nb.gnan.jp Open in urlscan Pro
210.140.196.204 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://is.gd/2KTykO
Effective URL:
http://nb.gnan.jp/?adv=fam2001&_xuid=xuidx8848166005x5fe&_fsc=14
Submission: On May 23 via manual (May 23rd 2023, 10:12:24 am UTC) from PH — Scanned from DE

Summary HTTP 29 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 9 domains to perform 29 HTTP transactions. The main IP is 210.140.196.204, located in and belongs to . The main domain is nb.gnan.jp.

This is the only time nb.gnan.jp was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::6819:ea35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:20:... 2606:4700:20::6819:e935	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	153.120.23.115 153.120.23.115	7684 (SAKURA-A ...) (SAKURA-A SAKURA Internet Inc.)
4	162.43.121.106 162.43.121.106	131965 (XSERVER X...) (XSERVER Xserver Inc.)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 2	202.210.187.60 202.210.187.60	() ()
1	210.140.196.204 210.140.196.204	() ()
29	6

1 2606:4700:20::6819:ea35 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

is.gd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::6819:e935 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

is.gd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 153.120.23.115 (Japan)

ASN7684 (SAKURA-A SAKURA Internet Inc., JP)

pass-point.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.43.121.106 (Japan)

ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv14305.xserver.jp

rrttiwitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 202.210.187.60 (None, ) 2 redirects

ASN- ()

fam-ad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 210.140.196.204 (None, )

ASN- ()

nb.gnan.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 157	178 KB
4	rrttiwitter.com rrttiwitter.com	3 KB
2	fam-ad.com 2 redirects fam-ad.com	1 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 320 fonts.googleapis.com Failed	189 KB
2	pass-point.org pass-point.org	1 KB
2	is.gd 2 redirects is.gd — Cisco Umbrella Rank: 57587	442 B
1	gnan.jp nb.gnan.jp
0	unpkg.com Failed unpkg.com Failed
0	jp.net Failed cd52.428.jp.net Failed
29	9

	Domain	Requested by
4	connect.facebook.net	rrttiwitter.com connect.facebook.net
4	rrttiwitter.com	pass-point.org ajax.googleapis.com rrttiwitter.com
2	fam-ad.com	2 redirects
2	ajax.googleapis.com	rrttiwitter.com nb.gnan.jp
2	pass-point.org
2	is.gd	2 redirects
1	nb.gnan.jp	rrttiwitter.com
0	unpkg.com Failed	nb.gnan.jp
0	cd52.428.jp.net Failed	nb.gnan.jp
0	fonts.googleapis.com Failed	nb.gnan.jp
29	10

This site contains no links.

Subject Issuer	Validity	Valid
applove.info R3	`2023-04-01` - `2023-06-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-01` - `2023-05-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://nb.gnan.jp/?adv=fam2001&_xuid=xuidx8848166005x5fe&_fsc=14
Frame ID: 5C77BD835A574947F4AC1341C9B90700
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://is.gd/2KTykO HTTP 301
https://is.gd/2KTykO HTTP 301
https://pass-point.org/redirect/g5KnLJmrpJqc Page URL
http://rrttiwitter.com/ran/re.html Page URL
http://rrttiwitter.com/f1/re.html Page URL
https://fam-ad.com/ad/p/dt?_site=64020&_loc=271145&_mstype=99 HTTP 302
https://fam-ad.com/ad/p/r?_site=64020&_loc=271145&_campaign=4215&_article=21616&_mstype=99 HTTP 302
http://nb.gnan.jp/?adv=fam2001&_xuid=xuidx8848166005x5fe&_fsc=14 Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

29
Requests

14 %
HTTPS

50 %
IPv6

9
Domains

10
Subdomains

6
IPs

3
Countries

371 kB
Transfer

821 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://is.gd/2KTykO HTTP 301
https://is.gd/2KTykO HTTP 301
https://pass-point.org/redirect/g5KnLJmrpJqc Page URL
http://rrttiwitter.com/ran/re.html Page URL
http://rrttiwitter.com/f1/re.html Page URL
https://fam-ad.com/ad/p/dt?_site=64020&_loc=271145&_mstype=99 HTTP 302
https://fam-ad.com/ad/p/r?_site=64020&_loc=271145&_campaign=4215&_article=21616&_mstype=99 HTTP 302
http://nb.gnan.jp/?adv=fam2001&_xuid=xuidx8848166005x5fe&_fsc=14 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://is.gd/2KTykO HTTP 301
https://is.gd/2KTykO HTTP 301
https://pass-point.org/redirect/g5KnLJmrpJqc

Request Chain 4

http://connect.facebook.net/ja_JP/sdk.js HTTP 307
https://connect.facebook.net/ja_JP/sdk.js

Request Chain 9

http://connect.facebook.net/ja_JP/sdk.js HTTP 307
https://connect.facebook.net/ja_JP/sdk.js

29 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

g5KnLJmrpJqc Show response
pass-point.org/redirect/
Redirect Chain

http://is.gd/2KTykO
https://is.gd/2KTykO
https://pass-point.org/redirect/g5KnLJmrpJqc

198 B
876 B

1615ms
284ms

Document
text/html

153.120.23.115
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL

https://pass-point.org/redirect/g5KnLJmrpJqc

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

153.120.23.115 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),

Reverse DNS

Software

nginx/1.14.1 /

Resource Hash

e13264270bc78b86d7ed038643a386fca4196f440514d62162a025eb48340484

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 23 May 2023 10:12:13 GMT
ETag: W/"e13264270bc78b86d7ed038643a386fc"
Link: </assets/redirect-7bda0693ba6765e6cf3bd7679d32c1bd76a895c22bd66945dfd926623d372a5a.js>; rel=preload; as=script; nopush
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.14.1
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 94601fdd-c684-46c4-89b7-7b68ab927cf2
X-Runtime: 0.008025
X-XSS-Protection: 0

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 7cbc84e72f133665-FRA
content-type: text/html; charset=UTF-8
date: Tue, 23 May 2023 10:12:12 GMT
location: https://pass-point.org/redirect/g5KnLJmrpJqc
server: cloudflare

GET
H/1.1 200
OK redirect-7bda0693ba6765e6cf3bd7679d32c1bd76a895c22bd66945dfd926623d372a5a.js
pass-point.org/assets/ 119 B
384 B 277ms
277ms Script
application/javascript 153.120.23.115
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://pass-point.org/assets/redirect-7bda0693ba6765e6cf3bd7679d32c1bd76a895c22bd66945dfd926623d372a5a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 153.120.23.115 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pass-point.org/redirect/g5KnLJmrpJqc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 10:12:14 GMT
Last-Modified: Tue, 01 Nov 2022 09:05:57 GMT
Server: nginx/1.14.1
ETag: "6360e175-77"
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 119

GET
H/1.1 200
OK re.html Show response
rrttiwitter.com/ran/ 1 KB
1 KB 1036ms
246ms Document
text/html 162.43.121.106
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://rrttiwitter.com/ran/re.html
Requested by: Host: pass-point.org
URL: https://pass-point.org/assets/redirect-7bda0693ba6765e6cf3bd7679d32c1bd76a895c22bd66945dfd926623d372a5a.js
Protocol: HTTP/1.1
Server: 162.43.121.106 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv14305.xserver.jp
Software: nginx /
Resource Hash: 485cf325ca18963e74d91770a1180d9dd04c3cc3e568a8008ed1832cba2e733d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 23 May 2023 10:12:15 GMT
ETag: W/"58a-5eed2864a0e48"
Last-Modified: Fri, 02 Dec 2022 06:34:07 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
95 KB 77ms
38ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: rrttiwitter.com
URL: http://rrttiwitter.com/ran/re.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rrttiwitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 01:01:20 GMT
X-Content-Type-Options: nosniff
Age: 292255
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 95992
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Vary: Accept-Encoding
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sun, 19 May 2024 01:01:20 GMT

GET
H2

200

sdk.js Show response
connect.facebook.net/ja_JP/
Redirect Chain

http://connect.facebook.net/ja_JP/sdk.js
https://connect.facebook.net/ja_JP/sdk.js

3 KB
3 KB

27ms
8ms

Script
application/x-javascript

2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ja_JP/sdk.js

Requested by

Host: rrttiwitter.com
URL: http://rrttiwitter.com/ran/re.html

Protocol

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

514a43a4f27ed99a7f21f060dcf240c49e22dc2f80704ae885c57be2d0ff32a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rrttiwitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 23 May 2023 10:12:15 GMT
content-md5: LocyocEpq09k8jBTqqyz/Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: nuRS586Bj+KEjVPv5TIWKUaVqG4ox4TQTTwSbr44Cqw74Z1g0aiE+xT0xsM53mPzBH/XE4bT0v3DmLUJWaTxRA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 3edb09237b2657aa417fc33bc0c6f5e7
cross-origin-opener-policy: same-origin-allow-popups
etag: "6accb83b44beb8d5a50a378bcbca4d06"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
expires: Tue, 23 May 2023 10:23:43 GMT

Redirect headers

Location: https://connect.facebook.net/ja_JP/sdk.js#xfbml=1&version=v2.4
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK get_url.php
rrttiwitter.com/ran/ 33 B
274 B 588ms
588ms XHR
text/html 162.43.121.106
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://rrttiwitter.com/ran/get_url.php
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol: HTTP/1.1
Server: 162.43.121.106 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv14305.xserver.jp
Software: nginx /
Resource Hash

Request headers

Accept: */*
Referer: http://rrttiwitter.com/ran/re.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 10:12:15 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 sdk.js Show response
connect.facebook.net/ja_JP/ 307 KB
87 KB 18ms
10ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ja_JP/sdk.js?hash=5943b1bc879e638a8c253359f0ced0f7

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/ja_JP/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4b771650939f67965e9f01660f3f4c10093408f81615a47d14be32486d964d30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://rrttiwitter.com/
Origin: http://rrttiwitter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 23 May 2023 10:12:15 GMT
content-md5: NLQ4pQ1EB+zIC6ntwF/pUA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88824
x-fb-rlafr: 0
x-fb-debug: wJpIwu9w/fDXIz/uY7Skhn24vn4Hq7NCJUX154ms4ok7fMmp1L/KaN20EC5+Br18pSL7t+OMPchF3JeidollXA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 34a47d72093f58a321a3a79873a3051e
cross-origin-opener-policy: same-origin-allow-popups
etag: "cbff3bfd0c05d79ae12fc83b1672e2b7"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Wed, 22 May 2024 09:16:03 GMT

GET
H/1.1 200
OK re.html Show response
rrttiwitter.com/f1/ 1 KB
1 KB 927ms
926ms Document
text/html 162.43.121.106
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://rrttiwitter.com/f1/re.html
Requested by: Host: rrttiwitter.com
URL: http://rrttiwitter.com/ran/re.html
Protocol: HTTP/1.1
Server: 162.43.121.106 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv14305.xserver.jp
Software: nginx /
Resource Hash: 485cf325ca18963e74d91770a1180d9dd04c3cc3e568a8008ed1832cba2e733d

Request headers

Referer: http://rrttiwitter.com/ran/re.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 23 May 2023 10:12:17 GMT
ETag: W/"58a-5ebc561c26b10"
Last-Modified: Mon, 24 Oct 2022 10:37:44 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
95 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: rrttiwitter.com
URL: http://rrttiwitter.com/f1/re.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rrttiwitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 01:01:20 GMT
X-Content-Type-Options: nosniff
Age: 292257
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 95992
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Vary: Accept-Encoding
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sun, 19 May 2024 01:01:20 GMT

GET
H2

200

sdk.js Show response
connect.facebook.net/ja_JP/
Redirect Chain

http://connect.facebook.net/ja_JP/sdk.js
https://connect.facebook.net/ja_JP/sdk.js

3 KB
2 KB

9ms
8ms

Script
application/x-javascript

2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ja_JP/sdk.js

Requested by

Host: rrttiwitter.com
URL: http://rrttiwitter.com/f1/re.html

Protocol

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

514a43a4f27ed99a7f21f060dcf240c49e22dc2f80704ae885c57be2d0ff32a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rrttiwitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 23 May 2023 10:12:17 GMT
content-md5: LocyocEpq09k8jBTqqyz/Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: nuRS586Bj+KEjVPv5TIWKUaVqG4ox4TQTTwSbr44Cqw74Z1g0aiE+xT0xsM53mPzBH/XE4bT0v3DmLUJWaTxRA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 3edb09237b2657aa417fc33bc0c6f5e7
cross-origin-opener-policy: same-origin-allow-popups
etag: "6accb83b44beb8d5a50a378bcbca4d06"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
expires: Tue, 23 May 2023 10:23:43 GMT

Redirect headers

Location: https://connect.facebook.net/ja_JP/sdk.js#xfbml=1&version=v2.4
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK get_url.php
rrttiwitter.com/f1/ 61 B
302 B 246ms
245ms XHR
text/html 162.43.121.106
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://rrttiwitter.com/f1/get_url.php
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol: HTTP/1.1
Server: 162.43.121.106 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv14305.xserver.jp
Software: nginx /
Resource Hash

Request headers

Accept: */*
Referer: http://rrttiwitter.com/f1/re.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 10:12:17 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 sdk.js Show response
connect.facebook.net/ja_JP/ 307 KB
87 KB 10ms
10ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ja_JP/sdk.js?hash=5943b1bc879e638a8c253359f0ced0f7

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/ja_JP/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4b771650939f67965e9f01660f3f4c10093408f81615a47d14be32486d964d30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://rrttiwitter.com/
Origin: http://rrttiwitter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 23 May 2023 10:12:17 GMT
content-md5: NLQ4pQ1EB+zIC6ntwF/pUA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88824
x-fb-rlafr: 0
x-fb-debug: wJpIwu9w/fDXIz/uY7Skhn24vn4Hq7NCJUX154ms4ok7fMmp1L/KaN20EC5+Br18pSL7t+OMPchF3JeidollXA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 34a47d72093f58a321a3a79873a3051e
cross-origin-opener-policy: same-origin-allow-popups
etag: "cbff3bfd0c05d79ae12fc83b1672e2b7"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Wed, 22 May 2024 09:16:03 GMT

GET
H/1.1

200
OK

Primary Request /
nb.gnan.jp/
Redirect Chain

https://fam-ad.com/ad/p/dt?_site=64020&_loc=271145&_mstype=99
https://fam-ad.com/ad/p/r?_site=64020&_loc=271145&_campaign=4215&_article=21616&_mstype=99
http://nb.gnan.jp/?adv=fam2001&_xuid=xuidx8848166005x5fe&_fsc=14

11 KB
0

5037ms
271ms

Document
text/html

210.140.196.204

General

Check archive.org

Show headers Download Go to

Full URL: http://nb.gnan.jp/?adv=fam2001&_xuid=xuidx8848166005x5fe&_fsc=14
Requested by: Host: rrttiwitter.com
URL: http://rrttiwitter.com/f1/re.html
Protocol: HTTP/1.1
Server: 210.140.196.204 -, , ASN (),
Reverse DNS
Software: nginx / PHP/7.2.6
Resource Hash

Request headers

Referer: http://rrttiwitter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 23 May 2023 10:12:24 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding User-Agent
X-Powered-By: PHP/7.2.6
X-Robots-Tag: noimageindex, notranslate, nosnippet, noarchive, nofollow

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Connection: close
Content-Length: 0
Content-Type: text/plain
Date: Tue, 23 May 2023 10:10:05 GMT
Location: http://nb.gnan.jp/?adv=fam2001&_xuid=xuidx8848166005x5fe&_fsc=14
P3P: CP='CAO PSA CONi OTR OUR DEM ONL'

GET icon
fonts.googleapis.com/ 0
0

GET mplus1p.css
fonts.googleapis.com/earlyaccess/ 0
0

GET popup.css
cd52.428.jp.net/assets/css/ 0
0

GET style.css
cd52.428.jp.net/2/gnan.jp/css/ 0
0

GET color.css
cd52.428.jp.net/2/gnan.jp/ 0
0

GET aos.css
unpkg.com/aos@2.3.1/dist/ 0
0

GET popup.js
cd52.428.jp.net/assets/js/ 0
0

GET jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 0
0

GET aos.js
unpkg.com/aos@2.3.1/dist/ 0
0

GET common.js
cd52.428.jp.net/2/gnan.jp/js/ 0
0

GET main.jpg
cd52.428.jp.net/2/gnan.jp/img/ 0
0

GET regist_btn.png
cd52.428.jp.net/2/gnan.jp/img/ 0
0

GET sec02_figure.jpg
cd52.428.jp.net/2/gnan.jp/img/ 0
0

GET sec02_bg_sp.jpg
cd52.428.jp.net/2/gnan.jp/img/ 0
0

GET cp_title.png
cd52.428.jp.net/2/gnan.jp/img/ 0
0

GET cp_title_sp.png
cd52.428.jp.net/2/gnan.jp/img/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/mplus1p.css

Domain: cd52.428.jp.net
URL: http://cd52.428.jp.net/assets/css/popup.css

Domain: cd52.428.jp.net
URL: http://cd52.428.jp.net/2/gnan.jp/css/style.css

Domain: cd52.428.jp.net
URL: http://cd52.428.jp.net/2/gnan.jp/color.css

Domain: unpkg.com
URL: https://unpkg.com/aos@2.3.1/dist/aos.css

Domain: cd52.428.jp.net
URL: http://cd52.428.jp.net/assets/js/popup.js

Domain: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Domain: unpkg.com
URL: https://unpkg.com/aos@2.3.1/dist/aos.js

Domain: cd52.428.jp.net
URL: http://cd52.428.jp.net/2/gnan.jp/js/common.js

Domain: cd52.428.jp.net
URL: http://cd52.428.jp.net/2/gnan.jp/img/main.jpg

Domain: cd52.428.jp.net
URL: http://cd52.428.jp.net/2/gnan.jp/img/regist_btn.png

Domain: cd52.428.jp.net
URL: http://cd52.428.jp.net/2/gnan.jp/img/sec02_figure.jpg

Domain: cd52.428.jp.net
URL: http://cd52.428.jp.net/2/gnan.jp/img/sec02_bg_sp.jpg

Domain: cd52.428.jp.net
URL: http://cd52.428.jp.net/2/gnan.jp/img/cp_title.png

Domain: cd52.428.jp.net
URL: http://cd52.428.jp.net/2/gnan.jp/img/cp_title_sp.png

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cd52.428.jp.net
connect.facebook.net
fam-ad.com
fonts.googleapis.com
is.gd
nb.gnan.jp
pass-point.org
rrttiwitter.com
unpkg.com
ajax.googleapis.com
cd52.428.jp.net
fonts.googleapis.com
unpkg.com
153.120.23.115
162.43.121.106
202.210.187.60
210.140.196.204
2606:4700:20::6819:e935
2606:4700:20::6819:ea35
2a00:1450:4001:802::200a
2a03:2880:f084:d:face:b00c:0:3
485cf325ca18963e74d91770a1180d9dd04c3cc3e568a8008ed1832cba2e733d
4b771650939f67965e9f01660f3f4c10093408f81615a47d14be32486d964d30
514a43a4f27ed99a7f21f060dcf240c49e22dc2f80704ae885c57be2d0ff32a5
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
e13264270bc78b86d7ed038643a386fca4196f440514d62162a025eb48340484

nb.gnan.jp Open in urlscan Pro 210.140.196.204 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

29 Requests

14 %HTTPS

50 %IPv6

9 Domains

10 Subdomains

6 IPs

3 Countries

371 kBTransfer

821 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

nb.gnan.jp Open in urlscan Pro
210.140.196.204 Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

14 %
HTTPS

50 %
IPv6

9
Domains

10
Subdomains

6
IPs

3
Countries

371 kB
Transfer

821 kB
Size

0
Cookies

29 HTTP transactions
0 data transactions