urlscan.io logo urlscan.io
SecurityTrails logo

realtorszz.azurewebsites.net Open in urlscan Pro
20.210.64.16  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://opsvtest.serice-now.com/
Effective URL: https://realtorszz.azurewebsites.net/index.html?PubID=788&SubID=apix07.serice-now.com&Camp=688&Browser=chrome
Submission: On June 19 via manual from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 8 domains to perform 24 HTTP transactions. The main IP is 20.210.64.16, located in Tokyo, Japan and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is realtorszz.azurewebsites.net.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 02 on March 10th 2023. Valid for: a year.
This is the only time realtorszz.azurewebsites.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Tech Support Scam (Consumer)

Domain & IP information

IP Address AS Autonomous System
2 67.55.121.97 27257 (WEBAIR-IN...)
1 2 178.162.151.164 60781 (LEASEWEB-...)
1 2 104.206.252.90 62904 (AS62904)
1 1 142.93.240.225 14061 (DIGITALOC...)
9 20.210.64.16 8075 (MICROSOFT...)
5 172.217.161.35 15169 (GOOGLE)
2 142.251.42.200 15169 (GOOGLE)
4 142.250.198.14 15169 (GOOGLE)
24 7
2    67.55.121.97 (United States)

ASN27257 (WEBAIR-INTERNET, US)
PTR: fub.cornfedder.com
opsvtest.serice-now.com
serice-now.com
2    178.162.151.164 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
q3.quotes.com
2    104.206.252.90 (New York, United States)

ASN62904 (AS62904, US)
PTR: 90-252-206-104.staticrdns.eonix.net
9893.neracti.com
1    142.93.240.225 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
www.toromclick.com
9    20.210.64.16 (Tokyo, Japan)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
realtorszz.azurewebsites.net
5    172.217.161.35 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s23-in-f3.1e100.net
fonts.gstatic.com
2    142.251.42.200 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f8.1e100.net
www.googletagmanager.com
4    142.250.198.14 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s58-in-f14.1e100.net
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
9 azurewebsites.net
realtorszz.azurewebsites.net
1 MB
5 gstatic.com
fonts.gstatic.com
40 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 82
129 KB
2 neracti.com
9893.neracti.com
3 KB
2 quotes.com
q3.quotes.com
728 B
2 serice-now.com
opsvtest.serice-now.com
serice-now.com
1 KB
1 toromclick.com
www.toromclick.com — Cisco Umbrella Rank: 111578
436 B
24 8
Domain Requested by
9 realtorszz.azurewebsites.net opsvtest.serice-now.com
realtorszz.azurewebsites.net
5 fonts.gstatic.com realtorszz.azurewebsites.net
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
realtorszz.azurewebsites.net
2 www.googletagmanager.com realtorszz.azurewebsites.net
www.googletagmanager.com
2 9893.neracti.com 1 redirects
2 q3.quotes.com 1 redirects serice-now.com
1 www.toromclick.com 1 redirects
1 serice-now.com
1 opsvtest.serice-now.com
24 9

This site contains no links.

Subject Issuer Validity Valid
*.azurewebsites.net
Microsoft Azure TLS Issuing CA 02		 2023-03-10 -
2024-03-04		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://realtorszz.azurewebsites.net/index.html?PubID=788&SubID=apix07.serice-now.com&Camp=688&Browser=chrome
Frame ID: 200ADB48AD0B1CEAC1462F806D2D1F61
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Official WindowsセキュリティセンターOfficial Windowsセキュリティセンター

Page URL History Show full URLs

  1. http://opsvtest.serice-now.com/ Page URL
  2. http://serice-now.com/ Page URL
  3. http://q3.quotes.com/3e925d24-0e50-11ee-b21c-e18d82805720 Page URL
  4. http://q3.quotes.com/3e925d24-0e50-11ee-b21c-e18d82805720?hr=1 HTTP 302
    http://9893.neracti.com/match-9893/82373/25310489/1687144830/mf_6629279d-89ce-4272-b9cf-b9b953f2c81c... Page URL
  5. http://9893.neracti.com/match-9893/82373/25310489/1687144830/mf_6629279d-89ce-4272-b9cf-b9b953f2c81c... HTTP 302
    http://www.toromclick.com/feed/click/?t1=128&tid=788&uid=201&subid=apix07.serice-now.com&id=66f7ecb659... HTTP 302
    https://realtorszz.azurewebsites.net/index.html?PubID=788&SubID=apix07.serice-now.com&Camp=688&Browser=chrome Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

24
Requests

83 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

7
IPs

3
Countries

1377 kB
Transfer

2243 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://opsvtest.serice-now.com/ Page URL
  2. http://serice-now.com/ Page URL
  3. http://q3.quotes.com/3e925d24-0e50-11ee-b21c-e18d82805720 Page URL
  4. http://q3.quotes.com/3e925d24-0e50-11ee-b21c-e18d82805720?hr=1 HTTP 302
    http://9893.neracti.com/match-9893/82373/25310489/1687144830/mf_6629279d-89ce-4272-b9cf-b9b953f2c81c/YXBpeDA3LXNlcmljZS1ub3cuY29tfDE2ODcxNDQ4MzAuNzkwODUxLTI1MzEwNDg5LTgyMzcz/feed Page URL
  5. http://9893.neracti.com/match-9893/82373/25310489/1687144830/mf_6629279d-89ce-4272-b9cf-b9b953f2c81c/YXBpeDA3LXNlcmljZS1ub3cuY29tfDE2ODcxNDQ4MzAuNzkwODUxLTI1MzEwNDg5LTgyMzcz HTTP 302
    http://www.toromclick.com/feed/click/?t1=128&tid=788&uid=201&subid=apix07.serice-now.com&id=66f7ecb6591edbdc3b6e5ca185ae9043:065c9196bbf8bf8d8c37711c495cd921646c924c89e520a4160c1daeb28c9658aaeac76494dac5ef93e28dc9f3266b15f2eb28533efb3a7002ce7c386de51a49979cf4bef9dc9cda21b55db3da6cf01e8b7f1aa3c56b89011035efce267c227f8c086c2217a441a8606aa4d5d9c8474b075eaf43108242234b5e77b4cfdc48e97792edbdd3bf78a42c6537382195aa04a0d40f3c512986696b2121c7455d212723444f76652aceb666acdca679949fd25cf4521737e17732107bfa77848357acccd418e0ac9ee096e4f61b22f9cb79b5f8cfe9167399621860641b4767cb9d9a439dcc4bfb4904ee3e21dd5a3b891b6d8e984beb5b4be64da3594ffb07d4e42fc12732204ae59bfbdb94dcd5c08882a5c78296637fdb4a0d0c4fbee3879ffce8a5ab336e9635fd59bfbfe7f6576e50554ed7acd58b369aafd3084becf7564e312fefeadd2b730b9be17f762581ba7ba7b8a90fdd3eb763a73dcd8e8d73bdaa8c636c9fcd1dd870c4bb38909fc1873ebd6b84564557e7f7e679bcb816ee16ea87cbc37fd0f2d6a7fb009f19c2239d3709 HTTP 302
    https://realtorszz.azurewebsites.net/index.html?PubID=788&SubID=apix07.serice-now.com&Camp=688&Browser=chrome Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • http://q3.quotes.com/3e925d24-0e50-11ee-b21c-e18d82805720?hr=1 HTTP 302
  • http://9893.neracti.com/match-9893/82373/25310489/1687144830/mf_6629279d-89ce-4272-b9cf-b9b953f2c81c/YXBpeDA3LXNlcmljZS1ub3cuY29tfDE2ODcxNDQ4MzAuNzkwODUxLTI1MzEwNDg5LTgyMzcz/feed

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
opsvtest.serice-now.com/ 		356 B
445 B 		Document
General
Check archive.org
Download Go to
Full URL
http://opsvtest.serice-now.com/
Protocol
HTTP/1.1
Server
67.55.121.97 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
fub.cornfedder.com
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Mon, 19 Jun 2023 03:20:29 GMT
Server
nginx
Transfer-Encoding
chunked
/
serice-now.com/ 		212 B
606 B 		Document
General
Check archive.org
Download Go to
Full URL
http://serice-now.com/
Protocol
HTTP/1.1
Server
67.55.121.97 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
fub.cornfedder.com
Software
nginx /
Resource Hash

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
http://opsvtest.serice-now.com
Referer
http://opsvtest.serice-now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Mon, 19 Jun 2023 03:20:30 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Server
nginx
Transfer-Encoding
chunked
X-IFID
1
3e925d24-0e50-11ee-b21c-e18d82805720
q3.quotes.com/ 		170 B
373 B 		Document
General
Check archive.org
Download Go to
Full URL
http://q3.quotes.com/3e925d24-0e50-11ee-b21c-e18d82805720
Requested by
Host: serice-now.com
URL: http://serice-now.com/
Protocol
HTTP/1.1
Server
178.162.151.164 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
http://serice-now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
170
content-type
text/html; charset=utf-8
date
Mon, 19 Jun 2023 03:20:31 GMT
server
nginx
feed
9893.neracti.com/match-9893/82373/25310489/1687144830/mf_6629279d-89ce-4272-b9cf-b9b953f2c81c/YXBpeDA3LXNlcmljZS1ub3cuY29tfDE2ODcxNDQ4MzAuNzkwODUxLTI1MzEwNDg5LTgyMzcz/
Redirect Chain
  • http://q3.quotes.com/3e925d24-0e50-11ee-b21c-e18d82805720?hr=1
  • http://9893.neracti.com/match-9893/82373/25310489/1687144830/mf_6629279d-89ce-4272-b9cf-b9b953f2c81c/YXBpeDA3LXNlcmljZS1ub3cuY29tfDE2ODcxNDQ4MzAuNzkwODUxLTI1MzEwNDg5LTgyMzcz/feed
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://9893.neracti.com/match-9893/82373/25310489/1687144830/mf_6629279d-89ce-4272-b9cf-b9b953f2c81c/YXBpeDA3LXNlcmljZS1ub3cuY29tfDE2ODcxNDQ4MzAuNzkwODUxLTI1MzEwNDg5LTgyMzcz/feed
Protocol
HTTP/1.1
Server
104.206.252.90 New York, United States, ASN62904 (AS62904, US),
Reverse DNS
90-252-206-104.staticrdns.eonix.net
Software
nginx/1.14.2 /
Resource Hash

Request headers

Referer
http://q3.quotes.com/3e925d24-0e50-11ee-b21c-e18d82805720
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

Connection
close
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 19 Jun 2023 03:20:32 GMT
Server
nginx/1.14.2
Transfer-Encoding
chunked

Redirect headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
11
date
Mon, 19 Jun 2023 03:20:31 GMT
location
http://9893.neracti.com/match-9893/82373/25310489/1687144830/mf_6629279d-89ce-4272-b9cf-b9b953f2c81c/YXBpeDA3LXNlcmljZS1ub3cuY29tfDE2ODcxNDQ4MzAuNzkwODUxLTI1MzEwNDg5LTgyMzcz/feed
server
nginx
Primary Request index.html
realtorszz.azurewebsites.net/
Redirect Chain
  • http://9893.neracti.com/match-9893/82373/25310489/1687144830/mf_6629279d-89ce-4272-b9cf-b9b953f2c81c/YXBpeDA3LXNlcmljZS1ub3cuY29tfDE2ODcxNDQ4MzAuNzkwODUxLTI1MzEwNDg5LTgyMzcz
  • http://www.toromclick.com/feed/click/?t1=128&tid=788&uid=201&subid=apix07.serice-now.com&id=66f7ecb6591edbdc3b6e5ca185ae9043:065c9196bbf8bf8d8c37711c495cd921646c924c89e520a4160c1daeb28c9658aaeac764...
  • https://realtorszz.azurewebsites.net/index.html?PubID=788&SubID=apix07.serice-now.com&Camp=688&Browser=chrome
674 KB
145 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://realtorszz.azurewebsites.net/index.html?PubID=788&SubID=apix07.serice-now.com&Camp=688&Browser=chrome
Requested by
Host: opsvtest.serice-now.com
URL: http://opsvtest.serice-now.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.210.64.16 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
864a586405ed38ebd3c35830624e0b494aa857a7909021b8ed1a694135290a14

Request headers

Referer
http://9893.neracti.com/match-9893/82373/25310489/1687144830/mf_6629279d-89ce-4272-b9cf-b9b953f2c81c/YXBpeDA3LXNlcmljZS1ub3cuY29tfDE2ODcxNDQ4MzAuNzkwODUxLTI1MzEwNDg5LTgyMzcz/feed
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
147520
Content-Type
text/html
Date
Mon, 19 Jun 2023 03:20:34 GMT
ETag
"0f4bdad54a2d91:0"
Last-Modified
Mon, 19 Jun 2023 02:20:56 GMT
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
X-Powered-By
ASP.NET

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
286
Content-Type
text/html; charset=utf-8
Date
Mon, 19 Jun 2023 03:20:34 GMT
Expires
0
Keep-Alive
timeout=5
Location
https://realtorszz.azurewebsites.net/index.html?PubID=788&SubID=apix07.serice-now.com&Camp=688&Browser=chrome
Surrogate-Control
no-store
Vary
Accept
X-Powered-By
Express
fuji.jpg
realtorszz.azurewebsites.net/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://realtorszz.azurewebsites.net/img/fuji.jpg
Requested by
Host: realtorszz.azurewebsites.net
URL: https://realtorszz.azurewebsites.net/index.html?PubID=788&SubID=apix07.serice-now.com&Camp=688&Browser=chrome
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.210.64.16 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f70249b342aecd9e3d2367aea39df606e92562f9d7945ad8849b36cd3e3a85a1

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://realtorszz.azurewebsites.net/index.html?PubID=788&SubID=apix07.serice-now.com&Camp=688&Browser=chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Mon, 19 Jun 2023 03:20:34 GMT
Last-Modified
Mon, 19 Jun 2023 02:20:36 GMT
Server
Microsoft-IIS/10.0
ETag
"51e4f0a154a2d91:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
2004
kane.png
realtorszz.azurewebsites.net/img/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://realtorszz.azurewebsites.net/img/kane.png
Requested by
Host: realtorszz.azurewebsites.net
URL: https://realtorszz.azurewebsites.net/index.html?PubID=788&SubID=apix07.serice-now.com&Camp=688&Browser=chrome
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.210.64.16 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
be07a86937c1ac63f4526545b1223f6577bab12a8bef55cb09a128b2a9322f56

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://realtorszz.azurewebsites.net/index.html?PubID=788&SubID=apix07.serice-now.com&Camp=688&Browser=chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Mon, 19 Jun 2023 03:20:34 GMT
Last-Modified
Mon, 19 Jun 2023 02:20:37 GMT
Server
Microsoft-IIS/10.0
ETag
"f595b2a254a2d91:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
61841
takibi.png
realtorszz.azurewebsites.net/img/ 		171 KB
171 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://realtorszz.azurewebsites.net/img/takibi.png
Requested by
Host: realtorszz.azurewebsites.net
URL: https://realtorszz.azurewebsites.net/index.html?PubID=788&SubID=apix07.serice-now.com&Camp=688&Browser=chrome
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.210.64.16 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
02b1dc72040c17f3300c7a554d6f0e205d3a5c45454988ca0b6536e41cfcb5fe

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://realtorszz.azurewebsites.net/index.html?PubID=788&SubID=apix07.serice-now.com&Camp=688&Browser=chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Mon, 19 Jun 2023 03:20:34 GMT
Last-Modified
Mon, 19 Jun 2023 02:20:36 GMT
Server
Microsoft-IIS/10.0
ETag
"eba452a254a2d91:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
175141
kyoto.png
realtorszz.azurewebsites.net/img/ 		796 KB
796 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://realtorszz.azurewebsites.net/img/kyoto.png
Requested by
Host: realtorszz.azurewebsites.net
URL: https://realtorszz.azurewebsites.net/index.html?PubID=788&SubID=apix07.serice-now.com&Camp=688&Browser=chrome
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.210.64.16 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4a407a00faf2a7513f616cba48625e96128db75777ad8fbdcd9558490fa088ee

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://realtorszz.azurewebsites.net/index.html?PubID=788&SubID=apix07.serice-now.com&Camp=688&Browser=chrome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Mon, 19 Jun 2023 03:20:34 GMT
Last-Modified
Mon, 19 Jun 2023 02:20:41 GMT
Server
Microsoft-IIS/10.0
ETag
"191d46a554a2d91:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
815362
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: realtorszz.azurewebsites.net
URL: https://realtorszz.azurewebsites.net/index.html?PubID=788&SubID=apix07.serice-now.com&Camp=688&Browser=chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.161.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s23-in-f3.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://realtorszz.azurewebsites.net/
Origin
https://realtorszz.azurewebsites.net
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 09:42:20 GMT
x-content-type-options
nosniff
age
149894
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 16 Jun 2024 09:42:20 GMT
js
www.googletagmanager.com/gtag/ 		123 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-116984914-2
Requested by
Host: realtorszz.azurewebsites.net
URL: https://realtorszz.azurewebsites.net/index.html?PubID=788&SubID=apix07.serice-now.com&Camp=688&Browser=chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b0cd860f996b99e5d3dfc1c17d6667643a5cce401a01a4772efef6776e51a3ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://realtorszz.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 03:20:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
48644
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 19 Jun 2023 03:20:34 GMT
takashi.mp3
realtorszz.azurewebsites.net/img/ 		65 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://realtorszz.azurewebsites.net/img/takashi.mp3
Requested by
Host: realtorszz.azurewebsites.net
URL: https://realtorszz.azurewebsites.net/index.html?PubID=788&SubID=apix07.serice-now.com&Camp=688&Browser=chrome
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.210.64.16 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer
https://realtorszz.azurewebsites.net/index.html?PubID=788&SubID=apix07.serice-now.com&Camp=688&Browser=chrome
Accept-Encoding
identity;q=1, *;q=0
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Range
bytes=0-

Response headers

Date
Mon, 19 Jun 2023 03:20:34 GMT
Last-Modified
Mon, 19 Jun 2023 02:20:37 GMT
Server
Microsoft-IIS/10.0
ETag
"8533b0a254a2d91:0"
X-Powered-By
ASP.NET
Content-Type
audio/mpeg
Content-Range
bytes 0-231541/231542
Accept-Ranges
bytes
Content-Length
231542
yaketsuku.mp3
realtorszz.azurewebsites.net/img/ 		8 KB
8 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://realtorszz.azurewebsites.net/img/yaketsuku.mp3
Requested by
Host: realtorszz.azurewebsites.net
URL: https://realtorszz.azurewebsites.net/index.html?PubID=788&SubID=apix07.serice-now.com&Camp=688&Browser=chrome
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.210.64.16 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1

Request headers

Referer
https://realtorszz.azurewebsites.net/index.html?PubID=788&SubID=apix07.serice-now.com&Camp=688&Browser=chrome
Accept-Encoding
identity;q=1, *;q=0
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Range
bytes=0-

Response headers

Date
Mon, 19 Jun 2023 03:20:34 GMT
Last-Modified
Mon, 19 Jun 2023 02:20:36 GMT
Server
Microsoft-IIS/10.0
ETag
"f7917a254a2d91:0"
X-Powered-By
ASP.NET
Content-Type
audio/mpeg
Content-Range
bytes 0-8404/8405
Accept-Ranges
bytes
Content-Length
8405
takashi.mp3
realtorszz.azurewebsites.net/img/ 		12 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://realtorszz.azurewebsites.net/img/takashi.mp3
Requested by
Host: realtorszz.azurewebsites.net
URL: https://realtorszz.azurewebsites.net/index.html?PubID=788&SubID=apix07.serice-now.com&Camp=688&Browser=chrome
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.210.64.16 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer
https://realtorszz.azurewebsites.net/index.html?PubID=788&SubID=apix07.serice-now.com&Camp=688&Browser=chrome
Accept-Encoding
identity;q=1, *;q=0
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Range
bytes=0-

Response headers

Date
Mon, 19 Jun 2023 03:20:34 GMT
Last-Modified
Mon, 19 Jun 2023 02:20:37 GMT
Server
Microsoft-IIS/10.0
ETag
"8533b0a254a2d91:0"
X-Powered-By
ASP.NET
Content-Type
audio/mpeg
Content-Range
bytes 0-231541/231542
Accept-Ranges
bytes
Content-Length
231542
yaketsuku.mp3
realtorszz.azurewebsites.net/img/ 		8 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://realtorszz.azurewebsites.net/img/yaketsuku.mp3
Requested by
Host: realtorszz.azurewebsites.net
URL: https://realtorszz.azurewebsites.net/index.html?PubID=788&SubID=apix07.serice-now.com&Camp=688&Browser=chrome
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.210.64.16 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer
https://realtorszz.azurewebsites.net/index.html?PubID=788&SubID=apix07.serice-now.com&Camp=688&Browser=chrome
Accept-Encoding
identity;q=1, *;q=0
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Range
bytes=0-

Response headers

Date
Mon, 19 Jun 2023 03:20:34 GMT
Last-Modified
Mon, 19 Jun 2023 02:20:36 GMT
Server
Microsoft-IIS/10.0
ETag
"f7917a254a2d91:0"
X-Powered-By
ASP.NET
Content-Type
audio/mpeg
Content-Range
bytes 0-8404/8405
Accept-Ranges
bytes
Content-Length
8405
js
www.googletagmanager.com/gtag/ 		229 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SZQ5F5J2JH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-116984914-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
950874e0796c5dd30d22ed2f5ec03982f02e3218b5ac96a158efd6e16224337d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://realtorszz.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 03:20:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82860
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 19 Jun 2023 03:20:34 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-116984914-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.198.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://realtorszz.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 19 Jun 2023 01:25:15 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
6920
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Mon, 19 Jun 2023 03:25:15 GMT
collect
www.google-analytics.com/g/ 		0
180 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-SZQ5F5J2JH&gtm=45je36e0&_p=1667798980&cid=1008315064.1687144835&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1687144835&sct=1&seg=0&dl=https%3A%2F%2Frealtorszz.azurewebsites.net%2Findex.html%3FPubID%3D788%26SubID%3Dapix07.serice-now.com%26Camp%3D688%26Browser%3Dchrome&dr=http%3A%2F%2F9893.neracti.com%2F&dt=Official%20Windows%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E3%82%BB%E3%83%B3%E3%82%BF%E3%83%BC&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SZQ5F5J2JH&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.198.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://realtorszz.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Jun 2023 03:20:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://realtorszz.azurewebsites.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1667798980&t=pageview&_s=1&dl=https%3A%2F%2Frealtorszz.azurewebsites.net%2Findex.html%3FPubID%3D788%26SubID%3Dapix07.serice-now.com%26Camp%3D688%26Browser%3Dchrome&dr=http%3A%2F%2F9893.neracti.com%2F&ul=en-us&de=UTF-8&dt=Official%20Windows%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E3%82%BB%E3%83%B3%E3%82%BF%E3%83%BC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=767484824&gjid=342263418&cid=1008315064.1687144835&tid=UA-116984914-2&_gid=32915230.1687144835&_r=1&gtm=457e36e0&jsscut=1&z=1885559732
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.198.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://realtorszz.azurewebsites.net/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Jun 2023 03:20:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://realtorszz.azurewebsites.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
156 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1667798980&t=pageview&_s=2&dl=https%3A%2F%2Frealtorszz.azurewebsites.net%2Findex.html%3FPubID%3D788%26SubID%3Dapix07.serice-now.com%26Camp%3D688%26Browser%3Dchrome&dr=http%3A%2F%2F9893.neracti.com%2F&ul=en-us&de=UTF-8&dt=Official%20Windows%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E3%82%BB%E3%83%B3%E3%82%BF%E3%83%BC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=&gjid=&cid=1008315064.1687144835&tid=UA-116984914-2&_gid=32915230.1687144835&gtm=457e36e0&jsscut=1&z=1664824389
Requested by
Host: realtorszz.azurewebsites.net
URL: https://realtorszz.azurewebsites.net/index.html?PubID=788&SubID=apix07.serice-now.com&Camp=688&Browser=chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.198.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://realtorszz.azurewebsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 04:26:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
82426
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
Requested by
Host: realtorszz.azurewebsites.net
URL: https://realtorszz.azurewebsites.net/index.html?PubID=788&SubID=apix07.serice-now.com&Camp=688&Browser=chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.161.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s23-in-f3.1e100.net
Software
sffe /
Resource Hash
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://realtorszz.azurewebsites.net/
Origin
https://realtorszz.azurewebsites.net
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 03:07:50 GMT
x-content-type-options
nosniff
age
173565
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7824
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:52:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 16 Jun 2024 03:07:50 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.161.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s23-in-f3.1e100.net
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://realtorszz.azurewebsites.net/
Origin
https://realtorszz.azurewebsites.net
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 09:07:20 GMT
x-content-type-options
nosniff
age
411195
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Jun 2024 09:07:20 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.161.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s23-in-f3.1e100.net
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://realtorszz.azurewebsites.net/
Origin
https://realtorszz.azurewebsites.net
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 03:37:32 GMT
x-content-type-options
nosniff
age
171783
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 16 Jun 2024 03:37:32 GMT
pxiGyp8kv8JHgFVrJJLucHtA.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.161.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s23-in-f3.1e100.net
Software
sffe /
Resource Hash
50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://realtorszz.azurewebsites.net/
Origin
https://realtorszz.azurewebsites.net
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 22:33:28 GMT
x-content-type-options
nosniff
age
449228
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8668
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:07:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Jun 2024 22:33:28 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Tech Support Scam (Consumer)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend string| phone_number function| addEvent function| $ function| jQuery object| bootstrap function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData

7 Cookies

Domain/Path Name / Value
serice-now.com/ Name: ipc
Value: eyJ2ZXJzaW9uIjoxLCJzdWJJZCI6MywiZm9sZGVySWQiOjEsImZlZWRJZCI6MSwidHMiOjE2ODcxNDQ4MzAsImhhc2giOiJjN2Y0Yzc1OCJ9
.realtorszz.azurewebsites.net/ Name: ARRAffinity
Value: 598398f699164bd835807b9558b17f7d905a3ea3ac63d22af928aef1668690a3
.realtorszz.azurewebsites.net/ Name: ARRAffinitySameSite
Value: 598398f699164bd835807b9558b17f7d905a3ea3ac63d22af928aef1668690a3
.realtorszz.azurewebsites.net/ Name: _ga_SZQ5F5J2JH
Value: GS1.1.1687144835.1.0.1687144835.0.0.0
.realtorszz.azurewebsites.net/ Name: _ga
Value: GA1.3.1008315064.1687144835
.realtorszz.azurewebsites.net/ Name: _gid
Value: GA1.3.32915230.1687144835
.realtorszz.azurewebsites.net/ Name: _gat_gtag_UA_116984914_2
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9893.neracti.com
fonts.gstatic.com
opsvtest.serice-now.com
q3.quotes.com
realtorszz.azurewebsites.net
serice-now.com
www.google-analytics.com
www.googletagmanager.com
www.toromclick.com
104.206.252.90
142.250.198.14
142.251.42.200
142.93.240.225
172.217.161.35
178.162.151.164
20.210.64.16
67.55.121.97
02b1dc72040c17f3300c7a554d6f0e205d3a5c45454988ca0b6536e41cfcb5fe
0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1
4a407a00faf2a7513f616cba48625e96128db75777ad8fbdcd9558490fa088ee
50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
864a586405ed38ebd3c35830624e0b494aa857a7909021b8ed1a694135290a14
950874e0796c5dd30d22ed2f5ec03982f02e3218b5ac96a158efd6e16224337d
b0cd860f996b99e5d3dfc1c17d6667643a5cce401a01a4772efef6776e51a3ab
be07a86937c1ac63f4526545b1223f6577bab12a8bef55cb09a128b2a9322f56
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f70249b342aecd9e3d2367aea39df606e92562f9d7945ad8849b36cd3e3a85a1