www.indexlogin-php.info Open in urlscan Pro
159.65.156.214 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.indexlogin-php.info/ja-JP/login.php
Submission: On January 12 via api (January 12th 2023, 3:22:51 pm UTC) from US — Scanned from US

Summary HTTP 50 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 24 IPs in 3 countries across 18 domains to perform 50 HTTP transactions. The main IP is 159.65.156.214, located in Bengaluru, India and belongs to DIGITALOCEAN-ASN, US. The main domain is www.indexlogin-php.info.
TLS certificate: Issued by R3 on January 11th 2023. Valid for: 3 months.

This is the only time www.indexlogin-php.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Softbank (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
1	159.65.156.214 159.65.156.214	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
6	2600:9000:24e... 2600:9000:24eb:2c00:1a:a4ff:d000:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
2	2600:1400:d:5... 2600:1400:d:5a9::27f4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:821::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
1	18.161.34.25 18.161.34.25	16509 (AMAZON-02) (AMAZON-02)
5	2607:f8b0:400... 2607:f8b0:4006:80f::2001	15169 (GOOGLE) (GOOGLE)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	44.197.136.217 44.197.136.217	14618 (AMAZON-AES) (AMAZON-AES)
1	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
1 2	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
4	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
2 2	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1	2600:1f18:4e9... 2600:1f18:4e9:5a01:f658:4b01:54c2:e968	14618 (AMAZON-AES) (AMAZON-AES)
2 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 2	142.251.40.130 142.251.40.130	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:806::2004	15169 (GOOGLE) (GOOGLE)
50	24

1 159.65.156.214 (Bengaluru, India)

ASN14061 (DIGITALOCEAN-ASN, US)

www.indexlogin-php.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:24eb:2c00:1a:a4ff:d000:93a1 (United States)

ASN16509 (AMAZON-02, US)

sso.nifty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:822::2002 (United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::2002 (United States)

ASN15169 (GOOGLE, US)

adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80c::2002 (United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1400:d:5a9::27f4 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

cdn.softbank.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::2002 (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:821::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.161.34.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-34-25.bos50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80f::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.197.136.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-197-136-217.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.83 (France)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::c (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a01:f658:4b01:54c2:e968 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:806::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 25d0c1ed3b4c12e6e09c115575faa04b.safeframe.googlesyndication.com Failed tpc.googlesyndication.com — Cisco Umbrella Rank: 153	77 KB
8	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 197 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	280 KB
6	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 2400 google-bidout-d.openx.net — Cisco Umbrella Rank: 2354 us-u.openx.net — Cisco Umbrella Rank: 417	2 KB
6	nifty.com sso.nifty.com	10 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 388 mug.criteo.com — Cisco Umbrella Rank: 2859	7 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 74 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 315	970 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 554	613 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1072 bcp.crwdcntrl.net — Cisco Umbrella Rank: 895	10 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 963 id5-sync.com — Cisco Umbrella Rank: 399	17 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 194 Failed	76 KB
2	softbank.jp cdn.softbank.jp	11 KB
1	yahoo.com pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 412	603 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 626	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2727	8 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 355	1 KB
1	google.co.jp adservice.google.co.jp — Cisco Umbrella Rank: 53974	792 B
1	indexlogin-php.info www.indexlogin-php.info	4 KB
50	18

	Domain	Requested by
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
6	securepubads.g.doubleclick.net	www.indexlogin-php.info www.googletagservices.com securepubads.g.doubleclick.net
6	sso.nifty.com	www.indexlogin-php.info sso.nifty.com
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	us-u.openx.net	google-bidout-d.openx.net
2	cm.g.doubleclick.net	1 redirects google-bidout-d.openx.net
2	match.adsrvr.org	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects www.indexlogin-php.info
2	www.googletagservices.com	www.indexlogin-php.info securepubads.g.doubleclick.net
2	cdn.softbank.jp	www.indexlogin-php.info
2	adservice.google.com	www.indexlogin-php.info securepubads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	pr-bh.ybp.yahoo.com	google-bidout-d.openx.net
1	mug.criteo.com	www.indexlogin-php.info
1	google-bidout-d.openx.net	oa.openxcdn.net
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	adservice.google.co.jp	www.indexlogin-php.info
1	www.indexlogin-php.info
0	25d0c1ed3b4c12e6e09c115575faa04b.safeframe.googlesyndication.com Failed	securepubads.g.doubleclick.net
50	27

This site contains links to these domains. Also see Links.

Domain
googleads.g.doubleclick.net
adssettings.google.com

Subject Issuer	Validity	Valid
indexlogin-php.info R3	`2023-01-11` - `2023-04-11`	3 months	crt.sh
sso.nifty.com Cybertrust Japan SureServer CA G4	`2022-10-27` - `2023-11-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
cdn.softbank.jp Cybertrust Japan SureServer EV CA G3	`2022-05-30` - `2023-05-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2022-12-02` - `2023-03-02`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-11-08` - `2023-05-03`	6 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.indexlogin-php.info/ja-JP/login.php
Frame ID: 5983460210CA5985CC4072F641F260AE
Requests: 38 HTTP requests in this frame

Frame: https://25d0c1ed3b4c12e6e09c115575faa04b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FA068C46E7588AC2E4E627DDB5AE572C
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.indexlogin-php.info
Frame ID: 29636204AD88CA9B1AF1A9FEFE6C9706
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 49A797533F131792399D01D30E9E3B8B
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CCA8EFD2C5ABC316A0918D48F94E5738
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A3F4D4E6942668C9C47FFFAA10B2368B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

50
Requests

86 %
HTTPS

56 %
IPv6

18
Domains

27
Subdomains

24
IPs

3
Countries

519 kB
Transfer

1402 kB
Size

18
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://googleads.g.doubleclick.net/pcs/click?xai=AKAOjsslAH4oFbXM-IE6jeEfPhOEBc0H2N3yFwFOUv3-3soaeq7_hsRKnLHB1jLc2vtgMtqcbFLaawFKB084zh9OfUoC73eiFK9nCmCrRPZLpf-v7FUSSoFVBwT4JBua-ERqU99ADMiT-YewpLOWGrccC33vTBHuo8vG5gX_VHH8IYSm4bIEHLzXYJFLpp4wsWmt2v-rgLjRiQsZUHCDpk7MMeQA0tCgK7eYwgAJeh0lRkP-QME757eOaU4QnVbBxJ0dwYPOJ0cwe08R691z6Zn4qaLJNcTwzA4oEftkk7zoDcskVEzo05cgdJdwiGf5wiG2m320AO8tjRW7zUJfnkA5EWGXOA&sai=AMfl-YTaSxGihspERUkRHo1q-0D-Jnwve0erOMNqjEXw1AoTUpsNrOnczKmPZbYWspFPzW485hLAceKUkuxUzRvMd9ir6VdS-uD5fW9AdavCRtz_OlioaSgfxy-UFF82E5cUuCFEeKnfXPwP3Vmh5EUMNA&sig=Cg0ArKJSzH5B7iwfGGX6&fbs_aeid=[gw_fbsaeid]&adurl=https://csoption.nifty.com/myapp/%3Futm_source%3Dsso_mailbanner%26utm_medium%3Dsso%26utm_campaign%3Dmynifty_sso

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/whythisad?source=display&reasons=AZLCTSoeukxROeq3glGHakAECeHqECQ0sDnPo5hCBC8mzGoKC4NlIRBZmA54j2o5CW226BDD2e8L1nJGrdeanRIPpVpbhyXd3u6XjCk1wD0BW4oMNIhNFa_X5QyA3teN6zcEpIT5cwyzAbcUUwsM_xtalHil-7EVdh0k09E5iWWCstOQ9Bvkc-McmE63fLSMFBIvY_YvV2U8wYwhnZoLlsd5TrQVqBo2QQI8ZLTgEYd_S-1q7GY-PyWph_wS6swr7ZLeuPu7oO__kC4mWPF3AOqY8TKGakqcWBK14EWedP5bk5Q0erB-dCAczAqngYoqLMjSyNViSGktwQCrM6uACSBfLiCpNjhkyOyF2FGEq4fg1iF21UcDLek5N3cpph-MOc_wjxVfL6KUWKzdAN5VAJQKIBTYh7HWK4M9c-oieOc82txs-0dYatapNlZw_Rk_adb2ziOnW7W61mkWx3OlumX1in9JSE73a2kp4oP1B4hB7sUzRibbEtdt0cW_eBBK3r4ZX4orQi8wMO5gKKWQH7ro_2ns7YH6Xao0ZaR3sYd4MD5Hxp4YwoNWduPEr3WMq5EVWZbhO2e8rbNtrmh3aDAsUPbUWriAFAsp3CQvRXV_I7wagW6GrFqx1LnV0S44T2F9MyxWBdqTcjyr0WQP5xiHuuPtz4zZp_fAe3aIOOIcLvTx78azkFSuQwUr4fmuMXEvrGEsmHltv8LxZQDN9OoR5UDWYt8jbTB7ip3279eNTrh_4bHaaB41hURKkqiQpSmmMnt-q5ocsgHYi4aWC5GRRkvdSl7RNgUrnOmpDeQVFz8X8wl53Bzgw62N-hAYGb0v6AZTj5R9dTzEkF8yCr3Af_DHC3nz3BXwh7dFycIT7ON1b0x39cXR1weKtnhIbKUf4J44fzO2A05UcXGp8h0m68TucmBE9rfUS8HyW_XoJbo2NU12JcZtk9iubiQIgH5SbHb7_ouNv-rSELmxDa7NwZvTusDlyVSXsR36XIsRcDLi7oKzhKsNxewbYeb_aiyT2x9yl1_WeqfOZfUmanwVOv4K-gt9u7o-0D_8herG4cnMg7lPhBoaxUuVNFSdluS18_t6OoBHynF6rgYhAX96Q3-02rIWaV7SjzJtFU5W0mF2S-30iaPAeuimGDwQK74upl1NIPDa2yGpX4WWYWqJAwq7o0azQXYVXjVJ2X5UtdJBUXSVYWDsAOzBdTAk8dM_wmSllPl3IEIzd_LYrFNiRopu6Dsyg1xwcgj_yr_atPlsZ2e3KVr_W0ePTTNBA5ZIr_WnRPg9vPmymAgJ8GuEryyPV9j6_aaGNkn-H2w9WgP1rUszdPez2oAkpVBSrTFazAkznXZRuYnvFuN1amUrTe1dgB2J5uxa1Nfw1r9cOn8c6ssk0dxC0chzU-sGq8xaMUrA-vVWTcxkI_ehA1AYKfeKwRnWbFzgLg

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.indexlogin-php.info%2Fja-JP%2Flogin.php&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.indexlogin-php.info%2Fja-JP%2Flogin.php&rid=esp&cc=1

Request Chain 37

https://gum.criteo.com/sid/json?origin=publishertagids&domain=indexlogin-php.info&sn=ChromeSyncframe&so=0&topUrl=www.indexlogin-php.info&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=91nITnwvVDUvcVZqek5EN3k1SkZNMTNHcThIaEJJVUhlalZ6dDV4TU1RMzhwbXp0eFl4bzVYamJ6RXBkd0NGZzdaZnRUanVRN0pmdDA5NFVocmNtcWMzMHdma3oxQVM4a3JsaDBwQzJFeEVuUFF1TTZQWnNCeDNkM0dITHdwMG56N0NiK1hoRmFjS3ZHRER4SEErOXJtMXU5MzhhOHFFemVHTGVrSXA2SDhMbFg1bzRBOTZidmFpL1VuODdrQkJIa2x4WE16TEQvWmd1N25TRUdEY2JjR3B1UitnaXB3ZGk1MDFxL05Nc1Q4amc0MFZxNWpheStydE5jR3FuL04wSnBEL2U4UnRvNnIvcWU0dGcrbmNjQkpvRU9XK25aeGQzWnkyVWdzQ0NsSFRlbkFiQT18&cppv=2

Request Chain 38

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=Y8AlxAAKpo8oGwAe HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y8AlxAAKpo8oGwAe&_test=Y8AlxAAKpo8oGwAe

Request Chain 40

https://match.adsrvr.org/track/cmf/openx?oxid=346a579a-7a55-7c70-c633-be293d822836&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=346a579a-7a55-7c70-c633-be293d822836&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=b96520f5-215d-43f0-9ed7-19cdc707d35b&ttd_puid=346a579a-7a55-7c70-c633-be293d822836&gdpr=0&gdpr_consent=

Request Chain 42

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE_Nf2BgpHQt0w7RpT1e9NQ&google_cver=1

50 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request login.php Show response
www.indexlogin-php.info/ja-JP/ 9 KB
4 KB 1725ms
501ms Document
text/html 159.65.156.214
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.indexlogin-php.info/ja-JP/login.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.65.156.214 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 1778eafd82af1b09c502edb9f1c716aeb533ec417d8dc1fbccd693e63a60793b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 12 Jan 2023 15:22:39 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK style.css
sso.nifty.com/static/css/ 20 KB
5 KB 1153ms
642ms Stylesheet
text/css 2600:9000:24eb:2c00:1a:a4ff:d000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.nifty.com/static/css/style.css

Requested by

Host: www.indexlogin-php.info
URL: https://www.indexlogin-php.info/ja-JP/login.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24eb:2c00:1a:a4ff:d000:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

cbd9e12c1638097d83e46ba8b692263c9ca666ba6f3f40a4bc0f1a5250dab065

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.indexlogin-php.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 12 Jan 2023 15:22:41 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Via: 1.1 8c1e06e160791fa22f4a732b9aaed82e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: BOS50-P1
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 4790
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 05:45:22 GMT
Server: Apache
X-Frame-Options: sameorigin
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-store
Accept-Ranges: bytes
X-Amz-Cf-Id: E2JfU4eUW-Q2EfAESsmpG4PXvFyCEGWmIgfiuMLgdcuSamhReKgXsQ==

GET
H/1.1 200
OK modaal.min.css
sso.nifty.com/static/css/ 12 KB
3 KB 1210ms
700ms Stylesheet
text/css 2600:9000:24eb:2c00:1a:a4ff:d000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.nifty.com/static/css/modaal.min.css

Requested by

Host: www.indexlogin-php.info
URL: https://www.indexlogin-php.info/ja-JP/login.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24eb:2c00:1a:a4ff:d000:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

5a5168568b66c50fd3353d6e1c0a164f960793ffce44c930ac76a17037855cdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.indexlogin-php.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 12 Jan 2023 15:22:41 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Via: 1.1 dd462bc6996e0000e9b2cde9e1f25e20.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: BOS50-P1
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 2237
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 05:45:22 GMT
Server: Apache
X-Frame-Options: sameorigin
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-store
Accept-Ranges: bytes
X-Amz-Cf-Id: dFZoROmDsmLdx35TX_MBanOTvQarpvkSBCZ7EkpPRts4azu8n1J4KQ==

GET
H2 200 pubads_impl_2022071401.js Show response
securepubads.g.doubleclick.net/gpt/ 377 KB
129 KB 290ms
105ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068517

Requested by

Host: www.indexlogin-php.info
URL: https://www.indexlogin-php.info/ja-JP/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe7bd8cacf9680625b7da9649a92bee8ab705909190040bad2396b2d6ca9436e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.indexlogin-php.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 00:02:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141592
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131659
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 08:36:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 11 Jan 2024 00:02:49 GMT

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
792 B 522ms
66ms Script
application/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=

Requested by

Host: www.indexlogin-php.info
URL: https://www.indexlogin-php.info/ja-JP/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.indexlogin-php.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 15:22:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 539ms
83ms Script
application/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=

Requested by

Host: www.indexlogin-php.info
URL: https://www.indexlogin-php.info/ja-JP/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.indexlogin-php.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 15:22:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 logo-header-mysb.png
cdn.softbank.jp/mysoftbank/set/data/add/common/09/img/shared/ 8 KB
8 KB 1010ms
138ms Image
image/png 2600:1400:d:5a9::27f4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.softbank.jp/mysoftbank/set/data/add/common/09/img/shared/logo-header-mysb.png
Requested by: Host: www.indexlogin-php.info
URL: https://www.indexlogin-php.info/ja-JP/login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:5a9::27f4 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ca466c36e848b86b42a891a40f896392a88040c80a90dc186d27019478882bee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.indexlogin-php.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 15:22:42 GMT
last-modified: Fri, 09 Jul 2021 08:53:49 GMT
etag: a92cb3b50b064f2b8b9c26d51de96958
x-azure-ref: 0NJabYwAAAAANaNzNblHGS7P9yIFAQPHPVFlPMDFFREdFMjQyMAA2MWNhNzBjYy01ZDllLTQ0N2UtYjg2MS03ZDdkNzUxZDdhNDE=
content-type: image/png
content-disposition: inline; filename="logo-header-mysb.png"
accept-ranges: bytes
content-length: 7953
request-context: appId=cid-v1:283e9b52-2ecb-444b-a299-60d3532eb9b6

GET
H2 200 site-logo.png
cdn.softbank.jp/mysoftbank/set/data/add/common/09/img/shared/ 3 KB
3 KB 1008ms
137ms Image
image/png 2600:1400:d:5a9::27f4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.softbank.jp/mysoftbank/set/data/add/common/09/img/shared/site-logo.png
Requested by: Host: www.indexlogin-php.info
URL: https://www.indexlogin-php.info/ja-JP/login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:5a9::27f4 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: df3d1608e4ab20082b5556e209ea790f16cfaabe519e1f26d4f23986191c967c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.indexlogin-php.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 15:22:42 GMT
last-modified: Fri, 09 Jul 2021 08:53:50 GMT
etag: d692c84a205c457e8268e69f26212e9d
x-azure-ref: 0TVyhYwAAAADB8dGLtdWwSICqUCVHiNwNU0lOMzBFREdFMDIxOAA2MWNhNzBjYy01ZDllLTQ0N2UtYjg2MS03ZDdkNzUxZDdhNDE=
content-type: image/png
content-disposition: inline; filename="site-logo.png"
accept-ranges: bytes
content-length: 2693
request-context: appId=cid-v1:283e9b52-2ecb-444b-a299-60d3532eb9b6

GET
H/1.1 404
Not Found mail_banner_930_300.png
sso.nifty.com/static/images/ 0
0 636ms
634ms Image
text/html 2600:9000:24eb:2c00:1a:a4ff:d000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sso.nifty.com/static/images/mail_banner_930_300.png
Requested by: Host: www.indexlogin-php.info
URL: https://www.indexlogin-php.info/ja-JP/login.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24eb:2c00:1a:a4ff:d000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.indexlogin-php.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H/1.1 404
Not Found mail_banner_350_150.png
sso.nifty.com/static/images/ 0
0 654ms
652ms Image
text/html 2600:9000:24eb:2c00:1a:a4ff:d000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sso.nifty.com/static/images/mail_banner_350_150.png
Requested by: Host: www.indexlogin-php.info
URL: https://www.indexlogin-php.info/ja-JP/login.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24eb:2c00:1a:a4ff:d000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.indexlogin-php.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET gpt.js
www.googletagservices.com/tag/js/ 0
0

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 269ms
106ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.indexlogin-php.info
URL: https://www.indexlogin-php.info/ja-JP/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80fe854784e86175a08f4845fcd54668d4cd215c8bb20ca58f87ea297361d9b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.indexlogin-php.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 15:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27536
x-xss-protection: 0
server: sffe
etag: "1449 / 678 of 1000 / last-modified: 1673525327"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 12 Jan 2023 15:22:41 GMT

GET
H/1.1 200
OK ic-human.png
sso.nifty.com/static/images/ 344 B
916 B 866ms
692ms Image
image/png 2600:9000:24eb:2c00:1a:a4ff:d000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sso.nifty.com/static/images/ic-human.png

Requested by

Host: sso.nifty.com
URL: https://sso.nifty.com/static/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24eb:2c00:1a:a4ff:d000:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

7f9963af5a0b23be48504ee3615b49fc494950c30cfefeba46d92e5b3085eadc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sso.nifty.com/static/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 12 Jan 2023 15:22:42 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Via: 1.1 0cbcc2a5a0c3c8398ab9f46ff124f228.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: BOS50-P1
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 344
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 05:45:22 GMT
Server: Apache
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: no-store
Accept-Ranges: bytes
X-Amz-Cf-Id: MLWD0yILGteetzzSXdCaXbUlsYmRzW3TZPveaVmWh5H-tM-nDa_-gQ==

GET
H/1.1 200
OK ic-lock.png
sso.nifty.com/static/images/ 353 B
925 B 833ms
658ms Image
image/png 2600:9000:24eb:2c00:1a:a4ff:d000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sso.nifty.com/static/images/ic-lock.png

Requested by

Host: sso.nifty.com
URL: https://sso.nifty.com/static/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24eb:2c00:1a:a4ff:d000:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

a408de979fe99476d69b98293cd6c4ab0555ffc8a226a1625b076f0a659f1e54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sso.nifty.com/static/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 12 Jan 2023 15:22:42 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Via: 1.1 0d2f3d5020df6d2cd55884d30644c368.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: BOS50-P1
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 353
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 01 Dec 2022 05:45:22 GMT
Server: Apache
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: no-store
Accept-Ranges: bytes
X-Amz-Cf-Id: usJiX9eNj9IHyBn3ZhZjvA6UDJWpHCxO-KYqMDhFNJVBRv_9Bo-KgQ==

GET
H2 200 pubads_impl_2023010501.js Show response
securepubads.g.doubleclick.net/gpt/ 384 KB
130 KB 41ms
40ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4274543e094ff39715b0b2f65cbfa69121de40baa152c9cf11b77454a05f8284

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.indexlogin-php.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 09:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20625
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132895
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 09:36:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 12 Jan 2024 09:38:57 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 45 B
68 B 211ms
80ms XHR
application/json 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.indexlogin-php.info

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f364b500f0dd53b18258352acaf5280f162a2ccbb8f660e0aa1b4b9b2a32c706

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.indexlogin-php.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 15:22:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44
x-xss-protection: 0
expires: Thu, 12 Jan 2023 15:22:42 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 64ms
62ms Script
application/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.indexlogin-php.info

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068517

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.indexlogin-php.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 15:22:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 50 KB
20 KB 109ms
106ms XHR
text/plain 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4366288938828061&correlator=268757039063126&eid=31071368%2C31071521%2C31068366&output=ldjh&gdfp_req=1&vrg=2022071401&ptt=17&impl=fifs&iu_parts=48012543%2CNIFTY_PC%2CBASIC%2CSSO_IN%2CRECT&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250%7C300x600&ifi=1&adks=1675415951&sfv=1-0-40&ecs=20230112&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1673536962818&lmt=1673536962&dlt=1673536960288&idt=2254&adxs=905&adys=132&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.indexlogin-php.info%2Fja-JP%2Flogin.php&frm=20&vis=1&psz=300x432&msz=300x250&fws=4&ohw=1600&ga_vid=1315044255.1673536963&ga_sid=1673536963&ga_hid=1464655068&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068517

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92b45154a60976540481daa8457c9b75f6cf630c7f91fbd6caddae7730982a9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.indexlogin-php.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 15:22:42 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20540
x-xss-protection: 0
google-lineitem-id: 5926570009
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138400181422
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.indexlogin-php.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 286ms
91ms XHR
application/json 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022071401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068517

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af47b67345dd8b3768981ba90fef725d93ab066703fe2177072f816e68ac5a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.indexlogin-php.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 15:22:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11094
x-xss-protection: 0

GET container.html
25d0c1ed3b4c12e6e09c115575faa04b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FA06 0
0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
442 B 189ms
64ms Image
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sf_r&pvsid=4366288938828061&vrg=2022071401&nw_id=48012543&nslots=1&eid=31071368%2C31071521%2C31068366&pub_url=https%3A%2F%2Fwww.indexlogin-php.info%2Fja-JP%2Flogin.php&GAM=null&Final=null

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.indexlogin-php.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 15:22:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 237ms
46ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068517

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.indexlogin-php.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 15:22:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 22707
x-jsd-version: master
content-encoding: br
x-cache: MISS, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230064-FRA, cache-yyz4527-YYZ
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IwSrR8C1O4cSgDByu01zMWNeOnLCxblVj3ULYfNZy38B%2Br0hv7gpjT8G57U5EKh6%2FrCyKJla1m7n7jqzT9CyWim23tKz1qng3u1f75FGdjOXh9QMhPlPqRzMWf8bDYjF4HrZ3e%2F5L%2BC0WuhqW08%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7886e3a46c3886db-ORD

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 222ms
32ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068517
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.indexlogin-php.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 03:00:12 GMT
content-encoding: gzip
age: 735751
x-guploader-uploadid: ADPycdv6V0uZyhLH0BVspFgnk4VY0RFS2m3AxswLBfmhi8vZuySEAsKimI4GZaWGpNFEM-j8GeIXQpdbxw_4FaBdks_vkv7wXf85
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Thu, 04 Jan 2024 03:00:12 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 258ms
72ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068517

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.indexlogin-php.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 15:22:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 12:48:29 GMT
server: cloudflare
x-amz-request-id: 09T7QX9XR15RQQT5
age: 3254
etag: W/"91dadf6b1eddd8d91a5cc2e3be5ea8cf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7886e3a469696315-ORD
x-amz-id-2: XORQPZ3xMKaIPW/W5+R42D/kzBJTz8WJWC5d1WPIqy5xd95bGtlv8BBnns1ajZ72wNzFCJ+ySfg=

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 305ms
119ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068517

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.indexlogin-php.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 15:22:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-9c1f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 13 Jan 2023 15:22:43 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 32 KB
10 KB 287ms
101ms Script
text/javascript 18.161.34.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068517
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.161.34.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-161-34-25.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ea737ac05e8ee5e490220d97b820834c18cd7c6f1da7d85007a51a5c64425df

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.indexlogin-php.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 20:15:08 GMT
content-encoding: gzip
via: 1.1 e710a3d516d3a393730a2451a3e22554.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:08:05 GMT
server: AmazonS3
x-amz-cf-pop: BOS50-P2
age: 68856
etag: W/"87ee016ad429d1c83712b8d81ccb3c59"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: YAQWe2B9gWmK9UBisHQoclt3a5C0Kt3HzKW8ZddyZlqMZl_GF157kw==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 87ms
85ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFZDKTk4N1dHIifQ7QBSKWvEzPxcbIicQKLCuW2IMG0YY9rnSWhAEQ_1gvTbabbZsbZVWBuq36BzAhY9PvQX7wHkslTNUHTqNuAKr4g-uih62ntMSUE19Ok0I4h9e75tVS0G1KK5XwWtXKsy-_rUoNnGgg1lpeG0IsYju7d8wuVLd6iugtjUA5nVXsE6HHH2N2NFYjXQrZRHrB1y2UtyO1HsfSHZSGyCQrmJx-nMOFIJsiJO5Q-LFZ076dMp-f-mblTJGpI4ZFQAka-1NDzvbaWbT4vE4vtukQ665sl1OlWwrQnXD7w_dPcc3f_PkJVv0yabtPtFzuEfjLim4AXLUE3bSGIQ&sai=AMfl-YRsPfwN88_o1YE7ujb9tjbLBu9jsZdxZ8jvBjriA4jjIYimVF9Hvccz8puYRoYZR6dlpbF55RlJLz7bldzuL4c7W0YgyncJ5j3GvuRs2BXAcVmauUDXOUKOik562nzwUea3Lefnrvuh9SoUCak4MQ&sig=Cg0ArKJSzIOTiwC7L5Y_EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.indexlogin-php.info
URL: https://www.indexlogin-php.info/ja-JP/login.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.indexlogin-php.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 15:22:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 12 Jan 2023 15:22:43 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230110/r20110914/ 22 KB
9 KB 262ms
99ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230110/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068517

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f75e0333fb9d170052bdbcd219be104a1bd0e9079d0b142141c2ba13eafac957

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indexlogin-php.info/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 12 Jan 2023 13:36:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6347
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8901
x-xss-protection: 0
server: cafe
etag: 498305096554648585
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 13:36:56 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230110/r20110914/client/ 3 KB
1 KB 265ms
117ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230110/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068517

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.indexlogin-php.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 13:36:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6347
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 13:36:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ 157 KB
49 KB 101ms
68ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068517

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indexlogin-php.info/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 12 Jan 2023 15:22:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 15:22:43 GMT

GET
H2 200 10144836496432726725
tpc.googlesyndication.com/simgad/ 27 KB
27 KB 266ms
121ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10144836496432726725

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068517

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52a1c84b6edda80e6d8c8d9dd5eaee40eeb7893e9ada497e3d589d825a1ab922

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.indexlogin-php.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 12:27:16 GMT
x-content-type-options: nosniff
age: 10527
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27656
x-xss-protection: 0
last-modified: Tue, 29 Mar 2022 00:56:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 12 Jan 2024 12:27:16 GMT

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.indexlogin-php.info%2Fja-JP%2Flogin.php&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.indexlogin-php.info%2Fja-JP%2Flogin.php&rid=esp&cc=1

85 B
203 B

38ms
36ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.indexlogin-php.info%2Fja-JP%2Flogin.php&rid=esp&cc=1
Requested by: Host: www.indexlogin-php.info
URL: https://www.indexlogin-php.info/ja-JP/login.php
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 0a5bb917b6fefe2fe9c50abae179c6095fb2303d7a0924609cd724bc84ac3a49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.indexlogin-php.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 15:22:43 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-XMv6dJjClQBc1izvy8NQKTS0dwM"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.indexlogin-php.info
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Thu, 12 Jan 2023 15:22:43 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.indexlogin-php.info
location: /esp?url=https%3A%2F%2Fwww.indexlogin-php.info%2Fja-JP%2Flogin.php&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
620 B 390ms
66ms XHR
application/json 44.197.136.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.197.136.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-197-136-217.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 0068e8eca801288cce475929f1d9522255c7b87f98d98bd10d3e65c30616bb42

Request headers

Referer: https://www.indexlogin-php.info/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 15:22:43 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.indexlogin-php.info
cache-control: no-cache
x-server: 10.40.35.104
access-control-allow-credentials: true
content-length: 156
expires: 0

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
332 B 459ms
132ms XHR
text/plain 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.indexlogin-php.info/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.indexlogin-php.info
date: Thu, 12 Jan 2023 15:22:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
DATA 200
OK truncated
/ 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a2e789ab6965911f6d8efd2bc5db03530ee555934c3459399b352b91e5a7367

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 59ms
58ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvGtzFELNv8w_68eNOJK55ipVw3XkicGv99_XyLFmYm5-9Saks9cFMzThWqF0JzX90Gaerp9KdBrizsj_X0ck2cbd4CLDqDP1I4ziLEdGHCgrPPxpitCNgOPjwUztKKikVxdGq9rUjzohwuPOCzlGLON6QhhfkLSl8_IippIp5gmDhbaSYgnA5wGkH1GzUJczBVJrMjCpbUVXeMjeNMw88OvRaj3DO1bJGa3knBtqWIbWHn5WLZp0mkJ6KpOZEn-e7tFhjZr0AV0jEf5chuIj2JGvtMdvEX5H5FaMD5_4OiPi4qerlCXx6zdCmf4eFxqSW_suMCuApqMQmrmYzz14lTehxkfYk7&sai=AMfl-YTm5e1Bk80jg88DW-9Bhn4DL__RS9T8l_e0dO6f4aohaNXDiGrPlnINosBV4ow8wjskkD8Ps8aM6aJux8rrIy9oLh4q9Ks2YofU8wkzVdfUxEwf0QuGgd1Pn7ohZFJUscnj-gcg-0J3CYrhvPdHRA&sig=Cg0ArKJSzCpyLrl6D2yIEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.indexlogin-php.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 15:22:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 12 Jan 2023 15:22:43 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 2963 15 KB
6 KB 168ms
44ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.indexlogin-php.info

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

d495b605d874fff6c44230b7a0fcea83f8939d7b8c852a68e1673d9569ef9100

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.indexlogin-php.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 15:22:43 GMT
server: Kestrel
server-processing-duration-in-ticks: 346261
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 49A7 623 B
836 B 104ms
38ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: eb0b1c328d65b56d648904178f081695578acdba5edb4322160facb5dee9ab50

Request headers

Referer: https://www.indexlogin-php.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 409
content-type: text/html
date: Thu, 12 Jan 2023 15:22:43 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2

200

sid Show response
mug.criteo.com/ Frame 2963
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=indexlogin-php.info&sn=ChromeSyncframe&so=0&topUrl=www.indexlogin-php.info&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=91nITnwvVDUvcVZqek5EN3k1SkZNMTNHcThIaEJJVUhlalZ6dDV4TU1RMzhwbXp0eFl4bzVYamJ6RXBkd0NGZzdaZnRUanVRN0pmdDA5NFVocmNtcWMzMHdma3oxQVM4a3JsaDBwQzJFeEVuUFF1TTZQWnNCeDNkM0dITH...

444 B
671 B

426ms
61ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=91nITnwvVDUvcVZqek5EN3k1SkZNMTNHcThIaEJJVUhlalZ6dDV4TU1RMzhwbXp0eFl4bzVYamJ6RXBkd0NGZzdaZnRUanVRN0pmdDA5NFVocmNtcWMzMHdma3oxQVM4a3JsaDBwQzJFeEVuUFF1TTZQWnNCeDNkM0dITHdwMG56N0NiK1hoRmFjS3ZHRER4SEErOXJtMXU5MzhhOHFFemVHTGVrSXA2SDhMbFg1bzRBOTZidmFpL1VuODdrQkJIa2x4WE16TEQvWmd1N25TRUdEY2JjR3B1UitnaXB3ZGk1MDFxL05Nc1Q4amc0MFZxNWpheStydE5jR3FuL04wSnBEL2U4UnRvNnIvcWU0dGcrbmNjQkpvRU9XK25aeGQzWnkyVWdzQ0NsSFRlbkFiQT18&cppv=2

Requested by

Host: www.indexlogin-php.info
URL: https://www.indexlogin-php.info/ja-JP/login.php

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

ef971315f5c786f676c39d822fab9f94668f2aa1c9f4010d112aae9933520e20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 15:22:43 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4331453
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 12 Jan 2023 15:22:43 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=91nITnwvVDUvcVZqek5EN3k1SkZNMTNHcThIaEJJVUhlalZ6dDV4TU1RMzhwbXp0eFl4bzVYamJ6RXBkd0NGZzdaZnRUanVRN0pmdDA5NFVocmNtcWMzMHdma3oxQVM4a3JsaDBwQzJFeEVuUFF1TTZQWnNCeDNkM0dITHdwMG56N0NiK1hoRmFjS3ZHRER4SEErOXJtMXU5MzhhOHFFemVHTGVrSXA2SDhMbFg1bzRBOTZidmFpL1VuODdrQkJIa2x4WE16TEQvWmd1N25TRUdEY2JjR3B1UitnaXB3ZGk1MDFxL05Nc1Q4amc0MFZxNWpheStydE5jR3FuL04wSnBEL2U4UnRvNnIvcWU0dGcrbmNjQkpvRU9XK25aeGQzWnkyVWdzQ0NsSFRlbkFiQT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 614773
content-length: 0
expires: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 49A7
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=Y8AlxAAKpo8oGwAe
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y8AlxAAKpo8oGwAe&_test=Y8AlxAAKpo8oGwAe

43 B
106 B

45ms
42ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y8AlxAAKpo8oGwAe&_test=Y8AlxAAKpo8oGwAe
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 15:22:44 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by: cache-chi-kigq8000070-CHI
pragma: no-cache
date: Thu, 12 Jan 2023 15:22:44 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1673536965.562317,VS0,VE0
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y8AlxAAKpo8oGwAe&_test=Y8AlxAAKpo8oGwAe
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 a0ad31de-eaf9-ee39-f7e4-a8dcc2d5e57f
pr-bh.ybp.yahoo.com/sync/openx/ Frame 49A7 43 B
603 B 429ms
63ms Image
image/gif 2600:1f18:4e9:5a01:f658:4b01:54c2:e968
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/a0ad31de-eaf9-ee39-f7e4-a8dcc2d5e57f?gdpr=0

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a01:f658:4b01:54c2:e968 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 15:22:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 49A7
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=346a579a-7a55-7c70-c633-be293d822836&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=346a579a-7a55-7c70-c633-be293d822836&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=b96520f5-215d-43f0-9ed7-19cdc707d35b&ttd_puid=346a579a-7a55-7c70-c633-be293d822836&gdpr=0&gdpr_consent=

43 B
250 B

52ms
50ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=b96520f5-215d-43f0-9ed7-19cdc707d35b&ttd_puid=346a579a-7a55-7c70-c633-be293d822836&gdpr=0&gdpr_consent=
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 15:22:44 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 12 Jan 2023 15:22:44 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=b96520f5-215d-43f0-9ed7-19cdc707d35b&ttd_puid=346a579a-7a55-7c70-c633-be293d822836&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 335

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 49A7 170 B
243 B 425ms
65ms Image
image/png 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTgwNTg0NTAtYjMyMi0yMmQ0LWQzZDMtZTQ5MGY3NjBlNjU2

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 15:22:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 49A7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE_Nf2BgpHQt0w7RpT1e9NQ&google_cver=1

43 B
180 B

108ms
40ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE_Nf2BgpHQt0w7RpT1e9NQ&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 15:22:44 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 12 Jan 2023 15:22:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE_Nf2BgpHQt0w7RpT1e9NQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ 42 B
174 B 105ms
103ms Fetch
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1OfpFwTOlgVXi4hpoQFGt7AJrfaFhZvGgDrmcPPcnFQ_r8KmrHvoUX2tA2KeO8_04x0tn0uDh9nAwNwC-1WsqNMNax6sF8q9u4NVDmM_WenSyMFaS&sig=Cg0ArKJSzG4beEZaqQluEAE&id=lidar2&mcvt=1001&p=0,0,250,300&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230111&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1675415951&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673536958551&rpt=5028&met=mue&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.indexlogin-php.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 15:22:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 62ms
59ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068517

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.indexlogin-php.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 15:22:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 15:22:44 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CCA8 13 KB
5 KB 65ms
52ms Document
text/html 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indexlogin-php.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 6347
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 13:36:57 GMT
expires: Fri, 12 Jan 2024 13:36:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A3F4 783 B
1 KB 195ms
79ms Document
text/html 2607:f8b0:4006:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9fd55c7f97443cefadfe42a50b01f26c38004c2a3aac98a85641ea0701d76744

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IM4qhsVGieDTHNP2OK6qeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.indexlogin-php.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-IM4qhsVGieDTHNP2OK6qeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 15:22:44 GMT
expires: Thu, 12 Jan 2023 15:22:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame CCA8 36 KB
16 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 20:40:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Jan 2024 20:40:03 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A3F4 0
0 113ms
111ms Image
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022071401&jk=4366288938828061&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 113ms
112ms Image
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022071401&jk=4366288938828061&bg=!7O-l76vNAAYDMoyoIzI7ACkAdvg8WmswZLLU9hlnX5ys8roTz5sLfIaEI_LUCMzNChb_Rbegjuu1MgIAAADUUgAAAARoAQcKADcUo-tfvI3hp-Tgr56vksxYc-UYi7s2jIBekT5lLC7yeTqxOxFPqfnSqz1opmm7z0ChclESYSSJmQKiiXUSg-NozUO4IKZn2vcAGkvwc1Y5joNScN6R2njGjfwZ_e5eq1aEnVv4FuFDCIbSRcVBlPjsY2kcjiGjbWF-PuqkwRdbDpMtXn-ltdfkat8qxWm4NNmXEMX8dCrp5hk7GPezopSibVqFc1HIsXSHpV0zr5XlDphHQ7IBo3Tv0J9XK2Vbmc3nKAE2lDGQjJW7CH44Jxnfug5qjVw-2_dXN5djrSDqr8qoHNQRlhinIYbnvgiyHnumxCaC3d4S_xuDx8-oSCFpn7rpR_IH2TbGlZkoAzUIbVL78xv1L3OTdQUevZod6GliqQUY3E-vnil82XOvaSxTm0bf94_-Ncq53jTNSv9SZZ2W8_OjKW8jkUCx0wV5OvGFMSxN0cYdqCu5C4zLOyQOzl6kuijkWOAo46agRoReQInte2k9jcS89rHLZDthCeIgoSzyF5QXbUHgZkqWdMm15stnFZtqf-EZ30n22HCNgEj1mJxPpbf9Qbl0BWI6WB5evBjgpnaG5LddCUC7Ki6VIBBEJH829Cz0Up3NsfPVWX6Fqsdfd1hsvV-HLm7I3lJQgKIXvb8i4pHL5a1BrgEfYKwnl1rz5iMwrZAHR6SXnOrXwTsfxWOoU2UZmXkFMz3WBVaIKb1lzwxYI-4-BsFXWXh35qv6-RysoZz3NIEJJDiFgRPLKxn1Wjnpd2RDT8n31C90uLqLhXN-wvUJm7Mgx8QBAhwJxkalpYjWZmugGnkslhQGph6AVIg52oF2vw4Vec3x7b-HOeKcP85UNmOCPzaMKXYN2KMVAUgsFqJf4WiCH4ddLMJSuOch-22gfFx5SSYte2h-tXoyimWo5VHOBhj_u_VoFs9pvzmjDst-OPsgE2KPkE4m8nrHlZsj5PIJr_9Mmv2Tx4PRwYY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.indexlogin-php.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Domain: 25d0c1ed3b4c12e6e09c115575faa04b.safeframe.googlesyndication.com
URL: https://25d0c1ed3b4c12e6e09c115575faa04b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Softbank (Telecommunication)

148 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.indexlogin-php.info/	1969-12-31 23:59:59	Name: PHPSESSID Value: f886acbc59d76f763e6d3bcbaf76a69d
.indexlogin-php.info/	1970-01-20 18:13:52	Name: __gads Value: ID=7d7fa9caca07b2d8:T=1673536962:S=ALNI_MaE-4XJwG0kwDmdGA9ZTtVNMuSDNQ
.indexlogin-php.info/	1970-01-20 18:13:52	Name: __gpi Value: UID=0000090740ab34dc:T=1673536962:RT=1673536962:S=ALNI_MaKN-215Mn_IRSLImjxeSaWTrdGcg
.doubleclick.net/	1970-01-20 18:28:16	Name: IDE Value: AHWqTUk1N-KFSRB6_lwNvKjpEPtjivqrC5fUiA0jdGjF1ikKAudjwhemGFVqtNArgDE
.indexlogin-php.info/	1970-01-20 08:52:16	Name: lotame_domain_check Value: indexlogin-php.info
.openx.net/	1970-01-20 17:37:52	Name: i Value: e7c668c3-d3d2-4387-9ce5-76c159a51bcb\|1673536963
.crwdcntrl.net/	1970-01-20 15:21:04	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 15:21:04	Name: _cc_id Value: 4ae4f0517f5880327237c5d5269d6327
.indexlogin-php.info/	1970-01-20 15:21:04	Name: _cc_id Value: 4ae4f0517f5880327237c5d5269d6327
.indexlogin-php.info/	1970-01-20 08:53:43	Name: panoramaId_expiry Value: 1673623363795
.criteo.com/	1970-01-20 18:13:52	Name: uid Value: 98c15d63-56d6-46dd-9dd9-3fcad750a2da
.openx.net/	1970-01-20 09:13:52	Name: pd Value: v2\|1673536963\|vMgakWgyiK
.adsrvr.org/	1970-01-20 17:37:52	Name: TDID Value: b96520f5-215d-43f0-9ed7-19cdc707d35b
.everesttech.net/	1970-01-20 17:37:52	Name: everest_g_v2 Value: g_surferid~Y8AlxAAKpo8oGwAe
.yahoo.com/	1970-01-20 17:38:14	Name: A3 Value: d=AQABBMQlwGMCEBS_55O5gjcXrYZ2ZX10yj4FEgEBAQF3wWPKYwAAAAAA_eMAAA&S=AQAAAge3HhW_ys9JgEhs7S5dHxo
.indexlogin-php.info/	1970-01-20 18:13:52	Name: cto_bundle Value: UYkoyF9oRHBqcmRac3IwQ3hSSElxSGoxVDc1MGFnQ1Y2djR2UXNHVlI3YzJVb2FZMHJjakZTRWZKVzMwMDNON25wU3dQUldEQTVwclJSRFhWcGVlUFcxZFV5MVZrUnF6UEFDZW81MjU5eVNMaCUyRmRIZmJ3Z2YxMVFKbFkwZ01jNlIlMkZPJTJCWVVXUnRhNFVNWEt1d0luRFVHUHVlb3I3UW1MMzVrNFViTk9TdWZDWWpEbWslM0Q
.adsrvr.org/	1970-01-20 17:37:52	Name: TDCPM Value: CAEYBSABKAIyCwi-_sfb8q66OxAFOAE.
.openx.net/	1970-01-20 09:13:52	Name: univ_id Value: 537072971\|b96520f5-215d-43f0-9ed7-19cdc707d35b\|1673536964633028

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.indexlogin-php.info/ja-JP/login.php Message: Mixed Content: The page at 'https://www.indexlogin-php.info/ja-JP/login.php' was loaded over HTTPS, but requested an insecure script 'http://www.googletagservices.com/tag/js/gpt.js'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://sso.nifty.com/static/images/mail_banner_930_300.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://sso.nifty.com/static/images/mail_banner_350_150.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068517(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20230110/r20110914/abg_lite_fy2021.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068517(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068517(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20230110/r20110914/abg_lite_fy2021.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068517(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

25d0c1ed3b4c12e6e09c115575faa04b.safeframe.googlesyndication.com
adservice.google.co.jp
adservice.google.com
bcp.crwdcntrl.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.softbank.jp
cm.g.doubleclick.net
google-bidout-d.openx.net
gum.criteo.com
id5-sync.com
match.adsrvr.org
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
securepubads.g.doubleclick.net
sso.nifty.com
static.criteo.net
sync-tm.everesttech.net
tags.crwdcntrl.net
tpc.googlesyndication.com
us-u.openx.net
www.google.com
www.googletagservices.com
www.indexlogin-php.info
25d0c1ed3b4c12e6e09c115575faa04b.safeframe.googlesyndication.com
www.googletagservices.com
142.251.40.130
151.101.2.49
159.65.156.214
162.19.138.83
18.161.34.25
2600:1400:d:5a9::27f4
2600:1f18:4e9:5a01:f658:4b01:54c2:e968
2600:9000:24eb:2c00:1a:a4ff:d000:93a1
2606:4700:10::ac43:266a
2606:4700::6810:5714
2607:f8b0:4006:806::2004
2607:f8b0:4006:809::2002
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80f::2001
2607:f8b0:4006:81f::2002
2607:f8b0:4006:821::2002
2607:f8b0:4006:822::2002
2620:100:a001::4
2620:100:a001::c
3.33.220.150
34.102.146.192
34.120.107.143
34.98.64.218
44.197.136.217
74.119.119.139
0068e8eca801288cce475929f1d9522255c7b87f98d98bd10d3e65c30616bb42
0a5bb917b6fefe2fe9c50abae179c6095fb2303d7a0924609cd724bc84ac3a49
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1778eafd82af1b09c502edb9f1c716aeb533ec417d8dc1fbccd693e63a60793b
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
4274543e094ff39715b0b2f65cbfa69121de40baa152c9cf11b77454a05f8284
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4af47b67345dd8b3768981ba90fef725d93ab066703fe2177072f816e68ac5a9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea737ac05e8ee5e490220d97b820834c18cd7c6f1da7d85007a51a5c64425df
52a1c84b6edda80e6d8c8d9dd5eaee40eeb7893e9ada497e3d589d825a1ab922
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a5168568b66c50fd3353d6e1c0a164f960793ffce44c930ac76a17037855cdc
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
7a2e789ab6965911f6d8efd2bc5db03530ee555934c3459399b352b91e5a7367
7f9963af5a0b23be48504ee3615b49fc494950c30cfefeba46d92e5b3085eadc
80fe854784e86175a08f4845fcd54668d4cd215c8bb20ca58f87ea297361d9b3
92b45154a60976540481daa8457c9b75f6cf630c7f91fbd6caddae7730982a9e
9fd55c7f97443cefadfe42a50b01f26c38004c2a3aac98a85641ea0701d76744
a408de979fe99476d69b98293cd6c4ab0555ffc8a226a1625b076f0a659f1e54
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
ca466c36e848b86b42a891a40f896392a88040c80a90dc186d27019478882bee
cbd9e12c1638097d83e46ba8b692263c9ca666ba6f3f40a4bc0f1a5250dab065
cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c
d495b605d874fff6c44230b7a0fcea83f8939d7b8c852a68e1673d9569ef9100
df3d1608e4ab20082b5556e209ea790f16cfaabe519e1f26d4f23986191c967c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb0b1c328d65b56d648904178f081695578acdba5edb4322160facb5dee9ab50
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef971315f5c786f676c39d822fab9f94668f2aa1c9f4010d112aae9933520e20
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
f364b500f0dd53b18258352acaf5280f162a2ccbb8f660e0aa1b4b9b2a32c706
f75e0333fb9d170052bdbcd219be104a1bd0e9079d0b142141c2ba13eafac957
fe7bd8cacf9680625b7da9649a92bee8ab705909190040bad2396b2d6ca9436e

www.indexlogin-php.info Open in urlscan Pro 159.65.156.214 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

50 Requests

86 %HTTPS

56 %IPv6

18 Domains

27 Subdomains

24 IPs

3 Countries

519 kBTransfer

1402 kBSize

18 Cookies

2 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.indexlogin-php.info Open in urlscan Pro
159.65.156.214 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

86 %
HTTPS

56 %
IPv6

18
Domains

27
Subdomains

24
IPs

3
Countries

519 kB
Transfer

1402 kB
Size

18
Cookies

50 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!