ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
200 OK 30 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP
Requested by https://bgqcxtwm.e-kei.pl/
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintFA:D7:68:E4:12:7D:FE:22:87:DE:95:F1:1E:49:5A:49:FA:12:1E:B9
ValidityMon, 16 Oct 2023 08:10:01 GMT - Mon, 08 Jan 2024 08:10:00 GMT
File type ASCII text, with very long lines (32065)
Hash 2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bgqcxtwm.e-kei.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Nov 2023 10:16:52 GMT
expires: Mon, 04 Nov 2024 10:16:52 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 142691
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sec.plala.or.jp/fp/tags.js?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37
200 OK 12 kB URL GET HTTP/1.1 sec.plala.or.jp/fp/tags.js?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37
IP
Requested by https://bgqcxtwm.e-kei.pl/
Certificate IssuerCybertrust Japan Co., Ltd.
Subjectsec.plala.or.jp
Fingerprint31:87:EA:6E:72:34:58:E1:68:31:E0:3E:48:5B:F0:6D:79:70:74:EC
ValidityWed, 18 Jan 2023 23:38:57 GMT - Sun, 18 Feb 2024 14:59:00 GMT
File type ASCII text, with very long lines (15506)
Hash e406da3cf7cae6f170c7de46425af3b8
911fb104af2d15c80c808e1ec3ae61bc7576626e
c69cbbf8772025ca56be9aadc06bddf9286a6fb86796018bc15f31d6eaaafabc
GET /fp/tags.js?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37 HTTP/1.1
Host: sec.plala.or.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bgqcxtwm.e-kei.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Nov 2023 01:55:04 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Robots-Tag: noindex, nofollow
P3P: CP=IVAa PSAa
Set-Cookie: thx_guid=dce51c9df15f0853bc6fa62bbad41360; Max-Age=155520000; Version=1; HttpOnly; Path=/; Secure; SameSite=None;
tmx_guid=AAxRcKsaPqCiJzY0V_iq6TZe5ekoBAa3gtIfO-OVsC5Qqz9c6TZaPVdJ62r2u6i-qkSg4rdzLOM6PjrZe6XB8ZzoUUrrbg; Max-Age=155520000; Version=1; HttpOnly; Path=/; Secure; SameSite=None;
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
web1.plala.or.jp/mail/plus/css/tsuikalogin.css
200 OK 190 B URL GET HTTP/1.1 web1.plala.or.jp/mail/plus/css/tsuikalogin.css
IP
ASN #4713 NTT Communications Corporation
Requested by https://bgqcxtwm.e-kei.pl/
Certificate IssuerDigiCert Inc
Subject*.plala.or.jp
Fingerprint87:C8:FE:B0:F5:D0:48:01:3D:76:C0:FD:72:36:FF:81:9B:F9:7A:3C
ValidityTue, 28 Feb 2023 00:00:00 GMT - Sat, 30 Mar 2024 23:59:59 GMT
Hash 19f741632387585fbd589d3fc31b347f
a64821d916f502adf5734810b48f30b8fe513eb8
6fa5fda5079bec36b02ab73a550608c3662a7cd5305c45cf8234f29040f82ea5
GET /mail/plus/css/tsuikalogin.css HTTP/1.1
Host: web1.plala.or.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bgqcxtwm.e-kei.pl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Nov 2023 01:55:04 GMT
Server: Apache
Last-Modified: Mon, 16 Dec 2019 02:13:43 GMT
ETag: "75bc9-be-c2b983c0"
Accept-Ranges: bytes
Content-Length: 190
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/css
Set-Cookie: Plala_WEB_=617377244.47873.0000; path=/
web1.plala.or.jp/mail/plus/css/login.css
200 OK 1.7 kB URL GET HTTP/1.1 web1.plala.or.jp/mail/plus/css/login.css
IP
ASN #4713 NTT Communications Corporation
Requested by https://bgqcxtwm.e-kei.pl/
Certificate IssuerDigiCert Inc
Subject*.plala.or.jp
Fingerprint87:C8:FE:B0:F5:D0:48:01:3D:76:C0:FD:72:36:FF:81:9B:F9:7A:3C
ValidityTue, 28 Feb 2023 00:00:00 GMT - Sat, 30 Mar 2024 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash bc8c477d159f24ea86eb72a9907f843e
7c6424642bffc3b47f5d1b81ab8326d008755f71
79e3e092b0b22df9f93ac9325fb7438d3bced0784bcb2ccfd8964fa07b3b221d
GET /mail/plus/css/login.css HTTP/1.1
Host: web1.plala.or.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bgqcxtwm.e-kei.pl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Nov 2023 01:55:04 GMT
Server: Apache
Last-Modified: Fri, 22 Aug 2008 08:51:44 GMT
ETag: "342d5-6b3-8c03c800"
Accept-Ranges: bytes
Content-Length: 1715
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/css
Set-Cookie: Plala_WEB_=617377244.47873.0000; path=/
ssocsp.cybertrust.ne.jp/OcspServer
1.5 kB URL ssocsp.cybertrust.ne.jp/OcspServer
IP
Hash ddf9ed4e649736036a912d0d7970e238
e07efd55d718b6c33e6608072c87cb0142799731
8f40af7ca4bfe6add512647055f01f23f724bef359010810a9fe92d9ca63783c
POST /OcspServer HTTP/1.1
Host: ssocsp.cybertrust.ne.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 87
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Nov 2023 01:55:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1480
Connection: keep-alive
Keep-Alive: timeout=2
sec.plala.or.jp/fp/HP?session_id=bea6bf04762b2b2146a7d783543fba37&org_id=2kamd3p6&nonce=c9b8b4e57a37800b&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
200 OK 5.8 kB URL GET HTTP/1.1 sec.plala.or.jp/fp/HP?session_id=bea6bf04762b2b2146a7d783543fba37&org_id=2kamd3p6&nonce=c9b8b4e57a37800b&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
IP
Requested by https://bgqcxtwm.e-kei.pl/
Certificate IssuerCybertrust Japan Co., Ltd.
Subjectsec.plala.or.jp
Fingerprint31:87:EA:6E:72:34:58:E1:68:31:E0:3E:48:5B:F0:6D:79:70:74:EC
ValidityWed, 18 Jan 2023 23:38:57 GMT - Sun, 18 Feb 2024 14:59:00 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 72198443d2b3374978f5667010ff69cd
92b4ad7eb13f67814cea24a1f31e99e873149c21
4c40e0e589a18c9203a64c996662e6bef41f0d6a7ff8e05a1f7cd1c7c6ea0ed2
GET /fp/HP?session_id=bea6bf04762b2b2146a7d783543fba37&org_id=2kamd3p6&nonce=c9b8b4e57a37800b&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx HTTP/1.1
Host: sec.plala.or.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bgqcxtwm.e-kei.pl/
Cookie: thx_guid=dce51c9df15f0853bc6fa62bbad41360; tmx_guid=AAxRcKsaPqCiJzY0V_iq6TZe5ekoBAa3gtIfO-OVsC5Qqz9c6TZaPVdJ62r2u6i-qkSg4rdzLOM6PjrZe6XB8ZzoUUrrbg
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Nov 2023 01:55:05 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-UA-Compatible: IE=Edge
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5789
Keep-Alive: timeout=2, max=99
web1.plala.or.jp/mail/plus/images/hd_logo_login.gif
200 OK 2.8 kB URL GET HTTP/1.1 web1.plala.or.jp/mail/plus/images/hd_logo_login.gif
IP
ASN #4713 NTT Communications Corporation
Requested by https://bgqcxtwm.e-kei.pl/
Certificate IssuerDigiCert Inc
Subject*.plala.or.jp
Fingerprint87:C8:FE:B0:F5:D0:48:01:3D:76:C0:FD:72:36:FF:81:9B:F9:7A:3C
ValidityTue, 28 Feb 2023 00:00:00 GMT - Sat, 30 Mar 2024 23:59:59 GMT
File type GIF image data, version 89a, 115 x 58\012- data
Hash ee6284e8ab015ada7763075b85c722d7
40826abe00d54ceed725fff2d90d63043b875558
662a02c554ce83d623a3f8b01a1fc02ad7238798d2207ac839f8d129ab3decdd
GET /mail/plus/images/hd_logo_login.gif HTTP/1.1
Host: web1.plala.or.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bgqcxtwm.e-kei.pl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Nov 2023 01:55:05 GMT
Server: Apache
Last-Modified: Fri, 22 Aug 2008 08:51:43 GMT
ETag: "34316-ae5-8bf485c0"
Accept-Ranges: bytes
Content-Length: 2789
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: image/gif
web1.plala.or.jp/mail/plus/images/spacer.gif
200 OK 43 B URL GET HTTP/1.1 web1.plala.or.jp/mail/plus/images/spacer.gif
IP
ASN #4713 NTT Communications Corporation
Requested by https://bgqcxtwm.e-kei.pl/
Certificate IssuerDigiCert Inc
Subject*.plala.or.jp
Fingerprint87:C8:FE:B0:F5:D0:48:01:3D:76:C0:FD:72:36:FF:81:9B:F9:7A:3C
ValidityTue, 28 Feb 2023 00:00:00 GMT - Sat, 30 Mar 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /mail/plus/images/spacer.gif HTTP/1.1
Host: web1.plala.or.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bgqcxtwm.e-kei.pl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Nov 2023 01:55:05 GMT
Server: Apache
Last-Modified: Wed, 24 Oct 2007 05:30:33 GMT
ETag: "3e19d-2b-6a9c5040"
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: image/gif
Set-Cookie: Plala_WEB_=265055708.47873.0000; path=/
web1.plala.or.jp/mail/plus/images/barg.gif
200 OK 1.7 kB URL GET HTTP/1.1 web1.plala.or.jp/mail/plus/images/barg.gif
IP
ASN #4713 NTT Communications Corporation
Requested by https://bgqcxtwm.e-kei.pl/
Certificate IssuerDigiCert Inc
Subject*.plala.or.jp
Fingerprint87:C8:FE:B0:F5:D0:48:01:3D:76:C0:FD:72:36:FF:81:9B:F9:7A:3C
ValidityTue, 28 Feb 2023 00:00:00 GMT - Sat, 30 Mar 2024 23:59:59 GMT
File type GIF image data, version 89a, 750 x 30\012- data
Hash 13a156ce3615ab6a1206daa3b16a69d9
2efb6bc8681bf1d35dd317a9b47bff4c9b747885
ba71589b6bb729587c3c110462cf7843859a61d03b0f9bb6c9724cf40cdd9f76
GET /mail/plus/images/barg.gif HTTP/1.1
Host: web1.plala.or.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bgqcxtwm.e-kei.pl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Nov 2023 01:55:05 GMT
Server: Apache
Last-Modified: Wed, 24 Oct 2007 05:30:33 GMT
ETag: "3e159-6ca-6a9c5040"
Accept-Ranges: bytes
Content-Length: 1738
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: image/gif
Set-Cookie: Plala_WEB_=265055708.47873.0000; path=/
sec.plala.or.jp/fp/check.js?&pageid=99998&session_id=bea6bf04762b2b2146a7d783543fba37&org_id=2kamd3p6&nonce=c9b8b4e57a37800b
200 OK 29 kB URL GET HTTP/1.1 sec.plala.or.jp/fp/check.js?&pageid=99998&session_id=bea6bf04762b2b2146a7d783543fba37&org_id=2kamd3p6&nonce=c9b8b4e57a37800b
IP
Requested by https://sec.plala.or.jp/fp/HP?session_id=bea6bf04762b2b2146a7d783543fba37&org_id=2kamd3p6&nonce=c9b8b4e57a37800b&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Certificate IssuerCybertrust Japan Co., Ltd.
Subjectsec.plala.or.jp
Fingerprint31:87:EA:6E:72:34:58:E1:68:31:E0:3E:48:5B:F0:6D:79:70:74:EC
ValidityWed, 18 Jan 2023 23:38:57 GMT - Sun, 18 Feb 2024 14:59:00 GMT
File type ASCII text, with very long lines (17993)
Hash 68867cdafeefdbe2cb387925f8679d02
0ea83630a51e1e8727df5cba394a584392022ab9
71869c7115768c34ba09a3792b3f1ced0d9e3f1cd664f33d22d46633b5057191
GET /fp/check.js?&pageid=99998&session_id=bea6bf04762b2b2146a7d783543fba37&org_id=2kamd3p6&nonce=c9b8b4e57a37800b HTTP/1.1
Host: sec.plala.or.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sec.plala.or.jp/fp/HP?session_id=bea6bf04762b2b2146a7d783543fba37&org_id=2kamd3p6&nonce=c9b8b4e57a37800b&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Cookie: thx_guid=dce51c9df15f0853bc6fa62bbad41360; tmx_guid=AAxRcKsaPqCiJzY0V_iq6TZe5ekoBAa3gtIfO-OVsC5Qqz9c6TZaPVdJ62r2u6i-qkSg4rdzLOM6PjrZe6XB8ZzoUUrrbg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Nov 2023 01:55:05 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
tmx-nonce: c9b8b4e57a37800b
X-Robots-Tag: noindex, nofollow
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=98
Transfer-Encoding: chunked
web1.plala.or.jp/mail/plus/images/login.gif
200 OK 424 B URL GET HTTP/1.1 web1.plala.or.jp/mail/plus/images/login.gif
IP
ASN #4713 NTT Communications Corporation
Requested by https://bgqcxtwm.e-kei.pl/
Certificate IssuerDigiCert Inc
Subject*.plala.or.jp
Fingerprint87:C8:FE:B0:F5:D0:48:01:3D:76:C0:FD:72:36:FF:81:9B:F9:7A:3C
ValidityTue, 28 Feb 2023 00:00:00 GMT - Sat, 30 Mar 2024 23:59:59 GMT
File type GIF image data, version 89a, 112 x 24\012- data
Hash 47e5e2303fca8b31ed4fc0e4592eb05e
926791b0c9bea9eead7e6b7e596f078907bf2ef1
ec2716d4c90cf8b58b22978f562c937382d76f259fbd5a82b2738ab6ccba0b51
GET /mail/plus/images/login.gif HTTP/1.1
Host: web1.plala.or.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bgqcxtwm.e-kei.pl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Nov 2023 01:55:05 GMT
Server: Apache
Last-Modified: Wed, 24 Oct 2007 05:33:02 GMT
ETag: "34324-1a8-737ddf80"
Accept-Ranges: bytes
Content-Length: 424
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: image/gif
web1.plala.or.jp/mail/plus/images/bg_g.gif
200 OK 3.2 kB URL GET HTTP/1.1 web1.plala.or.jp/mail/plus/images/bg_g.gif
IP
ASN #4713 NTT Communications Corporation
Requested by https://bgqcxtwm.e-kei.pl/
Certificate IssuerDigiCert Inc
Subject*.plala.or.jp
Fingerprint87:C8:FE:B0:F5:D0:48:01:3D:76:C0:FD:72:36:FF:81:9B:F9:7A:3C
ValidityTue, 28 Feb 2023 00:00:00 GMT - Sat, 30 Mar 2024 23:59:59 GMT
File type GIF image data, version 89a, 727 x 400\012- data
Hash b56a7f43cdb87bcb6ccef5257fd8280b
11bf42136c6e9d25502052d51bd0a8df538e982d
74610a7040540b5fcbf05a8089f669f5d70b990e3dfe5abc3c9c9acb837dda27
GET /mail/plus/images/bg_g.gif HTTP/1.1
Host: web1.plala.or.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web1.plala.or.jp/mail/plus/css/login.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Nov 2023 01:55:05 GMT
Server: Apache
Last-Modified: Fri, 22 Aug 2008 08:51:44 GMT
ETag: "342fe-c4f-8c03c800"
Accept-Ranges: bytes
Content-Length: 3151
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: image/gif
Set-Cookie: Plala_WEB_=617377244.47873.0000; path=/
web1.plala.or.jp/mail/plus/images/head_r1g.gif
200 OK 2.6 kB URL GET HTTP/1.1 web1.plala.or.jp/mail/plus/images/head_r1g.gif
IP
ASN #4713 NTT Communications Corporation
Requested by https://bgqcxtwm.e-kei.pl/
Certificate IssuerDigiCert Inc
Subject*.plala.or.jp
Fingerprint87:C8:FE:B0:F5:D0:48:01:3D:76:C0:FD:72:36:FF:81:9B:F9:7A:3C
ValidityTue, 28 Feb 2023 00:00:00 GMT - Sat, 30 Mar 2024 23:59:59 GMT
File type GIF image data, version 89a, 543 x 40\012- data
Hash 12dbb91a5a1184dec00afe7b284a4731
b892bef8f194c203460f6beeedb6500827ff1fe8
446d94289151636165a11ab4cac37952dd293406365a5a2308c3660fb6e9e949
GET /mail/plus/images/head_r1g.gif HTTP/1.1
Host: web1.plala.or.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web1.plala.or.jp/mail/plus/css/login.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Nov 2023 01:55:05 GMT
Server: Apache
Last-Modified: Fri, 22 Aug 2008 08:51:43 GMT
ETag: "34318-a04-8bf485c0"
Accept-Ranges: bytes
Content-Length: 2564
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: image/gif
Set-Cookie: Plala_WEB_=617377244.47873.0000; path=/
web1.plala.or.jp/mail/plus/images/bg_r1g.gif
200 OK 86 B URL GET HTTP/1.1 web1.plala.or.jp/mail/plus/images/bg_r1g.gif
IP
ASN #4713 NTT Communications Corporation
Requested by https://bgqcxtwm.e-kei.pl/
Certificate IssuerDigiCert Inc
Subject*.plala.or.jp
Fingerprint87:C8:FE:B0:F5:D0:48:01:3D:76:C0:FD:72:36:FF:81:9B:F9:7A:3C
ValidityTue, 28 Feb 2023 00:00:00 GMT - Sat, 30 Mar 2024 23:59:59 GMT
File type GIF image data, version 89a, 543 x 1\012- data
Hash eb298e2e87363f15d73b5826694d679a
e7e69789118d0973d15144fd4ed92051f5a30a8b
22f7edc3f3a01d24c030fe489dc16bed380334573fe70d242e90ab74de58bf35
GET /mail/plus/images/bg_r1g.gif HTTP/1.1
Host: web1.plala.or.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web1.plala.or.jp/mail/plus/css/login.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Nov 2023 01:55:05 GMT
Server: Apache
Last-Modified: Fri, 22 Aug 2008 08:51:44 GMT
ETag: "342ff-56-8c03c800"
Accept-Ranges: bytes
Content-Length: 86
Keep-Alive: timeout=15, max=98
Connection: Keep-Alive
Content-Type: image/gif
web1.plala.or.jp/mail/plus/images/foot_r1g.gif
200 OK 2.1 kB URL GET HTTP/1.1 web1.plala.or.jp/mail/plus/images/foot_r1g.gif
IP
ASN #4713 NTT Communications Corporation
Requested by https://bgqcxtwm.e-kei.pl/
Certificate IssuerDigiCert Inc
Subject*.plala.or.jp
Fingerprint87:C8:FE:B0:F5:D0:48:01:3D:76:C0:FD:72:36:FF:81:9B:F9:7A:3C
ValidityTue, 28 Feb 2023 00:00:00 GMT - Sat, 30 Mar 2024 23:59:59 GMT
File type GIF image data, version 89a, 543 x 55\012- data
Hash 3606d5956ea4eb11ebb62586e3fe0410
8c8504656e9ff01dd962c0ef0cb4dc41dd30ac3e
468a33eb30adbffb9b0e5e428cdcf6df53d6dc81237e62be9b096b6e789adc03
GET /mail/plus/images/foot_r1g.gif HTTP/1.1
Host: web1.plala.or.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://web1.plala.or.jp/mail/plus/css/login.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Nov 2023 01:55:05 GMT
Server: Apache
Last-Modified: Fri, 22 Aug 2008 08:51:09 GMT
ETag: "3e170-83c-89edb940"
Accept-Ranges: bytes
Content-Length: 2108
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: image/gif
sec.plala.or.jp/fp/clear.png?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf&ck=0&m=2
200 OK 81 B URL GET HTTP/1.1 sec.plala.or.jp/fp/clear.png?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf&ck=0&m=2
IP
Requested by https://bgqcxtwm.e-kei.pl/
Certificate IssuerCybertrust Japan Co., Ltd.
Subjectsec.plala.or.jp
Fingerprint31:87:EA:6E:72:34:58:E1:68:31:E0:3E:48:5B:F0:6D:79:70:74:EC
ValidityWed, 18 Jan 2023 23:38:57 GMT - Sun, 18 Feb 2024 14:59:00 GMT
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf&ck=0&m=2 HTTP/1.1
Host: sec.plala.or.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bgqcxtwm.e-kei.pl/
Cookie: thx_guid=dce51c9df15f0853bc6fa62bbad41360; tmx_guid=AAxRcKsaPqCiJzY0V_iq6TZe5ekoBAa3gtIfO-OVsC5Qqz9c6TZaPVdJ62r2u6i-qkSg4rdzLOM6PjrZe6XB8ZzoUUrrbg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Nov 2023 01:55:05 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: image/png
sec.plala.or.jp/fp/check.js;CIS3SID=3ADFA4941ECBB9E14E894B9CD5A8CCAC?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf&jb=3139262468716f753f4e6b6c777a246a736d3d4e696c7d7a266a71603f466b7067666f7a273030313333
200 OK 61 kB URL GET HTTP/1.1 sec.plala.or.jp/fp/check.js;CIS3SID=3ADFA4941ECBB9E14E894B9CD5A8CCAC?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf&jb=3139262468716f753f4e6b6c777a246a736d3d4e696c7d7a266a71603f466b7067666f7a273030313333
IP
Requested by https://bgqcxtwm.e-kei.pl/
Certificate IssuerCybertrust Japan Co., Ltd.
Subjectsec.plala.or.jp
Fingerprint31:87:EA:6E:72:34:58:E1:68:31:E0:3E:48:5B:F0:6D:79:70:74:EC
ValidityWed, 18 Jan 2023 23:38:57 GMT - Sun, 18 Feb 2024 14:59:00 GMT
File type ASCII text, with very long lines (6264)
Hash 62006577508ffe3bc0f00813b511b072
dfc49db53e4b99411f18bad41b9a6aa6a4abead2
ab5b99f8ef0147ea9c98a2c3c797f85b85522ce372422df1dde7cbbf5b527ab3
GET /fp/check.js;CIS3SID=3ADFA4941ECBB9E14E894B9CD5A8CCAC?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf&jb=3139262468716f753f4e6b6c777a246a736d3d4e696c7d7a266a71603f466b7067666f7a273030313333 HTTP/1.1
Host: sec.plala.or.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bgqcxtwm.e-kei.pl/
Cookie: thx_guid=dce51c9df15f0853bc6fa62bbad41360; tmx_guid=AAxRcKsaPqCiJzY0V_iq6TZe5ekoBAa3gtIfO-OVsC5Qqz9c6TZaPVdJ62r2u6i-qkSg4rdzLOM6PjrZe6XB8ZzoUUrrbg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Nov 2023 01:55:05 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
tmx-nonce: 2d148d879bd7c6cf
X-Robots-Tag: noindex, nofollow
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=96
Transfer-Encoding: chunked
sec.plala.or.jp/fp/clear.png?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf&ck=0&m=1
200 OK 81 B URL GET HTTP/1.1 sec.plala.or.jp/fp/clear.png?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf&ck=0&m=1
IP
Requested by https://bgqcxtwm.e-kei.pl/
Certificate IssuerCybertrust Japan Co., Ltd.
Subjectsec.plala.or.jp
Fingerprint31:87:EA:6E:72:34:58:E1:68:31:E0:3E:48:5B:F0:6D:79:70:74:EC
ValidityWed, 18 Jan 2023 23:38:57 GMT - Sun, 18 Feb 2024 14:59:00 GMT
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf&ck=0&m=1 HTTP/1.1
Host: sec.plala.or.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bgqcxtwm.e-kei.pl/
Cookie: thx_guid=dce51c9df15f0853bc6fa62bbad41360; tmx_guid=AAxRcKsaPqCiJzY0V_iq6TZe5ekoBAa3gtIfO-OVsC5Qqz9c6TZaPVdJ62r2u6i-qkSg4rdzLOM6PjrZe6XB8ZzoUUrrbg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Nov 2023 01:55:05 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
bgqcxtwm.e-kei.pl/favicon.ico
404 Not Found 726 B URL GET HTTP/2 bgqcxtwm.e-kei.pl/favicon.ico
IP
ASN #29522 Cyber_Folks S.A.
Requested by https://bgqcxtwm.e-kei.pl/
Certificate IssuerLet's Encrypt
Subjectbgqcxtwm.e-kei.pl
Fingerprint89:27:AB:8C:FD:8F:57:C7:05:02:00:FA:DE:E1:97:16:1C:85:43:FE
ValiditySun, 05 Nov 2023 21:48:07 GMT - Sat, 03 Feb 2024 21:48:06 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text
Hash 403605c8f09902ea88821fa98c4a6563
03efbe87384ac79a2b4b3ce59be45bb358910a1b
2fd7180047a795160db8d489f61be1f217bbf6204affbfbbf39aeda65c573604
GET /favicon.ico HTTP/1.1
Host: bgqcxtwm.e-kei.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bgqcxtwm.e-kei.pl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 07 Nov 2023 01:55:05 GMT
content-type: text/html
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
sec.plala.or.jp/fp/HP?session_id=bea6bf04762b2b2146a7d783543fba37&org_id=2kamd3p6&nonce=2d148d879bd7c6cf&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
200 OK 5.8 kB URL GET HTTP/1.1 sec.plala.or.jp/fp/HP?session_id=bea6bf04762b2b2146a7d783543fba37&org_id=2kamd3p6&nonce=2d148d879bd7c6cf&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
IP
Requested by https://bgqcxtwm.e-kei.pl/
Certificate IssuerCybertrust Japan Co., Ltd.
Subjectsec.plala.or.jp
Fingerprint31:87:EA:6E:72:34:58:E1:68:31:E0:3E:48:5B:F0:6D:79:70:74:EC
ValidityWed, 18 Jan 2023 23:38:57 GMT - Sun, 18 Feb 2024 14:59:00 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 52ae1fa9003b2f89678c897cffa16ed1
2c01e6f405ab09d4cd64d1ea097b79fc286bb277
56996af92c4b8f7fdddd5f2e13585d077b68b601c40e17cce188e9667041f63a
GET /fp/HP?session_id=bea6bf04762b2b2146a7d783543fba37&org_id=2kamd3p6&nonce=2d148d879bd7c6cf&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx HTTP/1.1
Host: sec.plala.or.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bgqcxtwm.e-kei.pl/
Cookie: thx_guid=dce51c9df15f0853bc6fa62bbad41360; tmx_guid=AAxRcKsaPqCiJzY0V_iq6TZe5ekoBAa3gtIfO-OVsC5Qqz9c6TZaPVdJ62r2u6i-qkSg4rdzLOM6PjrZe6XB8ZzoUUrrbg
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Nov 2023 01:55:05 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-UA-Compatible: IE=Edge
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5791
Keep-Alive: timeout=2, max=94
sec.plala.or.jp/fp/ls_fp.html;CIS3SID=3ADFA4941ECBB9E14E894B9CD5A8CCAC?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf
200 OK 14 kB URL GET HTTP/1.1 sec.plala.or.jp/fp/ls_fp.html;CIS3SID=3ADFA4941ECBB9E14E894B9CD5A8CCAC?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf
IP
Requested by https://bgqcxtwm.e-kei.pl/
Certificate IssuerCybertrust Japan Co., Ltd.
Subjectsec.plala.or.jp
Fingerprint31:87:EA:6E:72:34:58:E1:68:31:E0:3E:48:5B:F0:6D:79:70:74:EC
ValidityWed, 18 Jan 2023 23:38:57 GMT - Sun, 18 Feb 2024 14:59:00 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (15506)
Hash 850250984eb46b4aab455b68456d23e1
c773b3e2fe222898f473f6e817fd44e4f6b668ce
7099334a08ed954f25db9c7441769ea2593dd0f29050985dee3c414f757de790
GET /fp/ls_fp.html;CIS3SID=3ADFA4941ECBB9E14E894B9CD5A8CCAC?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf HTTP/1.1
Host: sec.plala.or.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bgqcxtwm.e-kei.pl/
Cookie: thx_guid=dce51c9df15f0853bc6fa62bbad41360; tmx_guid=AAxRcKsaPqCiJzY0V_iq6TZe5ekoBAa3gtIfO-OVsC5Qqz9c6TZaPVdJ62r2u6i-qkSg4rdzLOM6PjrZe6XB8ZzoUUrrbg
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Nov 2023 01:55:05 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Robots-Tag: noindex, nofollow
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=99
Transfer-Encoding: chunked
sec.plala.or.jp/fp/clear.png?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf&jb=3136266e71633d616361673532343a37643465363764693a323730313537306164616233633463
204 No Content 0 B URL GET HTTP/1.1 sec.plala.or.jp/fp/clear.png?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf&jb=3136266e71633d616361673532343a37643465363764693a323730313537306164616233633463
IP
Requested by https://bgqcxtwm.e-kei.pl/
Certificate IssuerCybertrust Japan Co., Ltd.
Subjectsec.plala.or.jp
Fingerprint31:87:EA:6E:72:34:58:E1:68:31:E0:3E:48:5B:F0:6D:79:70:74:EC
ValidityWed, 18 Jan 2023 23:38:57 GMT - Sun, 18 Feb 2024 14:59:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf&jb=3136266e71633d616361673532343a37643465363764693a323730313537306164616233633463 HTTP/1.1
Host: sec.plala.or.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bgqcxtwm.e-kei.pl/
Cookie: thx_guid=dce51c9df15f0853bc6fa62bbad41360; tmx_guid=AAxRcKsaPqCiJzY0V_iq6TZe5ekoBAa3gtIfO-OVsC5Qqz9c6TZaPVdJ62r2u6i-qkSg4rdzLOM6PjrZe6XB8ZzoUUrrbg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Date: Tue, 07 Nov 2023 01:55:05 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=93
Connection: Keep-Alive
Content-Type: text/javascript
sec.plala.or.jp/fp/es.js?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf
200 OK 159 B URL GET HTTP/1.1 sec.plala.or.jp/fp/es.js?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf
IP
Requested by https://bgqcxtwm.e-kei.pl/
Certificate IssuerCybertrust Japan Co., Ltd.
Subjectsec.plala.or.jp
Fingerprint31:87:EA:6E:72:34:58:E1:68:31:E0:3E:48:5B:F0:6D:79:70:74:EC
ValidityWed, 18 Jan 2023 23:38:57 GMT - Sun, 18 Feb 2024 14:59:00 GMT
File type ASCII text, with no line terminators
Hash a6558a17f6786506c5a634926775a041
2c03b5ece26d5344f8cabf2847c0507da66a5473
54e3f4c5835d82afc2fc5910f9a1760082045f6d90a6df353989315dc81380d5
GET /fp/es.js?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf HTTP/1.1
Host: sec.plala.or.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bgqcxtwm.e-kei.pl/
Cookie: thx_guid=dce51c9df15f0853bc6fa62bbad41360; tmx_guid=AAxRcKsaPqCiJzY0V_iq6TZe5ekoBAa3gtIfO-OVsC5Qqz9c6TZaPVdJ62r2u6i-qkSg4rdzLOM6PjrZe6XB8ZzoUUrrbg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Nov 2023 01:55:05 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=98
Transfer-Encoding: chunked
sec.plala.or.jp/fp/check.js?&pageid=99998&session_id=bea6bf04762b2b2146a7d783543fba37&org_id=2kamd3p6&nonce=2d148d879bd7c6cf
200 OK 29 kB URL GET HTTP/1.1 sec.plala.or.jp/fp/check.js?&pageid=99998&session_id=bea6bf04762b2b2146a7d783543fba37&org_id=2kamd3p6&nonce=2d148d879bd7c6cf
IP
Requested by https://sec.plala.or.jp/fp/HP?session_id=bea6bf04762b2b2146a7d783543fba37&org_id=2kamd3p6&nonce=2d148d879bd7c6cf&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Certificate IssuerCybertrust Japan Co., Ltd.
Subjectsec.plala.or.jp
Fingerprint31:87:EA:6E:72:34:58:E1:68:31:E0:3E:48:5B:F0:6D:79:70:74:EC
ValidityWed, 18 Jan 2023 23:38:57 GMT - Sun, 18 Feb 2024 14:59:00 GMT
File type ASCII text, with very long lines (15506)
Hash 7791ff0fafb9b57fdd67aad550496929
1dfdd90112738c0b9c779b442d0e7178f62cb224
8385fbcf0e8239444e1a01b4dec3119196f10b6b08c05b873e8d48d72df84881
GET /fp/check.js?&pageid=99998&session_id=bea6bf04762b2b2146a7d783543fba37&org_id=2kamd3p6&nonce=2d148d879bd7c6cf HTTP/1.1
Host: sec.plala.or.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sec.plala.or.jp/fp/HP?session_id=bea6bf04762b2b2146a7d783543fba37&org_id=2kamd3p6&nonce=2d148d879bd7c6cf&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Cookie: thx_guid=dce51c9df15f0853bc6fa62bbad41360; tmx_guid=AAxRcKsaPqCiJzY0V_iq6TZe5ekoBAa3gtIfO-OVsC5Qqz9c6TZaPVdJ62r2u6i-qkSg4rdzLOM6PjrZe6XB8ZzoUUrrbg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Nov 2023 01:55:05 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
tmx-nonce: 2d148d879bd7c6cf
X-Robots-Tag: noindex, nofollow
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
sec.plala.or.jp/fp/clear.png
200 OK 81 B URL GET HTTP/1.1 sec.plala.or.jp/fp/clear.png
IP
Requested by https://bgqcxtwm.e-kei.pl/
Certificate IssuerCybertrust Japan Co., Ltd.
Subjectsec.plala.or.jp
Fingerprint31:87:EA:6E:72:34:58:E1:68:31:E0:3E:48:5B:F0:6D:79:70:74:EC
ValidityWed, 18 Jan 2023 23:38:57 GMT - Sun, 18 Feb 2024 14:59:00 GMT
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png HTTP/1.1
Host: sec.plala.or.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*, 2kamd3p6/2d148d879bd7c6cfbea6bf04762b2b2146a7d783543fba37
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bgqcxtwm.e-kei.pl
DNT: 1
Connection: keep-alive
Referer: https://bgqcxtwm.e-kei.pl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Nov 2023 01:55:05 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Tue, 07 Nov 2023 01:55:05 GMT
Expires: Sun, 05 Nov 2028 01:55:05 GMT
Etag: 97364640277c4904a739b1c31fa6cf90
Cache-Control: private, must-revalidate, max-age=0
Access-Control-Allow-Origin: https://bgqcxtwm.e-kei.pl
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
sec.plala.or.jp/fp/top_fp.html;CIS3SID=3ADFA4941ECBB9E14E894B9CD5A8CCAC?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf
200 OK 13 kB URL GET HTTP/1.1 sec.plala.or.jp/fp/top_fp.html;CIS3SID=3ADFA4941ECBB9E14E894B9CD5A8CCAC?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf
IP
Requested by https://bgqcxtwm.e-kei.pl/
Certificate IssuerCybertrust Japan Co., Ltd.
Subjectsec.plala.or.jp
Fingerprint31:87:EA:6E:72:34:58:E1:68:31:E0:3E:48:5B:F0:6D:79:70:74:EC
ValidityWed, 18 Jan 2023 23:38:57 GMT - Sun, 18 Feb 2024 14:59:00 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (15506)
Hash a64042478db75ba9548d2cdd67fe043f
dc68dabbfe20bb088f3270d5094660812ed8342c
559b5a73e6234c2063cbbcbc8fe3fceeef81b8d3386274161e0924d53dea9e1c
GET /fp/top_fp.html;CIS3SID=3ADFA4941ECBB9E14E894B9CD5A8CCAC?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf HTTP/1.1
Host: sec.plala.or.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bgqcxtwm.e-kei.pl/
Cookie: thx_guid=dce51c9df15f0853bc6fa62bbad41360; tmx_guid=AAxRcKsaPqCiJzY0V_iq6TZe5ekoBAa3gtIfO-OVsC5Qqz9c6TZaPVdJ62r2u6i-qkSg4rdzLOM6PjrZe6XB8ZzoUUrrbg
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Nov 2023 01:55:05 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Robots-Tag: noindex, nofollow
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=92
Transfer-Encoding: chunked
sec.plala.or.jp/fp/clear.png?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf&ja=3435362424613d3024783f3224643f31323a307a31323a362661643f33323a327a313030362473787b3f327a32246670723f312e313030322c313230362c33303a302c333230342c33303a322e333232342e3130383224333032362e322c32246f743d3035643531663133363b6734626630303b62343e6064333a3560306364316334246f6c3d32247161663f3036266c6a3d6a74767871253343273046273044626773617a74776f2c672f69676b2e706e25304624786e3d3524726a3d673a3232646463373535333b316436676065383b393165603c633939303b3264246a6a3d66603a356364323533303a3164616436663b37676c33326666666738663230302668716d3d4c6b6c777a246871623d4469706564677a2532323333312468716f753f4e6b6e757a246c6a613f3638266c6d76703f3824747a663f575441246f61746a703f37316437363a673660333632386066666e603839613b3b366464663466353264313263673166343463646636323b33373e60396631606136353560326667306426703f726e77656b6c5f666e617168273d4766616e716721726e7767696c5d75696e666d75715d6f676469635f726c6371677225374764616e716721706e7765696e5d63666d60675d6163706f6061762d374566636e716523726e75676b6c5d71756b6169766b6f6725354766636c716d23706c77656b6e5d716a6f63697563766527374764636e716521726c77676b665d7265636e726c637b677225374764616c716723726e7765696e5d766e635d786e6179677027354764636c736723726c75656b6c5d666774616c74722735476e636c736723726c77656b6e5f7174655f766b6775677027374566636c716523786e75676b6c5d6a63746325354764636c7367246161663f303538303435&jb=3b37266e733f4d6f786b6e6e63273046352c30273232205a31312731402530324e696e777a2732307a3a345d343627334227323272742d314131323b2c302b273030476761696f253044303233323231303325303044617065666d7a2732443333312e32
204 204 0 B URL GET HTTP/1.1 sec.plala.or.jp/fp/clear.png?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf&ja=3435362424613d3024783f3224643f31323a307a31323a362661643f33323a327a313030362473787b3f327a32246670723f312e313030322c313230362c33303a302c333230342c33303a322e333232342e3130383224333032362e322c32246f743d3035643531663133363b6734626630303b62343e6064333a3560306364316334246f6c3d32247161663f3036266c6a3d6a74767871253343273046273044626773617a74776f2c672f69676b2e706e25304624786e3d3524726a3d673a3232646463373535333b316436676065383b393165603c633939303b3264246a6a3d66603a356364323533303a3164616436663b37676c33326666666738663230302668716d3d4c6b6c777a246871623d4469706564677a2532323333312468716f753f4e6b6e757a246c6a613f3638266c6d76703f3824747a663f575441246f61746a703f37316437363a673660333632386066666e603839613b3b366464663466353264313263673166343463646636323b33373e60396631606136353560326667306426703f726e77656b6c5f666e617168273d4766616e716721726e7767696c5d75696e666d75715d6f676469635f726c6371677225374764616e716721706e7765696e5d63666d60675d6163706f6061762d374566636e716523726e75676b6c5d71756b6169766b6f6725354766636c716d23706c77656b6e5d716a6f63697563766527374764636e716521726c77676b665d7265636e726c637b677225374764616c716723726e7765696e5d766e635d786e6179677027354764636c736723726c75656b6c5d666774616c74722735476e636c736723726c77656b6e5f7174655f766b6775677027374566636c716523786e75676b6c5d6a63746325354764636c7367246161663f303538303435&jb=3b37266e733f4d6f786b6e6e63273046352c30273232205a31312731402530324e696e777a2732307a3a345d343627334227323272742d314131323b2c302b273030476761696f253044303233323231303325303044617065666d7a2732443333312e32
IP
Requested by https://bgqcxtwm.e-kei.pl/
Certificate IssuerCybertrust Japan Co., Ltd.
Subjectsec.plala.or.jp
Fingerprint31:87:EA:6E:72:34:58:E1:68:31:E0:3E:48:5B:F0:6D:79:70:74:EC
ValidityWed, 18 Jan 2023 23:38:57 GMT - Sun, 18 Feb 2024 14:59:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf&ja=3435362424613d3024783f3224643f31323a307a31323a362661643f33323a327a313030362473787b3f327a32246670723f312e313030322c313230362c33303a302c333230342c33303a322e333232342e3130383224333032362e322c32246f743d3035643531663133363b6734626630303b62343e6064333a3560306364316334246f6c3d32247161663f3036266c6a3d6a74767871253343273046273044626773617a74776f2c672f69676b2e706e25304624786e3d3524726a3d673a3232646463373535333b316436676065383b393165603c633939303b3264246a6a3d66603a356364323533303a3164616436663b37676c33326666666738663230302668716d3d4c6b6c777a246871623d4469706564677a2532323333312468716f753f4e6b6e757a246c6a613f3638266c6d76703f3824747a663f575441246f61746a703f37316437363a673660333632386066666e603839613b3b366464663466353264313263673166343463646636323b33373e60396631606136353560326667306426703f726e77656b6c5f666e617168273d4766616e716721726e7767696c5d75696e666d75715d6f676469635f726c6371677225374764616e716721706e7765696e5d63666d60675d6163706f6061762d374566636e716523726e75676b6c5d71756b6169766b6f6725354766636c716d23706c77656b6e5d716a6f63697563766527374764636e716521726c77676b665d7265636e726c637b677225374764616c716723726e7765696e5d766e635d786e6179677027354764636c736723726c75656b6c5d666774616c74722735476e636c736723726c77656b6e5f7174655f766b6775677027374566636c716523786e75676b6c5d6a63746325354764636c7367246161663f303538303435&jb=3b37266e733f4d6f786b6e6e63273046352c30273232205a31312731402530324e696e777a2732307a3a345d343627334227323272742d314131323b2c302b273030476761696f253044303233323231303325303044617065666d7a2732443333312e32 HTTP/1.1
Host: sec.plala.or.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bgqcxtwm.e-kei.pl/
Cookie: thx_guid=dce51c9df15f0853bc6fa62bbad41360; tmx_guid=AAxRcKsaPqCiJzY0V_iq6TZe5ekoBAa3gtIfO-OVsC5Qqz9c6TZaPVdJ62r2u6i-qkSg4rdzLOM6PjrZe6XB8ZzoUUrrbg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 204
Date: Tue, 07 Nov 2023 01:55:05 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
sec.plala.or.jp/fp/clear.png?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf&jf=3136266e71603d353a32363667353b323736323666616d6035376161373334346132633b313a30
204 No Content 0 B URL GET HTTP/1.1 sec.plala.or.jp/fp/clear.png?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf&jf=3136266e71603d353a32363667353b323736323666616d6035376161373334346132633b313a30
IP
Requested by https://sec.plala.or.jp/fp/ls_fp.html;CIS3SID=3ADFA4941ECBB9E14E894B9CD5A8CCAC?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf
Certificate IssuerCybertrust Japan Co., Ltd.
Subjectsec.plala.or.jp
Fingerprint31:87:EA:6E:72:34:58:E1:68:31:E0:3E:48:5B:F0:6D:79:70:74:EC
ValidityWed, 18 Jan 2023 23:38:57 GMT - Sun, 18 Feb 2024 14:59:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf&jf=3136266e71603d353a32363667353b323736323666616d6035376161373334346132633b313a30 HTTP/1.1
Host: sec.plala.or.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sec.plala.or.jp/fp/ls_fp.html;CIS3SID=3ADFA4941ECBB9E14E894B9CD5A8CCAC?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf
Cookie: thx_guid=dce51c9df15f0853bc6fa62bbad41360; tmx_guid=AAxRcKsaPqCiJzY0V_iq6TZe5ekoBAa3gtIfO-OVsC5Qqz9c6TZaPVdJ62r2u6i-qkSg4rdzLOM6PjrZe6XB8ZzoUUrrbg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Date: Tue, 07 Nov 2023 01:55:05 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/javascript
sec.plala.or.jp/fp/es.js?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf&fr
200 OK 157 B URL GET HTTP/1.1 sec.plala.or.jp/fp/es.js?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf&fr
IP
Requested by https://sec.plala.or.jp/fp/ls_fp.html;CIS3SID=3ADFA4941ECBB9E14E894B9CD5A8CCAC?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf
Certificate IssuerCybertrust Japan Co., Ltd.
Subjectsec.plala.or.jp
Fingerprint31:87:EA:6E:72:34:58:E1:68:31:E0:3E:48:5B:F0:6D:79:70:74:EC
ValidityWed, 18 Jan 2023 23:38:57 GMT - Sun, 18 Feb 2024 14:59:00 GMT
File type ASCII text, with no line terminators
Hash cf8062b0af317594ee4e3f371f98fce6
9911800e9bb2283a7f611d49d6227aa78ef8ca1c
d63161a973b1852ba341c58c01131b6ad8643bb00cfc5e570bc36d4835de667b
GET /fp/es.js?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf&fr HTTP/1.1
Host: sec.plala.or.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sec.plala.or.jp/fp/ls_fp.html;CIS3SID=3ADFA4941ECBB9E14E894B9CD5A8CCAC?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf
Cookie: thx_guid=dce51c9df15f0853bc6fa62bbad41360; tmx_guid=AAxRcKsaPqCiJzY0V_iq6TZe5ekoBAa3gtIfO-OVsC5Qqz9c6TZaPVdJ62r2u6i-qkSg4rdzLOM6PjrZe6XB8ZzoUUrrbg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Nov 2023 01:55:05 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=91
Transfer-Encoding: chunked
sec.plala.or.jp/fp/ARF;CIS3SID=A9BEB9ED04164260543C04A7FF9617D6?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf&pageid=99998&sera_parametere=VBQMVgFcCwNcBgcCVFNaBwMBCQEAXQ8BDFNXVQBSUANWXFBRAF1ZA1tRUREQRV4PXBREQEtBC3McVSYSVHJGVAIOQlFUAVVSVxYXElByRlFwVBQDfEEKB1ENF0MQE1AiF1NzEQ8gHlNQXwVUUldSB1dRCQdcVAFTCAdTBwAOUVQCXQgBWlQADltRXAMHAAJWB1QXWlcKW1IEUAAGVw4HXgVdU1APBw5UX0QORF4GGwVRAAIBDlwKUgBSUQZaB1BTV10JUgkGCFIBU1MDUVQHVwVXUlJaUwARWAtZBlMAVV8UDVgJFVUeR1BfXQ5aD1tAWg8MElpZfl5LBwJYGxABEA9VAAUeBldEBC4NWRZORQVQWUVQQjtbVlUOBlYAXUUDRlkABwE%3D&count=0&max=0
200 OK 61 B URL GET HTTP/1.1 sec.plala.or.jp/fp/ARF;CIS3SID=A9BEB9ED04164260543C04A7FF9617D6?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf&pageid=99998&sera_parametere=VBQMVgFcCwNcBgcCVFNaBwMBCQEAXQ8BDFNXVQBSUANWXFBRAF1ZA1tRUREQRV4PXBREQEtBC3McVSYSVHJGVAIOQlFUAVVSVxYXElByRlFwVBQDfEEKB1ENF0MQE1AiF1NzEQ8gHlNQXwVUUldSB1dRCQdcVAFTCAdTBwAOUVQCXQgBWlQADltRXAMHAAJWB1QXWlcKW1IEUAAGVw4HXgVdU1APBw5UX0QORF4GGwVRAAIBDlwKUgBSUQZaB1BTV10JUgkGCFIBU1MDUVQHVwVXUlJaUwARWAtZBlMAVV8UDVgJFVUeR1BfXQ5aD1tAWg8MElpZfl5LBwJYGxABEA9VAAUeBldEBC4NWRZORQVQWUVQQjtbVlUOBlYAXUUDRlkABwE%3D&count=0&max=0
IP
Requested by https://sec.plala.or.jp/fp/HP?session_id=bea6bf04762b2b2146a7d783543fba37&org_id=2kamd3p6&nonce=2d148d879bd7c6cf&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Certificate IssuerCybertrust Japan Co., Ltd.
Subjectsec.plala.or.jp
Fingerprint31:87:EA:6E:72:34:58:E1:68:31:E0:3E:48:5B:F0:6D:79:70:74:EC
ValidityWed, 18 Jan 2023 23:38:57 GMT - Sun, 18 Feb 2024 14:59:00 GMT
File type ASCII text, with no line terminators
Hash a05c07b556745a23530332900e16bbdd
602b93ed98f47fbf29473b30cf38010421bedacc
0b367e871930317fefbad37bcf6346883d241348e0ac76c005b2662ae1361496
GET /fp/ARF;CIS3SID=A9BEB9ED04164260543C04A7FF9617D6?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf&pageid=99998&sera_parametere=VBQMVgFcCwNcBgcCVFNaBwMBCQEAXQ8BDFNXVQBSUANWXFBRAF1ZA1tRUREQRV4PXBREQEtBC3McVSYSVHJGVAIOQlFUAVVSVxYXElByRlFwVBQDfEEKB1ENF0MQE1AiF1NzEQ8gHlNQXwVUUldSB1dRCQdcVAFTCAdTBwAOUVQCXQgBWlQADltRXAMHAAJWB1QXWlcKW1IEUAAGVw4HXgVdU1APBw5UX0QORF4GGwVRAAIBDlwKUgBSUQZaB1BTV10JUgkGCFIBU1MDUVQHVwVXUlJaUwARWAtZBlMAVV8UDVgJFVUeR1BfXQ5aD1tAWg8MElpZfl5LBwJYGxABEA9VAAUeBldEBC4NWRZORQVQWUVQQjtbVlUOBlYAXUUDRlkABwE%3D&count=0&max=0 HTTP/1.1
Host: sec.plala.or.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sec.plala.or.jp/fp/HP?session_id=bea6bf04762b2b2146a7d783543fba37&org_id=2kamd3p6&nonce=2d148d879bd7c6cf&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Cookie: thx_guid=dce51c9df15f0853bc6fa62bbad41360; tmx_guid=AAxRcKsaPqCiJzY0V_iq6TZe5ekoBAa3gtIfO-OVsC5Qqz9c6TZaPVdJ62r2u6i-qkSg4rdzLOM6PjrZe6XB8ZzoUUrrbg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Nov 2023 01:55:06 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=90
Transfer-Encoding: chunked
sec.plala.or.jp/fp/clear.png?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf&jac=1&je=333738242468666e3f352468646a3f3864336236376330673630346737316064356537306363316635603a3a316767266a64746c3d3232333037383524706f3f7b657324637764683f66643736603734303a303735616c37656234323b636167666361373435323667613733323461363837363038616d3b64303b353b36343133343030313364643024677a313f6666363a656437603835383863643662353b64623864606762656731643763636163643139343432
204 No Content 0 B URL GET HTTP/1.1 sec.plala.or.jp/fp/clear.png?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf&jac=1&je=333738242468666e3f352468646a3f3864336236376330673630346737316064356537306363316635603a3a316767266a64746c3d3232333037383524706f3f7b657324637764683f66643736603734303a303735616c37656234323b636167666361373435323667613733323461363837363038616d3b64303b353b36343133343030313364643024677a313f6666363a656437603835383863643662353b64623864606762656731643763636163643139343432
IP
Requested by https://bgqcxtwm.e-kei.pl/
Certificate IssuerCybertrust Japan Co., Ltd.
Subjectsec.plala.or.jp
Fingerprint31:87:EA:6E:72:34:58:E1:68:31:E0:3E:48:5B:F0:6D:79:70:74:EC
ValidityWed, 18 Jan 2023 23:38:57 GMT - Sun, 18 Feb 2024 14:59:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf&jac=1&je=333738242468666e3f352468646a3f3864336236376330673630346737316064356537306363316635603a3a316767266a64746c3d3232333037383524706f3f7b657324637764683f66643736603734303a303735616c37656234323b636167666361373435323667613733323461363837363038616d3b64303b353b36343133343030313364643024677a313f6666363a656437603835383863643662353b64623864606762656731643763636163643139343432 HTTP/1.1
Host: sec.plala.or.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bgqcxtwm.e-kei.pl/
Cookie: thx_guid=dce51c9df15f0853bc6fa62bbad41360; tmx_guid=AAxRcKsaPqCiJzY0V_iq6TZe5ekoBAa3gtIfO-OVsC5Qqz9c6TZaPVdJ62r2u6i-qkSg4rdzLOM6PjrZe6XB8ZzoUUrrbg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Date: Tue, 07 Nov 2023 01:55:06 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=89
Connection: Keep-Alive
Content-Type: text/javascript
sec.plala.or.jp/fp/clear.png?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf&jac=1&je=363226247567693d3b332c3b322c36322e3335362675616f3d7767607074615d6b6e7467706c616c5d6f666c71
204 No Content 0 B URL GET HTTP/1.1 sec.plala.or.jp/fp/clear.png?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf&jac=1&je=363226247567693d3b332c3b322c36322e3335362675616f3d7767607074615d6b6e7467706c616c5d6f666c71
IP
Requested by https://bgqcxtwm.e-kei.pl/
Certificate IssuerCybertrust Japan Co., Ltd.
Subjectsec.plala.or.jp
Fingerprint31:87:EA:6E:72:34:58:E1:68:31:E0:3E:48:5B:F0:6D:79:70:74:EC
ValidityWed, 18 Jan 2023 23:38:57 GMT - Sun, 18 Feb 2024 14:59:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf&jac=1&je=363226247567693d3b332c3b322c36322e3335362675616f3d7767607074615d6b6e7467706c616c5d6f666c71 HTTP/1.1
Host: sec.plala.or.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bgqcxtwm.e-kei.pl/
Cookie: thx_guid=dce51c9df15f0853bc6fa62bbad41360; tmx_guid=AAxRcKsaPqCiJzY0V_iq6TZe5ekoBAa3gtIfO-OVsC5Qqz9c6TZaPVdJ62r2u6i-qkSg4rdzLOM6PjrZe6XB8ZzoUUrrbg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Date: Tue, 07 Nov 2023 01:55:09 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/javascript
sec.plala.or.jp/fp/clear3.png;CIS3SID=3ADFA4941ECBB9E14E894B9CD5A8CCAC?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf&je=33333624247065763f303b2c35362e35382c34362c37312c31332e373b2e323b2e35392c33302c353b2c33302e373b2e303b2c37382c3c352c353b2c36372e373b2e31302e37382e36302e373b2c33322c37392c35332437382e36332e353b2c32332c373b2c30392e373b2c32352e35392c30372c37312c31302e373b2e32352e35382c3a362c353b2c3331
204 204 0 B URL GET HTTP/1.1 sec.plala.or.jp/fp/clear3.png;CIS3SID=3ADFA4941ECBB9E14E894B9CD5A8CCAC?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf&je=33333624247065763f303b2c35362e35382c34362c37312c31332e373b2e323b2e35392c33302c353b2c33302e373b2e303b2c37382c3c352c353b2c36372e373b2e31302e37382e36302e373b2c33322c37392c35332437382e36332e353b2c32332c373b2c30392e373b2c32352e35392c30372c37312c31302e373b2e32352e35382c3a362c353b2c3331
IP
Requested by https://bgqcxtwm.e-kei.pl/
Certificate IssuerCybertrust Japan Co., Ltd.
Subjectsec.plala.or.jp
Fingerprint31:87:EA:6E:72:34:58:E1:68:31:E0:3E:48:5B:F0:6D:79:70:74:EC
ValidityWed, 18 Jan 2023 23:38:57 GMT - Sun, 18 Feb 2024 14:59:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear3.png;CIS3SID=3ADFA4941ECBB9E14E894B9CD5A8CCAC?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf&je=33333624247065763f303b2c35362e35382c34362c37312c31332e373b2e323b2e35392c33302c353b2c33302e373b2e303b2c37382c3c352c353b2c36372e373b2e31302e37382e36302e373b2c33322c37392c35332437382e36332e353b2c32332c373b2c30392e373b2c32352e35392c30372c37312c31302e373b2e32352e35382c3a362c353b2c3331 HTTP/1.1
Host: sec.plala.or.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bgqcxtwm.e-kei.pl/
Cookie: thx_guid=dce51c9df15f0853bc6fa62bbad41360; tmx_guid=AAxRcKsaPqCiJzY0V_iq6TZe5ekoBAa3gtIfO-OVsC5Qqz9c6TZaPVdJ62r2u6i-qkSg4rdzLOM6PjrZe6XB8ZzoUUrrbg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 204
Date: Tue, 07 Nov 2023 01:55:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
sec.plala.or.jp/fp/clear.png?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf
0 B URL sec.plala.or.jp/fp/clear.png?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf
IP
Certificate IssuerCybertrust Japan Co., Ltd.
Subjectsec.plala.or.jp
Fingerprint31:87:EA:6E:72:34:58:E1:68:31:E0:3E:48:5B:F0:6D:79:70:74:EC
ValidityWed, 18 Jan 2023 23:38:57 GMT - Sun, 18 Feb 2024 14:59:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /fp/clear.png?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf HTTP/1.1
Host: sec.plala.or.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 8
Origin: https://sec.plala.or.jp
DNT: 1
Connection: keep-alive
Referer: https://sec.plala.or.jp/fp/top_fp.html;CIS3SID=3ADFA4941ECBB9E14E894B9CD5A8CCAC?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=2d148d879bd7c6cf
Cookie: thx_guid=dce51c9df15f0853bc6fa62bbad41360; tmx_guid=AAxRcKsaPqCiJzY0V_iq6TZe5ekoBAa3gtIfO-OVsC5Qqz9c6TZaPVdJ62r2u6i-qkSg4rdzLOM6PjrZe6XB8ZzoUUrrbg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Date: Tue, 07 Nov 2023 01:55:18 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Access-Control-Allow-Origin: https://sec.plala.or.jp
Content-Type: text/javascript
200 OK 17 kB URL User Request GET HTTP/2 IP
ASN #29522 Cyber_Folks S.A.
Certificate IssuerLet's Encrypt
Subjectbgqcxtwm.e-kei.pl
Fingerprint89:27:AB:8C:FD:8F:57:C7:05:02:00:FA:DE:E1:97:16:1C:85:43:FE
ValiditySun, 05 Nov 2023 21:48:07 GMT - Sat, 03 Feb 2024 21:48:06 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4391), with CRLF line terminators
Hash becfa7f974589109a0536b8efba54a1b
7c7497c381bfaf1b41412fae45cf7ac572ec34d4
32ecf61cd0863d01fac1208e49899efe2c3faa745b5891d1c18fd1607fc94d51
GET / HTTP/1.1
Host: bgqcxtwm.e-kei.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 Nov 2023 01:55:03 GMT
content-type: text/html
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
sec.plala.or.jp/fp/ARF;CIS3SID=48CA5284BF2CF9383FEFD7C97EB5F95D?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=c9b8b4e57a37800b&pageid=99998&sera_parametere=BUlfDFQHUgFRB1ADWgRRVFRdAwlRAQENDwUHVgEEUVBSXVMNVQ1WAwBWBhFLQw0LDUkXTBERVnESVnESD3QVUFNTEV0OUQhQWRVAEgt0FVUhCUcPJhFXBV8OQENLFQMmRg4gHVVwQ1FeXFJUCVEBAwYMWgsGBFxRBgQEB1sIAlBTAFsNAARdDFVSCwNcBlFSVglEVg1aBlAKAgpVAFIEB1YOAwtVDFUFVUdZRAUASFsHDwQOVQ0BBgFQCgMOBFUHUgsEClpSU1dWB1AAXFJUVlIPBgsEAlITVggOBggGBltFUAsFTwVDRV5cCg4BCQhEC1JfHgAJI1xFBFVYQBZSFF4IUwlEVgpGCi1aWU1IFgEBBBZcGGsGVFsNUVZbWxYHFwRTDFc%3D&count=0&max=0
200 OK 35 B URL GET HTTP/1.1 sec.plala.or.jp/fp/ARF;CIS3SID=48CA5284BF2CF9383FEFD7C97EB5F95D?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=c9b8b4e57a37800b&pageid=99998&sera_parametere=BUlfDFQHUgFRB1ADWgRRVFRdAwlRAQENDwUHVgEEUVBSXVMNVQ1WAwBWBhFLQw0LDUkXTBERVnESVnESD3QVUFNTEV0OUQhQWRVAEgt0FVUhCUcPJhFXBV8OQENLFQMmRg4gHVVwQ1FeXFJUCVEBAwYMWgsGBFxRBgQEB1sIAlBTAFsNAARdDFVSCwNcBlFSVglEVg1aBlAKAgpVAFIEB1YOAwtVDFUFVUdZRAUASFsHDwQOVQ0BBgFQCgMOBFUHUgsEClpSU1dWB1AAXFJUVlIPBgsEAlITVggOBggGBltFUAsFTwVDRV5cCg4BCQhEC1JfHgAJI1xFBFVYQBZSFF4IUwlEVgpGCi1aWU1IFgEBBBZcGGsGVFsNUVZbWxYHFwRTDFc%3D&count=0&max=0
IP
Requested by https://sec.plala.or.jp/fp/HP?session_id=bea6bf04762b2b2146a7d783543fba37&org_id=2kamd3p6&nonce=c9b8b4e57a37800b&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Certificate IssuerCybertrust Japan Co., Ltd.
Subjectsec.plala.or.jp
Fingerprint31:87:EA:6E:72:34:58:E1:68:31:E0:3E:48:5B:F0:6D:79:70:74:EC
ValidityWed, 18 Jan 2023 23:38:57 GMT - Sun, 18 Feb 2024 14:59:00 GMT
File type ASCII text, with no line terminators
Hash 7307d780654668315c2192cbd36bd617
b96676d93abeeeb8d80a4d7d56ec10004a3b7392
6aaadf88b025a1629fa535e099e33484bf9f3a9a727dcbfa8c2fedc00407d180
GET /fp/ARF;CIS3SID=48CA5284BF2CF9383FEFD7C97EB5F95D?org_id=2kamd3p6&session_id=bea6bf04762b2b2146a7d783543fba37&nonce=c9b8b4e57a37800b&pageid=99998&sera_parametere=BUlfDFQHUgFRB1ADWgRRVFRdAwlRAQENDwUHVgEEUVBSXVMNVQ1WAwBWBhFLQw0LDUkXTBERVnESVnESD3QVUFNTEV0OUQhQWRVAEgt0FVUhCUcPJhFXBV8OQENLFQMmRg4gHVVwQ1FeXFJUCVEBAwYMWgsGBFxRBgQEB1sIAlBTAFsNAARdDFVSCwNcBlFSVglEVg1aBlAKAgpVAFIEB1YOAwtVDFUFVUdZRAUASFsHDwQOVQ0BBgFQCgMOBFUHUgsEClpSU1dWB1AAXFJUVlIPBgsEAlITVggOBggGBltFUAsFTwVDRV5cCg4BCQhEC1JfHgAJI1xFBFVYQBZSFF4IUwlEVgpGCi1aWU1IFgEBBBZcGGsGVFsNUVZbWxYHFwRTDFc%3D&count=0&max=0 HTTP/1.1
Host: sec.plala.or.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sec.plala.or.jp/fp/HP?session_id=bea6bf04762b2b2146a7d783543fba37&org_id=2kamd3p6&nonce=c9b8b4e57a37800b&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Cookie: thx_guid=dce51c9df15f0853bc6fa62bbad41360; tmx_guid=AAxRcKsaPqCiJzY0V_iq6TZe5ekoBAa3gtIfO-OVsC5Qqz9c6TZaPVdJ62r2u6i-qkSg4rdzLOM6PjrZe6XB8ZzoUUrrbg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Nov 2023 01:55:05 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=95
Transfer-Encoding: chunked
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
200 OK 51 kB URL GET HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
IP
Requested by https://bgqcxtwm.e-kei.pl/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (50758)
Hash 67176c242e1bdc20603c878dee836df3
27a71b00383d61ef3c489326b3564d698fc1227c
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bgqcxtwm.e-kei.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 Nov 2023 01:55:03 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 11/15/2021 23:30:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: a35b0179a28ed953258d0fb41376a09c
cdn-cache: HIT
cf-cache-status: HIT
age: 1024745
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8221f3ab0bb856c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
94.152.13.92
91.235.133.182
60.43.62.6
104.18.11.207