835)
Size
3.1 kB (3108 bytes)
Hash
3fa5e95a358d660ddb3c45769ae1357f
5f6164fbaf8cfbccfd061b00ae48dedfc16bbcd9
d32f4b680031c0e11222eb17385aa9d3b11d2903b05bff34c3d4eb6292631137

HTTP Headers

GET /safeframe/1-0-38/html/container.html HTTP/1.1
Host: e82ad3bdc0551ca36cc3bc0485e3400f.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.1-sso-nifty.duckdns.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 23 Sep 2022 18:08:07 GMT
expires: Sat, 23 Sep 2023 18:08:07 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

sso.nifty.com/static/images/ic-human.png

108.156.28.66

200 OK

344 B

URL HTTP/1.1
sso.nifty.com/static/images/ic-human.png
IP
108.156.28.66:0
ASN
#16509 AMAZON-02

File type
PNG image data, 36 x 36, 8-bit colormap, non-interlaced\012- data
Size
344 B (344 bytes)
Hash
2ef12254bd796439de78babb5a1d9ec2
6bcdbf379dcb119fcb855f9b732a392799a2ce48
7f9963af5a0b23be48504ee3615b49fc494950c30cfefeba46d92e5b3085eadc

HTTP Headers

GET /static/images/ic-human.png HTTP/1.1
Host: sso.nifty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sso.nifty.com/static/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 344
Connection: keep-alive
Date: Fri, 23 Sep 2022 18:08:07 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
X-Frame-Options: sameorigin
Last-Modified: Tue, 13 Sep 2022 01:46:55 GMT
Accept-Ranges: bytes
Cache-Control: no-store
X-Cache: Miss from cloudfront
Via: 1.1 eb3d2bd89447108973b8d2779fc789e4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P1
X-Amz-Cf-Id: jVV3GEyycGXBsdWv68_KCDPgnMsdOIDNEIptn1APcZyz7qiDz2hxdw==

sso.nifty.com/static/images/logo/nifty.png

108.156.28.66

200 OK

866 B

URL HTTP/1.1
sso.nifty.com/static/images/logo/nifty.png
IP
108.156.28.66:0
ASN
#16509 AMAZON-02

File type
PNG image data, 104 x 36, 8-bit colormap, non-interlaced\012- data
Size
866 B (866 bytes)
Hash
225bbcb286959cbccc1270ef51de7573
6266fc1d7256279fdc807c620735eb73766c71fe
4815b238e989d573d754b17b13a4b10876c2e0581b1ec84950cb57deb2b04dd5

HTTP Headers

GET /static/images/logo/nifty.png HTTP/1.1
Host: sso.nifty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.1-sso-nifty.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 866
Connection: keep-alive
Date: Fri, 23 Sep 2022 18:08:07 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
X-Frame-Options: sameorigin
Last-Modified: Tue, 13 Sep 2022 01:46:55 GMT
Accept-Ranges: bytes
Cache-Control: no-store
X-Cache: Miss from cloudfront
Via: 1.1 d6030d5ab753695c0198f874d4276eb2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P1
X-Amz-Cf-Id: U-keRKYmcQHz_zAnN1iyq4X07fWxZviV1mnUtGwRzii1_MWdsUfLWQ==

sso.nifty.com/static/images/btn-niftop.svg

108.156.28.66

200 OK

2.6 kB

URL HTTP/1.1
sso.nifty.com/static/images/btn-niftop.svg
IP
108.156.28.66:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2593), with no line terminators
Size
2.6 kB (2593 bytes)
Hash
dbf21a893b00517cc306662e175c5ecf
ec562b4759045fc351c0323e41b8b30388f46e96
69c9f937da9eeba10b9739abd42ebb9cdeeb31762ce221aa761e78287c738988

HTTP Headers

GET /static/images/btn-niftop.svg HTTP/1.1
Host: sso.nifty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.1-sso-nifty.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/svg+xml
Content-Length: 2593
Connection: keep-alive
Date: Fri, 23 Sep 2022 18:08:07 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
X-Frame-Options: sameorigin
Last-Modified: Tue, 13 Sep 2022 01:46:55 GMT
Accept-Ranges: bytes
Cache-Control: no-store
X-Cache: Miss from cloudfront
Via: 1.1 905eac6c91c9858bd0f20b56e9c842d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P1
X-Amz-Cf-Id: xZrSIt1GmpN8MrjDaKKe6krLIxFauhq11ELQVY_PiG-oFK0C-WL6qg==

sso.nifty.com/static/images/mail_banner_350_150.png

108.156.28.66

200 OK

3.5 kB

URL HTTP/1.1
sso.nifty.com/static/images/mail_banner_350_150.png
IP
108.156.28.66:0
ASN
#16509 AMAZON-02

File type
PNG image data, 350 x 150, 8-bit colormap, non-interlaced\012- data
Size
3.5 kB (3507 bytes)
Hash
d65468f2a7ebc8055a95ae70723c3758
415a15a801468303950a82d53d2d401e63e3e5c3
b28aad9aae93584f6d27ed6056035301487e08c7f7bec265a92d5647cb0d4ee6

HTTP Headers

GET /static/images/mail_banner_350_150.png HTTP/1.1
Host: sso.nifty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.1-sso-nifty.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 3507
Connection: keep-alive
Date: Fri, 23 Sep 2022 18:08:07 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
X-Frame-Options: sameorigin
Last-Modified: Tue, 13 Sep 2022 01:46:55 GMT
Accept-Ranges: bytes
Cache-Control: no-store
X-Cache: Miss from cloudfront
Via: 1.1 af69af45a94f94ec264bfb9a5a28f3aa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P1
X-Amz-Cf-Id: hPyTDR3bVOnhAAsWIGeYMHIkhVS5R4ohQMc8ck1yB1cnBc_vtVOmPg==

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b19c871f8d68a5cf507d6d29cb89da17
11197481d015eb6d7811381df5ee51d9ff31bb3b
48ce88e049d6f9a08ab2bd0812c037b4b4401e1a788cacefb539831978054b7c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:08:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adservice.google.no/adsid/integrator.js?domain=www.1-sso-nifty.duckdns.org

142.250.74.2

200 OK

100 B

URL HTTP/2
adservice.google.no/adsid/integrator.js?domain=www.1-sso-nifty.duckdns.org
IP
142.250.74.2:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
100 B (100 bytes)
Hash
917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac

HTTP Headers

GET /adsid/integrator.js?domain=www.1-sso-nifty.duckdns.org HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.1-sso-nifty.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 23 Sep 2022 18:08:08 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

sso.nifty.com/static/images/ic-lock.png

108.156.28.66

200 OK

353 B

URL HTTP/1.1
sso.nifty.com/static/images/ic-lock.png
IP
108.156.28.66:0
ASN
#16509 AMAZON-02

File type
PNG image data, 28 x 38, 8-bit colormap, non-interlaced\012- data
Size
353 B (353 bytes)
Hash
9b5be8126d5b6336f0145c202402be42
7ebec2ddb45aa8280c751b3169c8772aaf47234b
a408de979fe99476d69b98293cd6c4ab0555ffc8a226a1625b076f0a659f1e54

HTTP Headers

GET /static/images/ic-lock.png HTTP/1.1
Host: sso.nifty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sso.nifty.com/static/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 353
Connection: keep-alive
Date: Fri, 23 Sep 2022 18:08:08 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
X-Frame-Options: sameorigin
Last-Modified: Tue, 13 Sep 2022 01:46:55 GMT
Accept-Ranges: bytes
Cache-Control: no-store
X-Cache: Miss from cloudfront
Via: 1.1 cb8e2cd001e8928a49dc551941d5c7da.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P1
X-Amz-Cf-Id: rfI6tRw3zZj_kPFxnOo66Y0lUZHr4KRItpNwZIfNdu9ln8ymmF2rKg==

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b19c871f8d68a5cf507d6d29cb89da17
11197481d015eb6d7811381df5ee51d9ff31bb3b
48ce88e049d6f9a08ab2bd0812c037b4b4401e1a788cacefb539831978054b7c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:08:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

pagead2.googlesyndication.com/pagead/gen_204?id=gpt_paw&pvsid=3618740264200731&vrg=2022092001&nw_id=48012543&nslots=1&eid=31069792%2C31062930&pub_url=http%3A%2F%2Fwww.1-sso-nifty.duckdns.org%2Fja-JP%2Flogin.php&sig=2&req=0&req_cnt=1&dm=-1

216.58.207.226

204 No Content

0 B

URL HTTP/2
pagead2.googlesyndication.com/pagead/gen_204?id=gpt_paw&pvsid=3618740264200731&vrg=2022092001&nw_id=48012543&nslots=1&eid=31069792%2C31062930&pub_url=http%3A%2F%2Fwww.1-sso-nifty.duckdns.org%2Fja-JP%2Flogin.php&sig=2&req=0&req_cnt=1&dm=-1
IP
216.58.207.226:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pagead/gen_204?id=gpt_paw&pvsid=3618740264200731&vrg=2022092001&nw_id=48012543&nslots=1&eid=31069792%2C31062930&pub_url=http%3A%2F%2Fwww.1-sso-nifty.duckdns.org%2Fja-JP%2Flogin.php&sig=2&req=0&req_cnt=1&dm=-1 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.1-sso-nifty.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 18:08:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092001&st=env

216.58.207.226

200 OK

11 kB

URL HTTP/2
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092001&st=env
IP
216.58.207.226:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (14609), with no line terminators
Size
11 kB (11089 bytes)
Hash
856a65c39fc6b38f037dd46689e0974e
4479b2e88e16e2299d4f81ed9a505442d31353c3
0d64dec20e06b45d862279f7e11aa7da21316cc5861b3b16c14e98d8ce129387

HTTP Headers

GET /getconfig/sodar?sv=200&tid=gpt&tv=2022092001&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.1-sso-nifty.duckdns.org
Connection: keep-alive
Referer: http://www.1-sso-nifty.duckdns.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 23 Sep 2022 18:08:08 GMT
server: cafe
cache-control: private
content-length: 11089
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
49bdf35d14752f2b4e9658f505a41553
61572d3663df2af69e061d11a0ac046e843d10c4
92a138f2526e6b588a72dadb41740929935e0cf528f9e9c8ef275bb72de49a7d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:08:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

142.250.74.162

200 OK

44 kB

URL HTTP/2
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP
142.250.74.162:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (3498)
Size
44 kB (44525 bytes)
Hash
94b0bc367ba28149279e80db131698c5
e3d5266059ac644dc21754a58d0f82bc76ca4cdd
379b35055f2b21b83b896a4dfe4ce927efc987290e138e441327486e7765974f

HTTP Headers

GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.1-sso-nifty.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 44525
date: Fri, 23 Sep 2022 18:08:08 GMT
expires: Fri, 23 Sep 2022 18:08:08 GMT
cache-control: private, max-age=3000
etag: "1663760195623328"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

sso.nifty.com/favicon.ico

108.156.28.66

200 OK

15 kB

URL HTTP/1.1
sso.nifty.com/favicon.ico
IP
108.156.28.66:0
ASN
#16509 AMAZON-02

File type
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
15 kB (15086 bytes)
Hash
467296323c235b58296092511da3eb59
5a7d3b33cd54f285f9f777abf0500101c4f97570
19e51c5b23b6fecb2639b6c4fd86dee00b95f2aa2349c4b9434cc256f17ac813

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: sso.nifty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.1-sso-nifty.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
Content-Length: 15086
Connection: keep-alive
Date: Fri, 23 Sep 2022 18:08:08 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
X-Frame-Options: sameorigin
Last-Modified: Tue, 13 Sep 2022 01:46:55 GMT
Accept-Ranges: bytes
Cache-Control: no-store
X-Cache: Miss from cloudfront
Via: 1.1 d6030d5ab753695c0198f874d4276eb2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P1
X-Amz-Cf-Id: rDQ_7jF4scfB9Vc8niMzeq_6K5AqfT_hYNkfMzQRSLYRsGdo0c4g3A==

tpc.googlesyndication.com/sodar/sodar2.js

142.250.74.33

200 OK

6.4 kB

URL HTTP/2
tpc.googlesyndication.com/sodar/sodar2.js
IP
142.250.74.33:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1321)
Size
6.4 kB (6386 bytes)
Hash
ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe

HTTP Headers

GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.1-sso-nifty.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Fri, 23 Sep 2022 18:08:08 GMT
expires: Fri, 23 Sep 2022 18:08:08 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (7005 bytes)
Hash
1985a957e6bc0c15d8489fa731e7f14e
4584bff61bf4d5c9b8fd3b97c048a8e6975e4323
9f3e1fd6e18d85d4f6645d077da643a3bc2cca611d5e85f534ba798102dca243

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 7005
x-amzn-requestid: c805d882-7a00-4abd-a239-d8313d7df0c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4aBwEaMIAMF09A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd6d7-6d6a417f10c9628a16d438e1;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:42:47 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7edV0FJytVSpHH-WkCiYzhW1JP4L6i6bpPCq9MTxPdhwFQTryf06BQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:12:22 GMT
etag: "4584bff61bf4d5c9b8fd3b97c048a8e6975e4323"
content-type: image/jpeg
age: 71746
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
75a6c13f18620214e5e013385d752044
174c34759a1e50884846a2505f0be16c285d75cc
fe6fcbbe324ceefc1e833208faedaeae6934b34f868690e5ad4676b02c0b3bf0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 18:08:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/api2/aframe

142.250.74.164

200 OK

513 B

URL HTTP/2
www.google.com/recaptcha/api2/aframe
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Size
513 B (513 bytes)
Hash
755977db8944bcedf9b48b64675dc883
741422483ca24b33a8dc1baacd5bec91209177d7
14c5db1bc5d62d471fbd1fc4c981ea5044b577dbfe975ca1ed85b31c55dbf408

HTTP Headers

GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.1-sso-nifty.duckdns.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 23 Sep 2022 18:08:08 GMT
date: Fri, 23 Sep 2022 18:08:08 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-aAdzpnSAzfZHKwDR4h91Uw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (25)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations