www.jamesdey.com Open in urlscan Pro
149.57.218.148  Malicious Activity! Public Scan

Submitted URL: https://www.jamesdey.com/jp
Effective URL: https://www.jamesdey.com/_ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home...
Submission Tags: 7531491
Submission: On June 02 via api from JP — Scanned from JP

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 27 HTTP transactions. The main IP is 149.57.218.148, located in Hanover, United States and belongs to DEDIPATH-LLC, US. The main domain is www.jamesdey.com.
TLS certificate: Issued by R3 on June 1st 2022. Valid for: 3 months.
This is the only time www.jamesdey.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: JR West (Transportation)

Domain & IP information

IP Address AS Autonomous System
26 149.57.218.148 35913 (DEDIPATH-LLC)
27 2
Apex Domain
Subdomains
Transfer
26 jamesdey.com
www.jamesdey.com
51 KB
0 51.la Failed
ia.51.la Failed
27 2
Domain Requested by
26 www.jamesdey.com www.jamesdey.com
0 ia.51.la Failed www.jamesdey.com
27 2

This site contains links to these domains. Also see Links.

Domain
shinkansen1.jr-central.co.jp
www.jr-odekake.net
faq.jr-odekake.net
Subject Issuer Validity Valid
www.jamesdey.com
R3
2022-06-01 -
2022-08-30
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.jamesdey.com/_ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Frame ID: C8DED0E63B4BCA2720162AA1F6B18EED
Requests: 27 HTTP requests in this frame

Screenshot

Page Title

JR西日本 Club J-WEST 会員サポート

Page URL History Show full URLs

  1. https://www.jamesdey.com/jp Page URL
  2. https://www.jamesdey.com/index.php?t=f0fea214d749171a3af4657ff7534a5d2f68a577f987cc29f54525098d3cf62b Page URL
  3. https://www.jamesdey.com/_ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&acti... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • require.*\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

96 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

51 kB
Transfer

93 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.jamesdey.com/jp Page URL
  2. https://www.jamesdey.com/index.php?t=f0fea214d749171a3af4657ff7534a5d2f68a577f987cc29f54525098d3cf62b Page URL
  3. https://www.jamesdey.com/_ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
jp
www.jamesdey.com/
1 KB
1 KB
Document
General
Full URL
https://www.jamesdey.com/jp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.57.218.148 Hanover, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
1a6a5206ff4fc8e9b2f9f188e839cf05999e76afff82c75f5f02050a0bc7130f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
access-control-allow-origin
www.jamesdey.com
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
598
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=UTF-8
date
Thu, 02 Jun 2022 05:06:38 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
upgrade-insecure-requests
1
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
vendor.23238u92u82.js
www.jamesdey.com/vendor/
5 KB
2 KB
Script
General
Full URL
https://www.jamesdey.com/vendor/vendor.23238u92u82.js
Requested by
Host: www.jamesdey.com
URL: https://www.jamesdey.com/jp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.57.218.148 Hanover, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
ae9da3c9a568a7b3602dc54e10c324166db3abe1d3a6892770d6ce6a7cc8c1c6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.jamesdey.com/jp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 05:06:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-length
1907
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
last-modified
Fri, 27 May 2022 07:26:30 GMT
server
Apache
upgrade-insecure-requests
1
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
application/javascript
access-control-allow-origin
(null)
content-security-policy
frame-ancestors 'none'
accept-ranges
bytes
index.php
www.jamesdey.com/
5 KB
3 KB
Document
General
Full URL
https://www.jamesdey.com/index.php?t=f0fea214d749171a3af4657ff7534a5d2f68a577f987cc29f54525098d3cf62b
Requested by
Host: www.jamesdey.com
URL: https://www.jamesdey.com/jp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.57.218.148 Hanover, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.jamesdey.com/jp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
access-control-allow-origin
www.jamesdey.com
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
2379
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=UTF-8
date
Thu, 02 Jun 2022 05:06:39 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
upgrade-insecure-requests
1
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
Primary Request signin
www.jamesdey.com/_ap/
6 KB
3 KB
Document
General
Full URL
https://www.jamesdey.com/_ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Requested by
Host: www.jamesdey.com
URL: https://www.jamesdey.com/index.php?t=f0fea214d749171a3af4657ff7534a5d2f68a577f987cc29f54525098d3cf62b
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.57.218.148 Hanover, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
6052cef1f2477cf10d0d4d5211af40a90f2e4611c15bb8e245329c0ba41479c5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.jamesdey.com/index.php?t=f0fea214d749171a3af4657ff7534a5d2f68a577f987cc29f54525098d3cf62b
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
access-control-allow-origin
www.jamesdey.com
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
2418
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=UTF-8
date
Thu, 02 Jun 2022 05:06:39 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
upgrade-insecure-requests
1
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
member-set.css
www.jamesdey.com/_ap/css/
623 B
367 B
Stylesheet
General
Full URL
https://www.jamesdey.com/_ap/css/member-set.css
Requested by
Host: www.jamesdey.com
URL: https://www.jamesdey.com/_ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.57.218.148 Hanover, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
00800123746f37e79be0fe65ea1bd435d140b435dc8e456b519cb8862b0e6210
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.jamesdey.com/_ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 05:06:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-length
304
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
last-modified
Tue, 01 Mar 2022 13:54:56 GMT
server
Apache
upgrade-insecure-requests
1
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
text/css
access-control-allow-origin
(null)
content-security-policy
frame-ancestors 'none'
accept-ranges
bytes
ap.css
www.jamesdey.com/_ap/css/
4 KB
1 KB
Stylesheet
General
Full URL
https://www.jamesdey.com/_ap/css/ap.css
Requested by
Host: www.jamesdey.com
URL: https://www.jamesdey.com/_ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.57.218.148 Hanover, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
8a395feee0792976a7067fd6a8b5465f7ed7fc23ae050d7ba8ef95401405765c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.jamesdey.com/_ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 05:06:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-length
1133
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
last-modified
Wed, 02 Mar 2022 23:24:36 GMT
server
Apache
upgrade-insecure-requests
1
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
text/css
access-control-allow-origin
(null)
content-security-policy
frame-ancestors 'none'
accept-ranges
bytes
jquery1.7.3.js
www.jamesdey.com/_ap/js/
5 KB
2 KB
Script
General
Full URL
https://www.jamesdey.com/_ap/js/jquery1.7.3.js
Requested by
Host: www.jamesdey.com
URL: https://www.jamesdey.com/_ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.57.218.148 Hanover, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
fee8c4ac7a8ea98137e3bd2492bc82d4ce77bb91774bbd6f4ddd2c5afbb1b1f6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.jamesdey.com/_ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 05:06:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-length
2306
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
last-modified
Thu, 03 Mar 2022 15:47:20 GMT
server
Apache
upgrade-insecure-requests
1
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
application/javascript
access-control-allow-origin
(null)
content-security-policy
frame-ancestors 'none'
accept-ranges
bytes
validateBase.js
www.jamesdey.com/_ap/js/
0
0
Script
General
Full URL
https://www.jamesdey.com/_ap/js/validateBase.js
Requested by
Host: www.jamesdey.com
URL: https://www.jamesdey.com/_ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.57.218.148 Hanover, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.jamesdey.com/_ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 05:06:39 GMT
x-content-type-options
nosniff
server
Apache
upgrade-insecure-requests
1
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
text/html; charset=iso-8859-1
access-control-allow-origin
(null)
content-security-policy
frame-ancestors 'none'
x-dns-prefetch-control
off
content-length
263
x-xss-protection
1; mode=block
myAlert.js
www.jamesdey.com/_ap/js/
0
0
Script
General
Full URL
https://www.jamesdey.com/_ap/js/myAlert.js
Requested by
Host: www.jamesdey.com
URL: https://www.jamesdey.com/_ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.57.218.148 Hanover, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.jamesdey.com/_ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 05:06:39 GMT
x-content-type-options
nosniff
server
Apache
upgrade-insecure-requests
1
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
text/html; charset=iso-8859-1
access-control-allow-origin
(null)
content-security-policy
frame-ancestors 'none'
x-dns-prefetch-control
off
content-length
263
x-xss-protection
1; mode=block
validateRequired.js
www.jamesdey.com/_ap/js/
4 KB
1 KB
Script
General
Full URL
https://www.jamesdey.com/_ap/js/validateRequired.js
Requested by
Host: www.jamesdey.com
URL: https://www.jamesdey.com/_ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.57.218.148 Hanover, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
9eaf41ccd7691ff06b75b8aa8f5185d1a5c0ed059775e970e045ebcf2a960cb2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.jamesdey.com/_ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 05:06:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-length
1446
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
last-modified
Wed, 02 Mar 2022 10:40:12 GMT
server
Apache
upgrade-insecure-requests
1
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
application/javascript
access-control-allow-origin
(null)
content-security-policy
frame-ancestors 'none'
accept-ranges
bytes
validateLogin1Form.js
www.jamesdey.com/_ap/js/
611 B
379 B
Script
General
Full URL
https://www.jamesdey.com/_ap/js/validateLogin1Form.js
Requested by
Host: www.jamesdey.com
URL: https://www.jamesdey.com/_ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.57.218.148 Hanover, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
ce4dd22f9f1d8c8b28b79060faa96ec28fb931b295ca212c2faf4b044896aa4d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.jamesdey.com/_ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 05:06:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-length
316
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
last-modified
Wed, 02 Mar 2022 10:41:02 GMT
server
Apache
upgrade-insecure-requests
1
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
application/javascript
access-control-allow-origin
(null)
content-security-policy
frame-ancestors 'none'
accept-ranges
bytes
validateUtil.js
www.jamesdey.com/_ap/js/
0
0
Script
General
Full URL
https://www.jamesdey.com/_ap/js/validateUtil.js
Requested by
Host: www.jamesdey.com
URL: https://www.jamesdey.com/_ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.57.218.148 Hanover, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.jamesdey.com/_ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 05:06:39 GMT
x-content-type-options
nosniff
server
Apache
upgrade-insecure-requests
1
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
text/html; charset=iso-8859-1
access-control-allow-origin
(null)
content-security-policy
frame-ancestors 'none'
x-dns-prefetch-control
off
content-length
263
x-xss-protection
1; mode=block
logo_all.gif
www.jamesdey.com/_ap/images/
5 KB
5 KB
Image
General
Full URL
https://www.jamesdey.com/_ap/images/logo_all.gif
Requested by
Host: www.jamesdey.com
URL: https://www.jamesdey.com/_ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.57.218.148 Hanover, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
4740a24c94c31ac747e02a42f5b695bb96b334987c5a3f545748965ffa09615d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.jamesdey.com/_ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 05:06:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Mar 2022 13:45:12 GMT
server
Apache
upgrade-insecure-requests
1
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
image/gif
access-control-allow-origin
(null)
content-security-policy
frame-ancestors 'none'
accept-ranges
bytes
x-dns-prefetch-control
off
content-length
4660
x-xss-protection
1; mode=block
button_orange_login.gif
www.jamesdey.com/_ap/images/
2 KB
2 KB
Image
General
Full URL
https://www.jamesdey.com/_ap/images/button_orange_login.gif
Requested by
Host: www.jamesdey.com
URL: https://www.jamesdey.com/_ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.57.218.148 Hanover, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
b158a3ad4fc909d536be32630ff6b0d0ed7f6c6012fddb03992e6490b56518b9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.jamesdey.com/_ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 05:06:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 02 Mar 2022 10:37:36 GMT
server
Apache
upgrade-insecure-requests
1
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
image/gif
access-control-allow-origin
(null)
content-security-policy
frame-ancestors 'none'
accept-ranges
bytes
x-dns-prefetch-control
off
content-length
2120
x-xss-protection
1; mode=block
button_gray_back.gif
www.jamesdey.com/_ap/images/
1 KB
1 KB
Image
General
Full URL
https://www.jamesdey.com/_ap/images/button_gray_back.gif
Requested by
Host: www.jamesdey.com
URL: https://www.jamesdey.com/_ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.57.218.148 Hanover, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
3b37de802e5d8b45ef9e9eed554a2a60c7098b31e9dc590b7014b6752860aa94
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.jamesdey.com/_ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 05:06:40 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Mar 2022 13:45:10 GMT
server
Apache
upgrade-insecure-requests
1
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
image/gif
access-control-allow-origin
(null)
content-security-policy
frame-ancestors 'none'
accept-ranges
bytes
x-dns-prefetch-control
off
content-length
1250
x-xss-protection
1; mode=block
footer_privacy.gif
www.jamesdey.com/_ap/images/
2 KB
2 KB
Image
General
Full URL
https://www.jamesdey.com/_ap/images/footer_privacy.gif
Requested by
Host: www.jamesdey.com
URL: https://www.jamesdey.com/_ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.57.218.148 Hanover, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
bcb2d9cd3065b1f07b58dad1ebe5b93c6bc79d75bda65bf057ac8ae98433d268
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.jamesdey.com/_ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 05:06:40 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Mar 2022 13:45:12 GMT
server
Apache
upgrade-insecure-requests
1
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
image/gif
access-control-allow-origin
(null)
content-security-policy
frame-ancestors 'none'
accept-ranges
bytes
x-dns-prefetch-control
off
content-length
2510
x-xss-protection
1; mode=block
footer_subnav_question.gif
www.jamesdey.com/_ap/images/
517 B
555 B
Image
General
Full URL
https://www.jamesdey.com/_ap/images/footer_subnav_question.gif
Requested by
Host: www.jamesdey.com
URL: https://www.jamesdey.com/_ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.57.218.148 Hanover, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
cdd977459433f2454f8eaf49c2035b073d2d43da06c63b580e3efcbe075bbe96
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.jamesdey.com/_ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 05:06:40 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Mar 2022 13:45:10 GMT
server
Apache
upgrade-insecure-requests
1
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
image/gif
access-control-allow-origin
(null)
content-security-policy
frame-ancestors 'none'
accept-ranges
bytes
x-dns-prefetch-control
off
content-length
517
x-xss-protection
1; mode=block
footer_copyright.gif
www.jamesdey.com/_ap/images/
3 KB
3 KB
Image
General
Full URL
https://www.jamesdey.com/_ap/images/footer_copyright.gif
Requested by
Host: www.jamesdey.com
URL: https://www.jamesdey.com/_ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.57.218.148 Hanover, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
d7471b8d593e0ae70df9dd7c709b27519a6a83a3bf68adbe23275e581b057e60
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.jamesdey.com/_ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 05:06:40 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Mar 2022 13:45:10 GMT
server
Apache
upgrade-insecure-requests
1
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
image/gif
access-control-allow-origin
(null)
content-security-policy
frame-ancestors 'none'
accept-ranges
bytes
x-dns-prefetch-control
off
content-length
3237
x-xss-protection
1; mode=block
default.css
www.jamesdey.com/_ap/css/
2 KB
948 B
Stylesheet
General
Full URL
https://www.jamesdey.com/_ap/css/default.css
Requested by
Host: www.jamesdey.com
URL: https://www.jamesdey.com/_ap/css/member-set.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.57.218.148 Hanover, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
28bde5913cfd9297971cb711c7bb392f76061f0e94bf3e5490783cf8912b0cd1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.jamesdey.com/_ap/css/member-set.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 05:06:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-length
908
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
last-modified
Tue, 01 Mar 2022 13:54:56 GMT
server
Apache
upgrade-insecure-requests
1
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
text/css
access-control-allow-origin
(null)
content-security-policy
frame-ancestors 'none'
accept-ranges
bytes
base.css
www.jamesdey.com/_ap/css/
18 KB
4 KB
Stylesheet
General
Full URL
https://www.jamesdey.com/_ap/css/base.css
Requested by
Host: www.jamesdey.com
URL: https://www.jamesdey.com/_ap/css/member-set.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.57.218.148 Hanover, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
935cad764e9e8e9915ce1ccfc9c4d3ea4c9f71268415cca50870935d01158e56
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.jamesdey.com/_ap/css/member-set.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 05:06:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-length
4104
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
last-modified
Tue, 01 Mar 2022 13:54:56 GMT
server
Apache
upgrade-insecure-requests
1
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
text/css
access-control-allow-origin
(null)
content-security-policy
frame-ancestors 'none'
accept-ranges
bytes
member-layout.css
www.jamesdey.com/_ap/css/
13 KB
3 KB
Stylesheet
General
Full URL
https://www.jamesdey.com/_ap/css/member-layout.css
Requested by
Host: www.jamesdey.com
URL: https://www.jamesdey.com/_ap/css/member-set.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.57.218.148 Hanover, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
a22f66d12e0bc78ec32077f66d49d3c70bcc1bbdad6ac042ee66e8cb7e58e90a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.jamesdey.com/_ap/css/member-set.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 05:06:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-length
3509
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
last-modified
Tue, 01 Mar 2022 13:54:56 GMT
server
Apache
upgrade-insecure-requests
1
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
text/css
access-control-allow-origin
(null)
content-security-policy
frame-ancestors 'none'
accept-ranges
bytes
module.css
www.jamesdey.com/_ap/css/
875 B
463 B
Stylesheet
General
Full URL
https://www.jamesdey.com/_ap/css/module.css
Requested by
Host: www.jamesdey.com
URL: https://www.jamesdey.com/_ap/css/member-set.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.57.218.148 Hanover, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
59d9012307aef550e3e7bc18c7dbb6afd42f337de81a96fed5d5900b205ea288
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.jamesdey.com/_ap/css/member-set.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 05:06:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-length
423
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
last-modified
Tue, 01 Mar 2022 13:54:56 GMT
server
Apache
upgrade-insecure-requests
1
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
text/css
access-control-allow-origin
(null)
content-security-policy
frame-ancestors 'none'
accept-ranges
bytes
tag.css
www.jamesdey.com/_ap/css/
501 B
314 B
Stylesheet
General
Full URL
https://www.jamesdey.com/_ap/css/tag.css
Requested by
Host: www.jamesdey.com
URL: https://www.jamesdey.com/_ap/css/base.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.57.218.148 Hanover, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
fb9a9469385d72c3c19bf3a895725b0e6fbd0fbf29b11f5863d869b59648e5c1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.jamesdey.com/_ap/css/base.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 05:06:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-length
252
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
last-modified
Tue, 01 Mar 2022 13:54:56 GMT
server
Apache
upgrade-insecure-requests
1
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
text/css
access-control-allow-origin
(null)
content-security-policy
frame-ancestors 'none'
accept-ranges
bytes
go1
ia.51.la/
0
0

spacer.gif
www.jamesdey.com/_ap/images/
43 B
80 B
Image
General
Full URL
https://www.jamesdey.com/_ap/images/spacer.gif
Requested by
Host: www.jamesdey.com
URL: https://www.jamesdey.com/_ap/css/base.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.57.218.148 Hanover, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.jamesdey.com/_ap/css/base.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 05:06:40 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Mar 2022 13:45:12 GMT
server
Apache
upgrade-insecure-requests
1
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
image/gif
access-control-allow-origin
(null)
content-security-policy
frame-ancestors 'none'
accept-ranges
bytes
x-dns-prefetch-control
off
content-length
43
x-xss-protection
1; mode=block
point01.gif
www.jamesdey.com/_ap/images/
13 KB
13 KB
Image
General
Full URL
https://www.jamesdey.com/_ap/images/point01.gif
Requested by
Host: www.jamesdey.com
URL: https://www.jamesdey.com/_ap/css/base.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.57.218.148 Hanover, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
4ee367c5125569288983ab48a8f9eafb3913f442e4c5bf7e4e9e3729923d957a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.jamesdey.com/_ap/css/base.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 05:06:40 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Mar 2022 13:45:10 GMT
server
Apache
upgrade-insecure-requests
1
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
image/gif
access-control-allow-origin
(null)
content-security-policy
frame-ancestors 'none'
accept-ranges
bytes
x-dns-prefetch-control
off
content-length
13177
x-xss-protection
1; mode=block
footer_background.gif
www.jamesdey.com/_ap/images/
75 B
112 B
Image
General
Full URL
https://www.jamesdey.com/_ap/images/footer_background.gif
Requested by
Host: www.jamesdey.com
URL: https://www.jamesdey.com/_ap/css/base.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.57.218.148 Hanover, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
0f62a1654935cb08e4106aa1e94e046cbbe8c03fee1948f308c966d693981921
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.jamesdey.com/_ap/css/base.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 05:06:40 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Mar 2022 13:45:12 GMT
server
Apache
upgrade-insecure-requests
1
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
image/gif
access-control-allow-origin
(null)
content-security-policy
frame-ancestors 'none'
accept-ranges
bytes
x-dns-prefetch-control
off
content-length
75
x-xss-protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ia.51.la
URL
https://ia.51.la/go1?id=21267949&rt=1654146400161&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1654146400161&tt=&kw=&cu=https%253A%252F%252Fwww.jamesdey.com%252F_ap%252Fsignin%253F_encoding%253DUTF8~_~openid.assoc_handle%253Djpflex~_~openid.claimed_id%253D~_~action%253Dsign-in~_~path%253Dhome~_~ref_%253Dnav_Account~_~signIn%253D1~_~useRedirectOnSuccess%253D1&pu=https%253A%252F%252Fwww.jamesdey.com%252Findex.php%253Ft%253Df0fea214d749171a3af4657ff7534a5d2f68a577f987cc29f54525098d3cf62b

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: JR West (Transportation)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| validateRequired function| trim boolean| bCancel function| validateLogin1Form function| login1Form_required function| OpenWindow undefined| first function| checkDoubleClick function| back

7 Cookies

Domain/Path Name / Value
www.jamesdey.com/ Name: PHPSESSID
Value: mj1cjpan5hg7f45gedgsd8ak41
.www.jamesdey.com/ Name: 62345ba76168db0033ce8ae6a90ce5a762956614
Value: nwcMGFHjQc7nDOZDxhWlbg%3D%3D
.www.jamesdey.com/ Name: ak_bmsc
Value: 4zeEvajla5VXwOLAS9VKluSmuJ9Bm3DrzlxdrWd2Mpsgt%2BpOsS0PkLwchMK46pZ8w3nUh%2FbWFuOGsbuBKlTWggKp7t0r9mF9eqtHl2ICT5sOcx3tzCdXtlIm%2FBQLg6oT31xsLIgFKPd9UFCo7RIDLuMLFTGWuToJLNoqaa9tCdsJfam5evilpRNJWuVkhx5dFFCPzNeWfEoQsMDuIx0UWmnAluioyuMFpTfEjNk5zOWu1FC5V541N1IweIKPI8EyUKqjl4f6OEn6DzJbsqL%2BKK3JXI9%2FynUUdWMTmKfRzzrMmvOKlK45WZIEiLSYXyiRpVc6uMyYnzBt93M4Z0yBkGkjZnKeNYTfIzrIzShdzFvw27KJ8jrEhZlNlFzcUykT8ytz1RN8oxb6zIMwJlqLhEYTooUpNFrKoidRJ75vV9q9xnOw1zs39y%2Bicu%2Fw7asy9BadcO6CApxOlOHEhiTzTINlXze2ENJ3D4FwZ2F47G8JVfkWHgZhQQ%2Bqa7C6WedWP6r%2BgdRVUc7TlcuE3KBelPx6TPk7H3oSywwCvWuTYBTnJPTLTFy1pnJ57WFDnPAiV4ImR4kin6%2BuXX22dl8A%2FGwnmOnjNYC8Ra%2BBrRllXawIuQ%2B5zKrybKcGGz136%2B6VpKgxc%2FUgFUNSvxY44Yi%2Bikp1ynLkWnpLQx8Zsho66zLi5Y3wUdP7b%2Bb%2FZfiH8W9Cc1AtObpQq8Conx12QBp4GKdgGcYYLMDwXbTD4LaC5LI%3D
.www.jamesdey.com/ Name: _amkc
Value: d8489b43-c3b2-4715-8a68-d8f1bd8b55b9
www.jamesdey.com/ Name: __tins__21267949
Value: %7B%22sid%22%3A%201654146400161%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201654148200161%7D
www.jamesdey.com/ Name: __51cke__
Value:
www.jamesdey.com/ Name: __51laig__
Value: 1

3 Console Messages

Source Level URL
Text
network error URL: https://www.jamesdey.com/_ap/js/validateBase.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.jamesdey.com/_ap/js/myAlert.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.jamesdey.com/_ap/js/validateUtil.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ia.51.la
www.jamesdey.com
ia.51.la
149.57.218.148
00800123746f37e79be0fe65ea1bd435d140b435dc8e456b519cb8862b0e6210
0f62a1654935cb08e4106aa1e94e046cbbe8c03fee1948f308c966d693981921
1a6a5206ff4fc8e9b2f9f188e839cf05999e76afff82c75f5f02050a0bc7130f
28bde5913cfd9297971cb711c7bb392f76061f0e94bf3e5490783cf8912b0cd1
3b37de802e5d8b45ef9e9eed554a2a60c7098b31e9dc590b7014b6752860aa94
4740a24c94c31ac747e02a42f5b695bb96b334987c5a3f545748965ffa09615d
4ee367c5125569288983ab48a8f9eafb3913f442e4c5bf7e4e9e3729923d957a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59d9012307aef550e3e7bc18c7dbb6afd42f337de81a96fed5d5900b205ea288
6052cef1f2477cf10d0d4d5211af40a90f2e4611c15bb8e245329c0ba41479c5
8a395feee0792976a7067fd6a8b5465f7ed7fc23ae050d7ba8ef95401405765c
935cad764e9e8e9915ce1ccfc9c4d3ea4c9f71268415cca50870935d01158e56
9eaf41ccd7691ff06b75b8aa8f5185d1a5c0ed059775e970e045ebcf2a960cb2
a22f66d12e0bc78ec32077f66d49d3c70bcc1bbdad6ac042ee66e8cb7e58e90a
ae9da3c9a568a7b3602dc54e10c324166db3abe1d3a6892770d6ce6a7cc8c1c6
b158a3ad4fc909d536be32630ff6b0d0ed7f6c6012fddb03992e6490b56518b9
bcb2d9cd3065b1f07b58dad1ebe5b93c6bc79d75bda65bf057ac8ae98433d268
cdd977459433f2454f8eaf49c2035b073d2d43da06c63b580e3efcbe075bbe96
ce4dd22f9f1d8c8b28b79060faa96ec28fb931b295ca212c2faf4b044896aa4d
d7471b8d593e0ae70df9dd7c709b27519a6a83a3bf68adbe23275e581b057e60
fb9a9469385d72c3c19bf3a895725b0e6fbd0fbf29b11f5863d869b59648e5c1
fee8c4ac7a8ea98137e3bd2492bc82d4ce77bb91774bbd6f4ddd2c5afbb1b1f6