o2o-moneyklt.ennty.com Open in urlscan Pro
204.152.210.248  Malicious Activity! Public Scan

URL: https://o2o-moneyklt.ennty.com/client/index.html
Submission Tags: phishing
Submission: On November 13 via api from US — Scanned from DE

Summary

This website contacted 18 IPs in 3 countries across 17 domains to perform 44 HTTP transactions. The main IP is 204.152.210.248, located in Los Angeles, United States and belongs to ASN-QUADRANET-GLOBAL, US. The main domain is o2o-moneyklt.ennty.com.
TLS certificate: Issued by R3 on November 12th 2022. Valid for: 3 months.
This is the only time o2o-moneyklt.ennty.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Seven Bank (Financial)

Domain & IP information

IP Address AS Autonomous System
27 204.152.210.248 8100 (ASN-QUADR...)
1 1 54.199.178.172 16509 (AMAZON-02)
1 54.250.51.126 16509 (AMAZON-02)
1 65.9.66.42 16509 (AMAZON-02)
1 108.157.4.116 16509 (AMAZON-02)
1 52.69.4.2 16509 (AMAZON-02)
1 52.86.166.34 14618 (AMAZON-AES)
12 12 52.194.158.181 16509 (AMAZON-02)
1 172.104.100.133 63949 (LINODE-AP...)
1 2 142.250.186.66 15169 (GOOGLE)
1 69.173.144.138 26667 (RUBICONPR...)
1 124.146.215.46 2514 (INFOSPHER...)
1 35.74.2.251 16509 (AMAZON-02)
1 37.252.171.21 29990 (ASN-APPNEX)
1 2 18.156.0.31 16509 (AMAZON-02)
1 202.233.84.8 131957 (MICROAD M...)
1 2 3.126.172.142 16509 (AMAZON-02)
1 18.179.82.183 16509 (AMAZON-02)
1 13.32.27.77 16509 (AMAZON-02)
1 222.230.178.129 2519 (VECTANT A...)
44 18
Apex Domain
Subdomains
Transfer
27 ennty.com
o2o-moneyklt.ennty.com
321 KB
13 deqwas.net
kdex005.deqwas.net — Cisco Umbrella Rank: 573194
kcs.deqwas.net — Cisco Umbrella Rank: 429302
6 KB
3 kanade-ad.net
kdex005.kanade-ad.net — Cisco Umbrella Rank: 629620
cf04.kanade-ad.net — Cisco Umbrella Rank: 505795
kcs.kanade-ad.net — Cisco Umbrella Rank: 756785
6 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 281
1 KB
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 280
514 B
2 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 203
884 B
1 gssprt.jp
cs.gssprt.jp — Cisco Umbrella Rank: 28823
82 B
1 adtdp.com
as.amanad.adtdp.com — Cisco Umbrella Rank: 5030
803 B
1 docomo.ne.jp
sync.addlv.smt.docomo.ne.jp — Cisco Umbrella Rank: 37198
291 B
1 microad.jp
s-cs.send.microad.jp — Cisco Umbrella Rank: 41178
433 B
1 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 209
738 B
1 adingo.jp
cs.adingo.jp — Cisco Umbrella Rank: 3195
44 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 883
728 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 307
239 B
1 ad-stir.com
sync.ad-stir.com — Cisco Umbrella Rank: 4457
104 B
1 treasuredata.com
in.treasuredata.com — Cisco Umbrella Rank: 4186
448 B
1 fraud-alert.net
p.fraud-alert.net
194 B
44 17
Domain Requested by
27 o2o-moneyklt.ennty.com o2o-moneyklt.ennty.com
12 kcs.deqwas.net 12 redirects
2 x.bidswitch.net 1 redirects kdex005.kanade-ad.net
2 ups.analytics.yahoo.com 1 redirects kdex005.kanade-ad.net
2 cm.g.doubleclick.net 1 redirects kdex005.kanade-ad.net
1 cs.gssprt.jp kdex005.kanade-ad.net
1 as.amanad.adtdp.com kdex005.kanade-ad.net
1 sync.addlv.smt.docomo.ne.jp kdex005.kanade-ad.net
1 s-cs.send.microad.jp kdex005.kanade-ad.net
1 ib.adnxs.com kdex005.kanade-ad.net
1 cs.adingo.jp kdex005.kanade-ad.net
1 tg.socdm.com kdex005.kanade-ad.net
1 pixel.rubiconproject.com kdex005.kanade-ad.net
1 sync.ad-stir.com kdex005.kanade-ad.net
1 in.treasuredata.com kdex005.kanade-ad.net
1 kcs.kanade-ad.net kdex005.kanade-ad.net
1 cf04.kanade-ad.net kdex005.kanade-ad.net
1 p.fraud-alert.net o2o-moneyklt.ennty.com
1 kdex005.kanade-ad.net o2o-moneyklt.ennty.com
1 kdex005.deqwas.net 1 redirects
44 20

This site contains no links.

Subject Issuer Validity Valid
id.sevenbaank.tjncw.com
R3
2022-11-12 -
2023-02-10
3 months crt.sh
*.kanade-ad.net
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2022-10-11 -
2023-11-11
a year crt.sh
*.fraud-alert.net
Amazon
2022-10-12 -
2023-11-11
a year crt.sh
*.treasuredata.com
Amazon
2022-08-18 -
2023-09-16
a year crt.sh

This page contains 2 frames:

Primary Page: https://o2o-moneyklt.ennty.com/client/index.html
Frame ID: A39B4FCC415D83EBBBA98A220C64A9A5
Requests: 28 HTTP requests in this frame

Frame: https://kdex005.kanade-ad.net/common/Collection.aspx?cid=sevenbank&fc=g&knd_xci=&ncst=0&role=item&essential=essential&cb=1668235556332&url_flg=0&url=https%3A%2F%2Fib.sevenbank.co.jp%2FIB%2FIB_U_CO_002%2FIB_U_CO_002_100.aspx%3FLang%3Dja-JP&title=%E3%83%AD%E3%82%B0%E3%82%AA%E3%83%B3%EF%BD%9C%E3%82%BB%E3%83%96%E3%83%B3%E9%8A%80%E8%A1%8C%E3%83%80%E3%82%A4%E3%83%AC%E3%82%AF%E3%83%88%E3%83%90%E3%83%B3%E3%82%AD%E3%83%B3%E3%82%B0&tid=03IrAmpcSCuWICIRFABTJA&st=_KUkJVx1SjqjkcxkIgLvMQ
Frame ID: D5425E42068091C0FD5A0C861E677B54
Requests: 16 HTTP requests in this frame

Screenshot

Page Title

ログオン|セブン銀行ダイレクトバンキング

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

44
Requests

11 %
HTTPS

0 %
IPv6

17
Domains

20
Subdomains

18
IPs

3
Countries

332 kB
Transfer

980 kB
Size

18
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://kdex005.deqwas.net/common/Collection.aspx?cid=sevenbank&fc=g&knd_xci=&ncst=0&role=item&essential=essential&cb=1668235556332&url_flg=0&url=https%3A%2F%2Fib.sevenbank.co.jp%2FIB%2FIB_U_CO_002%2FIB_U_CO_002_100.aspx%3FLang%3Dja-JP&title=%E3%83%AD%E3%82%B0%E3%82%AA%E3%83%B3%EF%BD%9C%E3%82%BB%E3%83%96%E3%83%B3%E9%8A%80%E8%A1%8C%E3%83%80%E3%82%A4%E3%83%AC%E3%82%AF%E3%83%88%E3%83%90%E3%83%B3%E3%82%AD%E3%83%B3%E3%82%B0 HTTP 302
  • https://kdex005.kanade-ad.net/common/Collection.aspx?cid=sevenbank&fc=g&knd_xci=&ncst=0&role=item&essential=essential&cb=1668235556332&url_flg=0&url=https%3A%2F%2Fib.sevenbank.co.jp%2FIB%2FIB_U_CO_002%2FIB_U_CO_002_100.aspx%3FLang%3Dja-JP&title=%E3%83%AD%E3%82%B0%E3%82%AA%E3%83%B3%EF%BD%9C%E3%82%BB%E3%83%96%E3%83%B3%E9%8A%80%E8%A1%8C%E3%83%80%E3%82%A4%E3%83%AC%E3%82%AF%E3%83%88%E3%83%90%E3%83%B3%E3%82%AD%E3%83%B3%E3%82%B0&tid=03IrAmpcSCuWICIRFABTJA&st=_KUkJVx1SjqjkcxkIgLvMQ
Request Chain 31
  • https://kcs.deqwas.net/CookieSyncService/Sync.aspx?ssp=as&cid=sevenbank HTTP 302
  • https://sync.ad-stir.com/?symbol=KCCS&uid=fca524255c754a3aa391cc642202ef31
Request Chain 32
  • https://kcs.deqwas.net/CookieSyncService/Sync.aspx?ssp=dc&cid=sevenbank HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kanade_dsp&google_hm=ZVG0wGKkIF8jMpzQDBOsmA2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kanade_dsp&google_hm=ZVG0wGKkIF8jMpzQDBOsmA2&google_tc=
Request Chain 33
  • https://kcs.deqwas.net/CookieSyncService/Sync.aspx?ssp=rc&cid=sevenbank HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=28040&nid=3550&put=77556aa8b5094553533f0531c968e906&expires=90
Request Chain 34
  • https://kcs.deqwas.net/CookieSyncService/Sync.aspx?ssp=ag&cid=sevenbank HTTP 302
  • https://tg.socdm.com/aux/idsync?proto=kanade&ssp_uid=fca524255c754a3aa391cc642202ef31
Request Chain 35
  • https://kcs.deqwas.net/CookieSyncService/Sync.aspx?ssp=fl&cid=sevenbank HTTP 302
  • https://cs.adingo.jp/sync/?from=kccs&id=632bd025d53ccf7922484244e95420be&expire=90
Request Chain 36
  • https://kcs.deqwas.net/CookieSyncService/Sync.aspx?ssp=an&cid=sevenbank HTTP 302
  • https://ib.adnxs.com/setuid?entity=291&seg=14724369&code=fca524255c754a3aa391cc642202ef31
Request Chain 37
  • https://kcs.deqwas.net/CookieSyncService/Sync.aspx?ssp=mp&cid=sevenbank HTTP 302
  • https://ups.analytics.yahoo.com/ups/55967/sync?_origin=1&gdpr=0&gdpr_content=&uid=fca524255c754a3aa391cc642202ef31 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55967/sync?_origin=1&gdpr=0&gdpr_content=&uid=fca524255c754a3aa391cc642202ef31&verify=true
Request Chain 38
  • https://kcs.deqwas.net/CookieSyncService/Sync.aspx?ssp=cp&cid=sevenbank HTTP 302
  • https://s-cs.send.microad.jp/hs?k=kanade_1&id=fca524255c754a3aa391cc642202ef31
Request Chain 39
  • https://kcs.deqwas.net/CookieSyncService/Sync.aspx?ssp=bs&cid=sevenbank HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=118&user_id=fca524255c754a3aa391cc642202ef31&expires=90 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=118&user_id=fca524255c754a3aa391cc642202ef31&expires=90
Request Chain 40
  • https://kcs.deqwas.net/CookieSyncService/Sync.aspx?ssp=d2&cid=sevenbank HTTP 302
  • https://sync.addlv.smt.docomo.ne.jp/tafs/p/dsync?id=1&dspid=kanade&value=fca524255c754a3aa391cc642202ef31
Request Chain 41
  • https://kcs.deqwas.net/CookieSyncService/Sync.aspx?ssp=aj&cid=sevenbank HTTP 302
  • https://as.amanad.adtdp.com/v1/sync?dsp_id=20&uid=fca524255c754a3aa391cc642202ef31
Request Chain 42
  • https://kcs.deqwas.net/CookieSyncService/Sync.aspx?ssp=gn&cid=sevenbank HTTP 302
  • https://cs.gssprt.jp/yie/ld/cs?dspid=kccs&uid=c9a22c92971de0127a699504414cd860

44 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request index.html
o2o-moneyklt.ennty.com/client/
45 KB
7 KB
Document
General
Full URL
https://o2o-moneyklt.ennty.com/client/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.152.210.248 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
204.152.210.248.static.quadranet.com
Software
nginx /
Resource Hash
f9e07f2771ae094af84b10f90785f6ed1a0f106af63ff17f330d3d3c612829a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Sun, 13 Nov 2022 15:53:23 GMT
etag
W/"636f4900-b24f"
last-modified
Sat, 12 Nov 2022 07:19:28 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
reset.css
o2o-moneyklt.ennty.com/css/
1 KB
815 B
Stylesheet
General
Full URL
https://o2o-moneyklt.ennty.com/css/reset.css
Requested by
Host: o2o-moneyklt.ennty.com
URL: https://o2o-moneyklt.ennty.com/client/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.152.210.248 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
204.152.210.248.static.quadranet.com
Software
nginx /
Resource Hash
26e61b419d8ed87fe291903823d28ed344a69483a9da2953ae2f0d3458691825
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o2o-moneyklt.ennty.com/client/index.html
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Sun, 13 Nov 2022 15:53:23 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 12 Nov 2022 06:46:22 GMT
server
nginx
etag
W/"636f413e-51f"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Mon, 14 Nov 2022 03:53:23 GMT
global.css
o2o-moneyklt.ennty.com/css/
103 KB
18 KB
Stylesheet
General
Full URL
https://o2o-moneyklt.ennty.com/css/global.css
Requested by
Host: o2o-moneyklt.ennty.com
URL: https://o2o-moneyklt.ennty.com/client/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.152.210.248 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
204.152.210.248.static.quadranet.com
Software
nginx /
Resource Hash
ba5c17cd58041a1632497f880f302c2199ca8da3651e10bda145f09a8735af9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o2o-moneyklt.ennty.com/client/index.html
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Sun, 13 Nov 2022 15:53:23 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 12 Nov 2022 06:57:10 GMT
server
nginx
etag
W/"636f43c6-19bb1"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Mon, 14 Nov 2022 03:53:23 GMT
individual.css
o2o-moneyklt.ennty.com/css/
46 KB
8 KB
Stylesheet
General
Full URL
https://o2o-moneyklt.ennty.com/css/individual.css
Requested by
Host: o2o-moneyklt.ennty.com
URL: https://o2o-moneyklt.ennty.com/client/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.152.210.248 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
204.152.210.248.static.quadranet.com
Software
nginx /
Resource Hash
d34d1d79beb49b53df0bb21463525a508fd205d5aa97bb0e9a5aaec37161e324
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o2o-moneyklt.ennty.com/client/index.html
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Sun, 13 Nov 2022 15:53:23 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 12 Nov 2022 06:57:35 GMT
server
nginx
etag
W/"636f43df-b790"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Mon, 14 Nov 2022 03:53:23 GMT
jquery-ui.css
o2o-moneyklt.ennty.com/css/
29 KB
6 KB
Stylesheet
General
Full URL
https://o2o-moneyklt.ennty.com/css/jquery-ui.css
Requested by
Host: o2o-moneyklt.ennty.com
URL: https://o2o-moneyklt.ennty.com/client/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.152.210.248 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
204.152.210.248.static.quadranet.com
Software
nginx /
Resource Hash
28fc041f9e196278e26fe1f76736b1ba45428f640428fb5df9d0e3b30674aee0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o2o-moneyklt.ennty.com/client/index.html
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Sun, 13 Nov 2022 15:53:23 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 12 Nov 2022 06:57:44 GMT
server
nginx
etag
W/"636f43e8-739d"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Mon, 14 Nov 2022 03:53:23 GMT
IBCustomValidator.css
o2o-moneyklt.ennty.com/css/
527 B
731 B
Stylesheet
General
Full URL
https://o2o-moneyklt.ennty.com/css/IBCustomValidator.css
Requested by
Host: o2o-moneyklt.ennty.com
URL: https://o2o-moneyklt.ennty.com/client/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.152.210.248 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
204.152.210.248.static.quadranet.com
Software
nginx /
Resource Hash
bc073b570f5c0b58438a1ce4c0438a839c8d7cd97e6769e68bb3731e1ea4b50c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o2o-moneyklt.ennty.com/client/index.html
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Sun, 13 Nov 2022 15:53:23 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 12 Nov 2022 06:57:28 GMT
server
nginx
etag
"636f43d8-20f"
content-type
text/css
cache-control
max-age=43200
accept-ranges
bytes
content-length
527
expires
Mon, 14 Nov 2022 03:53:23 GMT
PageCustom.css
o2o-moneyklt.ennty.com/css/
75 KB
15 KB
Stylesheet
General
Full URL
https://o2o-moneyklt.ennty.com/css/PageCustom.css
Requested by
Host: o2o-moneyklt.ennty.com
URL: https://o2o-moneyklt.ennty.com/client/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.152.210.248 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
204.152.210.248.static.quadranet.com
Software
nginx /
Resource Hash
11e6987c4a7e585559a84f39c55140b599fa4525e23a9d9fb7449e57a10fb4f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o2o-moneyklt.ennty.com/client/index.html
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Sun, 13 Nov 2022 15:53:23 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 12 Nov 2022 12:06:42 GMT
server
nginx
etag
W/"636f8c52-12a11"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Mon, 14 Nov 2022 03:53:23 GMT
ajax_loader.gif
o2o-moneyklt.ennty.com/img/
2 KB
3 KB
Image
General
Full URL
https://o2o-moneyklt.ennty.com/img/ajax_loader.gif
Requested by
Host: o2o-moneyklt.ennty.com
URL: https://o2o-moneyklt.ennty.com/client/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.152.210.248 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
204.152.210.248.static.quadranet.com
Software
nginx /
Resource Hash
bf0b53f4f910f2656389c903da3d479682b965398eb9f5698a83946bfbcd3b83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o2o-moneyklt.ennty.com/client/index.html
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Sun, 13 Nov 2022 15:53:23 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 12 Nov 2022 11:47:49 GMT
server
nginx
etag
"636f87e5-9f1"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2545
expires
Tue, 13 Dec 2022 15:53:23 GMT
hd_logo.png
o2o-moneyklt.ennty.com/img/
1 KB
2 KB
Image
General
Full URL
https://o2o-moneyklt.ennty.com/img/hd_logo.png
Requested by
Host: o2o-moneyklt.ennty.com
URL: https://o2o-moneyklt.ennty.com/client/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.152.210.248 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
204.152.210.248.static.quadranet.com
Software
nginx /
Resource Hash
f98572a9df959779ecc7cb1be1ccdbf2ad84eeee6157d2108d24c80b80e751a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o2o-moneyklt.ennty.com/client/index.html
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Sun, 13 Nov 2022 15:53:23 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 12 Nov 2022 11:48:39 GMT
server
nginx
etag
"636f8817-570"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1392
expires
Tue, 13 Dec 2022 15:53:23 GMT
bnr_3134_JP.gif
o2o-moneyklt.ennty.com/img/
35 KB
35 KB
Image
General
Full URL
https://o2o-moneyklt.ennty.com/img/bnr_3134_JP.gif
Requested by
Host: o2o-moneyklt.ennty.com
URL: https://o2o-moneyklt.ennty.com/client/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.152.210.248 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
204.152.210.248.static.quadranet.com
Software
nginx /
Resource Hash
76440a63d1be1f6c24d5e54d8962c1d437a67352e37a24eb17b3602b5e23645f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o2o-moneyklt.ennty.com/client/index.html
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Sun, 13 Nov 2022 15:53:23 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 12 Nov 2022 06:47:06 GMT
server
nginx
etag
"636f416a-8b0b"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
35595
expires
Tue, 13 Dec 2022 15:53:23 GMT
img_both_arrow_01.png
o2o-moneyklt.ennty.com/img/
181 B
386 B
Image
General
Full URL
https://o2o-moneyklt.ennty.com/img/img_both_arrow_01.png
Requested by
Host: o2o-moneyklt.ennty.com
URL: https://o2o-moneyklt.ennty.com/client/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.152.210.248 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
204.152.210.248.static.quadranet.com
Software
nginx /
Resource Hash
5aed07d1d0abb631785cdea699b636dabdbedfda0c73c6c35b800b0f45318023
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o2o-moneyklt.ennty.com/client/index.html
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Sun, 13 Nov 2022 15:53:23 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 12 Nov 2022 06:47:26 GMT
server
nginx
etag
"636f417e-b5"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
181
expires
Tue, 13 Dec 2022 15:53:23 GMT
img_first_time_users.png
o2o-moneyklt.ennty.com/img/
18 KB
18 KB
Image
General
Full URL
https://o2o-moneyklt.ennty.com/img/img_first_time_users.png
Requested by
Host: o2o-moneyklt.ennty.com
URL: https://o2o-moneyklt.ennty.com/client/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.152.210.248 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
204.152.210.248.static.quadranet.com
Software
nginx /
Resource Hash
7ddf1f1cf4533e4827c7b84e6b3f25f263bb00d93e0bc81c76cf1ac9657b38f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o2o-moneyklt.ennty.com/client/index.html
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Sun, 13 Nov 2022 15:53:23 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 12 Nov 2022 06:47:28 GMT
server
nginx
etag
"636f4180-46a6"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
18086
expires
Tue, 13 Dec 2022 15:53:23 GMT
IB_U_CO_Footer.js
o2o-moneyklt.ennty.com/Js/IB_U_CO_UserControl/
0
0
Script
General
Full URL
https://o2o-moneyklt.ennty.com/Js/IB_U_CO_UserControl/IB_U_CO_Footer.js
Requested by
Host: o2o-moneyklt.ennty.com
URL: https://o2o-moneyklt.ennty.com/client/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.152.210.248 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
204.152.210.248.static.quadranet.com
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o2o-moneyklt.ennty.com/client/index.html
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Sun, 13 Nov 2022 15:53:23 GMT
server
nginx
content-length
146
content-type
text/html
ft_logo.png
o2o-moneyklt.ennty.com/img/
1 KB
1 KB
Image
General
Full URL
https://o2o-moneyklt.ennty.com/img/ft_logo.png
Requested by
Host: o2o-moneyklt.ennty.com
URL: https://o2o-moneyklt.ennty.com/client/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.152.210.248 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
204.152.210.248.static.quadranet.com
Software
nginx /
Resource Hash
47f1e8bc23471ae1858badeb1e276897b325bca2781dd14bab2d054dbc2c35be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o2o-moneyklt.ennty.com/client/index.html
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Sun, 13 Nov 2022 15:53:23 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 12 Nov 2022 11:48:36 GMT
server
nginx
etag
"636f8814-463"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1123
expires
Tue, 13 Dec 2022 15:53:23 GMT
vue.js
o2o-moneyklt.ennty.com/js/
334 KB
104 KB
Script
General
Full URL
https://o2o-moneyklt.ennty.com/js/vue.js
Requested by
Host: o2o-moneyklt.ennty.com
URL: https://o2o-moneyklt.ennty.com/client/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.152.210.248 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
204.152.210.248.static.quadranet.com
Software
nginx /
Resource Hash
352baa818da109925437a8433057ddc6f91ec48efe88bc5741b2f9e34450fdce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o2o-moneyklt.ennty.com/client/index.html
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Sun, 13 Nov 2022 15:53:23 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Wed, 28 Apr 2021 11:12:46 GMT
server
nginx
etag
W/"6089432e-53882"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 14 Nov 2022 03:53:23 GMT
jquery-3.5.1.js
o2o-moneyklt.ennty.com/js/
281 KB
97 KB
Script
General
Full URL
https://o2o-moneyklt.ennty.com/js/jquery-3.5.1.js
Requested by
Host: o2o-moneyklt.ennty.com
URL: https://o2o-moneyklt.ennty.com/client/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.152.210.248 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
204.152.210.248.static.quadranet.com
Software
nginx /
Resource Hash
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o2o-moneyklt.ennty.com/client/index.html
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Sun, 13 Nov 2022 15:53:23 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 23 Jun 2020 06:11:13 GMT
server
nginx
etag
W/"5ef19d01-4638e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 14 Nov 2022 03:53:23 GMT
index.js
o2o-moneyklt.ennty.com/js/
720 B
933 B
Script
General
Full URL
https://o2o-moneyklt.ennty.com/js/index.js
Requested by
Host: o2o-moneyklt.ennty.com
URL: https://o2o-moneyklt.ennty.com/client/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.152.210.248 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
204.152.210.248.static.quadranet.com
Software
nginx /
Resource Hash
c8c1edbfca532226f7e77b15c8ae93b2adde39d63f2fd6c8e96dd9c2780d7d46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o2o-moneyklt.ennty.com/client/index.html
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Sun, 13 Nov 2022 15:53:23 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 12 Nov 2022 13:33:22 GMT
server
nginx
etag
"636fa0a2-2d0"
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
content-length
720
expires
Mon, 14 Nov 2022 03:53:23 GMT
bg_wrapper_theme_02.gif
o2o-moneyklt.ennty.com/img/
50 B
254 B
Image
General
Full URL
https://o2o-moneyklt.ennty.com/img/bg_wrapper_theme_02.gif
Requested by
Host: o2o-moneyklt.ennty.com
URL: https://o2o-moneyklt.ennty.com/css/global.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.152.210.248 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
204.152.210.248.static.quadranet.com
Software
nginx /
Resource Hash
9626fb5376eb15c230b2eb4706bb1fff85f690b6abe31f5fb6f4e969d57edcea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o2o-moneyklt.ennty.com/css/global.css
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Sun, 13 Nov 2022 15:53:23 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 12 Nov 2022 06:47:04 GMT
server
nginx
etag
"636f4168-32"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
50
expires
Tue, 13 Dec 2022 15:53:23 GMT
bg_header_theme_02.png
o2o-moneyklt.ennty.com/img/
921 B
1 KB
Image
General
Full URL
https://o2o-moneyklt.ennty.com/img/bg_header_theme_02.png
Requested by
Host: o2o-moneyklt.ennty.com
URL: https://o2o-moneyklt.ennty.com/css/global.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.152.210.248 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
204.152.210.248.static.quadranet.com
Software
nginx /
Resource Hash
442412e3746f867701578a6f03ddc7bf4cfecf8f0c26acee1dc3f05df296e9e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o2o-moneyklt.ennty.com/css/global.css
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Sun, 13 Nov 2022 15:53:23 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 12 Nov 2022 06:46:59 GMT
server
nginx
etag
"636f4163-399"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
921
expires
Tue, 13 Dec 2022 15:53:23 GMT
bg_header_outer.png
o2o-moneyklt.ennty.com/img/
92 B
296 B
Image
General
Full URL
https://o2o-moneyklt.ennty.com/img/bg_header_outer.png
Requested by
Host: o2o-moneyklt.ennty.com
URL: https://o2o-moneyklt.ennty.com/css/global.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.152.210.248 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
204.152.210.248.static.quadranet.com
Software
nginx /
Resource Hash
0f5b1d6a94dff1085b9cac2fa07f1c22f4e9e806f0545e1c2141b11bedd18c5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o2o-moneyklt.ennty.com/css/global.css
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Sun, 13 Nov 2022 15:53:23 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 12 Nov 2022 11:47:57 GMT
server
nginx
etag
"636f87ed-5c"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
92
expires
Tue, 13 Dec 2022 15:53:23 GMT
icon_beginner.png
o2o-moneyklt.ennty.com/img/
503 B
709 B
Image
General
Full URL
https://o2o-moneyklt.ennty.com/img/icon_beginner.png
Requested by
Host: o2o-moneyklt.ennty.com
URL: https://o2o-moneyklt.ennty.com/css/global.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.152.210.248 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
204.152.210.248.static.quadranet.com
Software
nginx /
Resource Hash
9491044719a17fbaa23d7d814d317aa50072d981c35349befffcb955e286790c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o2o-moneyklt.ennty.com/css/global.css
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Sun, 13 Nov 2022 15:53:23 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 12 Nov 2022 11:48:42 GMT
server
nginx
etag
"636f881a-1f7"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
503
expires
Tue, 13 Dec 2022 15:53:23 GMT
bg_line_diagonal_01.png
o2o-moneyklt.ennty.com/img/
126 B
331 B
Image
General
Full URL
https://o2o-moneyklt.ennty.com/img/bg_line_diagonal_01.png
Requested by
Host: o2o-moneyklt.ennty.com
URL: https://o2o-moneyklt.ennty.com/css/individual.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.152.210.248 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
204.152.210.248.static.quadranet.com
Software
nginx /
Resource Hash
7a2ae75249c13dec866b166aa4dc6bfa6d1a0f4de6f59866cdeae36ce828dc9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o2o-moneyklt.ennty.com/css/individual.css
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Sun, 13 Nov 2022 15:53:23 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 12 Nov 2022 11:48:04 GMT
server
nginx
etag
"636f87f4-7e"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
126
expires
Tue, 13 Dec 2022 15:53:23 GMT
icon_keyboard.gif
o2o-moneyklt.ennty.com/img/
427 B
633 B
Image
General
Full URL
https://o2o-moneyklt.ennty.com/img/icon_keyboard.gif
Requested by
Host: o2o-moneyklt.ennty.com
URL: https://o2o-moneyklt.ennty.com/css/PageCustom.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.152.210.248 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
204.152.210.248.static.quadranet.com
Software
nginx /
Resource Hash
cb253c859e4df15c0f20ba1dcdf0ad1ce6cb47ecd7e05ee1fa55cd685e5fd9a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o2o-moneyklt.ennty.com/css/PageCustom.css
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Sun, 13 Nov 2022 15:53:23 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 12 Nov 2022 11:48:52 GMT
server
nginx
etag
"636f8824-1ab"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
427
expires
Tue, 13 Dec 2022 15:53:23 GMT
bullet_arrow_01.png
o2o-moneyklt.ennty.com/img/
257 B
462 B
Image
General
Full URL
https://o2o-moneyklt.ennty.com/img/bullet_arrow_01.png
Requested by
Host: o2o-moneyklt.ennty.com
URL: https://o2o-moneyklt.ennty.com/css/individual.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.152.210.248 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
204.152.210.248.static.quadranet.com
Software
nginx /
Resource Hash
b3b688ace43ded0d9f394b2e13121b9ad96c3d9d4825485d028ae07b722c60d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o2o-moneyklt.ennty.com/css/individual.css
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Sun, 13 Nov 2022 15:53:23 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 12 Nov 2022 06:47:11 GMT
server
nginx
etag
"636f416f-101"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
257
expires
Tue, 13 Dec 2022 15:53:23 GMT
icon_exclamation_03.png
o2o-moneyklt.ennty.com/img/
398 B
603 B
Image
General
Full URL
https://o2o-moneyklt.ennty.com/img/icon_exclamation_03.png
Requested by
Host: o2o-moneyklt.ennty.com
URL: https://o2o-moneyklt.ennty.com/css/global.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.152.210.248 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
204.152.210.248.static.quadranet.com
Software
nginx /
Resource Hash
00e4d402a6b4e3dd4817f3690cbc248806c119a16bfabc957f7fd269a0bd4c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o2o-moneyklt.ennty.com/css/global.css
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Sun, 13 Nov 2022 15:53:23 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 12 Nov 2022 11:48:44 GMT
server
nginx
etag
"636f881c-18e"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
398
expires
Tue, 13 Dec 2022 15:53:23 GMT
bullet_blank.png
o2o-moneyklt.ennty.com/img/
166 B
371 B
Image
General
Full URL
https://o2o-moneyklt.ennty.com/img/bullet_blank.png
Requested by
Host: o2o-moneyklt.ennty.com
URL: https://o2o-moneyklt.ennty.com/css/global.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.152.210.248 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
204.152.210.248.static.quadranet.com
Software
nginx /
Resource Hash
f0900975358c23aa5df3774480c1752e99e3d20be04b8786be823341d0a138da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o2o-moneyklt.ennty.com/css/global.css
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Sun, 13 Nov 2022 15:53:23 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 12 Nov 2022 11:48:21 GMT
server
nginx
etag
"636f8805-a6"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
166
expires
Tue, 13 Dec 2022 15:53:23 GMT
Collection.aspx
kdex005.kanade-ad.net/common/ Frame D542
Redirect Chain
  • https://kdex005.deqwas.net/common/Collection.aspx?cid=sevenbank&fc=g&knd_xci=&ncst=0&role=item&essential=essential&cb=1668235556332&url_flg=0&url=https%3A%2F%2Fib.sevenbank.co.jp%2FIB%2FIB_U_CO_002...
  • https://kdex005.kanade-ad.net/common/Collection.aspx?cid=sevenbank&fc=g&knd_xci=&ncst=0&role=item&essential=essential&cb=1668235556332&url_flg=0&url=https%3A%2F%2Fib.sevenbank.co.jp%2FIB%2FIB_U_CO_...
1 KB
2 KB
Document
General
Full URL
https://kdex005.kanade-ad.net/common/Collection.aspx?cid=sevenbank&fc=g&knd_xci=&ncst=0&role=item&essential=essential&cb=1668235556332&url_flg=0&url=https%3A%2F%2Fib.sevenbank.co.jp%2FIB%2FIB_U_CO_002%2FIB_U_CO_002_100.aspx%3FLang%3Dja-JP&title=%E3%83%AD%E3%82%B0%E3%82%AA%E3%83%B3%EF%BD%9C%E3%82%BB%E3%83%96%E3%83%B3%E9%8A%80%E8%A1%8C%E3%83%80%E3%82%A4%E3%83%AC%E3%82%AF%E3%83%88%E3%83%90%E3%83%B3%E3%82%AD%E3%83%B3%E3%82%B0&tid=03IrAmpcSCuWICIRFABTJA&st=_KUkJVx1SjqjkcxkIgLvMQ
Requested by
Host: o2o-moneyklt.ennty.com
URL: https://o2o-moneyklt.ennty.com/client/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.250.51.126 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-250-51-126.ap-northeast-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9fec227b43e16d98e9a82912531c25ed82d33112da3c1923de445f2a56b3ec41

Request headers

Referer
https://o2o-moneyklt.ennty.com/
Upgrade-Insecure-Requests
1
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
content-length
1180
content-type
text/html; charset=utf-8
date
Sun, 13 Nov 2022 15:53:25 GMT
p3p
CP="NOI DSP COR NID DEVa PSAa PSDa SAMa BUS UNI COM STA"
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET

Redirect headers

cache-control
private
content-length
639
content-type
text/html; charset=utf-8
date
Sun, 13 Nov 2022 15:53:24 GMT
location
https://kdex005.kanade-ad.net/common/Collection.aspx?cid=sevenbank&fc=g&knd_xci=&ncst=0&role=item&essential=essential&cb=1668235556332&url_flg=0&url=https%3A%2F%2Fib.sevenbank.co.jp%2FIB%2FIB_U_CO_002%2FIB_U_CO_002_100.aspx%3FLang%3Dja-JP&title=%E3%83%AD%E3%82%B0%E3%82%AA%E3%83%B3%EF%BD%9C%E3%82%BB%E3%83%96%E3%83%B3%E9%8A%80%E8%A1%8C%E3%83%80%E3%82%A4%E3%83%AC%E3%82%AF%E3%83%88%E3%83%90%E3%83%B3%E3%82%AD%E3%83%B3%E3%82%B0&tid=03IrAmpcSCuWICIRFABTJA&st=_KUkJVx1SjqjkcxkIgLvMQ
p3p
CP="NOI DSP COR NID DEVa PSAa PSDa SAMa BUS UNI COM STA"
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
bg_footer_outer_theme_02.gif
o2o-moneyklt.ennty.com/img/
106 B
311 B
Image
General
Full URL
https://o2o-moneyklt.ennty.com/img/bg_footer_outer_theme_02.gif
Requested by
Host: o2o-moneyklt.ennty.com
URL: https://o2o-moneyklt.ennty.com/css/global.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.152.210.248 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
204.152.210.248.static.quadranet.com
Software
nginx /
Resource Hash
7c50f5f592de8181e573736848efdf712423e5fc350f9cd9048907fd2b156f9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o2o-moneyklt.ennty.com/css/global.css
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Sun, 13 Nov 2022 15:53:23 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 12 Nov 2022 06:46:55 GMT
server
nginx
etag
"636f415f-6a"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
106
expires
Tue, 13 Dec 2022 15:53:23 GMT
/
p.fraud-alert.net/
0
194 B
Image
General
Full URL
https://p.fraud-alert.net/?idsite=1759302072&sessionId=87713d47-54f5-44cf-9ad1-8991d801962e20221112154554890
Requested by
Host: o2o-moneyklt.ennty.com
URL: https://o2o-moneyklt.ennty.com/client/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-42.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o2o-moneyklt.ennty.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Sun, 13 Nov 2022 15:53:24 GMT
via
1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
content-length
0
x-amz-cf-id
RTMPTxk6ruukGdiKOnbLa5MqAZG6Y2_rDy1OSsaWgn2aYPijeU9O4g==
x-cache
Error from cloudfront
rtbsync-2.2.7.js
cf04.kanade-ad.net/js/ Frame D542
3 KB
4 KB
Script
General
Full URL
https://cf04.kanade-ad.net/js/rtbsync-2.2.7.js?ssv=none
Requested by
Host: kdex005.kanade-ad.net
URL: https://kdex005.kanade-ad.net/common/Collection.aspx?cid=sevenbank&fc=g&knd_xci=&ncst=0&role=item&essential=essential&cb=1668235556332&url_flg=0&url=https%3A%2F%2Fib.sevenbank.co.jp%2FIB%2FIB_U_CO_002%2FIB_U_CO_002_100.aspx%3FLang%3Dja-JP&title=%E3%83%AD%E3%82%B0%E3%82%AA%E3%83%B3%EF%BD%9C%E3%82%BB%E3%83%96%E3%83%B3%E9%8A%80%E8%A1%8C%E3%83%80%E3%82%A4%E3%83%AC%E3%82%AF%E3%83%88%E3%83%90%E3%83%B3%E3%82%AD%E3%83%B3%E3%82%B0&tid=03IrAmpcSCuWICIRFABTJA&st=_KUkJVx1SjqjkcxkIgLvMQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-116.dus51.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0f77ed00a0a2e1886c67072e904eab27e4425d20638cab6ce016967e7907f394

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kdex005.kanade-ad.net/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Sun, 13 Nov 2022 07:15:08 GMT
via
1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront)
last-modified
Thu, 06 Jan 2022 10:30:52 GMT
server
Microsoft-IIS/10.0
x-amz-cf-pop
DUS51-P2
age
31097
etag
"5ee99d7ae82d81:0"
x-powered-by
ASP.NET
x-cache
Hit from cloudfront
content-type
application/javascript
p3p
CP="NOI DSP COR NID DEVa PSAa PSDa SAMa BUS UNI COM STA"
accept-ranges
bytes
content-length
3289
x-amz-cf-id
7pn7Bzo3hhwse5-_lexpoelVNWeJiFOz0_wvU2y4PY22fV-pzjHXIw==
Collection.aspx
kcs.kanade-ad.net/RealTimeUserService/ Frame D542
43 B
399 B
Image
General
Full URL
https://kcs.kanade-ad.net/RealTimeUserService/Collection.aspx?cid=sevenbank&ref=&url=https%3a%2f%2fib.sevenbank.co.jp%2fIB%2fIB_U_CO_002%2fIB_U_CO_002_100.aspx%3fLang%3dja-JP&symbol=g&catId=&iids=&kc1=&crc=f59e
Requested by
Host: kdex005.kanade-ad.net
URL: https://kdex005.kanade-ad.net/common/Collection.aspx?cid=sevenbank&fc=g&knd_xci=&ncst=0&role=item&essential=essential&cb=1668235556332&url_flg=0&url=https%3A%2F%2Fib.sevenbank.co.jp%2FIB%2FIB_U_CO_002%2FIB_U_CO_002_100.aspx%3FLang%3Dja-JP&title=%E3%83%AD%E3%82%B0%E3%82%AA%E3%83%B3%EF%BD%9C%E3%82%BB%E3%83%96%E3%83%B3%E9%8A%80%E8%A1%8C%E3%83%80%E3%82%A4%E3%83%AC%E3%82%AF%E3%83%88%E3%83%90%E3%83%B3%E3%82%AD%E3%83%B3%E3%82%B0&tid=03IrAmpcSCuWICIRFABTJA&st=_KUkJVx1SjqjkcxkIgLvMQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.69.4.2 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-69-4-2.ap-northeast-1.compute.amazonaws.com
Software
Microsoft-IIS/8.5 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kdex005.kanade-ad.net/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Sun, 13 Nov 2022 15:53:25 GMT
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
x-dserv
SYC003
p3p
CP="NOI DSP COR NID DEVa PSAa PSDa SAMa BUS UNI COM STA"
content-type
image/gif
cache-control
private
x-robots-tag
noindex, nofollow
content-length
43
td_global_id_mapping_data
in.treasuredata.com/postback/v3/event/cdp/ Frame D542
35 B
448 B
Image
General
Full URL
https://in.treasuredata.com/postback/v3/event/cdp/td_global_id_mapping_data?td_format=pixel&td_write_key=4148/5de0c7e9ed4df3c2f42aa2f7225db8301122f541&td_global_id=td_global_id&td_ip=td_ip&kanade_id=fca524255c754a3aa391cc642202ef31
Requested by
Host: kdex005.kanade-ad.net
URL: https://kdex005.kanade-ad.net/common/Collection.aspx?cid=sevenbank&fc=g&knd_xci=&ncst=0&role=item&essential=essential&cb=1668235556332&url_flg=0&url=https%3A%2F%2Fib.sevenbank.co.jp%2FIB%2FIB_U_CO_002%2FIB_U_CO_002_100.aspx%3FLang%3Dja-JP&title=%E3%83%AD%E3%82%B0%E3%82%AA%E3%83%B3%EF%BD%9C%E3%82%BB%E3%83%96%E3%83%B3%E9%8A%80%E8%A1%8C%E3%83%80%E3%82%A4%E3%83%AC%E3%82%AF%E3%83%88%E3%83%90%E3%83%B3%E3%82%AD%E3%83%B3%E3%82%B0&tid=03IrAmpcSCuWICIRFABTJA&st=_KUkJVx1SjqjkcxkIgLvMQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.166.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-166-34.compute-1.amazonaws.com
Software
/
Resource Hash
b05bf1769da8596f575f074474fde72f795f02b7797d7ae0b58b939e1c216047
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kdex005.kanade-ad.net/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

P3P
CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Date
Sun, 13 Nov 2022 15:53:25 GMT
Strict-Transport-Security
max-age=31536000
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
/
sync.ad-stir.com/ Frame D542
Redirect Chain
  • https://kcs.deqwas.net/CookieSyncService/Sync.aspx?ssp=as&cid=sevenbank
  • https://sync.ad-stir.com/?symbol=KCCS&uid=fca524255c754a3aa391cc642202ef31
35 B
104 B
Image
General
Full URL
https://sync.ad-stir.com/?symbol=KCCS&uid=fca524255c754a3aa391cc642202ef31
Requested by
Host: kdex005.kanade-ad.net
URL: https://kdex005.kanade-ad.net/common/Collection.aspx?cid=sevenbank&fc=g&knd_xci=&ncst=0&role=item&essential=essential&cb=1668235556332&url_flg=0&url=https%3A%2F%2Fib.sevenbank.co.jp%2FIB%2FIB_U_CO_002%2FIB_U_CO_002_100.aspx%3FLang%3Dja-JP&title=%E3%83%AD%E3%82%B0%E3%82%AA%E3%83%B3%EF%BD%9C%E3%82%BB%E3%83%96%E3%83%B3%E9%8A%80%E8%A1%8C%E3%83%80%E3%82%A4%E3%83%AC%E3%82%AF%E3%83%88%E3%83%90%E3%83%B3%E3%82%AD%E3%83%B3%E3%82%B0&tid=03IrAmpcSCuWICIRFABTJA&st=_KUkJVx1SjqjkcxkIgLvMQ
Protocol
H2
Server
172.104.100.133 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
172-104-100-133.ip.linodeusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kdex005.kanade-ad.net/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Sun, 13 Nov 2022 15:53:26 GMT
cache-control
max-age=86400
content-length
35
content-type
image/gif

Redirect headers

date
Sun, 13 Nov 2022 15:53:25 GMT
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
x-dserv
SYC001
content-type
text/html; charset=utf-8
location
https://sync.ad-stir.com/?symbol=KCCS&uid=fca524255c754a3aa391cc642202ef31
p3p
CP="NOI DSP COR NID DEVa PSAa PSDa SAMa BUS UNI COM STA"
cache-control
private
x-robots-tag
noindex, nofollow
content-length
195
pixel
cm.g.doubleclick.net/ Frame D542
Redirect Chain
  • https://kcs.deqwas.net/CookieSyncService/Sync.aspx?ssp=dc&cid=sevenbank
  • https://cm.g.doubleclick.net/pixel?google_nid=kanade_dsp&google_hm=ZVG0wGKkIF8jMpzQDBOsmA2
  • https://cm.g.doubleclick.net/pixel?google_nid=kanade_dsp&google_hm=ZVG0wGKkIF8jMpzQDBOsmA2&google_tc=
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kanade_dsp&google_hm=ZVG0wGKkIF8jMpzQDBOsmA2&google_tc=
Requested by
Host: kdex005.kanade-ad.net
URL: https://kdex005.kanade-ad.net/common/Collection.aspx?cid=sevenbank&fc=g&knd_xci=&ncst=0&role=item&essential=essential&cb=1668235556332&url_flg=0&url=https%3A%2F%2Fib.sevenbank.co.jp%2FIB%2FIB_U_CO_002%2FIB_U_CO_002_100.aspx%3FLang%3Dja-JP&title=%E3%83%AD%E3%82%B0%E3%82%AA%E3%83%B3%EF%BD%9C%E3%82%BB%E3%83%96%E3%83%B3%E9%8A%80%E8%A1%8C%E3%83%80%E3%82%A4%E3%83%AC%E3%82%AF%E3%83%88%E3%83%90%E3%83%B3%E3%82%AD%E3%83%B3%E3%82%B0&tid=03IrAmpcSCuWICIRFABTJA&st=_KUkJVx1SjqjkcxkIgLvMQ
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kdex005.kanade-ad.net/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 15:53:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Nov 2022 15:53:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=kanade_dsp&google_hm=ZVG0wGKkIF8jMpzQDBOsmA2&google_tc=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame D542
Redirect Chain
  • https://kcs.deqwas.net/CookieSyncService/Sync.aspx?ssp=rc&cid=sevenbank
  • https://pixel.rubiconproject.com/tap.php?v=28040&nid=3550&put=77556aa8b5094553533f0531c968e906&expires=90
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=28040&nid=3550&put=77556aa8b5094553533f0531c968e906&expires=90
Requested by
Host: kdex005.kanade-ad.net
URL: https://kdex005.kanade-ad.net/common/Collection.aspx?cid=sevenbank&fc=g&knd_xci=&ncst=0&role=item&essential=essential&cb=1668235556332&url_flg=0&url=https%3A%2F%2Fib.sevenbank.co.jp%2FIB%2FIB_U_CO_002%2FIB_U_CO_002_100.aspx%3FLang%3Dja-JP&title=%E3%83%AD%E3%82%B0%E3%82%AA%E3%83%B3%EF%BD%9C%E3%82%BB%E3%83%96%E3%83%B3%E9%8A%80%E8%A1%8C%E3%83%80%E3%82%A4%E3%83%AC%E3%82%AF%E3%83%88%E3%83%90%E3%83%B3%E3%82%AD%E3%83%B3%E3%82%B0&tid=03IrAmpcSCuWICIRFABTJA&st=_KUkJVx1SjqjkcxkIgLvMQ
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kdex005.kanade-ad.net/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 13 Nov 2022 15:53:25 GMT
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
x-dserv
SYC002
content-type
text/html; charset=utf-8
location
https://pixel.rubiconproject.com/tap.php?v=28040&nid=3550&put=77556aa8b5094553533f0531c968e906&expires=90
p3p
CP="NOI DSP COR NID DEVa PSAa PSDa SAMa BUS UNI COM STA"
cache-control
private
x-robots-tag
noindex, nofollow
content-length
234
idsync
tg.socdm.com/aux/ Frame D542
Redirect Chain
  • https://kcs.deqwas.net/CookieSyncService/Sync.aspx?ssp=ag&cid=sevenbank
  • https://tg.socdm.com/aux/idsync?proto=kanade&ssp_uid=fca524255c754a3aa391cc642202ef31
43 B
728 B
Image
General
Full URL
https://tg.socdm.com/aux/idsync?proto=kanade&ssp_uid=fca524255c754a3aa391cc642202ef31
Requested by
Host: kdex005.kanade-ad.net
URL: https://kdex005.kanade-ad.net/common/Collection.aspx?cid=sevenbank&fc=g&knd_xci=&ncst=0&role=item&essential=essential&cb=1668235556332&url_flg=0&url=https%3A%2F%2Fib.sevenbank.co.jp%2FIB%2FIB_U_CO_002%2FIB_U_CO_002_100.aspx%3FLang%3Dja-JP&title=%E3%83%AD%E3%82%B0%E3%82%AA%E3%83%B3%EF%BD%9C%E3%82%BB%E3%83%96%E3%83%B3%E9%8A%80%E8%A1%8C%E3%83%80%E3%82%A4%E3%83%AC%E3%82%AF%E3%83%88%E3%83%90%E3%83%B3%E3%82%AD%E3%83%B3%E3%82%B0&tid=03IrAmpcSCuWICIRFABTJA&st=_KUkJVx1SjqjkcxkIgLvMQ
Protocol
HTTP/1.1
Server
124.146.215.46 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kdex005.kanade-ad.net/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

X-SO-Cluster-ID
38
Date
Sun, 13 Nov 2022 15:53:27 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=kanade&ssp_uid=fca524255c754a3aa391cc642202ef31","cluster_id":38,"gdpr":true,"ipv4":"0.0.0.0","key":"Y3ES98Co8XYAAGj7b6cAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40354"}
X-SO-Key
Y3ES98Co8XYAAGj7b6cAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40354
P3P
CP="See also http://www.scaleout.jp/privacy/"
Content-Type
image/gif
Cache-Control
private
X-SO-HostName
a-ad40354.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
1
Content-Length
43
X-SO-LB-Hostname
m-tgng18.dc4p.scaleout.jp
X-SO-IP
185.213.155.165

Redirect headers

date
Sun, 13 Nov 2022 15:53:25 GMT
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
x-dserv
SYC003
content-type
text/html; charset=utf-8
location
https://tg.socdm.com/aux/idsync?proto=kanade&ssp_uid=fca524255c754a3aa391cc642202ef31
p3p
CP="NOI DSP COR NID DEVa PSAa PSDa SAMa BUS UNI COM STA"
cache-control
private
x-robots-tag
noindex, nofollow
content-length
206
/
cs.adingo.jp/sync/ Frame D542
Redirect Chain
  • https://kcs.deqwas.net/CookieSyncService/Sync.aspx?ssp=fl&cid=sevenbank
  • https://cs.adingo.jp/sync/?from=kccs&id=632bd025d53ccf7922484244e95420be&expire=90
0
44 B
Image
General
Full URL
https://cs.adingo.jp/sync/?from=kccs&id=632bd025d53ccf7922484244e95420be&expire=90
Requested by
Host: kdex005.kanade-ad.net
URL: https://kdex005.kanade-ad.net/common/Collection.aspx?cid=sevenbank&fc=g&knd_xci=&ncst=0&role=item&essential=essential&cb=1668235556332&url_flg=0&url=https%3A%2F%2Fib.sevenbank.co.jp%2FIB%2FIB_U_CO_002%2FIB_U_CO_002_100.aspx%3FLang%3Dja-JP&title=%E3%83%AD%E3%82%B0%E3%82%AA%E3%83%B3%EF%BD%9C%E3%82%BB%E3%83%96%E3%83%B3%E9%8A%80%E8%A1%8C%E3%83%80%E3%82%A4%E3%83%AC%E3%82%AF%E3%83%88%E3%83%90%E3%83%B3%E3%82%AD%E3%83%B3%E3%82%B0&tid=03IrAmpcSCuWICIRFABTJA&st=_KUkJVx1SjqjkcxkIgLvMQ
Protocol
H2
Server
35.74.2.251 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-74-2-251.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kdex005.kanade-ad.net/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Sun, 13 Nov 2022 15:53:26 GMT
server
awselb/2.0

Redirect headers

date
Sun, 13 Nov 2022 15:53:25 GMT
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
x-dserv
SYC001
content-type
text/html; charset=utf-8
location
https://cs.adingo.jp/sync/?from=kccs&id=632bd025d53ccf7922484244e95420be&expire=90
p3p
CP="NOI DSP COR NID DEVa PSAa PSDa SAMa BUS UNI COM STA"
cache-control
private
x-robots-tag
noindex, nofollow
content-length
207
setuid
ib.adnxs.com/ Frame D542
Redirect Chain
  • https://kcs.deqwas.net/CookieSyncService/Sync.aspx?ssp=an&cid=sevenbank
  • https://ib.adnxs.com/setuid?entity=291&seg=14724369&code=fca524255c754a3aa391cc642202ef31
43 B
738 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=291&seg=14724369&code=fca524255c754a3aa391cc642202ef31
Requested by
Host: kdex005.kanade-ad.net
URL: https://kdex005.kanade-ad.net/common/Collection.aspx?cid=sevenbank&fc=g&knd_xci=&ncst=0&role=item&essential=essential&cb=1668235556332&url_flg=0&url=https%3A%2F%2Fib.sevenbank.co.jp%2FIB%2FIB_U_CO_002%2FIB_U_CO_002_100.aspx%3FLang%3Dja-JP&title=%E3%83%AD%E3%82%B0%E3%82%AA%E3%83%B3%EF%BD%9C%E3%82%BB%E3%83%96%E3%83%B3%E9%8A%80%E8%A1%8C%E3%83%80%E3%82%A4%E3%83%AC%E3%82%AF%E3%83%88%E3%83%90%E3%83%B3%E3%82%AD%E3%83%B3%E3%82%B0&tid=03IrAmpcSCuWICIRFABTJA&st=_KUkJVx1SjqjkcxkIgLvMQ
Protocol
HTTP/1.1
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kdex005.kanade-ad.net/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 15:53:26 GMT
AN-X-Request-Uuid
9d49512c-9ed5-4c03-a174-9b96ab206997
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date
Sun, 13 Nov 2022 15:53:25 GMT
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
x-dserv
SYC002
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/setuid?entity=291&seg=14724369&code=fca524255c754a3aa391cc642202ef31
p3p
CP="NOI DSP COR NID DEVa PSAa PSDa SAMa BUS UNI COM STA"
cache-control
private
x-robots-tag
noindex, nofollow
content-length
214
sync
ups.analytics.yahoo.com/ups/55967/ Frame D542
Redirect Chain
  • https://kcs.deqwas.net/CookieSyncService/Sync.aspx?ssp=mp&cid=sevenbank
  • https://ups.analytics.yahoo.com/ups/55967/sync?_origin=1&gdpr=0&gdpr_content=&uid=fca524255c754a3aa391cc642202ef31
  • https://ups.analytics.yahoo.com/ups/55967/sync?_origin=1&gdpr=0&gdpr_content=&uid=fca524255c754a3aa391cc642202ef31&verify=true
0
121 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55967/sync?_origin=1&gdpr=0&gdpr_content=&uid=fca524255c754a3aa391cc642202ef31&verify=true
Requested by
Host: kdex005.kanade-ad.net
URL: https://kdex005.kanade-ad.net/common/Collection.aspx?cid=sevenbank&fc=g&knd_xci=&ncst=0&role=item&essential=essential&cb=1668235556332&url_flg=0&url=https%3A%2F%2Fib.sevenbank.co.jp%2FIB%2FIB_U_CO_002%2FIB_U_CO_002_100.aspx%3FLang%3Dja-JP&title=%E3%83%AD%E3%82%B0%E3%82%AA%E3%83%B3%EF%BD%9C%E3%82%BB%E3%83%96%E3%83%B3%E9%8A%80%E8%A1%8C%E3%83%80%E3%82%A4%E3%83%AC%E3%82%AF%E3%83%88%E3%83%90%E3%83%B3%E3%82%AD%E3%83%B3%E3%82%B0&tid=03IrAmpcSCuWICIRFABTJA&st=_KUkJVx1SjqjkcxkIgLvMQ
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kdex005.kanade-ad.net/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Sun, 13 Nov 2022 15:53:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55967/sync?_origin=1&gdpr=0&gdpr_content=&uid=fca524255c754a3aa391cc642202ef31&verify=true
date
Sun, 13 Nov 2022 15:53:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
hs
s-cs.send.microad.jp/ Frame D542
Redirect Chain
  • https://kcs.deqwas.net/CookieSyncService/Sync.aspx?ssp=cp&cid=sevenbank
  • https://s-cs.send.microad.jp/hs?k=kanade_1&id=fca524255c754a3aa391cc642202ef31
43 B
433 B
Image
General
Full URL
https://s-cs.send.microad.jp/hs?k=kanade_1&id=fca524255c754a3aa391cc642202ef31
Requested by
Host: kdex005.kanade-ad.net
URL: https://kdex005.kanade-ad.net/common/Collection.aspx?cid=sevenbank&fc=g&knd_xci=&ncst=0&role=item&essential=essential&cb=1668235556332&url_flg=0&url=https%3A%2F%2Fib.sevenbank.co.jp%2FIB%2FIB_U_CO_002%2FIB_U_CO_002_100.aspx%3FLang%3Dja-JP&title=%E3%83%AD%E3%82%B0%E3%82%AA%E3%83%B3%EF%BD%9C%E3%82%BB%E3%83%96%E3%83%B3%E9%8A%80%E8%A1%8C%E3%83%80%E3%82%A4%E3%83%AC%E3%82%AF%E3%83%88%E3%83%90%E3%83%B3%E3%82%AD%E3%83%B3%E3%82%B0&tid=03IrAmpcSCuWICIRFABTJA&st=_KUkJVx1SjqjkcxkIgLvMQ
Protocol
H2
Server
202.233.84.8 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kdex005.kanade-ad.net/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Sun, 13 Nov 2022 15:53:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin
*
content-type
image/gif
timing-allow-origin
*
access-control-allow-headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
x-xss-protection
1; mode=block

Redirect headers

date
Sun, 13 Nov 2022 15:53:26 GMT
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
x-dserv
SYC003
content-type
text/html; charset=utf-8
location
https://s-cs.send.microad.jp/hs?k=kanade_1&id=fca524255c754a3aa391cc642202ef31
p3p
CP="NOI DSP COR NID DEVa PSAa PSDa SAMa BUS UNI COM STA"
cache-control
private
x-robots-tag
noindex, nofollow
content-length
199
sync
x.bidswitch.net/ul_cb/ Frame D542
Redirect Chain
  • https://kcs.deqwas.net/CookieSyncService/Sync.aspx?ssp=bs&cid=sevenbank
  • https://x.bidswitch.net/sync?dsp_id=118&user_id=fca524255c754a3aa391cc642202ef31&expires=90
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=118&user_id=fca524255c754a3aa391cc642202ef31&expires=90
43 B
495 B
Image
General
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=118&user_id=fca524255c754a3aa391cc642202ef31&expires=90
Requested by
Host: kdex005.kanade-ad.net
URL: https://kdex005.kanade-ad.net/common/Collection.aspx?cid=sevenbank&fc=g&knd_xci=&ncst=0&role=item&essential=essential&cb=1668235556332&url_flg=0&url=https%3A%2F%2Fib.sevenbank.co.jp%2FIB%2FIB_U_CO_002%2FIB_U_CO_002_100.aspx%3FLang%3Dja-JP&title=%E3%83%AD%E3%82%B0%E3%82%AA%E3%83%B3%EF%BD%9C%E3%82%BB%E3%83%96%E3%83%B3%E9%8A%80%E8%A1%8C%E3%83%80%E3%82%A4%E3%83%AC%E3%82%AF%E3%83%88%E3%83%90%E3%83%B3%E3%82%AD%E3%83%B3%E3%82%B0&tid=03IrAmpcSCuWICIRFABTJA&st=_KUkJVx1SjqjkcxkIgLvMQ
Protocol
HTTP/1.1
Server
3.126.172.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-172-142.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kdex005.kanade-ad.net/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date
Sun, 13 Nov 2022 15:53:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/ul_cb/sync?dsp_id=118&user_id=fca524255c754a3aa391cc642202ef31&expires=90
Date
Sun, 13 Nov 2022 15:53:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
dsync
sync.addlv.smt.docomo.ne.jp/tafs/p/ Frame D542
Redirect Chain
  • https://kcs.deqwas.net/CookieSyncService/Sync.aspx?ssp=d2&cid=sevenbank
  • https://sync.addlv.smt.docomo.ne.jp/tafs/p/dsync?id=1&dspid=kanade&value=fca524255c754a3aa391cc642202ef31
0
291 B
Image
General
Full URL
https://sync.addlv.smt.docomo.ne.jp/tafs/p/dsync?id=1&dspid=kanade&value=fca524255c754a3aa391cc642202ef31
Requested by
Host: kdex005.kanade-ad.net
URL: https://kdex005.kanade-ad.net/common/Collection.aspx?cid=sevenbank&fc=g&knd_xci=&ncst=0&role=item&essential=essential&cb=1668235556332&url_flg=0&url=https%3A%2F%2Fib.sevenbank.co.jp%2FIB%2FIB_U_CO_002%2FIB_U_CO_002_100.aspx%3FLang%3Dja-JP&title=%E3%83%AD%E3%82%B0%E3%82%AA%E3%83%B3%EF%BD%9C%E3%82%BB%E3%83%96%E3%83%B3%E9%8A%80%E8%A1%8C%E3%83%80%E3%82%A4%E3%83%AC%E3%82%AF%E3%83%88%E3%83%90%E3%83%B3%E3%82%AD%E3%83%B3%E3%82%B0&tid=03IrAmpcSCuWICIRFABTJA&st=_KUkJVx1SjqjkcxkIgLvMQ
Protocol
HTTP/1.1
Server
18.179.82.183 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-82-183.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date
Sun, 13 Nov 2022 15:53:27 GMT
Server
Apache
Connection
keep-alive
Content-Length
0
Content-Type
text/html;charset=UTF-8

Redirect headers

date
Sun, 13 Nov 2022 15:53:26 GMT
referrer-policy
no-referrer
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
x-dserv
SYC002
content-type
text/html; charset=utf-8
location
https://sync.addlv.smt.docomo.ne.jp/tafs/p/dsync?id=1&dspid=kanade&value=fca524255c754a3aa391cc642202ef31
p3p
CP="NOI DSP COR NID DEVa PSAa PSDa SAMa BUS UNI COM STA"
cache-control
private
x-robots-tag
noindex, nofollow
content-length
230
sync
as.amanad.adtdp.com/v1/ Frame D542
Redirect Chain
  • https://kcs.deqwas.net/CookieSyncService/Sync.aspx?ssp=aj&cid=sevenbank
  • https://as.amanad.adtdp.com/v1/sync?dsp_id=20&uid=fca524255c754a3aa391cc642202ef31
42 B
803 B
Image
General
Full URL
https://as.amanad.adtdp.com/v1/sync?dsp_id=20&uid=fca524255c754a3aa391cc642202ef31
Requested by
Host: kdex005.kanade-ad.net
URL: https://kdex005.kanade-ad.net/common/Collection.aspx?cid=sevenbank&fc=g&knd_xci=&ncst=0&role=item&essential=essential&cb=1668235556332&url_flg=0&url=https%3A%2F%2Fib.sevenbank.co.jp%2FIB%2FIB_U_CO_002%2FIB_U_CO_002_100.aspx%3FLang%3Dja-JP&title=%E3%83%AD%E3%82%B0%E3%82%AA%E3%83%B3%EF%BD%9C%E3%82%BB%E3%83%96%E3%83%B3%E9%8A%80%E8%A1%8C%E3%83%80%E3%82%A4%E3%83%AC%E3%82%AF%E3%83%88%E3%83%90%E3%83%B3%E3%82%AD%E3%83%B3%E3%82%B0&tid=03IrAmpcSCuWICIRFABTJA&st=_KUkJVx1SjqjkcxkIgLvMQ
Protocol
H2
Server
13.32.27.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-77.fra56.r.cloudfront.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kdex005.kanade-ad.net/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 15:53:26 GMT
via
1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
x-amz-cf-id
6nWentnIK_JAFFyDFcnhnJdvBagPxsyWTSJQLbdZdDxL2HnpUZYWRg==
content-length
42
x-xss-protection
0
expires
Thu, 01 Jan 1970 09:00:00 GMT

Redirect headers

date
Sun, 13 Nov 2022 15:53:26 GMT
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
x-dserv
SYC003
content-type
text/html; charset=utf-8
location
https://as.amanad.adtdp.com/v1/sync?dsp_id=20&uid=fca524255c754a3aa391cc642202ef31
p3p
CP="NOI DSP COR NID DEVa PSAa PSDa SAMa BUS UNI COM STA"
cache-control
private
x-robots-tag
noindex, nofollow
content-length
203
cs
cs.gssprt.jp/yie/ld/ Frame D542
Redirect Chain
  • https://kcs.deqwas.net/CookieSyncService/Sync.aspx?ssp=gn&cid=sevenbank
  • https://cs.gssprt.jp/yie/ld/cs?dspid=kccs&uid=c9a22c92971de0127a699504414cd860
82 B
82 B
Image
General
Full URL
https://cs.gssprt.jp/yie/ld/cs?dspid=kccs&uid=c9a22c92971de0127a699504414cd860
Requested by
Host: kdex005.kanade-ad.net
URL: https://kdex005.kanade-ad.net/common/Collection.aspx?cid=sevenbank&fc=g&knd_xci=&ncst=0&role=item&essential=essential&cb=1668235556332&url_flg=0&url=https%3A%2F%2Fib.sevenbank.co.jp%2FIB%2FIB_U_CO_002%2FIB_U_CO_002_100.aspx%3FLang%3Dja-JP&title=%E3%83%AD%E3%82%B0%E3%82%AA%E3%83%B3%EF%BD%9C%E3%82%BB%E3%83%96%E3%83%B3%E9%8A%80%E8%A1%8C%E3%83%80%E3%82%A4%E3%83%AC%E3%82%AF%E3%83%88%E3%83%90%E3%83%B3%E3%82%AD%E3%83%B3%E3%82%B0&tid=03IrAmpcSCuWICIRFABTJA&st=_KUkJVx1SjqjkcxkIgLvMQ
Protocol
H2
Server
222.230.178.129 Asahikawa, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software
nginx /
Resource Hash
f9dc427bd933b43f00a6b153402c80c6edf36640e4b9f40495e1b00eb82bcaa2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kdex005.kanade-ad.net/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Sun, 13 Nov 2022 15:53:27 GMT
cross-origin-resource-policy
cross-origin
server
nginx
content-length
82
content-type
application/octet-stream

Redirect headers

date
Sun, 13 Nov 2022 15:53:26 GMT
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
x-dserv
SYC001
content-type
text/html; charset=utf-8
location
https://cs.gssprt.jp/yie/ld/cs?dspid=kccs&uid=c9a22c92971de0127a699504414cd860
p3p
CP="NOI DSP COR NID DEVa PSAa PSDa SAMa BUS UNI COM STA"
cache-control
private
x-robots-tag
noindex, nofollow
content-length
199

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Seven Bank (Financial)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| Vue function| $ function| jQuery

18 Cookies

Domain/Path Name / Value
.deqwas.net/ Name: stamp
Value: fca524255c754a3aa391cc642202ef31
.deqwas.net/ Name: sevenbank_session
Value: 124e5eb539c2427cb14f432429ac5034
.kanade-ad.net/ Name: stamp
Value: fca524255c754a3aa391cc642202ef31
.kanade-ad.net/ Name: sevenbank_session
Value: 8a4f6a4e165841a29ea27fe1128f7e2e
.kanade-ad.net/ Name: kanade_xc
Value:
.kanade-ad.net/ Name: kanade_xci
Value:
kdex005.kanade-ad.net/ Name: deqwas_rtbsync_td
Value: on
kdex005.kanade-ad.net/ Name: deqwas_rtbsync
Value: 61
.in.treasuredata.com/ Name: _td_global
Value: 70eacb29-a39a-461e-a42c-2e8635fde2e2
.kanade-ad.net/ Name: f59e
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.yahoo.com/ Name: A3
Value: d=AQABBPYScWMCEPfOSSxEAUsaC1Q-LqvV6OsFEgEBAQFkcmN6YwAAAAAA_eMAAA&S=AQAAAp-RMIBAjCOgtLsu6R4qMdw
.analytics.yahoo.com/ Name: IDSYNC
Value: 176n~289r
.bidswitch.net/ Name: tuuid
Value: 6aeb7b6f-6fa4-4466-898d-155f18191de9
.bidswitch.net/ Name: c
Value: 1668354806
.bidswitch.net/ Name: tuuid_lu
Value: 1668354806
.adtdp.com/ Name: uid
Value: aa7c5b0a-2bab-48ce-9902-a38b81c5f2aa
.adtdp.com/ Name: pr
Value: aja

3 Console Messages

Source Level URL
Text
network error URL: https://o2o-moneyklt.ennty.com/Js/IB_U_CO_UserControl/IB_U_CO_Footer.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://p.fraud-alert.net/?idsite=1759302072&sessionId=87713d47-54f5-44cf-9ad1-8991d801962e20221112154554890
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://cs.gssprt.jp/yie/ld/cs?dspid=kccs&uid=c9a22c92971de0127a699504414cd860
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

as.amanad.adtdp.com
cf04.kanade-ad.net
cm.g.doubleclick.net
cs.adingo.jp
cs.gssprt.jp
ib.adnxs.com
in.treasuredata.com
kcs.deqwas.net
kcs.kanade-ad.net
kdex005.deqwas.net
kdex005.kanade-ad.net
o2o-moneyklt.ennty.com
p.fraud-alert.net
pixel.rubiconproject.com
s-cs.send.microad.jp
sync.ad-stir.com
sync.addlv.smt.docomo.ne.jp
tg.socdm.com
ups.analytics.yahoo.com
x.bidswitch.net
108.157.4.116
124.146.215.46
13.32.27.77
142.250.186.66
172.104.100.133
18.156.0.31
18.179.82.183
202.233.84.8
204.152.210.248
222.230.178.129
3.126.172.142
35.74.2.251
37.252.171.21
52.194.158.181
52.69.4.2
52.86.166.34
54.199.178.172
54.250.51.126
65.9.66.42
69.173.144.138
00e4d402a6b4e3dd4817f3690cbc248806c119a16bfabc957f7fd269a0bd4c37
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f5b1d6a94dff1085b9cac2fa07f1c22f4e9e806f0545e1c2141b11bedd18c5c
0f77ed00a0a2e1886c67072e904eab27e4425d20638cab6ce016967e7907f394
11e6987c4a7e585559a84f39c55140b599fa4525e23a9d9fb7449e57a10fb4f2
26e61b419d8ed87fe291903823d28ed344a69483a9da2953ae2f0d3458691825
28fc041f9e196278e26fe1f76736b1ba45428f640428fb5df9d0e3b30674aee0
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
352baa818da109925437a8433057ddc6f91ec48efe88bc5741b2f9e34450fdce
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
442412e3746f867701578a6f03ddc7bf4cfecf8f0c26acee1dc3f05df296e9e9
47f1e8bc23471ae1858badeb1e276897b325bca2781dd14bab2d054dbc2c35be
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5aed07d1d0abb631785cdea699b636dabdbedfda0c73c6c35b800b0f45318023
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
76440a63d1be1f6c24d5e54d8962c1d437a67352e37a24eb17b3602b5e23645f
7a2ae75249c13dec866b166aa4dc6bfa6d1a0f4de6f59866cdeae36ce828dc9d
7c50f5f592de8181e573736848efdf712423e5fc350f9cd9048907fd2b156f9d
7ddf1f1cf4533e4827c7b84e6b3f25f263bb00d93e0bc81c76cf1ac9657b38f5
9491044719a17fbaa23d7d814d317aa50072d981c35349befffcb955e286790c
9626fb5376eb15c230b2eb4706bb1fff85f690b6abe31f5fb6f4e969d57edcea
9fec227b43e16d98e9a82912531c25ed82d33112da3c1923de445f2a56b3ec41
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b05bf1769da8596f575f074474fde72f795f02b7797d7ae0b58b939e1c216047
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3b688ace43ded0d9f394b2e13121b9ad96c3d9d4825485d028ae07b722c60d0
ba5c17cd58041a1632497f880f302c2199ca8da3651e10bda145f09a8735af9e
bc073b570f5c0b58438a1ce4c0438a839c8d7cd97e6769e68bb3731e1ea4b50c
bf0b53f4f910f2656389c903da3d479682b965398eb9f5698a83946bfbcd3b83
c8c1edbfca532226f7e77b15c8ae93b2adde39d63f2fd6c8e96dd9c2780d7d46
cb253c859e4df15c0f20ba1dcdf0ad1ce6cb47ecd7e05ee1fa55cd685e5fd9a1
d34d1d79beb49b53df0bb21463525a508fd205d5aa97bb0e9a5aaec37161e324
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0900975358c23aa5df3774480c1752e99e3d20be04b8786be823341d0a138da
f98572a9df959779ecc7cb1be1ccdbf2ad84eeee6157d2108d24c80b80e751a3
f9dc427bd933b43f00a6b153402c80c6edf36640e4b9f40495e1b00eb82bcaa2
f9e07f2771ae094af84b10f90785f6ed1a0f106af63ff17f330d3d3c612829a0