www.159-65-156-214.cprapid.com Open in urlscan Pro
159.65.156.214 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.159-65-156-214.cprapid.com/
Effective URL:
https://www.159-65-156-214.cprapid.com/ja-JP/login.php
Submission Tags: tweet @ap_zenmashi #phishing #フィッシング #mysoftbank #マイソフトバンク #ソフトバンク #詐欺 #scam Search All
Submission: On January 19 via api (January 19th 2023, 6:26:33 am UTC) from FI — Scanned from FI

Summary HTTP 38 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 21 IPs in 6 countries across 16 domains to perform 38 HTTP transactions. The main IP is 159.65.156.214, located in Bengaluru, India and belongs to DIGITALOCEAN-ASN, US. The main domain is www.159-65-156-214.cprapid.com.
TLS certificate: Issued by R3 on January 11th 2023. Valid for: 3 months.

This is the only time www.159-65-156-214.cprapid.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Softbank (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
2 3	159.65.156.214 159.65.156.214	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
6	2600:9000:20e... 2600:9000:20eb:1a00:1a:a4ff:d000:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:e30... 2a02:26f0:e300:190::27f4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	13.225.78.97 13.225.78.97	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
1	52.18.161.122 52.18.161.122	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
38	21

3 159.65.156.214 (Bengaluru, India) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

www.159-65-156-214.cprapid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:20eb:1a00:1a:a4ff:d000:93a1 (United States)

ASN16509 (AMAZON-02, US)

sso.nifty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:e300:190::27f4 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)

cdn.softbank.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-97.fra2.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.161.122 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-161-122.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190	279 KB
6	nifty.com sso.nifty.com	10 KB
4	googlesyndication.com 1a2273134c23a65b0ad8515195f03f83.safeframe.googlesyndication.com Failed tpc.googlesyndication.com — Cisco Umbrella Rank: 156 pagead2.googlesyndication.com — Cisco Umbrella Rank: 108	39 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 385 mug.criteo.com — Cisco Umbrella Rank: 2848	7 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 2596 google-bidout-d.openx.net — Cisco Umbrella Rank: 2546	708 B
3	cprapid.com 2 redirects www.159-65-156-214.cprapid.com	4 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1039 bcp.crwdcntrl.net — Cisco Umbrella Rank: 904	10 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 938 id5-sync.com — Cisco Umbrella Rank: 393	17 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185 Failed	76 KB
2	softbank.jp cdn.softbank.jp	11 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 70	714 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 637	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2762	8 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 357	894 B
1	google.fi adservice.google.fi — Cisco Umbrella Rank: 75275	792 B
1	google.co.jp adservice.google.co.jp — Cisco Umbrella Rank: 39439	792 B
38	16

	Domain	Requested by
6	securepubads.g.doubleclick.net	www.159-65-156-214.cprapid.com www.googletagservices.com securepubads.g.doubleclick.net
6	sso.nifty.com	www.159-65-156-214.cprapid.com sso.nifty.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net
3	www.159-65-156-214.cprapid.com	2 redirects
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects www.159-65-156-214.cprapid.com
2	www.googletagservices.com	www.159-65-156-214.cprapid.com securepubads.g.doubleclick.net
2	cdn.softbank.jp	www.159-65-156-214.cprapid.com
2	adservice.google.com	www.159-65-156-214.cprapid.com securepubads.g.doubleclick.net
1	pagead2.googlesyndication.com	www.googletagservices.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	mug.criteo.com	www.159-65-156-214.cprapid.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	adservice.google.fi	securepubads.g.doubleclick.net
1	adservice.google.co.jp	www.159-65-156-214.cprapid.com
0	1a2273134c23a65b0ad8515195f03f83.safeframe.googlesyndication.com Failed	securepubads.g.doubleclick.net
38	22

This site contains links to these domains. Also see Links.

Domain
googleads.g.doubleclick.net
adssettings.google.com

Subject Issuer	Validity	Valid
indexlogin-php.info R3	`2023-01-11` - `2023-04-11`	3 months	crt.sh
sso.nifty.com Cybertrust Japan SureServer CA G4	`2022-10-27` - `2023-11-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
cdn.softbank.jp Cybertrust Japan SureServer EV CA G3	`2022-05-30` - `2023-05-30`	a year	crt.sh
*.google.fi GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2022-12-02` - `2023-03-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.159-65-156-214.cprapid.com/ja-JP/login.php
Frame ID: 74FFFBB9B83CDEA6F56DD2A4C9954149
Requests: 35 HTTP requests in this frame

Frame: https://1a2273134c23a65b0ad8515195f03f83.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2105C8D3DF4A211BD59C84D80C5783E9
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.159-65-156-214.cprapid.com
Frame ID: 47F3127F594188F177D6F88B9CF7B05D
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 82560A1A858D0A407075101A12A7CF76
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.159-65-156-214.cprapid.com/ HTTP 302
https://www.159-65-156-214.cprapid.com/ja-JP/?signin HTTP 302
https://www.159-65-156-214.cprapid.com/ja-JP/login.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

38
Requests

87 %
HTTPS

60 %
IPv6

16
Domains

22
Subdomains

21
IPs

6
Countries

477 kB
Transfer

1320 kB
Size

8
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://googleads.g.doubleclick.net/pcs/click?xai=AKAOjsuvMVPKm3xKIS7EnUMOeljx2l8rkpD9d3eAxZPN9cxcLWvbvzjU6LJrBDw4gBgnChelm1Tv2RjAigQ1642PciCXUjwdg_4NbUEWsAb5kAsWVpwEUX4tX0JeM6bzH5DkY3ldKPL79UcqY3IDeHxW0gPMupMFWd-ZZG_DDMaIiGEKKGJfnj25puCpOCN2vUROI8NNYyVPIlpq_QfRUhWNJmExFHg4rXwXVapwPDjIz1dY_rDUT11eQNGE8S1-MgVIQxxmIVPGQZUCMs4NwXj5FY6tMz91AKWrYxJcfILo2dStRkPXQ_J3V4Od3iYjY3JF5jRB_SAZ8par8RfdBwcPKzxQQV8v_HSp8Uh7Tw&sai=AMfl-YS9rhE4iHlmK2i-otviH9CLCMQoDBYCuc1MKN2nGSGx0LXCBk68pPQP_Z-qFxTWYFx1bli6le-MOxfGquc9Nb7zJYhf4CB5lLRaDiX4rdfAYj1iqU0m1LqDFtrElt-aQjqc7F5i89IpB5WM6_NeQO0&sig=Cg0ArKJSzFJgh65CYGm3&fbs_aeid=[gw_fbsaeid]&adurl=https://www.nifty.com/%3Futm_source%3Dnifty%26utm_medium%3Dreferral%26utm_campaign%3Dpc_sso%23nifkujiArea

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/whythisad?source=display&reasons=AZLCTSpA8kxOVfkAjyZ0ux9nUiMAXd--m_eIIyfvCKX9AELSSyhaUcPqSt2-L2xZ2n5lorMzis9Rzqf9l4dxkCEE_FA09W8FVwvfhtPHT9Ha95k1g4PGKYG_kIvm9dD8BQEhI5sxZ7HKTZb_gqezxxzT2Gv-WUJKr3I6MPhCijeaTpkyfOKegAUOCHuWmDwmHlhdhuO_fFwFZv5-yDN4g_TjCAQ3TjanBXvocfuPH3wfgRtRdzgMf02lN0zRvl5lVuZBbU1mCz2Do2p4KtZZamruKV873CW-PEeI5bJkSPw0dOGGI9nRJYqHGKM3LR1Qbh3YKXdwjuZ4WtCWFEpgv-BrCZAabP2X1uRnkUpRk9a0NCxDNl5ouQ1JiEzunamu3-nkXm5wTVIhubkt2SCsNbUW-t9j4HTH2yOdWoHkZfQ6yjEGHaFcFnHGyr_-oBAEY1ByDkNkJkZREf8gsDG9gCzdn4gzRu7wlS40VNzHKaebVq4ZrdMUOT14iS1g6NEQR8AMFqxUrykKQ0-7rpywHMGkKelV78dhyYDFb7KSgOhuL2YUoxeVD8FSxM7K9JhiauyZNslHVF2Owl_4oRvQbR3f6Cknw7sRWlMpxOMpQkNxCinPqlB4THeHknvzbedVv3ZVdBpGr0kM-kE0dBZrQG3iE019qQ7gdkyJDi1fMR9BLOuK3srhPGMPmlBrbx4ocVAMUg7BKZpFN5ETxQqX9OMUE7BiuKYjerjejvi-6KfoM7JPBloC5l8lknBkEoJ7MZxXe3QvR7o_zwgTe-Q3MrslkTMvv2boN1ayZVElZDQWdk4HLXoIeQ4QfCpAYHJofwB1XLDnnInKcDekz6wIFV1thxs9uVPKBuk0ghyjWy1ue19Z-a6YpD2WNfX-n8NiZRjgnqeVa2xbQ0cgX3FSMBRlvT5ZG4Wws3Nq_4hRreZnoH70fKhK3D0BjZR3-A2eyMGDAmuVINsO65R5fWG5PIAlWkouoR5THJ4YKs6B56eJmHvarrziMpJqyEYyHBD19AL8zIlCLX-cj4uvcY1COxF0UhjoIYwdgAclzhNEdJQL0qCB59G6PzzGVjU3i5KX7q3iMwvw781_vCMjNzey4Rdb7sIrCbL39DpBiWmIcJuaewDMKTcK2Rr08l-oLIuvoDBSqRSEi7d5qYCIsIsFnz2YpHtow6kOZMXS3XX9MGwYtoB2mAs3MygdpB2enO51Cj4GKnve2ih94tubof7ZqPhUO6f8wwv7Y259ZXWOHYnLvyG3lwc1-Sq9o-cS8mo858BLxGCRtKP-Mg4gLhTOjji5NO1fLF0tNRXkennerJGkXajRl9hoPBTzWiuuzSizQubk847qh-kVEw4P9AjxMwAa_Psd57DuhVSpflnhW6yhxtTntfAr32wPRpEMdEz2Ps2kqbVSbll1zC40SLaw6uwjiMtQC9Dq_ayvK0GILZLaqChvRk3M-NSyoAAes2iaKY4

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.159-65-156-214.cprapid.com/ HTTP 302
https://www.159-65-156-214.cprapid.com/ja-JP/?signin HTTP 302
https://www.159-65-156-214.cprapid.com/ja-JP/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.159-65-156-214.cprapid.com%2Fja-JP%2Flogin.php&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.159-65-156-214.cprapid.com%2Fja-JP%2Flogin.php&rid=esp&cc=1

Request Chain 35

https://gum.criteo.com/sid/json?origin=publishertagids&domain=cprapid.com&sn=ChromeSyncframe&so=0&topUrl=www.159-65-156-214.cprapid.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=n_YqI3xmaEIvQitUMGtxY2FRSnhqZXpJVkhtQTQ5RWFEM3Z4VDdVNnNKa3didE1wZjhIc0tLN01LZ1pxOUU3Zm9BdGozRmsrOEJKSGhFcVRocEpPZWVXYnZPMFoycGxVSDNRdVVIWEdXeDdMTlB5R3V5S0h2ZDM1VHYvU2hDdUhjV3UvVmNjY0VacG5CWU4wNjlPbnpDcG9mU0dRZ2hrNlFzY0pJcjR0SktFNUduMGUvL0p5bTVBM3JsbUM3Z1FDYUt6QUtrcHNjTkF2cjd6QktXb0pBRVZEWS9OMW13VzFHNTdXWC9ZV09tRnBZZGlISXE2SHMrTS9PUDJkVjV1aG9lVjNkbklwUWZ0L29UWXF5djlOTVZtbHBzUT09fA&cppv=2

38 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login.php Show response
www.159-65-156-214.cprapid.com/ja-JP/
Redirect Chain

https://www.159-65-156-214.cprapid.com/
https://www.159-65-156-214.cprapid.com/ja-JP/?signin
https://www.159-65-156-214.cprapid.com/ja-JP/login.php

9 KB
3 KB

370ms
370ms

Document
text/html

159.65.156.214
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.159-65-156-214.cprapid.com/ja-JP/login.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.65.156.214 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 1778eafd82af1b09c502edb9f1c716aeb533ec417d8dc1fbccd693e63a60793b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 19 Jan 2023 06:26:25 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=98
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 19 Jan 2023 06:26:25 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=99
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding
location: login.php

GET
H/1.1 200
OK style.css
sso.nifty.com/static/css/ 21 KB
5 KB 1410ms
1084ms Stylesheet
text/css 2600:9000:20eb:1a00:1a:a4ff:d000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.nifty.com/static/css/style.css

Requested by

Host: www.159-65-156-214.cprapid.com
URL: https://www.159-65-156-214.cprapid.com/ja-JP/login.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:1a00:1a:a4ff:d000:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

6d216edde66c2b453f5b8953837e95a2afd89f4d6fa9a4a23dfdfa65af5eee21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.159-65-156-214.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 06:26:27 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C1
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 4978
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 13 Jan 2023 07:45:47 GMT
Server: Apache
X-Frame-Options: sameorigin
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-store
Accept-Ranges: bytes
X-Amz-Cf-Id: r6Lqco1AbgBDyrRw6Fop7AFyaRhTMYyxG5dPYqXWOqtR29XJH-pNhA==

GET
H/1.1 200
OK modaal.min.css
sso.nifty.com/static/css/ 12 KB
3 KB 1420ms
1095ms Stylesheet
text/css 2600:9000:20eb:1a00:1a:a4ff:d000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.nifty.com/static/css/modaal.min.css

Requested by

Host: www.159-65-156-214.cprapid.com
URL: https://www.159-65-156-214.cprapid.com/ja-JP/login.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:1a00:1a:a4ff:d000:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

5a5168568b66c50fd3353d6e1c0a164f960793ffce44c930ac76a17037855cdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.159-65-156-214.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 06:26:27 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Via: 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C1
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 2237
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 13 Jan 2023 07:45:47 GMT
Server: Apache
X-Frame-Options: sameorigin
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-store
Accept-Ranges: bytes
X-Amz-Cf-Id: VWmkoTbFwEvkZFTnDP6qB9lpSC2p2ycJjzyUixvzXOj_DAC4VqTVkw==

GET
H2 200 pubads_impl_2022071401.js Show response
securepubads.g.doubleclick.net/gpt/ 377 KB
129 KB 239ms
63ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068517

Requested by

Host: www.159-65-156-214.cprapid.com
URL: https://www.159-65-156-214.cprapid.com/ja-JP/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe7bd8cacf9680625b7da9649a92bee8ab705909190040bad2396b2d6ca9436e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.159-65-156-214.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 10:38:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71278
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131659
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 08:36:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 18 Jan 2024 10:38:29 GMT

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
792 B 242ms
70ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=

Requested by

Host: www.159-65-156-214.cprapid.com
URL: https://www.159-65-156-214.cprapid.com/ja-JP/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.159-65-156-214.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 06:26:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 215ms
71ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=

Requested by

Host: www.159-65-156-214.cprapid.com
URL: https://www.159-65-156-214.cprapid.com/ja-JP/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.159-65-156-214.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 06:26:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 logo-header-mysb.png
cdn.softbank.jp/mysoftbank/set/data/add/common/09/img/shared/ 8 KB
8 KB 1581ms
1219ms Image
image/png 2a02:26f0:e300:190::27f4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.softbank.jp/mysoftbank/set/data/add/common/09/img/shared/logo-header-mysb.png
Requested by: Host: www.159-65-156-214.cprapid.com
URL: https://www.159-65-156-214.cprapid.com/ja-JP/login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:e300:190::27f4 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ca466c36e848b86b42a891a40f896392a88040c80a90dc186d27019478882bee

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.159-65-156-214.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 06:26:29 GMT
last-modified: Fri, 09 Jul 2021 08:53:49 GMT
etag: a92cb3b50b064f2b8b9c26d51de96958
x-azure-ref: 0x9XHYwAAAABLFCHbfyS3QKfZ85g585BPVFBFMzFFREdFMDMwOQA2MWNhNzBjYy01ZDllLTQ0N2UtYjg2MS03ZDdkNzUxZDdhNDE=
content-type: image/png
content-disposition: inline; filename="logo-header-mysb.png"
accept-ranges: bytes
content-length: 7953
request-context: appId=cid-v1:283e9b52-2ecb-444b-a299-60d3532eb9b6

GET
H2 200 site-logo.png
cdn.softbank.jp/mysoftbank/set/data/add/common/09/img/shared/ 3 KB
3 KB 1248ms
891ms Image
image/png 2a02:26f0:e300:190::27f4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.softbank.jp/mysoftbank/set/data/add/common/09/img/shared/site-logo.png
Requested by: Host: www.159-65-156-214.cprapid.com
URL: https://www.159-65-156-214.cprapid.com/ja-JP/login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:e300:190::27f4 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: df3d1608e4ab20082b5556e209ea790f16cfaabe519e1f26d4f23986191c967c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.159-65-156-214.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 06:26:28 GMT
last-modified: Fri, 09 Jul 2021 08:53:50 GMT
etag: d692c84a205c457e8268e69f26212e9d
x-azure-ref: 07snHYwAAAAChWDZgB5JhTpiKm4NWiyGYVFBFMzFFREdFMDgwOAA2MWNhNzBjYy01ZDllLTQ0N2UtYjg2MS03ZDdkNzUxZDdhNDE=
content-type: image/png
content-disposition: inline; filename="site-logo.png"
accept-ranges: bytes
content-length: 2693
request-context: appId=cid-v1:283e9b52-2ecb-444b-a299-60d3532eb9b6

GET
H/1.1 404
Not Found mail_banner_930_300.png
sso.nifty.com/static/images/ 0
0 969ms
969ms Image
text/html 2600:9000:20eb:1a00:1a:a4ff:d000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sso.nifty.com/static/images/mail_banner_930_300.png
Requested by: Host: www.159-65-156-214.cprapid.com
URL: https://www.159-65-156-214.cprapid.com/ja-JP/login.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:1a00:1a:a4ff:d000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.159-65-156-214.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H/1.1 404
Not Found mail_banner_350_150.png
sso.nifty.com/static/images/ 0
0 951ms
950ms Image
text/html 2600:9000:20eb:1a00:1a:a4ff:d000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sso.nifty.com/static/images/mail_banner_350_150.png
Requested by: Host: www.159-65-156-214.cprapid.com
URL: https://www.159-65-156-214.cprapid.com/ja-JP/login.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:1a00:1a:a4ff:d000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.159-65-156-214.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET gpt.js
www.googletagservices.com/tag/js/ 0
0

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 81 KB
28 KB 239ms
72ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.159-65-156-214.cprapid.com
URL: https://www.159-65-156-214.cprapid.com/ja-JP/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31bcfd45ddd36cf20114b4aada5c0b19852f544e8ea4eb721111efc89c77153b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.159-65-156-214.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 06:26:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27760
x-xss-protection: 0
server: sffe
etag: "1456 / 881 of 1000 / last-modified: 1674085591"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 19 Jan 2023 06:26:27 GMT

GET
H/1.1 200
OK ic-human.png
sso.nifty.com/static/images/ 344 B
915 B 954ms
954ms Image
image/png 2600:9000:20eb:1a00:1a:a4ff:d000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sso.nifty.com/static/images/ic-human.png

Requested by

Host: sso.nifty.com
URL: https://sso.nifty.com/static/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:1a00:1a:a4ff:d000:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

7f9963af5a0b23be48504ee3615b49fc494950c30cfefeba46d92e5b3085eadc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sso.nifty.com/static/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 06:26:28 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C1
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 344
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 13 Jan 2023 07:45:47 GMT
Server: Apache
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: no-store
Accept-Ranges: bytes
X-Amz-Cf-Id: TJG8uG0SZck7Wh_9BwZapjy-GGXy9DSrymgugv5M3oSppq_P18tSFg==

GET
H/1.1 200
OK ic-lock.png
sso.nifty.com/static/images/ 353 B
924 B 1073ms
959ms Image
image/png 2600:9000:20eb:1a00:1a:a4ff:d000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sso.nifty.com/static/images/ic-lock.png

Requested by

Host: sso.nifty.com
URL: https://sso.nifty.com/static/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:1a00:1a:a4ff:d000:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

a408de979fe99476d69b98293cd6c4ab0555ffc8a226a1625b076f0a659f1e54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://sso.nifty.com/static/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 06:26:28 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Via: 1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C1
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 353
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 13 Jan 2023 07:45:47 GMT
Server: Apache
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: no-store
Accept-Ranges: bytes
X-Amz-Cf-Id: EjZBRTqFWsYwkJtdP4-9QRiMgZq_GcHFvqVspZ6-KhvE1bElPFf3fA==

GET
H2 200 pubads_impl_2023011702.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
129 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011702.js?cb=31071694

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f10feb856e1174b96257f0bd820f67e0c2c738e5abbfe70799a457b791e11562

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.159-65-156-214.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 15:42:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53065
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132153
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 21:40:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 18 Jan 2024 15:42:02 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 52 B
77 B 219ms
95ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.159-65-156-214.cprapid.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29ca521056cc64dd4f0621b896877d868d9bc08dd3201e19efb31270f6e056a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.159-65-156-214.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 06:26:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53
x-xss-protection: 0
expires: Thu, 19 Jan 2023 06:26:28 GMT

GET
H2 200 integrator.js Show response
adservice.google.fi/adsid/ 107 B
792 B 235ms
70ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fi/adsid/integrator.js?domain=www.159-65-156-214.cprapid.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068517

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.159-65-156-214.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 06:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 70ms
69ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.159-65-156-214.cprapid.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068517

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.159-65-156-214.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 06:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
20 KB 110ms
110ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4184242536220085&correlator=2213339257826318&eid=31071694&output=ldjh&gdfp_req=1&vrg=2022071401&ptt=17&impl=fifs&iu_parts=48012543%2CNIFTY_PC%2CBASIC%2CSSO_IN%2CRECT&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250%7C300x600&ifi=1&adks=1675415951&sfv=1-0-40&ecs=20230119&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1674109588107&lmt=1674109588&dlt=1674109586113&idt=1843&adxs=905&adys=132&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.159-65-156-214.cprapid.com%2Fja-JP%2Flogin.php&frm=20&vis=1&psz=300x432&msz=300x250&fws=4&ohw=1600&ga_vid=1405121140.1674109588&ga_sid=1674109588&ga_hid=201025139&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068517

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6decbd28649b841e8f597f42e79dc5993e4b2e6b7a0f28dbb3c892fcddafd195

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.159-65-156-214.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 06:26:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20527
x-xss-protection: 0
google-lineitem-id: 6089302779
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138402003601
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.159-65-156-214.cprapid.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET container.html
1a2273134c23a65b0ad8515195f03f83.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2105 0
0

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
894 B 144ms
61ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068517

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.159-65-156-214.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 19 Jan 2023 06:26:28 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 7070
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 437
x-served-by: cache-fra-eddf8230037-FRA, cache-bma1682-BMA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 119ms
37ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068517
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.159-65-156-214.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 11:14:35 GMT
content-encoding: gzip
age: 1278713
x-guploader-uploadid: ADPycdsWxhU7naGoH7qwaac8tdRk9uDcx_2R5ONFMPrbxl8UwdlMkZZZRu3P5UrmhPc8W43aMw60j-fpvsoh2ZVkBgVy1g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Thu, 04 Jan 2024 11:14:35 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 138ms
64ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068517

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc871e89201aa44e7380e81e7f7846c4164e5a5d3374ba722a90e518ad48feae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.159-65-156-214.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 06:26:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:58 GMT
server: cloudflare
x-amz-request-id: H5JPFRAR45B0V1XR
age: 920
etag: W/"854d94282c6b6d99cd8ba33bb311e621"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 78bd7fbf2eafd973-HEL
x-amz-id-2: pYn57Nw8fNqzL8X5DYVgJ5AV7drbfw1wdC30lYC2cijyUTK8sNdIQ+ex15jIta5BW8eg6EA9bMc=

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 233ms
80ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068517

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

5acb6bfb13d8aa6e8433b58c8ee60164ca1946736ef8236e346adf5e240f6247

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.159-65-156-214.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 06:26:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 10 Jan 2023 22:25:06 GMT
server: nginx
etag: W/"63bde5c2-9c1f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 20 Jan 2023 06:26:28 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 32 KB
10 KB 212ms
60ms Script
text/javascript 13.225.78.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068517
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-97.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ea737ac05e8ee5e490220d97b820834c18cd7c6f1da7d85007a51a5c64425df

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.159-65-156-214.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 01:25:26 GMT
content-encoding: gzip
via: 1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:08:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 18063
x-amz-server-side-encryption: AES256
etag: W/"87ee016ad429d1c83712b8d81ccb3c59"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: XRv_nh2F5b5iqgXO19WuAKlNqPx9Kua9iXrZxPwnzJrbJwzRPPr3SA==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 125ms
124ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukNPYOKcTe-e2cqOf2vrT7ShXPgkg3JWc_KmgMloTgJ107jiX9qRjoj3emMIZnc_qgevM7IfSZmu1ldQlvCifXrkr43emOyx6vgghfaPN4D8lB12XI74cg_JA5BFSDT7_pFnGVs2jnFIYXC7vuGbDaQTHWZW-sXRG7X_3lCyE1mpa-x3hGwtt7nGk3meKhhLOOOlE5fm2X7D8Yc332uQa2vnAfgEjzFuA4S_vmqI3-6u90gC5hPOghyIgPEc67hCGVyuDph7l1QYwLsu7FpEegJyiTrhbGRUgcseDhQBERLfiNlZcRprZLCcPxA7ajVh_luXuP86Nb08DT7ePGoxfwwbsO9_SCAEQfVh7hcg&sai=AMfl-YQRuXP_0i58MAJFMqQjjkqdFFhMFgwEWmoi2tlVJImU_3Nw-9vZ_Bk-F40UkD36sEV2Yff8qPPlVA8v64FhQA0UOKJh1QUId9L-OHeLAeZBozeJlpV4aeu8p5k7dToY4xyFHSwakCFJ4nsZPPmy4Xs&sig=Cg0ArKJSzN1bDqjMp9AkEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.159-65-156-214.cprapid.com
URL: https://www.159-65-156-214.cprapid.com/ja-JP/login.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.159-65-156-214.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 06:26:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 19 Jan 2023 06:26:28 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/ 22 KB
9 KB 220ms
60ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068517

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.159-65-156-214.cprapid.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 18 Jan 2023 18:16:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43777
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8872
x-xss-protection: 0
server: cafe
etag: 4731094640903799552
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 18:16:51 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/ 3 KB
1 KB 227ms
69ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068517

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.159-65-156-214.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 21:51:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30875
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 21:51:53 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ 157 KB
49 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068517

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.159-65-156-214.cprapid.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 19 Jan 2023 06:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 Jan 2023 06:26:28 GMT

GET
H2 200 12223655113787438400
tpc.googlesyndication.com/simgad/ 27 KB
28 KB 269ms
112ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12223655113787438400

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068517

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

293eb541db71d3781d17bacd835a1992214f2fb19bacedc373366a876dd82ee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.159-65-156-214.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 06:26:28 GMT
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28031
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 07:55:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 19 Jan 2024 06:26:28 GMT

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.159-65-156-214.cprapid.com%2Fja-JP%2Flogin.php&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.159-65-156-214.cprapid.com%2Fja-JP%2Flogin.php&rid=esp&cc=1

85 B
203 B

158ms
158ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.159-65-156-214.cprapid.com%2Fja-JP%2Flogin.php&rid=esp&cc=1
Requested by: Host: www.159-65-156-214.cprapid.com
URL: https://www.159-65-156-214.cprapid.com/ja-JP/login.php
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 237c102d60c60d3c81459877ab28b8fba6b33950eac9d6418cdb8d68889b0480

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.159-65-156-214.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 06:26:28 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-HH+8XtsftpyWIa75SDO9nFgrV9w"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.159-65-156-214.cprapid.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Thu, 19 Jan 2023 06:26:28 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.159-65-156-214.cprapid.com
location: /esp?url=https%3A%2F%2Fwww.159-65-156-214.cprapid.com%2Fja-JP%2Flogin.php&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
339 B 199ms
63ms XHR
text/plain 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.159-65-156-214.cprapid.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.159-65-156-214.cprapid.com
date: Thu, 19 Jan 2023 06:26:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
346 B 248ms
77ms XHR
application/json 52.18.161.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.161.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-161-122.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 3ab5719093658e77cebf2aa73e2a44397b0975125249692ac14de5fa5f67182d

Request headers

Referer: https://www.159-65-156-214.cprapid.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 06:26:28 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.159-65-156-214.cprapid.com
cache-control: no-cache
x-server: 10.45.16.147
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 47F3 15 KB
6 KB 170ms
57ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.159-65-156-214.cprapid.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.159-65-156-214.cprapid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 06:26:28 GMT
server: Kestrel
server-processing-duration-in-ticks: 347646
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 869f6b1c95962ca41638a43acc3442608b680e0849ec5fc1c6b90abf46bb12e8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 99ms
98ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWb5FXrHOoo3sF_4Ck813tDSXThdJPIKyV30604HIzsA_h0BOqpN56g8qpEbQiMzX6k-yitYS2YAL8kEjulw2wAcTvdINvd-Rm43I2A98sBiQENOkOEC7ixVl1kHih5XROPcPQvbCzAZVitURFF5Mnj5CMmP_aVn7MZN3EU4MxwQY-6WWUfrBwvB8aliHSYGV2I02QckUXfW-lx-wH3ekf3MRCg3zAIOPVkWDQ557dBrYvqHAVEyRWS0qgAgnozo9OMS7VYW7OY2LYipuoB7_ziIh3OLGhK51fMXTlzLv-VM7FuBlJxgcmOPx23zBfTyJxmcoiQgUxBYMgLs8m9fCfdwJjG5SIpXPHpGGZn7-N&sai=AMfl-YRvMxJiwKwgLlexgxbYTVEXl6gQTQnmvMvtLJDNU0-EYRPu821rk8RDM3T_BQUfYeCW2bFlS8hQgQDv_srw-6SDzXObTBnh8EMp40Tou1qfESKuLHHVaMGpzonTMLZ-tHStRMP8Od7NO7JI_yasD3g&sig=Cg0ArKJSzNbpy5aI2ABJEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.159-65-156-214.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 06:26:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 19 Jan 2023 06:26:28 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 47F3
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=cprapid.com&sn=ChromeSyncframe&so=0&topUrl=www.159-65-156-214.cprapid.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=n_YqI3xmaEIvQitUMGtxY2FRSnhqZXpJVkhtQTQ5RWFEM3Z4VDdVNnNKa3didE1wZjhIc0tLN01LZ1pxOUU3Zm9BdGozRmsrOEJKSGhFcVRocEpPZWVXYnZPMFoycGxVSDNRdVVIWEdXeDdMTlB5R3V5S0h2ZDM1VHYvU2...

425 B
648 B

274ms
68ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=n_YqI3xmaEIvQitUMGtxY2FRSnhqZXpJVkhtQTQ5RWFEM3Z4VDdVNnNKa3didE1wZjhIc0tLN01LZ1pxOUU3Zm9BdGozRmsrOEJKSGhFcVRocEpPZWVXYnZPMFoycGxVSDNRdVVIWEdXeDdMTlB5R3V5S0h2ZDM1VHYvU2hDdUhjV3UvVmNjY0VacG5CWU4wNjlPbnpDcG9mU0dRZ2hrNlFzY0pJcjR0SktFNUduMGUvL0p5bTVBM3JsbUM3Z1FDYUt6QUtrcHNjTkF2cjd6QktXb0pBRVZEWS9OMW13VzFHNTdXWC9ZV09tRnBZZGlISXE2SHMrTS9PUDJkVjV1aG9lVjNkbklwUWZ0L29UWXF5djlOTVZtbHBzUT09fA&cppv=2

Requested by

Host: www.159-65-156-214.cprapid.com
URL: https://www.159-65-156-214.cprapid.com/ja-JP/login.php

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1f0633385d465f214a9799908de81c6919caacdb44de33469120871237a2ad30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 06:26:28 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2276339
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 19 Jan 2023 06:26:28 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=n_YqI3xmaEIvQitUMGtxY2FRSnhqZXpJVkhtQTQ5RWFEM3Z4VDdVNnNKa3didE1wZjhIc0tLN01LZ1pxOUU3Zm9BdGozRmsrOEJKSGhFcVRocEpPZWVXYnZPMFoycGxVSDNRdVVIWEdXeDdMTlB5R3V5S0h2ZDM1VHYvU2hDdUhjV3UvVmNjY0VacG5CWU4wNjlPbnpDcG9mU0dRZ2hrNlFzY0pJcjR0SktFNUduMGUvL0p5bTVBM3JsbUM3Z1FDYUt6QUtrcHNjTkF2cjd6QktXb0pBRVZEWS9OMW13VzFHNTdXWC9ZV09tRnBZZGlISXE2SHMrTS9PUDJkVjV1aG9lVjNkbklwUWZ0L29UWXF5djlOTVZtbHBzUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 374451
content-length: 0
expires: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 8256 0
176 B 179ms
73ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.159-65-156-214.cprapid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Thu, 19 Jan 2023 06:26:28 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ 42 B
497 B 239ms
95ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstNB2opFCNQ3p0Ej-issWfw0UnBSQPMdc1fxKFgJBNo4ZuONSgP7YeHZbrVxa2SYcMlihQGF6cQLvjH1M6EFDps8ylJAnfmNe4BiFz3a6_iA2qt9e8m&sig=Cg0ArKJSzOagbGLZoUp6EAE&id=lidar2&mcvt=1000&p=0,0,251,301&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230111&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1675415951&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674109584568&rpt=4019&met=mue&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.159-65-156-214.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 06:26:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Domain: 1a2273134c23a65b0ad8515195f03f83.safeframe.googlesyndication.com
URL: https://1a2273134c23a65b0ad8515195f03f83.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Softbank (Telecommunication)

145 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.159-65-156-214.cprapid.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: dbbfdbff58c14f264d0e0296628c1e80
.cprapid.com/	1970-01-20 18:23:25	Name: __gads Value: ID=b36fb63ad61e2589:T=1674109588:S=ALNI_MZedGnQBQAdS2urLi7eeJhU7APWqQ
.cprapid.com/	1970-01-20 18:23:25	Name: __gpi Value: UID=00000ba4d9dfaaaa:T=1674109588:RT=1674109588:S=ALNI_ManHsGLobsQ5G_y6V5eEAlIOmw19A
.doubleclick.net/	1970-01-20 18:23:25	Name: IDE Value: AHWqTUkGBU0cfCI6UxkKmuEo71LXuOYTOOFy8DnwmpZux-o5ghWSFsA5Ch-3L4pMWmM
.cprapid.com/	1970-01-20 09:01:49	Name: lotame_domain_check Value: cprapid.com
.openx.net/	1970-01-20 17:47:25	Name: i Value: 8a2c8fa1-2b2c-4d00-bab0-8258cf5fcc8c\|1674109588
.criteo.com/	1970-01-20 18:23:25	Name: uid Value: 4445b400-0ce1-45b4-9509-c4383a6bf93f
.cprapid.com/	1970-01-20 18:23:25	Name: cto_bundle Value: AiJDbV9GQ1RZb1MlMkIzZSUyQkZYUjdhZmcwc3JOR0txNjdSMnJTWnh6RjdtOFlxdEpMNXFIWTlqcjBNNUZYc0RwREY4a1FTZzl2R0FES2hrZ012SFFTQ002eTkwbVN2eTF2U0NQbVJDRW1hQWxZZmJwSWZuUTVZWUtibXZGT2xoOXhTNWtzcHgxN0EzZTRKRWVRYU1rM3p0YWN1MiUyRnclM0QlM0Q

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.159-65-156-214.cprapid.com/ja-JP/login.php Message: Mixed Content: The page at 'https://www.159-65-156-214.cprapid.com/ja-JP/login.php' was loaded over HTTPS, but requested an insecure script 'http://www.googletagservices.com/tag/js/gpt.js'. This request has been blocked; the content must be served over HTTPS.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068517(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/abg_lite_fy2021.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068517(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068517(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/abg_lite_fy2021.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068517(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://sso.nifty.com/static/images/mail_banner_350_150.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://sso.nifty.com/static/images/mail_banner_930_300.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1a2273134c23a65b0ad8515195f03f83.safeframe.googlesyndication.com
adservice.google.co.jp
adservice.google.com
adservice.google.fi
bcp.crwdcntrl.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.softbank.jp
google-bidout-d.openx.net
gum.criteo.com
id5-sync.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
sso.nifty.com
static.criteo.net
tags.crwdcntrl.net
tpc.googlesyndication.com
www.159-65-156-214.cprapid.com
www.googletagservices.com
1a2273134c23a65b0ad8515195f03f83.safeframe.googlesyndication.com
www.googletagservices.com
13.225.78.97
141.95.98.65
159.65.156.214
178.250.0.157
2600:9000:20eb:1a00:1a:a4ff:d000:93a1
2606:4700:10::ac43:266a
2a00:1450:4001:803::2002
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a02:2638:1::13
2a02:2638::3
2a02:26f0:e300:190::27f4
2a04:4e42:600::485
34.102.146.192
34.120.135.53
35.244.159.8
52.18.161.122
1778eafd82af1b09c502edb9f1c716aeb533ec417d8dc1fbccd693e63a60793b
1f0633385d465f214a9799908de81c6919caacdb44de33469120871237a2ad30
237c102d60c60d3c81459877ab28b8fba6b33950eac9d6418cdb8d68889b0480
293eb541db71d3781d17bacd835a1992214f2fb19bacedc373366a876dd82ee3
29ca521056cc64dd4f0621b896877d868d9bc08dd3201e19efb31270f6e056a8
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31bcfd45ddd36cf20114b4aada5c0b19852f544e8ea4eb721111efc89c77153b
3ab5719093658e77cebf2aa73e2a44397b0975125249692ac14de5fa5f67182d
4ea737ac05e8ee5e490220d97b820834c18cd7c6f1da7d85007a51a5c64425df
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
5a5168568b66c50fd3353d6e1c0a164f960793ffce44c930ac76a17037855cdc
5acb6bfb13d8aa6e8433b58c8ee60164ca1946736ef8236e346adf5e240f6247
6d216edde66c2b453f5b8953837e95a2afd89f4d6fa9a4a23dfdfa65af5eee21
6decbd28649b841e8f597f42e79dc5993e4b2e6b7a0f28dbb3c892fcddafd195
7f9963af5a0b23be48504ee3615b49fc494950c30cfefeba46d92e5b3085eadc
869f6b1c95962ca41638a43acc3442608b680e0849ec5fc1c6b90abf46bb12e8
a408de979fe99476d69b98293cd6c4ab0555ffc8a226a1625b076f0a659f1e54
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
ca466c36e848b86b42a891a40f896392a88040c80a90dc186d27019478882bee
cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
df3d1608e4ab20082b5556e209ea790f16cfaabe519e1f26d4f23986191c967c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10feb856e1174b96257f0bd820f67e0c2c738e5abbfe70799a457b791e11562
fc871e89201aa44e7380e81e7f7846c4164e5a5d3374ba722a90e518ad48feae
fe7bd8cacf9680625b7da9649a92bee8ab705909190040bad2396b2d6ca9436e

www.159-65-156-214.cprapid.com Open in urlscan Pro 159.65.156.214 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

38 Requests

87 %HTTPS

60 %IPv6

16 Domains

22 Subdomains

21 IPs

6 Countries

477 kBTransfer

1320 kBSize

8 Cookies

2 Outgoing links

Page URL History

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.159-65-156-214.cprapid.com Open in urlscan Pro
159.65.156.214 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

87 %
HTTPS

60 %
IPv6

16
Domains

22
Subdomains

21
IPs

6
Countries

477 kB
Transfer

1320 kB
Size

8
Cookies

38 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!