rocket-boys.co.jp Open in urlscan Pro
118.27.125.184 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Submission: On November 21 via api (November 21st 2024, 11:36:46 am UTC) from IN — Scanned from JP

Summary HTTP 79 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 22 IPs in 6 countries across 19 domains to perform 79 HTTP transactions. The main IP is 118.27.125.184, located in Japan and belongs to INTERQ GMO Internet,Inc, JP. The main domain is rocket-boys.co.jp.
TLS certificate: Issued by R10 on October 24th 2024. Valid for: 3 months.

This is the only time rocket-boys.co.jp was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
44	118.27.125.184 118.27.125.184	7506 (INTERQ GM...) (INTERQ GMO Internet)
1	2404:6800:400... 2404:6800:4004:824::200a	15169 (GOOGLE) (GOOGLE)
2	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
3	2404:6800:400... 2404:6800:4004:824::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:8bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:bdf::46 2620:1ec:bdf::46	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700:20:... 2606:4700:20::681a:ccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:afc9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:6efe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:7674	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9310	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2404:6800:400... 2404:6800:4004:810::200e	15169 (GOOGLE) (GOOGLE)
3	54.92.29.218 54.92.29.218	16509 (AMAZON-02) (AMAZON-02)
2	104.18.80.204 104.18.80.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	4.153.72.49 4.153.72.49	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2001:4860:480... 2001:4860:4802:32::181	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4008:c15::9c	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:818::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.198.3 142.250.198.3	15169 (GOOGLE) (GOOGLE)
1 2	52.231.230.148 52.231.230.148	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
79	22

44 118.27.125.184 (Japan)

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: 118-27-125-184.virt.lolipop.jp

rocket-boys.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:824::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:824::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:8bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-na1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::46 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:ccc (United States)

ASN13335 (CLOUDFLARENET, US)

api.iconify.design	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:afc9 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:6efe (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9310 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:810::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.92.29.218 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-92-29-218.ap-northeast-1.compute.amazonaws.com

contents.bownow.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.80.204 (None, )

ASN13335 (CLOUDFLARENET, US)

perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 4.153.72.49 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

i.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4008:c15::9c (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:818::2002 (Australia)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.198.3 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s58-in-f3.1e100.net

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.231.230.148 (Busan, Korea, Republic Of) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	rocket-boys.co.jp rocket-boys.co.jp	1 MB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 625 i.clarity.ms — Cisco Umbrella Rank: 8052 c.clarity.ms — Cisco Umbrella Rank: 1269	31 KB
3	bownow.jp contents.bownow.jp — Cisco Umbrella Rank: 476933	8 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	22 KB
3	hubspot.com js.hubspot.com — Cisco Umbrella Rank: 3653 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 3677 track.hubspot.com — Cisco Umbrella Rank: 2477	27 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	251 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 135 td.doubleclick.net — Cisco Umbrella Rank: 182	546 B
2	hsforms.com perf-na1.hsforms.com — Cisco Umbrella Rank: 3819 forms.hsforms.com — Cisco Umbrella Rank: 4839	2 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4811 forms.hscollectedforms.net — Cisco Umbrella Rank: 4960	25 KB
2	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2580 js-na1.hs-scripts.com — Cisco Umbrella Rank: 6680	2 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	33 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 205	772 B
1	google.co.jp www.google.co.jp — Cisco Umbrella Rank: 25693	63 B
1	google.com analytics.google.com — Cisco Umbrella Rank: 142
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2343	26 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2358	25 KB
1	iconify.design api.iconify.design — Cisco Umbrella Rank: 13017	1 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 847	83 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	3 KB
79	19

	Domain	Requested by
44	rocket-boys.co.jp	rocket-boys.co.jp
3	contents.bownow.jp	rocket-boys.co.jp contents.bownow.jp
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com rocket-boys.co.jp
3	www.googletagmanager.com	rocket-boys.co.jp www.googletagmanager.com
2	c.clarity.ms	1 redirects
2	i.clarity.ms	www.clarity.ms
2	www.clarity.ms	rocket-boys.co.jp www.clarity.ms
2	cdnjs.cloudflare.com	rocket-boys.co.jp cdnjs.cloudflare.com
1	c.bing.com	1 redirects
1	track.hubspot.com
1	js-na1.hs-scripts.com	js.hs-analytics.net
1	www.google.co.jp	rocket-boys.co.jp
1	td.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	forms.hsforms.com	rocket-boys.co.jp
1	perf-na1.hsforms.com	rocket-boys.co.jp
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	cta-service-cms2.hubspot.com	js.hubspot.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hubspot.com	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	api.iconify.design	rocket-boys.co.jp
1	js.hs-scripts.com	rocket-boys.co.jp
1	code.jquery.com	rocket-boys.co.jp
1	fonts.googleapis.com	rocket-boys.co.jp
79	27

This site contains links to these domains. Also see Links.

Domain
www.malwarebytes.com
www.lrm.jp

Subject Issuer	Validity	Valid
rocket-boys.co.jp R10	`2024-10-24` - `2025-01-22`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
hs-scripts.com WE1	`2024-09-26` - `2024-12-25`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
iconify.design WE1	`2024-10-10` - `2025-01-09`	3 months	crt.sh
hs-analytics.net WE1	`2024-10-07` - `2025-01-05`	3 months	crt.sh
hscollectedforms.net WE1	`2024-11-20` - `2025-02-18`	3 months	crt.sh
hubspot.com WE1	`2024-10-03` - `2025-01-01`	3 months	crt.sh
hs-banner.com WE1	`2024-09-24` - `2024-12-23`	3 months	crt.sh
*.bownow.jp Amazon RSA 2048 M03	`2024-03-12` - `2025-04-10`	a year	crt.sh
hsforms.com WE1	`2024-10-10` - `2025-01-08`	3 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.co.jp WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Frame ID: 951738D7EFF3DC19523E7E5A16914557
Requests: 83 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-RBE8SXFXV5&gacid=1599774711.1732189002&gtm=45je4bk0v9110013979za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=63971114
Frame ID: 452A559712E9EABBA297E6729C4C0719
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

偽のMac版 Microsoft Teamsがマルウェアを配信|セキュリティニュース

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Prism (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

prism\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

79
Requests

97 %
HTTPS

68 %
IPv6

19
Domains

27
Subdomains

22
IPs

6
Countries

1808 kB
Transfer

3906 kB
Size

27
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.malwarebytes.com/blog/threat-intelligence/2024/07/fake-microsoft-teams-for-mac-delivers-atomic-stealer
Title: Malwarebytes

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/browserguard
Title: このようなリスクを軽減するには、広告や悪意のある Web サイトをブロックできるブラウザ保護ツール

Search URL Search Domain Scan URL

URL: https://www.lrm.jp/seminar/se_incident_threat_202412/?utm_source=earned_media&utm_medium=rocket_boys&utm_campaign=20241205

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=6CF6363C4AE04E49BD99FF1859B9B747&RedC=c.clarity.ms&MXFR=1B4A6B227F1E64041BA27E1C7B1E6A40 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6CF6363C4AE04E49BD99FF1859B9B747&MUID=3C22F3E207856D581F40E6DC066F6C10

79 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/ 79 KB
19 KB 897ms
767ms Document
text/html 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache / PHP/7.4.33
Resource Hash: a7a9d8f7444d8f062116a15f9c271e1ad800c452e28a09cdd19622cdc00e017f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: none
content-encoding: gzip
content-length: 18911
content-type: text/html; charset=UTF-8
date: Thu, 21 Nov 2024 11:36:41 GMT
link: <https://rocket-boys.co.jp/wp-json/>; rel="https://api.w.org/", <https://rocket-boys.co.jp/wp-json/wp/v2/posts/6241>; rel="alternate"; type="application/json", <https://rocket-boys.co.jp/?p=6241>; rel=shortlink
server: Apache
vary: Range,Accept-Encoding
x-pingback: https://rocket-boys.co.jp/xmlrpc.php
x-powered-by: PHP/7.4.33

GET
H2 200 css
fonts.googleapis.com/ 41 KB
3 KB 99ms
41ms Stylesheet
text/css 2404:6800:4004:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700,700i|Montserrat:300,400,500,700

Requested by

Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

658190684145ba458a172903d67b3f7468128f499c8062512c1d54d1938a25fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 11:36:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 21 Nov 2024 11:36:41 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 simple-line-icons.min.css
cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.5.5/css/ 11 KB
3 KB 38ms
14ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.5.5/css/simple-line-icons.min.css

Requested by

Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06723045419949302e1d4abe65cb4a535582e60d1a53645ab838b06079d98eb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://rocket-boys.co.jp
Referer

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5f316e72-2abf"
age: 1374478
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NIvzKHrFhzJ0vb4GVENvAHgVTxvopFiuQFJwOJ21c2luiv5nbf8dz6L9%2BRZkr3UXWei5JJkAL6VCUk3wb3WAXIog5rnzL5uft8z97%2FYEXRK%2FyR2KEIpVhp9z1PjR74R1JJR3HapG"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 11 Nov 2025 11:36:41 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 10 Aug 2020 15:57:38 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e60622a2c84aff1-NRT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2006
server: cloudflare

GET
H2 200 jquery-3.6.0.js Show response
code.jquery.com/ 282 KB
83 KB 26ms
2ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.js
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://rocket-boys.co.jp
Referer: https://rocket-boys.co.jp/

Response headers

content-encoding: gzip
etag: W/"28feccc0-46744"
age: 2144795
x-cache: HIT, HIT
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-cache-hits: 3, 234809
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-served-by: cache-lga21935-LGA, cache-nrt-rjtf7700081-NRT
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1732189001.302977,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 84714
server: nginx

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
80 KB 92ms
47ms Script
application/javascript 2404:6800:4004:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-111561936-2

Requested by

Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

feab98e6b3ac2c68361b0c0f93b6b2e0b25b43adc117d4b7e384f5d5d5627668

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 21 Nov 2024 11:36:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 21 Nov 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 81598
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 wpp.min.js Show response
rocket-boys.co.jp/wp-content/plugins/wordpress-popular-posts/assets/js/ 4 KB
2 KB 37ms
24ms Script
application/javascript 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://rocket-boys.co.jp/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=7.1.0
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: fe6919dc638bd7258ef2cb992d494155b0d2ab33e3436ee87f5cad5464a7cada

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

content-encoding: gzip
accept-ranges: none
content-length: 1631
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: application/javascript
last-modified: Mon, 30 Sep 2024 01:34:33 GMT
server: Apache
vary: Range,Accept-Encoding

GET
H2 200 style.min.css
rocket-boys.co.jp/wp-includes/css/dist/block-library/ 111 KB
15 KB 38ms
25ms Stylesheet
text/css 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://rocket-boys.co.jp/wp-includes/css/dist/block-library/style.min.css?ver=4b97376d9db2adb5858d447aaa2db6dc
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: 98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

content-encoding: gzip
accept-ranges: none
content-length: 14991
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: text/css
last-modified: Mon, 08 Jul 2024 06:07:18 GMT
server: Apache
vary: Range,Accept-Encoding

GET
H2 200 styles.css
rocket-boys.co.jp/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 31ms
20ms Stylesheet
text/css 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://rocket-boys.co.jp/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.9.8
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

content-encoding: gzip
accept-ranges: none
content-length: 1015
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: text/css
last-modified: Thu, 25 Jul 2024 13:34:26 GMT
server: Apache
vary: Range,Accept-Encoding

GET
H2 200 wpp.css
rocket-boys.co.jp/wp-content/plugins/wordpress-popular-posts/assets/css/ 2 KB
737 B 32ms
21ms Stylesheet
text/css 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://rocket-boys.co.jp/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=7.1.0
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: 291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

content-encoding: gzip
accept-ranges: none
content-length: 570
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: text/css
last-modified: Mon, 30 Sep 2024 01:34:33 GMT
server: Apache
vary: Range,Accept-Encoding

GET
H2 200 common.css
rocket-boys.co.jp/wp-content/themes/Rocket/css/ 139 KB
19 KB 42ms
32ms Stylesheet
text/css 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://rocket-boys.co.jp/wp-content/themes/Rocket/css/common.css?ver=4b97376d9db2adb5858d447aaa2db6dc
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: d833da310560e976107a19e54e2d30d01adb532d4ee23bb14c444cc428ba2466

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

content-encoding: gzip
accept-ranges: none
content-length: 19461
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: text/css
last-modified: Mon, 22 Jan 2024 13:09:30 GMT
server: Apache
vary: Range,Accept-Encoding

GET
H2 200 styles_thumbnails.css
rocket-boys.co.jp/wp-content/plugins/yet-another-related-posts-plugin/style/ 515 B
389 B 34ms
24ms Stylesheet
text/css 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://rocket-boys.co.jp/wp-content/plugins/yet-another-related-posts-plugin/style/styles_thumbnails.css?ver=5.30.11
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: 2a961da4c33a1489e786bc080d8181278cd8711262e2203bf386e7c57728b33f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

content-encoding: gzip
accept-ranges: none
content-length: 222
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: text/css
last-modified: Tue, 12 Nov 2024 01:34:29 GMT
server: Apache
vary: Range,Accept-Encoding

GET
H2 200 hcb--light.css
rocket-boys.co.jp/wp-content/plugins/highlighting-code-block/build/css/ 5 KB
2 KB 39ms
32ms Stylesheet
text/css 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://rocket-boys.co.jp/wp-content/plugins/highlighting-code-block/build/css/hcb--light.css?ver=2.0.1
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: 745ee0307bc9c4780128bed80e001f021ca9ada288d5f0524f8bae7f0ef22a63

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

content-encoding: gzip
accept-ranges: none
content-length: 1796
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: text/css
last-modified: Fri, 01 Mar 2024 08:26:07 GMT
server: Apache
vary: Range,Accept-Encoding

GET
H2 200 digital-marketing-1725340_1280.jpg
rocket-boys.co.jp/wp-content/uploads/2024/07/ 136 KB
136 KB 22ms
16ms Image
image/jpeg 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rocket-boys.co.jp/wp-content/uploads/2024/07/digital-marketing-1725340_1280.jpg
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: 443d56154c13fab81852c16cd0993556cf458260d84eb968c268be1307b87744

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

accept-ranges: none
content-encoding: gzip
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: image/jpeg
last-modified: Tue, 16 Jul 2024 11:00:38 GMT
server: Apache
vary: Range,Accept-Encoding

GET
H2 200 image-5.png
rocket-boys.co.jp/wp-content/uploads/2024/07/ 44 KB
43 KB 31ms
25ms Image
image/png 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rocket-boys.co.jp/wp-content/uploads/2024/07/image-5.png
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: a6a3ca099e669a337ba851f6cc3216d80e5ad3f963882bc75b48ed72222feeaf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

content-encoding: gzip
accept-ranges: none
content-length: 43614
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: image/png
last-modified: Tue, 16 Jul 2024 10:39:56 GMT
server: Apache
vary: Range,Accept-Encoding

GET
H2 200 image_d82d06-1024x853.png
rocket-boys.co.jp/wp-content/uploads/2024/07/ 319 KB
316 KB 37ms
32ms Image
image/png 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rocket-boys.co.jp/wp-content/uploads/2024/07/image_d82d06-1024x853.png
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: 4471e66caea1961a22e498404456b4bac5c6cb9c69814a2942c9b51ba9d2d8ec

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

accept-ranges: none
content-encoding: gzip
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: image/png
last-modified: Tue, 16 Jul 2024 10:41:27 GMT
server: Apache
vary: Range,Accept-Encoding

GET
H2 200 figure-1-in-game-screenshot-of-hamster-kombat-200x200.jpeg
rocket-boys.co.jp/wp-content/uploads/2024/07/ 6 KB
6 KB 17ms
17ms Image
image/jpeg 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rocket-boys.co.jp/wp-content/uploads/2024/07/figure-1-in-game-screenshot-of-hamster-kombat-200x200.jpeg
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: 53cbbd0caef3ba050fec0544c58208a41513120cdbecc9519b3cf69369793d88

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

content-encoding: gzip
accept-ranges: none
content-length: 5716
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: image/jpeg
last-modified: Thu, 25 Jul 2024 06:39:15 GMT
server: Apache
vary: Range,Accept-Encoding

GET
H2 200 paper-1356480_1280-200x200.jpg
rocket-boys.co.jp/wp-content/uploads/2024/08/ 8 KB
8 KB 24ms
23ms Image
image/jpeg 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rocket-boys.co.jp/wp-content/uploads/2024/08/paper-1356480_1280-200x200.jpg
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: d0c0d3ddfb1f282a0a40f65cfd409b41329f728467a2a4cff765f0922edeb5d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

content-encoding: gzip
accept-ranges: none
content-length: 8380
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: image/jpeg
last-modified: Wed, 14 Aug 2024 22:17:24 GMT
server: Apache
vary: Range,Accept-Encoding

GET
H2 200 pdf-trigger-200x200.png
rocket-boys.co.jp/wp-content/uploads/2024/07/ 26 KB
26 KB 36ms
33ms Image
image/png 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rocket-boys.co.jp/wp-content/uploads/2024/07/pdf-trigger-200x200.png
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: d025a68a51119225522700a4124c9f6efa735aab0f3360182c0611d3647dcfb7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

content-encoding: gzip
accept-ranges: none
content-length: 26527
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: image/png
last-modified: Sat, 13 Jul 2024 04:14:42 GMT
server: Apache
vary: Range,Accept-Encoding

GET
H2 200 malware-hosting-1-200x200.jpg
rocket-boys.co.jp/wp-content/uploads/2024/05/ 6 KB
6 KB 36ms
32ms Image
image/jpeg 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rocket-boys.co.jp/wp-content/uploads/2024/05/malware-hosting-1-200x200.jpg
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: b578475bf6849db19b160a3656577946133602207e232d459a10e6756573cf9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

content-encoding: gzip
accept-ranges: none
content-length: 5575
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: image/jpeg
last-modified: Mon, 27 May 2024 04:04:35 GMT
server: Apache
vary: Range,Accept-Encoding

GET
H2 200 map-1512463_1280-200x200.jpg
rocket-boys.co.jp/wp-content/uploads/2024/07/ 7 KB
7 KB 39ms
36ms Image
image/jpeg 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rocket-boys.co.jp/wp-content/uploads/2024/07/map-1512463_1280-200x200.jpg
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: 74fdbf2164ee92b0e03047bfe50b0e9552a209e7162edccdf6501f50cba2c5e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

content-encoding: gzip
accept-ranges: none
content-length: 7483
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: image/jpeg
last-modified: Tue, 30 Jul 2024 14:06:31 GMT
server: Apache
vary: Range,Accept-Encoding

GET
H2 200 Anatsa-blog-200x200.png
rocket-boys.co.jp/wp-content/uploads/2024/05/ 26 KB
26 KB 33ms
30ms Image
image/png 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rocket-boys.co.jp/wp-content/uploads/2024/05/Anatsa-blog-200x200.png
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: 99f24694ecc24d01efaed830e445e8f9c96765d774910bece1774083bca13841

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

content-encoding: gzip
accept-ranges: none
content-length: 26061
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: image/png
last-modified: Wed, 29 May 2024 11:04:49 GMT
server: Apache
vary: Range,Accept-Encoding

GET
H2 200 conceptualschema-200x200.jpg
rocket-boys.co.jp/wp-content/uploads/2024/06/ 6 KB
5 KB 43ms
40ms Image
image/jpeg 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rocket-boys.co.jp/wp-content/uploads/2024/06/conceptualschema-200x200.jpg
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: f4724e3ddd403b14a2220625b4019a6d3e840f550a1e1293b41d6fc8ee44285d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

content-encoding: gzip
accept-ranges: none
content-length: 5225
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: image/jpeg
last-modified: Tue, 25 Jun 2024 00:58:14 GMT
server: Apache
vary: Range,Accept-Encoding

GET
H2 200 %E5%81%BD%E3%81%AE%E3%82%B0%E3%83%BC%E3%82%B0%E3%83%AB%E3%82%AF%E3%83%AD%E3%83%BC%E3%83%A0%E3%82%A2%E3%83%83%E3%83%97%E3%83%87%E3%83%BC%E3%83%88%E3%81%A7PowerShell%E3%82%92%E5%AE%9F%E8%A1%8C%E3%81%...
rocket-boys.co.jp/wp-content/uploads/2024/06/ 25 KB
24 KB 45ms
42ms Image
image/png 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rocket-boys.co.jp/wp-content/uploads/2024/06/%E5%81%BD%E3%81%AE%E3%82%B0%E3%83%BC%E3%82%B0%E3%83%AB%E3%82%AF%E3%83%AD%E3%83%BC%E3%83%A0%E3%82%A2%E3%83%83%E3%83%97%E3%83%87%E3%83%BC%E3%83%88%E3%81%A7PowerShell%E3%82%92%E5%AE%9F%E8%A1%8C%E3%81%95%E3%81%9B%E3%82%8B-200x200.png
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: 2cb49254bea063ea92f7e1fc0a7a827eac9b436f2f099193903a12bdefdbe397

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

content-encoding: gzip
accept-ranges: none
content-length: 24623
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: image/png
last-modified: Tue, 18 Jun 2024 00:42:04 GMT
server: Apache
vary: Range,Accept-Encoding

GET
H2 200 wall-2502363_1280-200x200.jpg
rocket-boys.co.jp/wp-content/uploads/2024/09/ 13 KB
13 KB 44ms
41ms Image
image/jpeg 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rocket-boys.co.jp/wp-content/uploads/2024/09/wall-2502363_1280-200x200.jpg
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: a34e53e0a4a7d5b7a3abbcba2e8c0a7df0a397aefafb3d441c86fe132810d7bb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

content-encoding: gzip
accept-ranges: none
content-length: 13524
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: image/jpeg
last-modified: Sun, 01 Sep 2024 23:33:52 GMT
server: Apache
vary: Range,Accept-Encoding

GET
H2 200 plant-4243898_1280.jpg
rocket-boys.co.jp/wp-content/uploads/2024/07/ 190 KB
190 KB 45ms
43ms Image
image/jpeg 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rocket-boys.co.jp/wp-content/uploads/2024/07/plant-4243898_1280.jpg
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: 132aa2821e8f2fe3b16544a4ad4ab28caee69cf83d238fba9c4563eb5dec31ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

accept-ranges: none
content-encoding: gzip
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: image/jpeg
last-modified: Tue, 16 Jul 2024 05:43:22 GMT
server: Apache
vary: Range,Accept-Encoding

GET
H2 200 writing-926116_1280.jpg
rocket-boys.co.jp/wp-content/uploads/2024/07/ 218 KB
218 KB 42ms
40ms Image
image/jpeg 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rocket-boys.co.jp/wp-content/uploads/2024/07/writing-926116_1280.jpg
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: 93a3d5fd8ea4c1efa86629cf9ccf56a783bb57ab2bfc66f3f970b8e62e4e5cbb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

accept-ranges: none
content-encoding: gzip
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: image/jpeg
last-modified: Tue, 16 Jul 2024 01:59:02 GMT
server: Apache
vary: Range,Accept-Encoding

GET
H2 200 screen.min.css
rocket-boys.co.jp/wp-content/plugins/table-of-contents-plus/ 1 KB
623 B 20ms
20ms Stylesheet
text/css 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://rocket-boys.co.jp/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2309
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: 2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

content-encoding: gzip
accept-ranges: none
content-length: 456
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: text/css
last-modified: Sat, 11 May 2024 05:39:03 GMT
server: Apache
vary: Range,Accept-Encoding

GET
H2 200 related.css
rocket-boys.co.jp/wp-content/plugins/yet-another-related-posts-plugin/style/ 307 B
344 B 25ms
25ms Stylesheet
text/css 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://rocket-boys.co.jp/wp-content/plugins/yet-another-related-posts-plugin/style/related.css?ver=5.30.11
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: 2efe0d8072659b087901323e1fdb18a0f57e6011cb9cb7edff6e1723fc2e8d70

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

content-encoding: gzip
accept-ranges: none
content-length: 177
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: text/css
last-modified: Tue, 12 Nov 2024 01:34:29 GMT
server: Apache
vary: Range,Accept-Encoding

GET
H2 200 wp-polyfill-inert.min.js Show response
rocket-boys.co.jp/wp-includes/js/dist/vendor/ 8 KB
3 KB 41ms
36ms Script
application/javascript 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://rocket-boys.co.jp/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

content-encoding: gzip
accept-ranges: none
content-length: 2484
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: application/javascript
last-modified: Wed, 10 Jan 2024 02:13:32 GMT
server: Apache
vary: Range,Accept-Encoding

GET
H2 200 regenerator-runtime.min.js Show response
rocket-boys.co.jp/wp-includes/js/dist/vendor/ 6 KB
3 KB 34ms
28ms Script
application/javascript 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://rocket-boys.co.jp/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: 1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

content-encoding: gzip
accept-ranges: none
content-length: 2502
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: application/javascript
last-modified: Wed, 10 Jan 2024 02:13:32 GMT
server: Apache
vary: Range,Accept-Encoding

GET
H2 200 wp-polyfill.min.js Show response
rocket-boys.co.jp/wp-includes/js/dist/vendor/ 38 KB
14 KB 38ms
33ms Script
application/javascript 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://rocket-boys.co.jp/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: 17b79ece7ef9d1454a90156690d33d64387b67a7a7548fc826012512e287a937

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

content-encoding: gzip
accept-ranges: none
content-length: 13831
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: application/javascript
last-modified: Mon, 08 Jul 2024 06:07:18 GMT
server: Apache
vary: Range,Accept-Encoding

GET
H2 200 hooks.min.js Show response
rocket-boys.co.jp/wp-includes/js/dist/ 4 KB
2 KB 42ms
37ms Script
application/javascript 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://rocket-boys.co.jp/wp-includes/js/dist/hooks.min.js?ver=2810c76e705dd1a53b18
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: 2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

content-encoding: gzip
accept-ranges: none
content-length: 1541
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: application/javascript
last-modified: Mon, 08 Jul 2024 06:07:18 GMT
server: Apache
vary: Range,Accept-Encoding

GET
H2 200 i18n.min.js Show response
rocket-boys.co.jp/wp-includes/js/dist/ 9 KB
4 KB 35ms
30ms Script
application/javascript 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://rocket-boys.co.jp/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

content-encoding: gzip
accept-ranges: none
content-length: 3667
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: application/javascript
last-modified: Mon, 08 Jul 2024 06:07:18 GMT
server: Apache
vary: Range,Accept-Encoding

GET
H2 200 index.js Show response
rocket-boys.co.jp/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
3 KB 43ms
38ms Script
application/javascript 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://rocket-boys.co.jp/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.8
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: 46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

content-encoding: gzip
accept-ranges: none
content-length: 3354
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: application/javascript
last-modified: Thu, 25 Jul 2024 13:34:26 GMT
server: Apache
vary: Range,Accept-Encoding

GET
H2 200 index.js Show response
rocket-boys.co.jp/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 35ms
30ms Script
application/javascript 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://rocket-boys.co.jp/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.8
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: 111da58b16b15c6bac6126be92d0a83c8d1dc4139b6361411a744deda5242c66

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

content-encoding: gzip
accept-ranges: none
content-length: 4257
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: application/javascript
last-modified: Thu, 25 Jul 2024 13:34:26 GMT
server: Apache
vary: Range,Accept-Encoding

GET
H2 200 44336485.js Show response
js.hs-scripts.com/ 2 KB
1022 B 54ms
28ms Script
application/javascript 2606:4700::6810:8bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/44336485.js?integration=WordPress&ver=11.1.73

Requested by

Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8eab6695362dfb2ef3055e28b169fddf2339f58a9363b01ac3d0f37a58edb05b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/

Response headers

access-control-max-age: 3600
content-encoding: gzip
cf-cache-status: HIT
age: 81
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 11:38:11 GMT
date: Thu, 21 Nov 2024 11:36:41 GMT
x-hubspot-correlation-id: bba732d2-e582-4502-be96-accdcd13439a
content-type: application/javascript;charset=utf-8
vary: origin, Accept-Encoding
last-modified: Thu, 21 Nov 2024 11:35:20 GMT
cache-control: public, max-age=90
access-control-allow-credentials: true
cf-ray: 8e60622ad913df5c-NRT
accept-ranges: bytes
access-control-allow-origin: https://rocket-boys.co.jp
content-length: 649
server: cloudflare

GET
H2 200 prism.js Show response
rocket-boys.co.jp/wp-content/plugins/highlighting-code-block/assets/js/ 40 KB
15 KB 42ms
37ms Script
application/javascript 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://rocket-boys.co.jp/wp-content/plugins/highlighting-code-block/assets/js/prism.js?ver=2.0.1
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: b5146785fa8805a2c78e7919bbcfa0ce1019d678a0a015ad403501df4fa19ef4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

content-encoding: gzip
accept-ranges: none
content-length: 14892
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: application/javascript
last-modified: Fri, 01 Mar 2024 08:26:07 GMT
server: Apache
vary: Range,Accept-Encoding

GET
H2 200 clipboard.min.js Show response
rocket-boys.co.jp/wp-includes/js/ 9 KB
3 KB 40ms
35ms Script
application/javascript 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://rocket-boys.co.jp/wp-includes/js/clipboard.min.js?ver=2.0.11
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: 700c8bd73d93522ca53cdc35e2a71e96caf7c344bc7a8391f3af90c10b917033

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

content-encoding: gzip
accept-ranges: none
content-length: 3150
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: application/javascript
last-modified: Wed, 10 Jan 2024 02:13:32 GMT
server: Apache
vary: Range,Accept-Encoding

GET
H2 200 hcb_script.js Show response
rocket-boys.co.jp/wp-content/plugins/highlighting-code-block/build/js/ 1 KB
760 B 31ms
27ms Script
application/javascript 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://rocket-boys.co.jp/wp-content/plugins/highlighting-code-block/build/js/hcb_script.js?ver=2.0.1
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: 446232761806825306408235afe9dfed80f95ce3c8e3e894155661e6f1e9c381

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

content-encoding: gzip
accept-ranges: none
content-length: 583
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: application/javascript
last-modified: Fri, 01 Mar 2024 08:26:07 GMT
server: Apache
vary: Range,Accept-Encoding

GET
H2 200 jquery.min.js Show response
rocket-boys.co.jp/wp-includes/js/jquery/ 86 KB
30 KB 42ms
37ms Script
application/javascript 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://rocket-boys.co.jp/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

content-encoding: gzip
accept-ranges: none
content-length: 30368
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: application/javascript
last-modified: Wed, 10 Jan 2024 02:13:32 GMT
server: Apache
vary: Range,Accept-Encoding

GET
H2 200 jquery-migrate.min.js Show response
rocket-boys.co.jp/wp-includes/js/jquery/ 13 KB
5 KB 42ms
38ms Script
application/javascript 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://rocket-boys.co.jp/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

content-encoding: gzip
accept-ranges: none
content-length: 4872
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: application/javascript
last-modified: Wed, 10 Jan 2024 02:13:32 GMT
server: Apache
vary: Range,Accept-Encoding

GET
H2 200 front.min.js Show response
rocket-boys.co.jp/wp-content/plugins/table-of-contents-plus/ 6 KB
2 KB 31ms
27ms Script
application/javascript 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://rocket-boys.co.jp/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2309
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: c18f5c0855f4b76c30dd796f7164f9d1bb23c2c85b070cfad938787a214a2639

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

content-encoding: gzip
accept-ranges: none
content-length: 2365
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: application/javascript
last-modified: Sat, 11 May 2024 05:39:03 GMT
server: Apache
vary: Range,Accept-Encoding

GET 8d10a7cb-516e-4442-972f-fc16d97583c4
https://rocket-boys.co.jp/ Frame 0
0

GET
H2 200 grdchgaik2 Show response
www.clarity.ms/tag/ 1 KB
2 KB 182ms
161ms Script
application/x-javascript 2620:1ec:bdf::46
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/grdchgaik2
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a477fb4c8af45eb4e37e9658bf5e8f32ffc970d1fd3777784bc709c3dac55e8c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 1222
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: application/x-javascript
x-azure-ref: 20241121T113641Z-1799c458c88298p2hC1TYOcrvw00000001h000000002t35f

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 197 KB
71 KB 96ms
53ms Script
application/javascript 2404:6800:4004:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WVXD89D5

Requested by

Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fab49a1a7f4cd3862a3b5718942d4a1f332230c5c1977d919e28f45ff23198a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 21 Nov 2024 11:36:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 21 Nov 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 72317
x-xss-protection: 0
server: Google Tag Manager

POST
H2 201 6241 Show response
rocket-boys.co.jp/wp-json/wordpress-popular-posts/v2/views/ 55 B
562 B 894ms
893ms XHR
application/json 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://rocket-boys.co.jp/wp-json/wordpress-popular-posts/v2/views/6241

Requested by

Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=7.1.0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

118-27-125-184.virt.lolipop.jp

Software

Apache / PHP/7.4.33

Resource Hash

20d651848ac49b7dbbb9767894029151de4959a87a7e99364e1136f736d70547

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-robots-tag: noindex
link: <https://rocket-boys.co.jp/wp-json/>; rel="https://api.w.org/"
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
vary: Origin
access-control-allow-credentials: true
x-content-type-options: nosniff
allow: GET, POST
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
x-wp-nonce: 599b50b342
access-control-allow-origin: https://rocket-boys.co.jp
date: Thu, 21 Nov 2024 11:36:42 GMT
content-type: application/json; charset=UTF-8
x-powered-by: PHP/7.4.33
server: Apache
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type

GET
H2 200 common_sp.css
rocket-boys.co.jp/wp-content/themes/Rocket/css/ 145 KB
20 KB 51ms
49ms Stylesheet
text/css 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://rocket-boys.co.jp/wp-content/themes/Rocket/css/common_sp.css?ver=4b97376d9db2adb5858d447aaa2db6dc
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: 52ed7f1ba3dfa3bbf617c424d69cbc86f3de7949b93f3a026df4e5bbad63b0d5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

content-encoding: gzip
accept-ranges: none
content-length: 19988
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: text/css
last-modified: Wed, 22 Jun 2022 03:58:31 GMT
server: Apache
vary: Range,Accept-Encoding

GET
H2 200 tag.svg
api.iconify.design/simple-line-icons/ 840 B
1 KB 24ms
10ms Image
image/svg+xml 2606:4700:20::681a:ccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.iconify.design/simple-line-icons/tag.svg
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/wp-content/themes/Rocket/css/common.css?ver=4b97376d9db2adb5858d447aaa2db6dc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ccc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cbf1e05b314c08e596353f616c1ebe5e24f007397e19a59b040bf6a689489f8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: HIT
age: 444626
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2o6LNdVgN%2FVtxvMdqlDd7eMSuUCD1iwuRTe9T5ycLuiklmAG1ihqkr2sW9qb5RP1A9bXffvU%2BxORuG41eHsXrU5aYUJ%2FUUdU%2FhxgojJBCSpEQVg6SKTlpAFYpJPvHbHsxZLNWKLmEoJnue%2By%2BPQAcw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, OPTIONS
server-timing: cfL4;desc="?proto=TCP&rtt=1476&sent=8&recv=13&lost=0&retrans=0&sent_bytes=4053&recv_bytes=2304&delivery_rate=2745417&cwnd=254&unsent_bytes=0&cid=4ee5ea59b3cf4406&ts=15&x=0"
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: image/svg+xml; charset=utf-8
last-modified: Sat, 16 Nov 2024 08:06:15 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding
cache-control: public, max-age=604800, min-refresh=604800, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e60622adbe1d766-NRT
access-control-allow-origin: *
server: cloudflare

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H3 200 Simple-Line-Icons.woff2
cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.5.5/fonts/ 29 KB
30 KB 16ms
15ms Font
application/octet-stream 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.5.5/fonts/Simple-Line-Icons.woff2?v=2.4.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.5.5/css/simple-line-icons.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

104673f4859604362a18fc6294197d8fffb8cb24ad3211e92eb04f655e18cf4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://rocket-boys.co.jp
Referer: https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.5.5/css/simple-line-icons.min.css

Response headers

cf-cdnjs-via: cfworker/kv
cf-cache-status: HIT
etag: "5f316e72-7570"
age: 26437
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qdMUTUoJFu%2FFQGtcVnZ3LhXw8sFCKxyL7wZGb0oCzhPiAGjkqbhlKY4UVL3ndg%2BiQcvJA2G0IV3vBzGHrYX0AWcjTYqa0b%2BDh0YEeFsG19FBsGb61TI%2BQ0cKq89mRd3r4rSSv0QJ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 11 Nov 2025 11:36:41 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: application/octet-stream; charset=utf-8
last-modified: Mon, 10 Aug 2020 15:57:38 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e60622aed88aff1-NRT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30064
server: cloudflare

GET
H2 200 ogp_incident_threat_202412-1024x538.jpg
rocket-boys.co.jp/wp-content/uploads/2024/11/ 79 KB
71 KB 36ms
34ms Image
image/jpeg 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rocket-boys.co.jp/wp-content/uploads/2024/11/ogp_incident_threat_202412-1024x538.jpg
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: 18d6e297189283477987a0c70e59ff68dcc2dcb4b51dd22104fe46a31d5c19e5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

accept-ranges: none
content-encoding: gzip
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: image/jpeg
last-modified: Thu, 14 Nov 2024 07:11:00 GMT
server: Apache
vary: Range,Accept-Encoding

GET
H2 206 Atomic-Stealer.mp4
rocket-boys.co.jp/wp-content/uploads/2024/07/ 533 KB
0 44ms
40ms Media
video/mp4 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://rocket-boys.co.jp/wp-content/uploads/2024/07/Atomic-Stealer.mp4
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash

Request headers

Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-9887641/9887642
accept-ranges: bytes
Content-Length: 9887642
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: video/mp4
last-modified: Tue, 16 Jul 2024 10:49:09 GMT
server: Apache
vary: Range

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 44336485.js Show response
js.hs-analytics.net/analytics/1732188900000/ 68 KB
25 KB 30ms
15ms Script
text/javascript 2606:4700::6811:afc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1732188900000/44336485.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/44336485.js?integration=WordPress&ver=11.1.73
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:afc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6082e734ad0c11fb8b0b6ce00382c8ff3c158eaccc16cf74c024967215904e3a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/

Response headers

x-amz-server-side-encryption: AES256
x-request-id: 95f2e30b-aa1f-4d5e-aa3e-86b18a8df21c
content-encoding: gzip
cf-cache-status: HIT
etag: W/"69ad877693a89229d16b182b841853b5"
x-amz-version-id: null
age: 80
expires: Thu, 21 Nov 2024 11:40:21 GMT
x-evy-trace-listener: listener_https
date: Thu, 21 Nov 2024 11:36:41 GMT
x-hubspot-correlation-id: 95f2e30b-aa1f-4d5e-aa3e-86b18a8df21c
content-type: text/javascript
last-modified: Tue, 22 Oct 2024 21:52:47 GMT
vary: origin, Accept-Encoding
x-amz-id-2: Qa0BvHFeNZrAqWbVvyClPDOLb4Jbbr8HhWdvtdRl6Y4nNnRGtT+DKgGFwTXN8NPDDdIRpmgUpmg=
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=300,public
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-8586d94f84-2ftsj
x-envoy-upstream-service-time: 23
access-control-allow-credentials: false
x-amz-request-id: ATQY3ZBTC0B1NCSX
cf-ray: 8e60622b5e1df6d9-NRT
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
24 KB 27ms
12ms Script
application/javascript 2606:4700::6810:6efe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/44336485.js?integration=WordPress&ver=11.1.73

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6efe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca9ead1a878c5a474808166462389da9859bbe06ee7c5e4365029c8062709121

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://rocket-boys.co.jp
Referer: https://rocket-boys.co.jp/

Response headers

x-request-id: 15e9d1d5-ecdb-445a-b13d-7632bfd04916
content-encoding: gzip
cf-cache-status: HIT
etag: W/"216a00fb66fa9b149d5f8b5557f0f563"
x-amz-version-id: _vUoUmuymk3IT7Uikz585Nn8PzBEJUsn
age: 222
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: krh-jIX7VyIBTKiaIzgn7r58nLsu_lghsOeWprJ6cp5H-cvC5iN30g==
x-hubspot-correlation-id: 15e9d1d5-ecdb-445a-b13d-7632bfd04916
content-type: application/javascript; charset=utf-8
last-modified: Mon, 14 Oct 2024 10:34:35 UTC
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-856d8787d5-4sfgq
x-envoy-upstream-service-time: 0
x-hs-target-asset: collected-forms-embed-js/static-1.885/bundles/project.js
server: cloudflare
x-evy-trace-virtual-host: all
x-amz-server-side-encryption: AES256
x-hs-cache-status: HIT
date: Thu, 21 Nov 2024 11:36:41 GMT
vary: accept-encoding
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.885/bundles/project.js&cfRay=8e605cbdff3d0adc-NRT
via: 1.1 e8eec15d9551dd475d4c478f9fbb5f04.cloudfront.net (CloudFront)
cf-ray: 8e60622b5834d760-NRT
access-control-allow-origin: *
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD12-P3

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 83 KB
25 KB 29ms
15ms Script
application/javascript 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/44336485.js?integration=WordPress&ver=11.1.73

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1adb8f4ff0f589850abec6b8c7802e2d3439388ac02ca1634869a2642ca4386d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://rocket-boys.co.jp
Referer: https://rocket-boys.co.jp/

Response headers

x-request-id: 557eb54d-af27-4cda-bcbb-f1b776aa9f43
content-encoding: gzip
cf-cache-status: HIT
etag: W/"a38d86c9f9be42e9c8c2b36ef58a3f75"
x-amz-version-id: c2Jc_8cU.BBkGlDm8HIc5dijlex1B2uR
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
age: 222
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cG8%2BHGLVg435BREswwzUfLAIe1g4IiXG9wRnX0caDIMoujQ5FSiyT0R6b1n4ajqLccqxVRNjpSdj9Xj3Zw9V1WrMoVxGezFuM%2BA0E2ps2Uv6p%2B5%2BQVcOhab56oAI%2FPJpCqXa5hTYP2JGjL28"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: bB6FjLTmyOr89ePjXDGlBPdXH4UmeZcIS3GoVuZKJNUpHLsmJeh7fQ==
x-hubspot-correlation-id: 557eb54d-af27-4cda-bcbb-f1b776aa9f43
content-type: application/javascript; charset=utf-8
last-modified: Tue, 19 Nov 2024 20:45:15 UTC
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-856d8787d5-wj2ng
x-envoy-upstream-service-time: 5
x-hs-target-asset: web-interactives-embed/static-2.1769/bundles/project.js
server: cloudflare
x-evy-trace-virtual-host: all
x-amz-server-side-encryption: AES256
x-hs-cache-status: HIT
date: Thu, 21 Nov 2024 11:36:41 GMT
vary: accept-encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1769/bundles/project.js&cfRay=8e530fb00a3a737d-ICN
via: 1.1 c3d335addde48969fafe25d4064cee80.cloudfront.net (CloudFront)
cf-ray: 8e60622b5a1adeb7-NRT
access-control-allow-origin: *
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD12-P3

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/44336485/ 71 KB
26 KB 26ms
12ms Script
text/javascript 2606:4700:4400::ac40:9310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/44336485/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/44336485.js?integration=WordPress&ver=11.1.73
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9310 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd5906d9079a464ce436196c05d57ae9063284d360d2b6c065469e85c117dbcb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/

Response headers

x-evy-trace-virtual-host: all
access-control-max-age: 604800
x-request-id: a7325a46-29dd-43e8-8861-2c178258505c
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
content-encoding: gzip
cf-cache-status: HIT
etag: W/"f1c78819ea600b3bd1c6738a428b0b5d"
x-amz-version-id: 4EXYyFDI08fYU3lKF1.izZMpmUfihJ1n
age: 40
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expires: Thu, 21 Nov 2024 11:40:51 GMT
x-evy-trace-listener: listener_https
date: Thu, 21 Nov 2024 11:36:41 GMT
x-hubspot-correlation-id: a7325a46-29dd-43e8-8861-2c178258505c
content-type: text/javascript; charset=UTF-8
last-modified: Mon, 15 Apr 2024 22:01:37 GMT
vary: origin, Accept-Encoding
x-amz-id-2: o5vJEWagXbl0GzEaLvWUTm7B9covu0Nccb1lBWLWJ2jkPI7xkAzcfIeRZ7dqg3Vk3OxlppmP0XMBqe69xY0oueJlIH4XJrKI
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=300,public
timing-allow-origin: *
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6895b58fd6-tm65n
x-envoy-upstream-service-time: 30
access-control-allow-credentials: true
x-amz-request-id: KDVYAGK3KFFKNW5A
cf-ray: 8e60622b5c85e3a1-NRT
access-control-allow-origin: https://rocket-boys.co.jp
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 wp-emoji-release.min.js Show response
rocket-boys.co.jp/wp-includes/js/ 18 KB
5 KB 54ms
54ms Script
application/javascript 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://rocket-boys.co.jp/wp-includes/js/wp-emoji-release.min.js?ver=4b97376d9db2adb5858d447aaa2db6dc
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

content-encoding: gzip
accept-ranges: none
content-length: 5062
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: application/javascript
last-modified: Mon, 08 Jul 2024 06:07:18 GMT
server: Apache
vary: Range,Accept-Encoding

GET
H2 200 clipboard-to-copy.svg
rocket-boys.co.jp/wp-content/plugins/highlighting-code-block/assets/img/ 545 B
526 B 51ms
51ms Image
image/svg+xml 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rocket-boys.co.jp/wp-content/plugins/highlighting-code-block/assets/img/clipboard-to-copy.svg
Requested by: Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/wp-content/plugins/highlighting-code-block/build/css/hcb--light.css?ver=2.0.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: 09f17718ab4dd49ece714a581fbc1cb5950072df31b184724d595b322cac143b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/wp-content/plugins/highlighting-code-block/build/css/hcb--light.css?ver=2.0.1

Response headers

content-encoding: gzip
accept-ranges: none
content-length: 354
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: image/svg+xml
last-modified: Fri, 01 Mar 2024 08:26:07 GMT
server: Apache
vary: Range,Accept-Encoding

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 61 B
1 KB 193ms
189ms Fetch
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=44336485&currentUrl=https%3A%2F%2Frocket-boys.co.jp%2Ffake-microsoft-teams-malware-distribution-malvertising%2F

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

027f9fef93a2d620715de7311a5bf674cb3df18a352d2a0a7266c147c157333f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/

Response headers

x-robots-tag: noindex, follow
access-control-max-age: 180
x-request-id: e2f31b64-2c37-492c-9256-9bb55551dfab
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=caMNUk5CC7z6ZhDWEu2rcjmHvF3jGMxs6ykTrbm7oJSOoUEPJh70zwpgDpdoSyHx8QLWnQi5Xxc4cteCFguJeD%2FC%2Bwh%2FvoLoLe4%2BorUze5eoOJ5J7EkRmlHFp7yhUOpDa734qtDVmk5BNWpjlplLY4RxVmzpvPwBVxU%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
access-control-allow-methods: OPTIONS, GET
x-evy-trace-listener: listener_https
date: Thu, 21 Nov 2024 11:36:41 GMT
x-hubspot-correlation-id: e2f31b64-2c37-492c-9256-9bb55551dfab
content-type: application/json;charset=utf-8
vary: origin
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-b967ccf5d-w2c76
x-envoy-upstream-service-time: 8
access-control-allow-credentials: true
cf-ray: 8e60622bcb8bdeb7-NRT
access-control-allow-origin: https://rocket-boys.co.jp
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 134 B
464 B 204ms
201ms XHR
application/json 2606:4700::6810:6efe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=44336485&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6efe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc1468d7225a1cb94162f31330f755dc79182b52aba352ec7408842dfb17fc05

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://rocket-boys.co.jp/

Response headers

x-robots-tag: none
access-control-max-age: 180
x-request-id: 1a802baf-9c9d-4a7c-a0d7-c1141452baea
content-encoding: br
cf-cache-status: DYNAMIC
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options: nosniff
x-evy-trace-listener: listener_https
date: Thu, 21 Nov 2024 11:36:41 GMT
x-hubspot-correlation-id: 1a802baf-9c9d-4a7c-a0d7-c1141452baea
content-type: application/json;charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: *
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-856d8787d5-gqlrq
x-envoy-upstream-service-time: 10
cf-ray: 8e60622bfac1d760-NRT
access-control-allow-origin: https://rocket-boys.co.jp
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.56/ 66 KB
28 KB 5ms
5ms Script
application/javascript 2620:1ec:bdf::46
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.56/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/grdchgaik2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/

Response headers

x-azure-ref: 20241121T113641Z-1799c458c88298p2hC1TYOcrvw00000001h000000002t36x
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DD041B2B98F09E"
x-fd-int-roxy-purgeid: 79034942
x-ms-request-id: 9eb69268-801e-0015-338c-363968000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 13 Nov 2024 19:41:29 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 289 KB
99 KB 54ms
54ms Script
application/javascript 2404:6800:4004:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RBE8SXFXV5&l=dataLayer&cx=c&gtm=457e4bk0za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-111561936-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

21ca6e22e82d246bd97955bd4c64a96b3c06ed924724b538583d566a56be8157

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 21 Nov 2024 11:36:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 101471
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 41ms
2ms Script
text/javascript 2404:6800:4004:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-111561936-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/

Response headers

content-encoding: gzip
age: 6669
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 11:45:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 09:45:32 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 trace.js Show response
contents.bownow.jp/js/UTC_1f8ecbff25e7fa0c5e29/ 2 KB
2 KB 24ms
11ms Script
text/javascript 54.92.29.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://contents.bownow.jp/js/UTC_1f8ecbff25e7fa0c5e29/trace.js

Requested by

Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.92.29.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-92-29-218.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

421beece67150906e0c9a1c670126c0e29609849b162cbf917b8adac287625e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
x-request-id: f24c2d31-e66c-44b8-9100-fd09ec7d0283
cache-control: max-age=0, private, must-revalidate
etag: W/"421beece67150906e0c9a1c670126c0e"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-download-options: noopen
referrer-policy: strict-origin-when-cross-origin
content-length: 2028
date: Thu, 21 Nov 2024 11:36:41 GMT
x-xss-protection: 1; mode=block
content-type: text/javascript; charset=utf-8
server: nginx
x-runtime: 0.005673
x-frame-options: SAMEORIGIN

GET
H2 200 trace.js Show response
contents.bownow.jp/js/UTC_1f8ecbff25e7fa0c5e29/ 5 KB
5 KB 17ms
16ms Script
text/javascript 54.92.29.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://contents.bownow.jp/js/UTC_1f8ecbff25e7fa0c5e29/trace.js?referer=https%3A%2F%2Frocket-boys.co.jp%2Ffake-microsoft-teams-malware-distribution-malvertising%2F

Requested by

Host: contents.bownow.jp
URL: https://contents.bownow.jp/js/UTC_1f8ecbff25e7fa0c5e29/trace.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.92.29.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-92-29-218.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

362f3ac4a87eefb229d7be6645af26bda2cf128faf87206292b4ee50c7af9a71

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
x-request-id: a937062d-1ec6-459e-9101-7fb86bfe2f12
cache-control: max-age=0, private, must-revalidate
etag: W/"362f3ac4a87eefb229d7be6645af26bd"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-download-options: noopen
referrer-policy: strict-origin-when-cross-origin
content-length: 5045
date: Thu, 21 Nov 2024 11:36:41 GMT
x-xss-protection: 1; mode=block
content-type: text/javascript; charset=utf-8
server: nginx
x-runtime: 0.008392
x-frame-options: SAMEORIGIN

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
358 B 38ms
37ms XHR
text/plain 2404:6800:4004:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1755335512&t=pageview&_s=1&dl=https%3A%2F%2Frocket-boys.co.jp%2Ffake-microsoft-teams-malware-distribution-malvertising%2F&ul=ja-jp&de=UTF-8&dt=%E5%81%BD%E3%81%AEMac%E7%89%88%20Microsoft%20Teams%E3%81%8C%E3%83%9E%E3%83%AB%E3%82%A6%E3%82%A7%E3%82%A2%E3%82%92%E9%85%8D%E4%BF%A1%7C%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%B9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=412848327&gjid=1542167895&cid=1599774711.1732189002&tid=UA-111561936-2&_gid=461697330.1732189002&_r=1&gtm=457e4bk0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&jsscut=1&z=698605472

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://rocket-boys.co.jp/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 11:36:41 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://rocket-boys.co.jp
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H2 200 collect
www.google-analytics.com/ 35 B
407 B 3ms
3ms Image
image/gif 2404:6800:4004:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1755335512&t=event&ni=1&_s=2&dl=https%3A%2F%2Frocket-boys.co.jp%2Ffake-microsoft-teams-malware-distribution-malvertising%2F&ul=ja-jp&de=UTF-8&dt=%E5%81%BD%E3%81%AEMac%E7%89%88%20Microsoft%20Teams%E3%81%8C%E3%83%9E%E3%83%AB%E3%82%A6%E3%82%A7%E3%82%A2%E3%82%92%E9%85%8D%E4%BF%A1%7C%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%B9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=l6guum&_u=YHBAAUABAAAAACAAI~&jid=&gjid=&cid=1599774711.1732189002&tid=UA-111561936-2&_gid=461697330.1732189002&gtm=457e4bk0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cd13=https%3A%2F%2Fclarity.microsoft.com%2Fga%2Fgrdchgaik2%2F1733bri%2Fl6guum&z=1124390073

Requested by

Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/

Response headers

age: 63924
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 17:51:17 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H2 200 trace.js Show response
contents.bownow.jp/js/UTC_1f8ecbff25e7fa0c5e29/5d2dc02e-db39-4051-b59b-ac5e7b7db4af/bbada5be-df25-4fa2-9a13-696fc0968bd2/ 26 B
446 B 183ms
182ms Script
text/javascript 54.92.29.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://contents.bownow.jp/js/UTC_1f8ecbff25e7fa0c5e29/5d2dc02e-db39-4051-b59b-ac5e7b7db4af/bbada5be-df25-4fa2-9a13-696fc0968bd2/trace.js?referer=https%3A%2F%2Frocket-boys.co.jp%2Ffake-microsoft-teams-malware-distribution-malvertising%2F

Requested by

Host: contents.bownow.jp
URL: https://contents.bownow.jp/js/UTC_1f8ecbff25e7fa0c5e29/trace.js?referer=https%3A%2F%2Frocket-boys.co.jp%2Ffake-microsoft-teams-malware-distribution-malvertising%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.92.29.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-92-29-218.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

f78f0f583e152fa235ca51f99bab70d1aeb59675de57c78bcef18b5a2e8a5a5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
x-request-id: 17b92144-96ea-4924-8f04-e62bec344805
cache-control: max-age=0, private, must-revalidate
etag: W/"f78f0f583e152fa235ca51f99bab70d1"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-download-options: noopen
referrer-policy: strict-origin-when-cross-origin
content-length: 26
date: Thu, 21 Nov 2024 11:36:41 GMT
x-xss-protection: 1; mode=block
content-type: text/javascript; charset=utf-8
server: nginx
x-runtime: 0.175850
x-frame-options: SAMEORIGIN

GET
H3 200 counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
957 B 193ms
184ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Requested by

Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/

Response headers

x-robots-tag: none
x-request-id: 8ae82e3b-3a2e-414c-b46d-a7f037489d30
access-control-expose-headers: X-Origin-Hublet
cf-cache-status: MISS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
server-timing: cfExtPri
date: Thu, 21 Nov 2024 11:36:41 GMT
x-hubspot-correlation-id: 8ae82e3b-3a2e-414c-b46d-a7f037489d30
content-type: image/gif
vary: origin, Accept-Encoding
last-modified: Thu, 21 Nov 2024 11:36:41 GMT
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-b967ccf5d-7l5tm
x-envoy-upstream-service-time: 3
access-control-allow-credentials: false
cf-ray: 8e60622d0f16d777-NRT
accept-ranges: bytes
x-evy-trace-route-configuration: listener_https/all
content-length: 35
server: cloudflare
x-evy-trace-virtual-host: all

POST
H/1.1 204
No Content collect Show response
i.clarity.ms/ 0
281 B 689ms
343ms XHR
text/plain 4.153.72.49
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.153.72.49 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://rocket-boys.co.jp/

Response headers

Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
Access-Control-Allow-Origin: https://rocket-boys.co.jp
Date: Thu, 21 Nov 2024 11:36:42 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
878 B 203ms
198ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=2

Requested by

Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/

Response headers

x-robots-tag: none
x-request-id: 62b888c7-345b-447b-be79-5826150b07a2
access-control-expose-headers: X-Origin-Hublet
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
server-timing: cfExtPri
date: Thu, 21 Nov 2024 11:36:42 GMT
x-hubspot-correlation-id: 62b888c7-345b-447b-be79-5826150b07a2
content-type: image/gif
vary: origin
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-b967ccf5d-x5fpl
x-envoy-upstream-service-time: 3
access-control-allow-credentials: false
cf-ray: 8e60622d682dd777-NRT
x-evy-trace-route-configuration: listener_https/all
content-length: 35
server: cloudflare
x-evy-trace-virtual-host: all

POST
H2 204 collect
analytics.google.com/g/ 0
0 94ms
37ms Fetch
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-RBE8SXFXV5&gtm=45je4bk0v9110013979za200&_p=1732189001383&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1599774711.1732189002&ecid=224979865&ul=ja-jp&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&ec_mode=a&_eu=EAAI&_s=1&sid=1732189001&sct=1&seg=0&dl=https%3A%2F%2Frocket-boys.co.jp%2Ffake-microsoft-teams-malware-distribution-malvertising%2F&dt=%E5%81%BD%E3%81%AEMac%E7%89%88%20Microsoft%20Teams%E3%81%8C%E3%83%9E%E3%83%AB%E3%82%A6%E3%82%A7%E3%82%A2%E3%82%92%E9%85%8D%E4%BF%A1%7C%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%B9&en=page_view&_fv=1&_ss=1&tfd=1512
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RBE8SXFXV5&l=dataLayer&cx=c&gtm=457e4bk0za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://rocket-boys.co.jp
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
546 B 114ms
35ms Ping
text/plain 2404:6800:4008:c15::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RBE8SXFXV5&cid=1599774711.1732189002&gtm=45je4bk0v9110013979za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RBE8SXFXV5&l=dataLayer&cx=c&gtm=457e4bk0za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c15::9c Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://rocket-boys.co.jp
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 452A 0
0 95ms
43ms Document
text/html 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-RBE8SXFXV5&gacid=1599774711.1732189002&gtm=45je4bk0v9110013979za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=63971114

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RBE8SXFXV5&l=dataLayer&cx=c&gtm=457e4bk0za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rocket-boys.co.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Nov 2024 11:36:41 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.co.jp/ads/ 42 B
63 B 95ms
42ms Image
image/gif 142.250.198.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RBE8SXFXV5&cid=1599774711.1732189002&gtm=45je4bk0v9110013979za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1412697727

Requested by

Host: rocket-boys.co.jp
URL: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.198.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s58-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 21 Nov 2024 11:36:41 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 44336485.js Show response
js-na1.hs-scripts.com/ 2 KB
786 B 51ms
44ms Script
application/javascript 2606:4700::6810:8bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-na1.hs-scripts.com/44336485.js

Requested by

Host: js.hs-analytics.net
URL: https://js.hs-analytics.net/analytics/1732188900000/44336485.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfeea5274d155f1d56d52c7875aacbc6344d78e5cae3f4b30ea7a9d58720fd89

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/

Response headers

access-control-max-age: 3600
content-encoding: gzip
cf-cache-status: HIT
age: 3111
x-content-type-options: nosniff
date: Thu, 21 Nov 2024 11:36:42 GMT
x-hubspot-correlation-id: 10e17581-1106-4748-92de-3d30dfffd4bb
content-type: application/javascript;charset=utf-8
vary: origin, Accept-Encoding
last-modified: Thu, 21 Nov 2024 10:44:51 GMT
access-control-allow-credentials: true
cf-ray: 8e60622edcb4df5c-NRT
accept-ranges: bytes
access-control-allow-origin: https://rocket-boys.co.jp
content-length: 643
server: cloudflare

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 224ms
205ms Image
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=ja-jp&bfp=3991745910&v=1.1&a=44336485&ct=blog-post&rcu=https%3A%2F%2Frocket-boys.co.jp%2Ffake-microsoft-teams-malware-distribution-malvertising%2F&pu=https%3A%2F%2Frocket-boys.co.jp%2Ffake-microsoft-teams-malware-distribution-malvertising%2F&t=%E5%81%BD%E3%81%AEMac%E7%89%88+Microsoft+Teams%E3%81%8C%E3%83%9E%E3%83%AB%E3%82%A6%E3%82%A7%E3%82%A2%E3%82%92%E9%85%8D%E4%BF%A1%7C%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%B9&cts=1732189002042&vi=e06f8a9649a471d085f796f427f7099b&nc=true&u=65954737.e06f8a9649a471d085f796f427f7099b.1732189002031.1732189002031.1732189002031.1&b=65954737.1.1732189002031&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/

Response headers

x-robots-tag: none
x-request-id: f49804c3-0daf-49ca-8663-e7807d363e14
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=87U9aq%2FNhTJ5t4jbglbmKittg4D4MttaW%2BvmY4m%2F3JHMd%2BY3vJllBTxfowJFUyI4Wv4Ntlk7i%2F%2BYEY6pNwx7dNHiV4NjtL6A1C%2BEWL5mqxnZR4F3YMwc7pMc4XkLUQICxgtL6pNsijCfXTI1YZty"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-evy-trace-listener: listener_https
p3p: CP="NOI CUR ADM OUR NOR STA NID"
date: Thu, 21 Nov 2024 11:36:42 GMT
x-hubspot-correlation-id: f49804c3-0daf-49ca-8663-e7807d363e14
content-type: image/gif
vary: origin, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: no-cache, no-store, no-transform
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-c658cb6d4-7snjx
x-envoy-upstream-service-time: 5
access-control-allow-credentials: false
cf-ray: 8e60622eeb786870-NRT
x-evy-trace-route-configuration: listener_https/all
content-length: 45
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=6CF6363C4AE04E49BD99FF1859B9B747&RedC=c.clarity.ms&MXFR=1B4A6B227F1E64041BA27E1C7B1E6A40
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6CF6363C4AE04E49BD99FF1859B9B747&MUID=3C22F3E207856D581F40E6DC066F6C10

42 B
442 B

21ms
20ms

Image
image/gif

52.231.230.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6CF6363C4AE04E49BD99FF1859B9B747&MUID=3C22F3E207856D581F40E6DC066F6C10
Protocol: H2
Server: 52.231.230.148 Busan, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/

Response headers

cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
etag: "58964c231919db1:0"
accept-ranges: bytes
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 42
date: Thu, 21 Nov 2024 11:36:41 GMT
content-type: image/gif
last-modified: Tue, 08 Oct 2024 00:29:29 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

Redirect headers

cache-control: private, no-cache, proxy-revalidate, no-store
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6CF6363C4AE04E49BD99FF1859B9B747&MUID=3C22F3E207856D581F40E6DC066F6C10
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5C9F36224F744204856C889436A6F838 Ref B: TYAEDGE0816 Ref C: 2024-11-21T11:36:42Z
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 0
date: Thu, 21 Nov 2024 11:36:41 GMT
x-powered-by: ASP.NET

GET
H2 200 favicon.ico
rocket-boys.co.jp/wp-content/themes/Rocket/favicon/ 15 KB
2 KB 32ms
32ms Other
image/vnd.microsoft.icon 118.27.125.184
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://rocket-boys.co.jp/wp-content/themes/Rocket/favicon/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.184 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-184.virt.lolipop.jp
Software: Apache /
Resource Hash: 45e217984331c1e25f2135df2b5ff93a3e38a453e39bf916dc7e56178273affe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rocket-boys.co.jp/fake-microsoft-teams-malware-distribution-malvertising/

Response headers

content-encoding: gzip
accept-ranges: none
content-length: 1464
date: Thu, 21 Nov 2024 11:36:42 GMT
content-type: image/vnd.microsoft.icon
last-modified: Mon, 18 Apr 2022 03:57:26 GMT
server: Apache
vary: Range,Accept-Encoding

POST
H/1.1 204
No Content collect Show response
i.clarity.ms/ 0
281 B 170ms
169ms XHR
text/plain 4.153.72.49
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.153.72.49 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://rocket-boys.co.jp/

Response headers

Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
Access-Control-Allow-Origin: https://rocket-boys.co.jp
Date: Thu, 21 Nov 2024 11:36:42 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: rocket-boys.co.jp
URL: blob:https://rocket-boys.co.jp/8d10a7cb-516e-4442-972f-fc16d97583c4

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.clarity.ms/	1970-01-21 09:55:25	Name: CLID Value: 82ddb1a4faad4d378f3967839aa8ac4b.20241121.20251121
.rocket-boys.co.jp/	1970-01-21 09:55:25	Name: _clck Value: 1733bri%7C2%7Cfr2%7C0%7C1786
.rocket-boys.co.jp/	1970-01-21 01:11:15	Name: _gid Value: GA1.3.461697330.1732189002
.rocket-boys.co.jp/	1970-01-21 01:09:49	Name: _gat_gtag_UA_111561936_2 Value: 1
rocket-boys.co.jp/	1970-01-21 10:45:49	Name: bownow_cid Value: 5d2dc02e-db39-4051-b59b-ac5e7b7db4af
rocket-boys.co.jp/	1970-01-21 01:09:50	Name: bownow_aid Value: bbada5be-df25-4fa2-9a13-696fc0968bd2
rocket-boys.co.jp/	1970-01-21 01:09:50	Name: bownow_act Value: access
rocket-boys.co.jp/	1970-01-21 01:09:50	Name: bownow_mbid Value:
.rocket-boys.co.jp/	1970-01-21 10:45:49	Name: _ga_RBE8SXFXV5 Value: GS1.1.1732189001.1.0.1732189001.60.0.224979865
.rocket-boys.co.jp/	1970-01-21 10:45:49	Name: _ga Value: GA1.1.1599774711.1732189002
.doubleclick.net/	1970-01-21 01:09:49	Name: test_cookie Value: CheckForPermission
.hsforms.com/	1970-01-21 01:09:50	Name: __cf_bm Value: 9clHdvFOIcPUEggY432_AN98k7A9xefbs0cOUwpltLQ-1732189002-1.0.1.1-GBoJDHfK3higUthhc5D_Ho3kJcykT5cL9NhGPx0GpZ25qZGmIbZn_8bop62Qk17nIN3Uxmo34QQorJWECRQn1g
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 3XQLkUNn4.PUybgH3GjLyTYYrjr0Pnfhsuwaw3xq8YE-1732189002016-0.0.1.1-604800000
.rocket-boys.co.jp/	1970-01-21 05:29:01	Name: __hstc Value: 65954737.e06f8a9649a471d085f796f427f7099b.1732189002031.1732189002031.1732189002031.1
.rocket-boys.co.jp/	1970-01-21 05:29:01	Name: hubspotutk Value: e06f8a9649a471d085f796f427f7099b
.rocket-boys.co.jp/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.rocket-boys.co.jp/	1970-01-21 01:09:50	Name: __hssc Value: 65954737.1.1732189002031
.bing.com/	1970-01-21 10:31:25	Name: MUID Value: 3C22F3E207856D581F40E6DC066F6C10
.c.bing.com/	1970-01-21 01:19:53	Name: MR Value: 0
.c.bing.com/	1970-01-21 10:31:25	Name: SRM_B Value: 3C22F3E207856D581F40E6DC066F6C10
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 10:31:25	Name: MUID Value: 3C22F3E207856D581F40E6DC066F6C10
.c.clarity.ms/	1970-01-21 01:19:53	Name: MR Value: 0
.c.clarity.ms/	1970-01-21 01:09:49	Name: ANONCHK Value: 0
.hubspot.com/	1970-01-21 01:09:50	Name: __cf_bm Value: cePbPlSiO2Ev8Mxe3Q415JbqRpiHZECvY2eIuNLMVhA-1732189002-1.0.1.1-wk8sd_WnHSHjcAYPxjMIyrYIPV5WXISCKofPlzONcTRxmcmyWamDY37XtdPyaLUJ.yf4Aae4xyr8C5_lRZiKCA
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: f8754UALIbfLLGYZpwISto7PdGV46enOWfQnb2xxmr0-1732189002268-0.0.1.1-604800000
.rocket-boys.co.jp/	1970-01-21 01:11:15	Name: _clsk Value: l6guum%7C1732189002496%7C1%7C1%7Ci.clarity.ms%2Fcollect

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api.iconify.design
c.bing.com
c.clarity.ms
cdnjs.cloudflare.com
code.jquery.com
contents.bownow.jp
cta-service-cms2.hubspot.com
fonts.googleapis.com
forms.hscollectedforms.net
forms.hsforms.com
i.clarity.ms
js-na1.hs-scripts.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
js.hubspot.com
perf-na1.hsforms.com
rocket-boys.co.jp
stats.g.doubleclick.net
td.doubleclick.net
track.hubspot.com
www.clarity.ms
www.google-analytics.com
www.google.co.jp
www.googletagmanager.com
rocket-boys.co.jp
104.17.24.14
104.18.80.204
118.27.125.184
142.250.198.3
2001:4860:4802:32::181
2404:6800:4004:810::200e
2404:6800:4004:818::2002
2404:6800:4004:824::2008
2404:6800:4004:824::200a
2404:6800:4008:c15::9c
2606:4700:20::681a:ccc
2606:4700:4400::ac40:9310
2606:4700::6810:6efe
2606:4700::6810:7674
2606:4700::6810:8bd1
2606:4700::6811:afc9
2620:1ec:bdf::46
2620:1ec:c11::237
2a04:4e42:600::649
4.153.72.49
52.231.230.148
54.92.29.218
027f9fef93a2d620715de7311a5bf674cb3df18a352d2a0a7266c147c157333f
06723045419949302e1d4abe65cb4a535582e60d1a53645ab838b06079d98eb0
09f17718ab4dd49ece714a581fbc1cb5950072df31b184724d595b322cac143b
104673f4859604362a18fc6294197d8fffb8cb24ad3211e92eb04f655e18cf4a
111da58b16b15c6bac6126be92d0a83c8d1dc4139b6361411a744deda5242c66
132aa2821e8f2fe3b16544a4ad4ab28caee69cf83d238fba9c4563eb5dec31ce
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
17b79ece7ef9d1454a90156690d33d64387b67a7a7548fc826012512e287a937
18d6e297189283477987a0c70e59ff68dcc2dcb4b51dd22104fe46a31d5c19e5
1adb8f4ff0f589850abec6b8c7802e2d3439388ac02ca1634869a2642ca4386d
1cbf1e05b314c08e596353f616c1ebe5e24f007397e19a59b040bf6a689489f8
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239
20d651848ac49b7dbbb9767894029151de4959a87a7e99364e1136f736d70547
21ca6e22e82d246bd97955bd4c64a96b3c06ed924724b538583d566a56be8157
291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a
2a961da4c33a1489e786bc080d8181278cd8711262e2203bf386e7c57728b33f
2cb49254bea063ea92f7e1fc0a7a827eac9b436f2f099193903a12bdefdbe397
2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045
2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b
2efe0d8072659b087901323e1fdb18a0f57e6011cb9cb7edff6e1723fc2e8d70
362f3ac4a87eefb229d7be6645af26bda2cf128faf87206292b4ee50c7af9a71
421beece67150906e0c9a1c670126c0e29609849b162cbf917b8adac287625e9
443d56154c13fab81852c16cd0993556cf458260d84eb968c268be1307b87744
446232761806825306408235afe9dfed80f95ce3c8e3e894155661e6f1e9c381
4471e66caea1961a22e498404456b4bac5c6cb9c69814a2942c9b51ba9d2d8ec
45e217984331c1e25f2135df2b5ff93a3e38a453e39bf916dc7e56178273affe
46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
52ed7f1ba3dfa3bbf617c424d69cbc86f3de7949b93f3a026df4e5bbad63b0d5
53cbbd0caef3ba050fec0544c58208a41513120cdbecc9519b3cf69369793d88
6082e734ad0c11fb8b0b6ce00382c8ff3c158eaccc16cf74c024967215904e3a
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
658190684145ba458a172903d67b3f7468128f499c8062512c1d54d1938a25fd
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
700c8bd73d93522ca53cdc35e2a71e96caf7c344bc7a8391f3af90c10b917033
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
745ee0307bc9c4780128bed80e001f021ca9ada288d5f0524f8bae7f0ef22a63
74fdbf2164ee92b0e03047bfe50b0e9552a209e7162edccdf6501f50cba2c5e0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8eab6695362dfb2ef3055e28b169fddf2339f58a9363b01ac3d0f37a58edb05b
93a3d5fd8ea4c1efa86629cf9ccf56a783bb57ab2bfc66f3f970b8e62e4e5cbb
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99f24694ecc24d01efaed830e445e8f9c96765d774910bece1774083bca13841
a34e53e0a4a7d5b7a3abbcba2e8c0a7df0a397aefafb3d441c86fe132810d7bb
a477fb4c8af45eb4e37e9658bf5e8f32ffc970d1fd3777784bc709c3dac55e8c
a6a3ca099e669a337ba851f6cc3216d80e5ad3f963882bc75b48ed72222feeaf
a7a9d8f7444d8f062116a15f9c271e1ad800c452e28a09cdd19622cdc00e017f
b5146785fa8805a2c78e7919bbcfa0ce1019d678a0a015ad403501df4fa19ef4
b578475bf6849db19b160a3656577946133602207e232d459a10e6756573cf9b
bfeea5274d155f1d56d52c7875aacbc6344d78e5cae3f4b30ea7a9d58720fd89
c18f5c0855f4b76c30dd796f7164f9d1bb23c2c85b070cfad938787a214a2639
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
ca9ead1a878c5a474808166462389da9859bbe06ee7c5e4365029c8062709121
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cc1468d7225a1cb94162f31330f755dc79182b52aba352ec7408842dfb17fc05
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
cd5906d9079a464ce436196c05d57ae9063284d360d2b6c065469e85c117dbcb
d025a68a51119225522700a4124c9f6efa735aab0f3360182c0611d3647dcfb7
d0c0d3ddfb1f282a0a40f65cfd409b41329f728467a2a4cff765f0922edeb5d9
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d833da310560e976107a19e54e2d30d01adb532d4ee23bb14c444cc428ba2466
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc
f4724e3ddd403b14a2220625b4019a6d3e840f550a1e1293b41d6fc8ee44285d
f78f0f583e152fa235ca51f99bab70d1aeb59675de57c78bcef18b5a2e8a5a5f
fab49a1a7f4cd3862a3b5718942d4a1f332230c5c1977d919e28f45ff23198a5
fe6919dc638bd7258ef2cb992d494155b0d2ab33e3436ee87f5cad5464a7cada
feab98e6b3ac2c68361b0c0f93b6b2e0b25b43adc117d4b7e384f5d5d5627668

rocket-boys.co.jp Open in urlscan Pro 118.27.125.184 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

79 Requests

97 %HTTPS

68 %IPv6

19 Domains

27 Subdomains

22 IPs

6 Countries

1808 kBTransfer

3906 kBSize

27 Cookies

3 Outgoing links

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

rocket-boys.co.jp Open in urlscan Pro
118.27.125.184 Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

97 %
HTTPS

68 %
IPv6

19
Domains

27
Subdomains

22
IPs

6
Countries

1808 kB
Transfer

3906 kB
Size

27
Cookies

79 HTTP transactions
6 data transactions