lifetool.click Open in urlscan Pro
112.78.112.59 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://lifetool.click/3/card_login/5pdKmiMB.html
Submission: On June 23 via manual (June 23rd 2020, 2:46:25 am UTC) from JP

Summary HTTP 38 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 13 IPs in 5 countries across 14 domains to perform 38 HTTP transactions. The main IP is 112.78.112.59, located in Osaka, Japan and belongs to SAKURA-C SAKURA Internet Inc., JP. The main domain is lifetool.click.

This is the only time lifetool.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	112.78.112.59 112.78.112.59	9371 (SAKURA-C ...) (SAKURA-C SAKURA Internet Inc.)
6	78.41.204.38 78.41.204.38	62370 (SNEL) (SNEL)
7	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE)
2	52.198.186.108 52.198.186.108	16509 (AMAZON-02) (AMAZON-02)
1	182.22.24.124 182.22.24.124	23816 (YAHOO Yah...) (YAHOO Yahoo Japan Corporation)
2	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
2	182.22.30.220 182.22.30.220	23816 (YAHOO Yah...) (YAHOO Yahoo Japan Corporation)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:818::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
38	13

5 112.78.112.59 (Osaka, Japan)

ASN9371 (SAKURA-C SAKURA Internet Inc., JP)
PTR: www1749.sakura.ne.jp

lifetool.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 78.41.204.38 (Netherlands)

ASN62370 (SNEL, NL)
PTR: server368.snel.com

lifetool.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.198.186.108 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-198-186-108.ap-northeast-1.compute.amazonaws.com

www25.a8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www19.a8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.22.24.124 (Tokyo, Japan)

ASN23816 (YAHOO Yahoo Japan Corporation, JP)

s.yimg.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 182.22.30.220 (Tokyo, Japan)

ASN23816 (YAHOO Yahoo Japan Corporation, JP)

b97.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	135 KB
6	lifetool.biz lifetool.biz
5	doubleclick.net googleads.g.doubleclick.net
5	lifetool.click lifetool.click	96 KB
2	facebook.net connect.facebook.net	62 KB
2	twitter.com platform.twitter.com	29 KB
2	yahoo.co.jp b97.yahoo.co.jp	12 KB
2	google.com adservice.google.com apis.google.com	20 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	a8.net www25.a8.net www19.a8.net	78 KB
1	ampproject.org cdn.ampproject.org	7 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	google.de adservice.google.de	829 B
1	yimg.jp s.yimg.jp	2 KB
38	14

	Domain	Requested by
6	lifetool.biz	lifetool.click
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
5	lifetool.click	lifetool.click
4	pagead2.googlesyndication.com	lifetool.click pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	connect.facebook.net	lifetool.click connect.facebook.net
2	platform.twitter.com	lifetool.click platform.twitter.com
2	b97.yahoo.co.jp	s.yimg.jp lifetool.click
2	www.google-analytics.com	lifetool.click
1	cdn.ampproject.org	pagead2.googlesyndication.com
1	apis.google.com	lifetool.click
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	s.yimg.jp	lifetool.click
1	www19.a8.net	lifetool.click
1	www25.a8.net	lifetool.click
38	17

This site contains links to these domains. Also see Links.

Domain
my.ts3card.com
px.a8.net
lifetool.biz

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-06-10` - `2020-09-02`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-06-10` - `2020-09-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-06-10` - `2020-09-02`	3 months	crt.sh
rd.listing.yahoo.co.jp Cybertrust Japan Public CA G3	`2019-08-30` - `2020-09-29`	a year	crt.sh
*.apis.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-05-14` - `2020-08-05`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh

This page contains 8 frames:

Primary Page: http://lifetool.click/3/card_login/5pdKmiMB.html
Frame ID: AB11291A1229881C2218065990DC5715
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200618/r20190131/zrt_lookup.html
Frame ID: 54C642F8F2470259AEAE615493857B9B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4905779886131329&output=html&adk=522671305&adf=1178619241&lmt=1472395851&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Flifetool.click%2F3%2Fcard_login%2F5pdKmiMB.html&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1592880367255&bpp=11&bdt=1697&idt=77&shv=r20200618&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1452335397242&frm=20&pv=2&ga_vid=275358108.1592880367&ga_sid=1592880367&ga_hid=1846590412&ga_fc=0&iag=0&icsg=37661372&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4488941396420768&pem=805&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=0&uci=a!0&fsb=1&dtd=93
Frame ID: 2453146EB9831CC77D70FFDF70F0AE55
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4905779886131329&output=html&h=90&slotname=5701176698&adk=914394275&adf=2082386132&w=728&lmt=1472395851&rafmt=12&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Flifetool.click%2F3%2Fcard_login%2F5pdKmiMB.html&flash=0&wgl=1&adsid=NT&dt=1592880367266&bpp=11&bdt=1708&idt=86&shv=r20200618&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1452335397242&frm=20&pv=1&ga_vid=275358108.1592880367&ga_sid=1592880367&ga_hid=1846590412&ga_fc=0&iag=0&icsg=171879100&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4488941396420768&pem=805&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8464&bc=23&ifi=1&uci=a!1&fsb=1&xpc=FCij27EuvN&p=http%3A//lifetool.click&dtd=91
Frame ID: F0894CD184F349F486937F641EDF7666
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4905779886131329&output=html&h=90&slotname=4084842695&adk=1085416999&adf=2185192311&w=728&lmt=1472395851&rafmt=12&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Flifetool.click%2F3%2Fcard_login%2F5pdKmiMB.html&flash=0&wgl=1&adsid=NT&dt=1592880367277&bpp=1&bdt=1719&idt=82&shv=r20200618&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1452335397242&frm=20&pv=1&ga_vid=275358108.1592880367&ga_sid=1592880367&ga_hid=1846590412&ga_fc=0&iag=0&icsg=171879100&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=707&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4488941396420768&pem=805&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8464&bc=23&ifi=2&uci=a!2&fsb=1&xpc=KAuDRtqJ28&p=http%3A//lifetool.click&dtd=84
Frame ID: 33A67B0529F72512DF5751FF2C170E75
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4905779886131329&output=html&h=90&slotname=3290937098&adk=2234749249&adf=3504311608&w=728&lmt=1472395851&rafmt=12&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Flifetool.click%2F3%2Fcard_login%2F5pdKmiMB.html&flash=0&wgl=1&adsid=NT&dt=1592880367278&bpp=1&bdt=1720&idt=84&shv=r20200618&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=1452335397242&frm=20&pv=1&ga_vid=275358108.1592880367&ga_sid=1592880367&ga_hid=1846590412&ga_fc=0&iag=0&icsg=171879100&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4488941396420768&pem=805&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8464&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=I8kRecagGd&p=http%3A//lifetool.click&dtd=86
Frame ID: 2B596A191A13B8CF8C2D3B90E02463F3
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.1b3bc218a38dc1163b7a53028a57ef50.html?origin=http%3A%2F%2Flifetool.click
Frame ID: 0CC27C98A7E652178E7726382BF2D23E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 6FAF812583E0298DC974654B4F0AE962
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /apis\.google\.com\/js\/[a-z]*\.js/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

38
Requests

55 %
HTTPS

62 %
IPv6

14
Domains

17
Subdomains

13
IPs

5
Countries

488 kB
Transfer

1253 kB
Size

5
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://my.ts3card.com/webapp/ToTP01020101Action.do?command=doInit&UNIQUEID=40548
Title: TS CUBICカード　ログインページ

Search URL Search Domain Scan URL

URL: http://px.a8.net/svt/ejp?a8mat=2I0YTX+4UG5NM+363I+62ENL
Title:

Search URL Search Domain Scan URL

URL: http://lifetool.biz/%E7%AF%80%E7%B4%84%E7%94%9F%E6%B4%BB%E3%81%A8%E3%81%8A%E5%B0%8F%E9%81%A3%E3%81%84%E3%82%B5%E3%82%A4%E3%83%88%E3%81%A7%E6%9C%885%E4%B8%87%E8%B2%AF%E3%82%81%E3%81%9F%E6%96%B9%E6%B3%95/
Title: すぐできる節約手段で月５万浮かせた方法とは

Search URL Search Domain Scan URL

URL: http://lifetool.biz/%ef%bd%8f%ef%bd%89%ef%bd%93%ef%bd%89%ef%bd%98-%e6%9c%89%e6%a9%9f%e9%87%8e%e8%8f%9c%e3%81%aa%e3%81%a9%e3%81%ae%e9%a3%9f%e6%9d%90%e5%ae%85%e9%85%8d%e3%83%8d%e3%83%83%e3%83%88%e3%82%b9%e3%83%bc%e3%83%91/
Title: 有機野菜などの食材宅配ネットスーパー

Search URL Search Domain Scan URL

URL: http://lifetool.biz/%e3%83%97%e3%83%ad%e9%87%8e%e7%90%83%e3%83%81%e3%82%b1%e3%83%83%e3%83%88%e6%83%85%e5%a0%b1/
Title: プロ野球チケット情報

Search URL Search Domain Scan URL

URL: http://lifetool.biz/1/law/
Title: 特定商取引に基づく表示

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 19

http://www.google-analytics.com/r/collect?v=1&_v=j83&a=1846590412&t=pageview&_s=1&dl=http%3A%2F%2Flifetool.click%2F3%2Fcard_login%2F5pdKmiMB.html&ul=en-us&de=UTF-8&dt=TS%20CUBIC%E3%82%AB%E3%83%BC%E3%83%89%E3%80%80%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%E3%81%AF%E3%81%93%E3%81%A1%E3%82%89&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=2138786061&gjid=839622726&cid=275358108.1592880367&tid=UA-60456008-2&_gid=403251560.1592880367&_r=1&z=561622943 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1846590412&t=pageview&_s=1&dl=http%3A%2F%2Flifetool.click%2F3%2Fcard_login%2F5pdKmiMB.html&ul=en-us&de=UTF-8&dt=TS%20CUBIC%E3%82%AB%E3%83%BC%E3%83%89%E3%80%80%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%E3%81%AF%E3%81%93%E3%81%A1%E3%82%89&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=2138786061&gjid=839622726&cid=275358108.1592880367&tid=UA-60456008-2&_gid=403251560.1592880367&_r=1&z=561622943

Request Chain 28

http://connect.facebook.net/ja_JP/sdk.js HTTP 307
https://connect.facebook.net/ja_JP/sdk.js

38 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 5pdKmiMB.html Show response
lifetool.click/3/card_login/ 11 KB
5 KB 909ms
534ms Document
text/html 112.78.112.59
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://lifetool.click/3/card_login/5pdKmiMB.html
Protocol: HTTP/1.1
Server: 112.78.112.59 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www1749.sakura.ne.jp
Software: nginx /
Resource Hash: 44573c220372f3838083c9594a27ab93484c0868172db5a9c5ad3ad6b185a6be

Request headers

Host: lifetool.click
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Tue, 23 Jun 2020 02:46:05 GMT
Content-Type: text/html
Content-Length: 4459
Connection: keep-alive
Last-Modified: Sun, 28 Aug 2016 14:50:51 GMT
ETag: "2dba-53b22dfaae8c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H/1.1 404
Not Found common.css
lifetool.biz/assets/css/ 0
0 172ms
36ms Stylesheet
text/plain 78.41.204.38
SNEL

General

Check archive.org

Show headers Download Go to

Full URL: http://lifetool.biz/assets/css/common.css
Requested by: Host: lifetool.click
URL: http://lifetool.click/3/card_login/5pdKmiMB.html
Protocol: HTTP/1.1
Server: 78.41.204.38 , Netherlands, ASN62370 (SNEL, NL),
Reverse DNS: server368.snel.com
Software: nginx /
Resource Hash

Request headers

Referer: http://lifetool.click/3/card_login/5pdKmiMB.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 02:46:05 GMT
cache-control: max-age=0, private, must-revalidate
server: nginx
connection: close
content-length: 9

GET
H/1.1 404
Not Found layout.css
lifetool.biz/assets/css/ 0
0 175ms
39ms Stylesheet
text/plain 78.41.204.38
SNEL

General

Check archive.org

Show headers Download Go to

Full URL: http://lifetool.biz/assets/css/layout.css
Requested by: Host: lifetool.click
URL: http://lifetool.click/3/card_login/5pdKmiMB.html
Protocol: HTTP/1.1
Server: 78.41.204.38 , Netherlands, ASN62370 (SNEL, NL),
Reverse DNS: server368.snel.com
Software: nginx /
Resource Hash

Request headers

Referer: http://lifetool.click/3/card_login/5pdKmiMB.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 02:46:05 GMT
cache-control: max-age=0, private, must-revalidate
server: nginx
connection: close
content-length: 9

GET
H/1.1 404
Not Found design.css
lifetool.biz/assets/css/ 0
0 179ms
43ms Stylesheet
text/plain 78.41.204.38
SNEL

General

Check archive.org

Show headers Download Go to

Full URL: http://lifetool.biz/assets/css/design.css
Requested by: Host: lifetool.click
URL: http://lifetool.click/3/card_login/5pdKmiMB.html
Protocol: HTTP/1.1
Server: 78.41.204.38 , Netherlands, ASN62370 (SNEL, NL),
Reverse DNS: server368.snel.com
Software: nginx /
Resource Hash

Request headers

Referer: http://lifetool.click/3/card_login/5pdKmiMB.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 02:46:05 GMT
cache-control: max-age=0, private, must-revalidate
server: nginx
connection: close
content-length: 9

GET
H/1.1 404
Not Found mobile.css
lifetool.biz/assets/css/ 0
0 178ms
42ms Stylesheet
text/plain 78.41.204.38
SNEL

General

Check archive.org

Show headers Download Go to

Full URL: http://lifetool.biz/assets/css/mobile.css
Requested by: Host: lifetool.click
URL: http://lifetool.click/3/card_login/5pdKmiMB.html
Protocol: HTTP/1.1
Server: 78.41.204.38 , Netherlands, ASN62370 (SNEL, NL),
Reverse DNS: server368.snel.com
Software: nginx /
Resource Hash

Request headers

Referer: http://lifetool.click/3/card_login/5pdKmiMB.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 02:46:05 GMT
cache-control: max-age=0, private, must-revalidate
server: nginx
connection: close
content-length: 9

GET
H/1.1 404
Not Found advanced.css
lifetool.biz/assets/css/ 0
0 178ms
43ms Stylesheet
text/plain 78.41.204.38
SNEL

General

Check archive.org

Show headers Download Go to

Full URL: http://lifetool.biz/assets/css/advanced.css
Requested by: Host: lifetool.click
URL: http://lifetool.click/3/card_login/5pdKmiMB.html
Protocol: HTTP/1.1
Server: 78.41.204.38 , Netherlands, ASN62370 (SNEL, NL),
Reverse DNS: server368.snel.com
Software: nginx /
Resource Hash

Request headers

Referer: http://lifetool.click/3/card_login/5pdKmiMB.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 02:46:05 GMT
cache-control: max-age=0, private, must-revalidate
server: nginx
connection: close
content-length: 9

GET
H/1.1 200
OK jquery.js Show response
lifetool.click/3/card_login/js/ 276 KB
83 KB 615ms
608ms Script
application/javascript 112.78.112.59
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://lifetool.click/3/card_login/js/jquery.js
Requested by: Host: lifetool.click
URL: http://lifetool.click/3/card_login/5pdKmiMB.html
Protocol: HTTP/1.1
Server: 112.78.112.59 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www1749.sakura.ne.jp
Software: nginx /
Resource Hash: 3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc

Request headers

Referer: http://lifetool.click/3/card_login/5pdKmiMB.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 02:46:06 GMT
Content-Encoding: gzip
Last-Modified: Sun, 28 Aug 2016 17:20:52 GMT
Server: nginx
ETag: "4508e-53b24f82b4500-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Expires: Tue, 30 Jun 2020 02:46:06 GMT

GET
H/1.1 200
OK jquery-migrate.js Show response
lifetool.click/3/card_login/js/ 16 KB
6 KB 524ms
517ms Script
application/javascript 112.78.112.59
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://lifetool.click/3/card_login/js/jquery-migrate.js
Requested by: Host: lifetool.click
URL: http://lifetool.click/3/card_login/5pdKmiMB.html
Protocol: HTTP/1.1
Server: 112.78.112.59 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www1749.sakura.ne.jp
Software: nginx /
Resource Hash: 58564bc237b683f482c3a82def059f27b2be41109d237d7a2380074b5b4f22be

Request headers

Referer: http://lifetool.click/3/card_login/5pdKmiMB.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 02:46:05 GMT
Content-Encoding: gzip
Last-Modified: Sun, 28 Aug 2016 17:20:51 GMT
Server: nginx
ETag: "40ed-53b24f81c02c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5789
Expires: Tue, 30 Jun 2020 02:46:05 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 110 KB
40 KB 26ms
20ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: lifetool.click
URL: http://lifetool.click/3/card_login/5pdKmiMB.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

312284a0a56da5a0b2ab887835aaa61ecb1f08bda0e674462f5768a42563e25f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lifetool.click/3/card_login/5pdKmiMB.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Tue, 23 Jun 2020 02:46:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 6481968955356984655
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 40496
X-XSS-Protection: 0
Expires: Tue, 23 Jun 2020 02:46:07 GMT

GET
H/1.1 200
OK bgt
www25.a8.net/svt/ 78 KB
78 KB 560ms
522ms Image
image/gif 52.198.186.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www25.a8.net/svt/bgt?aid=151210581293&wid=007&eno=01&mid=s00000014787001019000&mc=1
Requested by: Host: lifetool.click
URL: http://lifetool.click/3/card_login/5pdKmiMB.html
Protocol: HTTP/1.1
Server: 52.198.186.108 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-198-186-108.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: a21239450db0f3c101da818520b3bf0c03d9f6e6ed2c03e6ca26c16fd289f697

Request headers

Referer: http://lifetool.click/3/card_login/5pdKmiMB.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 02:46:07 GMT
Server: Apache
Connection: keep-alive
Content-Length: 79404
Content-Type: image/gif

GET
H/1.1 200
OK 0.gif
www19.a8.net/ 43 B
184 B 583ms
548ms Image
image/gif 52.198.186.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www19.a8.net/0.gif?a8mat=2I0YTX+4UG5NM+363I+62ENL
Requested by: Host: lifetool.click
URL: http://lifetool.click/3/card_login/5pdKmiMB.html
Protocol: HTTP/1.1
Server: 52.198.186.108 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-198-186-108.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067

Request headers

Referer: http://lifetool.click/3/card_login/5pdKmiMB.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 02:46:07 GMT
Server: Apache
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK utility.js Show response
lifetool.click/3/card_login/js/ 2 KB
1 KB 263ms
262ms Script
application/javascript 112.78.112.59
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://lifetool.click/3/card_login/js/utility.js
Requested by: Host: lifetool.click
URL: http://lifetool.click/3/card_login/5pdKmiMB.html
Protocol: HTTP/1.1
Server: 112.78.112.59 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www1749.sakura.ne.jp
Software: nginx /
Resource Hash: f558a7c64606564da5835737bddac629897b9c680cf1a53c1044ebec3637393e

Request headers

Referer: http://lifetool.click/3/card_login/5pdKmiMB.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 02:46:06 GMT
Content-Encoding: gzip
Last-Modified: Sun, 28 Aug 2016 17:20:51 GMT
Server: nginx
ETag: "972-53b24f81c02c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1015
Expires: Tue, 30 Jun 2020 02:46:06 GMT

GET
H/1.1 200
OK socialButton.js Show response
lifetool.click/3/card_login/js/ 2 KB
1 KB 261ms
261ms Script
application/javascript 112.78.112.59
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://lifetool.click/3/card_login/js/socialButton.js
Requested by: Host: lifetool.click
URL: http://lifetool.click/3/card_login/5pdKmiMB.html
Protocol: HTTP/1.1
Server: 112.78.112.59 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www1749.sakura.ne.jp
Software: nginx /
Resource Hash: 2a64cdb176d390a1be607f8547b77ce615ae129e86d20a1d1b09612079835d9b

Request headers

Referer: http://lifetool.click/3/card_login/5pdKmiMB.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 02:46:06 GMT
Content-Encoding: gzip
Last-Modified: Sun, 28 Aug 2016 17:20:51 GMT
Server: nginx
ETag: "9d3-53b24f81c02c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1008
Expires: Tue, 30 Jun 2020 02:46:06 GMT

GET
H/1.1 404
Not Found print.css
lifetool.biz/assets/css/ 0
0 45ms
39ms Stylesheet
text/plain 78.41.204.38
SNEL

General

Check archive.org

Show headers Download Go to

Full URL: http://lifetool.biz/assets/css/print.css
Requested by: Host: lifetool.click
URL: http://lifetool.click/3/card_login/5pdKmiMB.html
Protocol: HTTP/1.1
Server: 78.41.204.38 , Netherlands, ASN62370 (SNEL, NL),
Reverse DNS: server368.snel.com
Software: nginx /
Resource Hash

Request headers

Referer: http://lifetool.click/3/card_login/5pdKmiMB.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 02:46:06 GMT
cache-control: max-age=0, private, must-revalidate
server: nginx
connection: close
content-length: 9

GET
H/1.1 200
OK conversion.js Show response
s.yimg.jp/images/listing/tool/cv/ 4 KB
2 KB 509ms
502ms Script
application/javascript 182.22.24.124
YAHOO Yahoo Japan...

General

Check archive.org

Show headers Download Go to

Full URL: http://s.yimg.jp/images/listing/tool/cv/conversion.js
Requested by: Host: lifetool.click
URL: http://lifetool.click/3/card_login/5pdKmiMB.html
Protocol: HTTP/1.1
Server: 182.22.24.124 Tokyo, Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software: ATS /
Resource Hash: e55596fc1c3349cbbc926529c29c27e1de7b98b47a31cc7bb4789970e571065f

Request headers

Referer: http://lifetool.click/3/card_login/5pdKmiMB.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

ATS-Carp-Promotion: 1
Date: Tue, 23 Jun 2020 02:40:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Aug 2019 10:27:08 GMT
Server: ATS
Age: 311
Vary: Accept-Encoding
P3P: policyref="http://privacy.yahoo.co.jp/w3c/p3p_jp.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Via: http/1.1 edge1244.img.bbt.yahoo.co.jp (ApacheTrafficServer [cRs f ]), http/1.1 edge1267.img.bbt.yahoo.co.jp (ApacheTrafficServer [cRs f ]), http/1.1 edge1225.img.bbt.yahoo.co.jp (ApacheTrafficServer [cRs f ])
Cache-Control: public, max-age=600
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 1421
Expires: Tue, 23 Jun 2020 02:50:56 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

45 KB
18 KB

5ms
5ms

Script
text/javascript

2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: lifetool.click
URL: http://lifetool.click/3/card_login/5pdKmiMB.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://lifetool.click/3/card_login/5pdKmiMB.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 389
date: Tue, 23 Jun 2020 02:39:38 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Tue, 23 Jun 2020 04:39:38 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
829 B 37ms
13ms Script
application/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=lifetool.click

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lifetool.click/3/card_login/5pdKmiMB.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Jun 2020 02:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
829 B 37ms
14ms Script
application/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=lifetool.click

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lifetool.click/3/card_login/5pdKmiMB.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Jun 2020 02:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200618/r20190131/ 217 KB
83 KB 47ms
26ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200618/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34c781e5d927d5fabf19060992bbd8c112f93d06f56fa0ee0c81aaef622aa30f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lifetool.click/3/card_login/5pdKmiMB.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 02:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 83741
x-xss-protection: 0
server: cafe
etag: 1206115939822849103
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Jun 2020 02:46:07 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200618/r20190131/ Frame 54C6 0
0 6ms
6ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200618/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200618/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://lifetool.click/3/card_login/5pdKmiMB.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://lifetool.click/3/card_login/5pdKmiMB.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 18 Jun 2020 20:35:34 GMT
expires: Thu, 02 Jul 2020 20:35:34 GMT
content-type: text/html; charset=UTF-8
etag: 14051151748927987307
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4501
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 367833
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2

200

collect
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j83&a=1846590412&t=pageview&_s=1&dl=http%3A%2F%2Flifetool.click%2F3%2Fcard_login%2F5pdKmiMB.html&ul=en-us&de=UTF-8&dt=TS%20CUBIC%E3%82%AB%E3%83%BC%E...
https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1846590412&t=pageview&_s=1&dl=http%3A%2F%2Flifetool.click%2F3%2Fcard_login%2F5pdKmiMB.html&ul=en-us&de=UTF-8&dt=TS%20CUBIC%E3%82%AB%E3%83%BC%...

35 B
98 B

13ms
13ms

Image
image/gif

2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1846590412&t=pageview&_s=1&dl=http%3A%2F%2Flifetool.click%2F3%2Fcard_login%2F5pdKmiMB.html&ul=en-us&de=UTF-8&dt=TS%20CUBIC%E3%82%AB%E3%83%BC%E3%83%89%E3%80%80%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%E3%81%AF%E3%81%93%E3%81%A1%E3%82%89&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=2138786061&gjid=839622726&cid=275358108.1592880367&tid=UA-60456008-2&_gid=403251560.1592880367&_r=1&z=561622943

Requested by

Host: lifetool.click
URL: http://lifetool.click/3/card_login/5pdKmiMB.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://lifetool.click/3/card_login/5pdKmiMB.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jun 2020 02:46:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1846590412&t=pageview&_s=1&dl=http%3A%2F%2Flifetool.click%2F3%2Fcard_login%2F5pdKmiMB.html&ul=en-us&de=UTF-8&dt=TS%20CUBIC%E3%82%AB%E3%83%BC%E3%83%89%E3%80%80%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%E3%81%AF%E3%81%93%E3%81%A1%E3%82%89&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=2138786061&gjid=839622726&cid=275358108.1592880367&tid=UA-60456008-2&_gid=403251560.1592880367&_r=1&z=561622943
Non-Authoritative-Reason: HSTS

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 2453 0
0 69ms
68ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4905779886131329&output=html&adk=522671305&adf=1178619241&lmt=1472395851&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Flifetool.click%2F3%2Fcard_login%2F5pdKmiMB.html&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1592880367255&bpp=11&bdt=1697&idt=77&shv=r20200618&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1452335397242&frm=20&pv=2&ga_vid=275358108.1592880367&ga_sid=1592880367&ga_hid=1846590412&ga_fc=0&iag=0&icsg=37661372&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4488941396420768&pem=805&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=0&uci=a!0&fsb=1&dtd=93

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200618/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4905779886131329&output=html&adk=522671305&adf=1178619241&lmt=1472395851&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Flifetool.click%2F3%2Fcard_login%2F5pdKmiMB.html&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1592880367255&bpp=11&bdt=1697&idt=77&shv=r20200618&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1452335397242&frm=20&pv=2&ga_vid=275358108.1592880367&ga_sid=1592880367&ga_hid=1846590412&ga_fc=0&iag=0&icsg=37661372&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4488941396420768&pem=805&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=0&uci=a!0&fsb=1&dtd=93
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://lifetool.click/3/card_login/5pdKmiMB.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://lifetool.click/3/card_login/5pdKmiMB.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 23 Jun 2020 02:46:07 GMT
server: cafe
content-length: 868
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 23-Jun-2020 03:01:07 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 23 Jun 2020 02:46:07 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200618/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

367f33e9ced368d6a39b863431212bf952a37233ad2558978da44cad20d68012

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lifetool.click/3/card_login/5pdKmiMB.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 02:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1592825540321031"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27927
x-xss-protection: 0
expires: Tue, 23 Jun 2020 02:46:07 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame F089 0
0 345ms
344ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4905779886131329&output=html&h=90&slotname=5701176698&adk=914394275&adf=2082386132&w=728&lmt=1472395851&rafmt=12&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Flifetool.click%2F3%2Fcard_login%2F5pdKmiMB.html&flash=0&wgl=1&adsid=NT&dt=1592880367266&bpp=11&bdt=1708&idt=86&shv=r20200618&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1452335397242&frm=20&pv=1&ga_vid=275358108.1592880367&ga_sid=1592880367&ga_hid=1846590412&ga_fc=0&iag=0&icsg=171879100&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4488941396420768&pem=805&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8464&bc=23&ifi=1&uci=a!1&fsb=1&xpc=FCij27EuvN&p=http%3A//lifetool.click&dtd=91

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200618/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4905779886131329&output=html&h=90&slotname=5701176698&adk=914394275&adf=2082386132&w=728&lmt=1472395851&rafmt=12&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Flifetool.click%2F3%2Fcard_login%2F5pdKmiMB.html&flash=0&wgl=1&adsid=NT&dt=1592880367266&bpp=11&bdt=1708&idt=86&shv=r20200618&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1452335397242&frm=20&pv=1&ga_vid=275358108.1592880367&ga_sid=1592880367&ga_hid=1846590412&ga_fc=0&iag=0&icsg=171879100&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4488941396420768&pem=805&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8464&bc=23&ifi=1&uci=a!1&fsb=1&xpc=FCij27EuvN&p=http%3A//lifetool.click&dtd=91
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://lifetool.click/3/card_login/5pdKmiMB.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://lifetool.click/3/card_login/5pdKmiMB.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 23 Jun 2020 02:46:07 GMT
server: cafe
content-length: 23396
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 23-Jun-2020 03:01:07 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 23 Jun 2020 02:46:07 GMT
cache-control: private

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 33A6 0
0 375ms
374ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4905779886131329&output=html&h=90&slotname=4084842695&adk=1085416999&adf=2185192311&w=728&lmt=1472395851&rafmt=12&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Flifetool.click%2F3%2Fcard_login%2F5pdKmiMB.html&flash=0&wgl=1&adsid=NT&dt=1592880367277&bpp=1&bdt=1719&idt=82&shv=r20200618&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1452335397242&frm=20&pv=1&ga_vid=275358108.1592880367&ga_sid=1592880367&ga_hid=1846590412&ga_fc=0&iag=0&icsg=171879100&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=707&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4488941396420768&pem=805&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8464&bc=23&ifi=2&uci=a!2&fsb=1&xpc=KAuDRtqJ28&p=http%3A//lifetool.click&dtd=84

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200618/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4905779886131329&output=html&h=90&slotname=4084842695&adk=1085416999&adf=2185192311&w=728&lmt=1472395851&rafmt=12&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Flifetool.click%2F3%2Fcard_login%2F5pdKmiMB.html&flash=0&wgl=1&adsid=NT&dt=1592880367277&bpp=1&bdt=1719&idt=82&shv=r20200618&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1452335397242&frm=20&pv=1&ga_vid=275358108.1592880367&ga_sid=1592880367&ga_hid=1846590412&ga_fc=0&iag=0&icsg=171879100&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=707&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4488941396420768&pem=805&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8464&bc=23&ifi=2&uci=a!2&fsb=1&xpc=KAuDRtqJ28&p=http%3A//lifetool.click&dtd=84
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://lifetool.click/3/card_login/5pdKmiMB.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://lifetool.click/3/card_login/5pdKmiMB.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
access-control-expose-headers: x-google-amp-ad-validated-version
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 23 Jun 2020 02:46:07 GMT
server: cafe
content-length: 30558
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 23-Jun-2020 03:01:07 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 23 Jun 2020 02:46:07 GMT
cache-control: private

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 2B59 0
0 301ms
301ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4905779886131329&output=html&h=90&slotname=3290937098&adk=2234749249&adf=3504311608&w=728&lmt=1472395851&rafmt=12&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Flifetool.click%2F3%2Fcard_login%2F5pdKmiMB.html&flash=0&wgl=1&adsid=NT&dt=1592880367278&bpp=1&bdt=1720&idt=84&shv=r20200618&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=1452335397242&frm=20&pv=1&ga_vid=275358108.1592880367&ga_sid=1592880367&ga_hid=1846590412&ga_fc=0&iag=0&icsg=171879100&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4488941396420768&pem=805&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8464&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=I8kRecagGd&p=http%3A//lifetool.click&dtd=86

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200618/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8360366007454330933/720-90.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8360366007454330933/720-90.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMbm3uP1luoCFVn5dwodl_QL9g&gqi=72zxXpDfFpaHjuwP37efsAQ&layout=/sadbundle/%24csp%253Der3%24/8360366007454330933/720-90.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4905779886131329&output=html&h=90&slotname=3290937098&adk=2234749249&adf=3504311608&w=728&lmt=1472395851&rafmt=12&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Flifetool.click%2F3%2Fcard_login%2F5pdKmiMB.html&flash=0&wgl=1&adsid=NT&dt=1592880367278&bpp=1&bdt=1720&idt=84&shv=r20200618&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=1452335397242&frm=20&pv=1&ga_vid=275358108.1592880367&ga_sid=1592880367&ga_hid=1846590412&ga_fc=0&iag=0&icsg=171879100&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4488941396420768&pem=805&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8464&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=I8kRecagGd&p=http%3A//lifetool.click&dtd=86
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://lifetool.click/3/card_login/5pdKmiMB.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://lifetool.click/3/card_login/5pdKmiMB.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8360366007454330933/720-90.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8360366007454330933/720-90.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMbm3uP1luoCFVn5dwodl_QL9g&gqi=72zxXpDfFpaHjuwP37efsAQ&layout=/sadbundle/%24csp%253Der3%24/8360366007454330933/720-90.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 23 Jun 2020 02:46:07 GMT
server: cafe
content-length: 28326
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 23-Jun-2020 03:01:07 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 23 Jun 2020 02:46:07 GMT
cache-control: private

GET
H/1.1 200
OK conversion_async.js Show response
b97.yahoo.co.jp/pagead/ 29 KB
12 KB 1069ms
312ms Script
text/javascript 182.22.30.220
YAHOO Yahoo Japan...

General

Check archive.org

Show headers Download Go to

Full URL

https://b97.yahoo.co.jp/pagead/conversion_async.js

Requested by

Host: s.yimg.jp
URL: http://s.yimg.jp/images/listing/tool/cv/conversion.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

182.22.30.220 Tokyo, Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),

Reverse DNS

Software

ATS /

Resource Hash

3f14ff0f57b27f1e0459c59a78e0a7fd1fad98f564db51661098075063ce9696

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lifetool.click/3/card_login/5pdKmiMB.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 02:46:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 0
P3P: policyref="http://privacy.yahoo.co.jp/w3c/p3p_jp.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Content-Disposition: attachment; filename="f.txt"
Connection: keep-alive
Content-Length: 11037
X-XSS-Protection: 0
Server: ATS
ETag: 3141712289946324312
Content-Type: text/javascript; charset=UTF-8
Via: http/1.1 mscedge1003.img.bbt.yahoo.co.jp (ApacheTrafficServer [c sSf ])
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Tue, 23 Jun 2020 02:46:08 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 12ms
5ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js
Requested by: Host: lifetool.click
URL: http://lifetool.click/3/card_login/js/socialButton.js
Protocol: HTTP/1.1
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40FA) /
Resource Hash: 2bc46b8e0479c20a785c47faea919c0800aedfaab04bbdc2e9ac1bbd46a38222

Request headers

Referer: http://lifetool.click/3/card_login/5pdKmiMB.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 02:46:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Jun 2020 22:22:30 GMT
Server: ECS (fcn/40FA)
Age: 77
Etag: "f9249dd6b9b9cf7717e7683d873c1392+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 29254

GET
H2 200 platform.js Show response
apis.google.com/js/ 47 KB
19 KB 55ms
34ms Script
application/javascript 2a00:1450:4001:818::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: lifetool.click
URL: http://lifetool.click/3/card_login/js/socialButton.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4c9bdb532a35accdd00e1706f9b1ac99a50ec474caa4d3b55619e03555ff69d0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tx6WFPPJLkH7IEujkjTAPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://lifetool.click/3/card_login/5pdKmiMB.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 02:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "d4ae67b709ea48fcf25b13ad8a7eaf79"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-tx6WFPPJLkH7IEujkjTAPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Tue, 23 Jun 2020 02:46:07 GMT

GET
H2

200

sdk.js Show response
connect.facebook.net/ja_JP/
Redirect Chain

http://connect.facebook.net/ja_JP/sdk.js
https://connect.facebook.net/ja_JP/sdk.js

3 KB
2 KB

6ms
6ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ja_JP/sdk.js

Requested by

Host: lifetool.click
URL: http://lifetool.click/3/card_login/5pdKmiMB.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

266790f55d89a37c34c664d93e4bb74810dcb8275cd27ade85db8d3148adcba1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://lifetool.click/3/card_login/5pdKmiMB.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: B8Dkub53bRRnfOpG/lJJRQ==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
etag: "794e06cd6198f3bf0429692384cb2362"
x-fb-debug: 3eSaa7zN6ZvbId+yEs931dRDEsA6TwiQOvrDkC/SWFD7ildeSm+AAnWJXpxYiWWoXE+ScFi+jhTkQmIJCv7l8A==
x-fb-trip-id: 664085054
x-fb-content-md5: 2e66e76a1c474749c3cbfb8018648834
x-frame-options: DENY
date: Tue, 23 Jun 2020 02:46:07 GMT, Tue, 23 Jun 2020 02:46:07 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 23 Jun 2020 02:55:56 GMT

Redirect headers

Location: https://connect.facebook.net/ja_JP/sdk.js#xfbml=1&version=v2.0
Non-Authoritative-Reason: HSTS

GET
H2 200 sdk.js Show response
connect.facebook.net/ja_JP/ 199 KB
60 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ja_JP/sdk.js?hash=afe7be8c0c117b9c91d8bd4de643b82b&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ja_JP/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8339a4c9c43ed226e17257ec7a30b93bfb896f34275d39bbad24c74523ef331b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://lifetool.click/3/card_login/5pdKmiMB.html
Origin: http://lifetool.click

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: BXkmk4kVq3MUkViB/0szFw==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 61241
etag: "5e2d1627c308f4c34f5c04fa9bd25111"
x-fb-debug: IkCAzRi8v2hj/MgBsIBRyZYFbEN1HobrXq9UdXY2cGNVF14rPHf9ov2CPdT+Dt6c4P7PXwnnkPHFoRaWMdxOvg==
x-fb-trip-id: 664085054
x-fb-content-md5: 80828be3f423286e54e553cc8b61f3ed
x-frame-options: DENY
date: Tue, 23 Jun 2020 02:46:07 GMT, Tue, 23 Jun 2020 02:46:07 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Wed, 23 Jun 2021 01:35:40 GMT

GET
H/1.1 200
OK widget_iframe.1b3bc218a38dc1163b7a53028a57ef50.html
platform.twitter.com/widgets/ Frame 0CC2 0
0 26ms
6ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.1b3bc218a38dc1163b7a53028a57ef50.html?origin=http%3A%2F%2Flifetool.click
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40EA) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://lifetool.click/3/card_login/5pdKmiMB.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://lifetool.click/3/card_login/5pdKmiMB.html

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 446710
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 23 Jun 2020 02:46:07 GMT
Etag: "9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified: Wed, 17 Jun 2020 22:20:20 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40EA)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5825

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012005272217000/ 20 KB
7 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/amp4ads-host-v0.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200618/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6df7b88bf786124161c91ce7636949e353cb8ff1ed090a3ba030152d4fde3e2f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lifetool.click/3/card_login/5pdKmiMB.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 1129639
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7227
x-xss-protection: 0
server: sffe
date: Wed, 10 Jun 2020 00:58:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "152b1cf4fabdd896"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Jun 2021 00:58:48 GMT

GET
H/1.1 200
OK /
b97.yahoo.co.jp/pagead/conversion/1000305436/ 42 B
737 B 446ms
445ms Image
image/gif 182.22.30.220
YAHOO Yahoo Japan...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b97.yahoo.co.jp/pagead/conversion/1000305436/?random=1592880368671&cv=9&fst=1592880368671&num=1&fmt=3&guid=ON&disvt=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Flifetool.click%2F3%2Fcard_login%2F5pdKmiMB.html&tiba=TS%20CUBIC%E3%82%AB%E3%83%BC%E3%83%89%E3%80%80%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%E3%81%AF%E3%81%93%E3%81%A1%E3%82%89&hn=www.googleadservices.com&async=1

Requested by

Host: lifetool.click
URL: http://lifetool.click/3/card_login/5pdKmiMB.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

182.22.30.220 Tokyo, Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),

Reverse DNS

Software

ATS /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lifetool.click/3/card_login/5pdKmiMB.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Jun 2020 02:46:08 GMT
Via: http/1.1 mscedge1003.img.bbt.yahoo.co.jp (ApacheTrafficServer [c sSf ])
X-Content-Type-Options: nosniff
Server: ATS
Timing-Allow-Origin: *
Age: 0
P3P: policyref="http://privacy.yahoo.co.jp/w3c/p3p_jp.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Cache-Control: no-cache, no-store, must-revalidate
Content-Security-Policy: script-src 'none'; object-src 'none'
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 35ms
17ms XHR
application/json 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200618&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200618/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fb9ecb7168f9030108a7528f657ec9ede95b91c5bbc9f1fd6c3d2a64574b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lifetool.click/3/card_login/5pdKmiMB.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Jun 2020 02:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5693
x-xss-protection: 0

GET
H/1.1 200
OK sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 19ms
13ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200618/r20190131/show_ads_impl_fy2019.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lifetool.click/3/card_login/5pdKmiMB.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 02:46:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1591403518460474"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=3000
Accept-Ranges: bytes
Content-Length: 5540
X-XSS-Protection: 0
Expires: Tue, 23 Jun 2020 02:46:09 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 6FAF 0
0 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://lifetool.click/3/card_login/5pdKmiMB.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://lifetool.click/3/card_login/5pdKmiMB.html

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Mon, 22 Jun 2020 22:53:29 GMT
expires: Tue, 22 Jun 2021 22:53:29 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 13960
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
57 B 14ms
14ms Image
image/gif 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200618&jk=4488941396420768&bg=!cHOlc2tYn2wpskNamb8CAAAARlIAAAARmQF-CyoDs1hTjiFkX1_6T-YopY_0kJBm08gysM3hmQ8F7CpRKtgWklH1b1xluixBBz5bAiHHE-dTJfn71s26rFw1LiCGNg3khW_0SwgUbIz5o0DE85b3FfjYKvWuNKZpnmR2c47hstIQtE51AA10HM-kH9xa2ZW8naE6VUHL-RvHltKY_usAHFN-dJ03vmvkcJI1hgprpcSvsB0dMXaWfdzeL3TamcKAhmM-0Wa6Q_yegVfvPofHiCySp0jtTgBcr-kdLF3XO_AO99QMt3QkUEjvwiGBXxzJiju2pLATFt03T-kCO4KTyDymYRggletVUhYOmd2FFzhWX0M-GkDDfazNKBYs_Y1QzKC2_4uU5zjZGHqt82e25R4WZ086Ky2-lh47AkBzpiqAY0qUeLfl3C-i1RB9kIWWfWEypE_K1JtGYLDDUJBvAbgdnBtMapZolu52JeTuSfIoi_JOmqsCmGqZFqkD_0-QbqK_OHkzs8JliWByWq3Ucj8Oj5XXoPW1oA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lifetool.click/3/card_login/5pdKmiMB.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jun 2020 02:46:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lifetool.click/	1970-01-19 10:28:00	Name: _gat Value: 1
.doubleclick.net/	1970-01-19 10:28:03	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-19 19:49:36	Name: IDE Value: AHWqTUmw4n2_8-dGzlVzyQKXwc7XKP2KYrR6PhPS-2mZpFCSpYo9zVv-UKSxquVL
.lifetool.click/	1970-01-19 10:29:26	Name: _gid Value: GA1.2.403251560.1592880367
.lifetool.click/	1970-01-20 03:59:12	Name: _ga Value: GA1.2.275358108.1592880367

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://lifetool.click/3/card_login/js/jquery-migrate.js(Line 21) Message: JQMIGRATE: Logging is active

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
apis.google.com
b97.yahoo.co.jp
cdn.ampproject.org
connect.facebook.net
googleads.g.doubleclick.net
lifetool.biz
lifetool.click
pagead2.googlesyndication.com
platform.twitter.com
s.yimg.jp
tpc.googlesyndication.com
www.google-analytics.com
www.googletagservices.com
www19.a8.net
www25.a8.net
112.78.112.59
182.22.24.124
182.22.30.220
2606:2800:234:46c:e8b:1e2f:2bd:694
2a00:1450:4001:808::2001
2a00:1450:4001:816::2002
2a00:1450:4001:817::200e
2a00:1450:4001:818::200e
2a00:1450:4001:81c::2001
2a00:1450:4001:821::2002
2a03:2880:f01c:8012:face:b00c:0:3
52.198.186.108
78.41.204.38
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
266790f55d89a37c34c664d93e4bb74810dcb8275cd27ade85db8d3148adcba1
2a64cdb176d390a1be607f8547b77ce615ae129e86d20a1d1b09612079835d9b
2bc46b8e0479c20a785c47faea919c0800aedfaab04bbdc2e9ac1bbd46a38222
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc
312284a0a56da5a0b2ab887835aaa61ecb1f08bda0e674462f5768a42563e25f
34c781e5d927d5fabf19060992bbd8c112f93d06f56fa0ee0c81aaef622aa30f
367f33e9ced368d6a39b863431212bf952a37233ad2558978da44cad20d68012
3f14ff0f57b27f1e0459c59a78e0a7fd1fad98f564db51661098075063ce9696
44573c220372f3838083c9594a27ab93484c0868172db5a9c5ad3ad6b185a6be
4c9bdb532a35accdd00e1706f9b1ac99a50ec474caa4d3b55619e03555ff69d0
58564bc237b683f482c3a82def059f27b2be41109d237d7a2380074b5b4f22be
6df7b88bf786124161c91ce7636949e353cb8ff1ed090a3ba030152d4fde3e2f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8339a4c9c43ed226e17257ec7a30b93bfb896f34275d39bbad24c74523ef331b
a21239450db0f3c101da818520b3bf0c03d9f6e6ed2c03e6ca26c16fd289f697
b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067
c8fb9ecb7168f9030108a7528f657ec9ede95b91c5bbc9f1fd6c3d2a64574b7e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55596fc1c3349cbbc926529c29c27e1de7b98b47a31cc7bb4789970e571065f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f558a7c64606564da5835737bddac629897b9c680cf1a53c1044ebec3637393e
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

lifetool.click Open in urlscan Pro 112.78.112.59 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

38 Requests

55 %HTTPS

62 %IPv6

14 Domains

17 Subdomains

13 IPs

5 Countries

488 kBTransfer

1253 kBSize

5 Cookies

6 Outgoing links

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

lifetool.click Open in urlscan Pro
112.78.112.59 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

55 %
HTTPS

62 %
IPv6

14
Domains

17
Subdomains

13
IPs

5
Countries

488 kB
Transfer

1253 kB
Size

5
Cookies

38 HTTP transactions
0 data transactions