urlscan.io logo urlscan.io
SecurityTrails logo

www.bwaval.gq Open in urlscan Pro
162.240.68.191  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Submission: On May 10 via manual from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 5 countries across 14 domains to perform 38 HTTP transactions. The main IP is 162.240.68.191, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is www.bwaval.gq.
TLS certificate: Issued by R3 on April 24th 2022. Valid for: 3 months.
This is the only time www.bwaval.gq was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: So-net (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
3 10 162.240.68.191 46606 (UNIFIEDLA...)
2 2600:140b:2:9... 20940 (AKAMAI-ASN1)
12 2001:3b8:207:... 2527 (SO-NET So...)
7 3.115.249.132 16509 (AMAZON-02)
2 2001:4de0:ac1... 20446 (STACKPATH...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 117.18.232.200 15133 (EDGECAST)
2 63.140.50.18 16509 (AMAZON-02)
1 1 52.76.153.185 16509 (AMAZON-02)
1 52.199.15.7 16509 (AMAZON-02)
2 2 142.250.196.98 15169 (GOOGLE)
1 104.244.42.67 13414 (TWITTER)
1 1 202.232.238.40 2497 (IIJ Inter...)
2 2 2600:1901:0:80:: 15169 (GOOGLE)
2 2 99.84.128.29 16509 (AMAZON-02)
38 11
10    162.240.68.191 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 5819104.monkey.com
www.bwaval.gq
2    2600:140b:2:980::1e80 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
12    2001:3b8:207:2e::f2:142 (Japan)

ASN2527 (SO-NET Sony Network Communications Inc., JP)
www.so-net.ne.jp
7    3.115.249.132 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-115-249-132.ap-northeast-1.compute.amazonaws.com
dpm.demdex.net
2    2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    117.18.232.200 (Australia)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
2    63.140.50.18 (United States)

ASN16509 (AMAZON-02, US)
ssmr.so-net.ne.jp
1    52.76.153.185 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-153-185.ap-southeast-1.compute.amazonaws.com
cm.everesttech.net
1    52.199.15.7 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-199-15-7.ap-northeast-1.compute.amazonaws.com
sonet.demdex.net
2    142.250.196.98 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s35-in-f2.1e100.net
cm.g.doubleclick.net
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    202.232.238.40 (Minato-ku, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)
sync.dmp.fout.jp
2    2600:1901:0:80:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
aw.dw.impact-ad.jp
2    99.84.128.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-128-29.nrt57.r.cloudfront.net
cr-p10060.ladsp.com
Apex Domain
Subdomains		 Transfer
14 so-net.ne.jp
www.so-net.ne.jp — Cisco Umbrella Rank: 665835
ssmr.so-net.ne.jp
125 KB
10 bwaval.gq
www.bwaval.gq
63 KB
8 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 283
sonet.demdex.net
11 KB
2 ladsp.com
cr-p10060.ladsp.com — Cisco Umbrella Rank: 77769
950 B
2 impact-ad.jp
aw.dw.impact-ad.jp — Cisco Umbrella Rank: 44333
344 B
2 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 289
1 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 341
12 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 936
53 KB
2 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 469
254 KB
1 fout.jp
sync.dmp.fout.jp — Cisco Umbrella Rank: 62003
503 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 800
354 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1413
517 B
1 aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 2187
30 KB
1 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3175
15 KB
38 14
Domain Requested by
12 www.so-net.ne.jp www.bwaval.gq
10 www.bwaval.gq 3 redirects www.bwaval.gq
7 dpm.demdex.net assets.adobedtm.com
www.bwaval.gq
2 cr-p10060.ladsp.com 2 redirects
2 aw.dw.impact-ad.jp 2 redirects
2 cm.g.doubleclick.net 2 redirects
2 ssmr.so-net.ne.jp assets.adobedtm.com
www.bwaval.gq
2 cdnjs.cloudflare.com www.bwaval.gq
2 code.jquery.com www.bwaval.gq
2 assets.adobedtm.com www.bwaval.gq
assets.adobedtm.com
1 sync.dmp.fout.jp 1 redirects
1 analytics.twitter.com www.bwaval.gq
1 sonet.demdex.net assets.adobedtm.com
1 cm.everesttech.net 1 redirects
1 ajax.aspnetcdn.com www.bwaval.gq
1 stackpath.bootstrapcdn.com www.bwaval.gq
38 16

This site contains links to these domains. Also see Links.

Domain
www.so-net.ne.jp
www.sonynetwork.co.jp
privacymark.jp
Subject Issuer Validity Valid
bwaval.gq
R3		 2022-04-24 -
2022-07-23		 3 months crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-10 -
2022-09-10		 a year crt.sh
*.so-net.ne.jp
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-02 -
2022-09-16		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2021-08-06 -
2022-08-06		 a year crt.sh
ssmr.so-net.ne.jp
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-28 -
2022-08-28		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-24 -
2023-01-23		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Frame ID: 19C7ED505C27A72AE15D939459D1E3D7
Requests: 32 HTTP requests in this frame

Frame: https://sonet.demdex.net/dest5.html?d_nsid=0
Frame ID: D5620568A2CF113FCC9A114AE8C05DD6
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Access mailbox(追加メールボックス)|ログイン

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

38
Requests

79 %
HTTPS

38 %
IPv6

14
Domains

16
Subdomains

11
IPs

5
Countries

563 kB
Transfer

1449 kB
Size

21
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://www.bwaval.gq/webmail/js/jquery-2.1.4.min.js?1.0.16 HTTP 301
  • https://www.bwaval.gq:2096/js/jquery-2.1.4.min.js?1.0.16
Request Chain 7
  • https://www.bwaval.gq/webmail/js/run.js?1.0.16 HTTP 301
  • https://www.bwaval.gq:2096/js/run.js?1.0.16
Request Chain 15
  • https://www.bwaval.gq/webmail/image/blank.png HTTP 301
  • https://www.bwaval.gq:2096/image/blank.png
Request Chain 28
  • https://cm.everesttech.net/cm/dd?d_uuid=88875003459103159493046569285107121913 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YnnGjAAAABg7BQQX
Request Chain 31
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODg4NzUwMDM0NTkxMDMxNTk0OTMwNDY1NjkyODUxMDcxMjE5MTM= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=ODg4NzUwMDM0NTkxMDMxNTk0OTMwNDY1NjkyODUxMDcxMjE5MTM=&google_tc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEGiYlipvFRKitD5-DCBKteY&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 33
  • https://sync.dmp.fout.jp/serve/?id=6836&mt=127 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=16292&dpuuid=fY4Jlfxxduy42wjoZi1pmfFInSc
Request Chain 34
  • https://aw.dw.impact-ad.jp/c/u/?oid=mone.6c51c563bd5&rdr=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D47438%26dpuuid%3D%7BAONEID%7D HTTP 303
  • https://aw.dw.impact-ad.jp/c/ur/?oid=mone.6c51c563bd5&rdr=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D47438%26dpuuid%3D%7BAONEID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=47438&dpuuid=6ce936f7-258b-4ec7-85a8-d918abe49ef4
Request Chain 35
  • https://cr-p10060.ladsp.com/pid/10060 HTTP 302
  • https://cr-p10060.ladsp.com/cr/10060 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=57289&dpuuid=AS7lu63gDPXwks8ADqiTTOxLGs0nTA

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
www.bwaval.gq/so-net.ne.jp_webmail3/W/ 		23 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.240.68.191 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
5819104.monkey.com
Software
Apache /
Resource Hash
c6b61dc254825a526cccf0aa4015fee363a74b004002459038ce08603a8f3da3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Tue, 10 May 2022 01:57:29 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
satelliteLib-ea3bae92bad6869bca2ee96094be75c242840f35.js
assets.adobedtm.com/17361013af29ef6ae83ffd4113ce414f44be89b8/ 		879 KB
234 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/17361013af29ef6ae83ffd4113ce414f44be89b8/satelliteLib-ea3bae92bad6869bca2ee96094be75c242840f35.js
Requested by
Host: www.bwaval.gq
URL: https://www.bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:2:980::1e80 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
81326998f8bcc36f1f6b5c5a0235299c964646faf7c9dabb6b0516cc5626d085

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 01:57:30 GMT
content-encoding
gzip
last-modified
Mon, 09 May 2022 04:12:28 GMT
server
AkamaiNetStorage
etag
"e8b6e657b1cbd5ae87ba14d3d1a32fdd:1652069548.630648"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.bwaval.gq
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
239098
expires
Tue, 10 May 2022 02:57:30 GMT
webmail_pclogin.css
www.so-net.ne.jp/webmail/css/ 		8 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.so-net.ne.jp/webmail/css/webmail_pclogin.css?1.0.16
Requested by
Host: www.bwaval.gq
URL: https://www.bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:3b8:207:2e::f2:142 , Japan, ASN2527 (SO-NET Sony Network Communications Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
c6616e27a1f1d4024d26cac27af5ac26396e8edfc74ac35a004144ede6109940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 01:57:30 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 10 Dec 2021 07:30:46 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000;includeSubDomains
Content-Type
text/css
Connection
Keep-Alive
Content-Security-Policy-Report-Only
default-src 'unsafe-eval' 'unsafe-inline' 'self' http: https: data: wss: blob: chrome-extension ; report-uri /cgi-bin/csp-reports.cgi
Content-Length
8581
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=70
webmail_common.css
www.so-net.ne.jp/webmail/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.so-net.ne.jp/webmail/css/webmail_common.css?1.0.16
Requested by
Host: www.bwaval.gq
URL: https://www.bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:3b8:207:2e::f2:142 , Japan, ASN2527 (SO-NET Sony Network Communications Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
14e9b38d9549db3c9183b6379e9432aacc9d0bfbd04eb460828aaeb1ad0a1508
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 01:57:30 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 10 Dec 2021 07:30:46 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000;includeSubDomains
Content-Type
text/css
Connection
Keep-Alive
Content-Security-Policy-Report-Only
default-src 'unsafe-eval' 'unsafe-inline' 'self' http: https: data: wss: blob: chrome-extension ; report-uri /cgi-bin/csp-reports.cgi
Content-Length
2962
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=70
style.css
www.so-net.ne.jp/webmail/css/ 		25 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.so-net.ne.jp/webmail/css/style.css?1.0.16
Requested by
Host: www.bwaval.gq
URL: https://www.bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:3b8:207:2e::f2:142 , Japan, ASN2527 (SO-NET Sony Network Communications Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
405221ae8179f34dc3a020060112179fa5c9ebc1be586126a1dec338110bc660
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 01:57:30 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 10 Dec 2021 07:30:46 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000;includeSubDomains
Content-Type
text/css
Connection
Keep-Alive
Content-Security-Policy-Report-Only
default-src 'unsafe-eval' 'unsafe-inline' 'self' http: https: data: wss: blob: chrome-extension ; report-uri /cgi-bin/csp-reports.cgi
Content-Length
25126
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=70
jquery-2.1.4.min.js
www.bwaval.gq/js/
Redirect Chain
  • https://www.bwaval.gq/webmail/js/jquery-2.1.4.min.js?1.0.16
  • https://www.bwaval.gq:2096/js/jquery-2.1.4.min.js?1.0.16
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bwaval.gq:2096/js/jquery-2.1.4.min.js?1.0.16
Requested by
Host: www.bwaval.gq
URL: https://www.bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Server
162.240.68.191 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
5819104.monkey.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Redirect headers

location
https://www.bwaval.gq:2096/js/jquery-2.1.4.min.js?1.0.16
date
Tue, 10 May 2022 01:57:29 GMT
server
Apache
content-length
0
content-type
application/cgi
rwd.css
www.so-net.ne.jp/common/hf1704/css/ 		28 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.so-net.ne.jp/common/hf1704/css/rwd.css
Requested by
Host: www.bwaval.gq
URL: https://www.bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:3b8:207:2e::f2:142 , Japan, ASN2527 (SO-NET Sony Network Communications Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
3c17e51dbaf56467422e01a0d79110a3809cd161ab37e707b79332180c3735ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 01:57:30 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 01 Sep 2021 01:00:04 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000;includeSubDomains
Upgrade
h2
Connection
Upgrade, Keep-Alive
Accept-Ranges
none
Content-Type
text/css
Content-Security-Policy-Report-Only
default-src 'unsafe-eval' 'unsafe-inline' 'self' http: https: data: wss: blob: chrome-extension ; report-uri /cgi-bin/csp-reports.cgi
Content-Length
28823
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=70
init.js
www.so-net.ne.jp/common/hf1704/js/ 		396 B
971 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.so-net.ne.jp/common/hf1704/js/init.js
Requested by
Host: www.bwaval.gq
URL: https://www.bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:3b8:207:2e::f2:142 , Japan, ASN2527 (SO-NET Sony Network Communications Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
888a45715a43fedad2a1450402e761969440920910730a9fa063754126f17b84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 01:57:30 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 03 Mar 2017 04:35:17 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000;includeSubDomains
Upgrade
h2
Connection
Upgrade, Keep-Alive
Accept-Ranges
none
Content-Type
application/javascript
Content-Security-Policy-Report-Only
default-src 'unsafe-eval' 'unsafe-inline' 'self' http: https: data: wss: blob: chrome-extension ; report-uri /cgi-bin/csp-reports.cgi
Content-Length
396
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=70
run.js
www.bwaval.gq/js/
Redirect Chain
  • https://www.bwaval.gq/webmail/js/run.js?1.0.16
  • https://www.bwaval.gq:2096/js/run.js?1.0.16
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bwaval.gq:2096/js/run.js?1.0.16
Requested by
Host: www.bwaval.gq
URL: https://www.bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Server
162.240.68.191 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
5819104.monkey.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Redirect headers

location
https://www.bwaval.gq:2096/js/run.js?1.0.16
date
Tue, 10 May 2022 01:57:29 GMT
server
Apache
content-length
0
content-type
application/cgi
gHd_gFt2016_run.js
www.so-net.ne.jp/common/ui_ver2/js/ 		21 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.so-net.ne.jp/common/ui_ver2/js/gHd_gFt2016_run.js
Requested by
Host: www.bwaval.gq
URL: https://www.bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:3b8:207:2e::f2:142 , Japan, ASN2527 (SO-NET Sony Network Communications Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
3a198eff27f5a0cbe6ddd51406f0fabb11a181184dec3dd6263c2f2df0112e4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 01:57:30 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 05 Aug 2021 05:01:04 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000;includeSubDomains
Upgrade
h2
Connection
Upgrade, Keep-Alive
Accept-Ranges
none
Content-Type
application/javascript
Content-Security-Policy-Report-Only
default-src 'unsafe-eval' 'unsafe-inline' 'self' http: https: data: wss: blob: chrome-extension ; report-uri /cgi-bin/csp-reports.cgi
Content-Length
21568
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=70
so_net-util.min.js
www.so-net.ne.jp/common/js/ 		360 B
913 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.so-net.ne.jp/common/js/so_net-util.min.js
Requested by
Host: www.bwaval.gq
URL: https://www.bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:3b8:207:2e::f2:142 , Japan, ASN2527 (SO-NET Sony Network Communications Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
75e9cad8399336821ee090f0efec5d9ddeef105cab6b9dc24bb1505e5a0f1531
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 01:57:30 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 01 Jul 2016 01:01:59 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000;includeSubDomains
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
none
Content-Security-Policy-Report-Only
default-src 'unsafe-eval' 'unsafe-inline' 'self' http: https: data: wss: blob: chrome-extension ; report-uri /cgi-bin/csp-reports.cgi
Content-Length
360
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=69
style.css
www.bwaval.gq/so-net.ne.jp_webmail3/W/css/ 		348 B
413 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bwaval.gq/so-net.ne.jp_webmail3/W/css/style.css
Requested by
Host: www.bwaval.gq
URL: https://www.bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.240.68.191 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
5819104.monkey.com
Software
Apache /
Resource Hash
42b4a2d493bcaf3a4512e7fc66dbc7db3944f46c58ffce13c1f5cababd61d6d8

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.bwaval.gq/so-net.ne.jp_webmail3/W/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 01:57:29 GMT
last-modified
Tue, 27 Apr 2021 18:56:46 GMT
server
Apache
accept-ranges
bytes
content-length
348
content-type
text/css
logo-sony.png
www.so-net.ne.jp/common/hf1704/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.so-net.ne.jp/common/hf1704/img/logo-sony.png
Requested by
Host: www.bwaval.gq
URL: https://www.bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:3b8:207:2e::f2:142 , Japan, ASN2527 (SO-NET Sony Network Communications Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
82df9cbcc508ac2aec7863f8bcfd63ce9b13cb1e15f93573ad5af74f046a60c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 01:57:32 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 03 Mar 2017 04:35:16 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000;includeSubDomains
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
none
Content-Security-Policy-Report-Only
default-src 'unsafe-eval' 'unsafe-inline' 'self' http: https: data: wss: blob: chrome-extension ; report-uri /cgi-bin/csp-reports.cgi
Content-Length
1929
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=69
logo.png
www.so-net.ne.jp/common/hf1704/img/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.so-net.ne.jp/common/hf1704/img/logo.png
Requested by
Host: www.bwaval.gq
URL: https://www.bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:3b8:207:2e::f2:142 , Japan, ASN2527 (SO-NET Sony Network Communications Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
dfae4e1fc0be3ec5c1e17a1fd9ce7bb05b457baf0b348753ad009a5f1c7e341f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 01:57:32 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 01 Sep 2021 01:00:04 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000;includeSubDomains
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
none
Content-Security-Policy-Report-Only
default-src 'unsafe-eval' 'unsafe-inline' 'self' http: https: data: wss: blob: chrome-extension ; report-uri /cgi-bin/csp-reports.cgi
Content-Length
6521
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=69
id
dpm.demdex.net/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=969F02BE53295D3C0A490D4C%40AdobeOrg&d_nsid=0&ts=1652147850573
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/17361013af29ef6ae83ffd4113ce414f44be89b8/satelliteLib-ea3bae92bad6869bca2ee96094be75c242840f35.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.115.249.132 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-115-249-132.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e00a37d2a95e22ee6ea77fc20fed729c13178e8ff0a05957b4cc464332d554e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.bwaval.gq/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-tyo3-2-v029-00a09ad24.edge-tyo3.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
zqixJvF4RHk=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.bwaval.gq
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
642
Expires
Thu, 01 Jan 1970 00:00:00 UTC
EXdf696e9a51f24937af66d11ac4867fd7-libraryCode_source.min.js
assets.adobedtm.com/b38dcb8dbbd6/1368969e5ef3/b4745da788ec/ 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b38dcb8dbbd6/1368969e5ef3/b4745da788ec/EXdf696e9a51f24937af66d11ac4867fd7-libraryCode_source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/17361013af29ef6ae83ffd4113ce414f44be89b8/satelliteLib-ea3bae92bad6869bca2ee96094be75c242840f35.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:2:980::1e80 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
92c7d324f8296beff6619d336943dd02aadb6875d409fbf2f99bdf8e4a9a8ab0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 01:57:32 GMT
content-encoding
gzip
last-modified
Mon, 09 May 2022 04:12:29 GMT
server
AkamaiNetStorage
etag
"55da09c6490de8e8ff5b2b2b6af9c26d:1652069549.433444"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.bwaval.gq
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
20114
expires
Tue, 10 May 2022 02:57:32 GMT
blank.png
www.bwaval.gq/image/
Redirect Chain
  • https://www.bwaval.gq/webmail/image/blank.png
  • https://www.bwaval.gq:2096/image/blank.png
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bwaval.gq:2096/image/blank.png
Requested by
Host: www.bwaval.gq
URL: https://www.bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Server
162.240.68.191 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
5819104.monkey.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Redirect headers

location
https://www.bwaval.gq:2096/image/blank.png
date
Tue, 10 May 2022 01:57:31 GMT
server
Apache
content-length
0
content-type
application/cgi
isp.png
www.so-net.ne.jp/common/hf1704/img/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.so-net.ne.jp/common/hf1704/img/isp.png
Requested by
Host: www.bwaval.gq
URL: https://www.bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:3b8:207:2e::f2:142 , Japan, ASN2527 (SO-NET Sony Network Communications Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
95c97e58c55dd3399e51380e549c0e391d65768a1fb1e656cf9fce38b3d61d2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 01:57:32 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 03 Mar 2017 04:35:16 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000;includeSubDomains
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
none
Content-Security-Policy-Report-Only
default-src 'unsafe-eval' 'unsafe-inline' 'self' http: https: data: wss: blob: chrome-extension ; report-uri /cgi-bin/csp-reports.cgi
Content-Length
8895
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=69
pmark.png
www.so-net.ne.jp/common/hf1704/img/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.so-net.ne.jp/common/hf1704/img/pmark.png
Requested by
Host: www.bwaval.gq
URL: https://www.bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:3b8:207:2e::f2:142 , Japan, ASN2527 (SO-NET Sony Network Communications Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
95129765aa2102c10a8d4dbb7df48069926b1eaf8d21db8e89144f5de4e89a6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 01:57:32 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 03 Mar 2017 04:35:16 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000;includeSubDomains
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
none
Content-Security-Policy-Report-Only
default-src 'unsafe-eval' 'unsafe-inline' 'self' http: https: data: wss: blob: chrome-extension ; report-uri /cgi-bin/csp-reports.cgi
Content-Length
8936
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=68
isms.png
www.so-net.ne.jp/common/hf1704/img/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.so-net.ne.jp/common/hf1704/img/isms.png
Requested by
Host: www.bwaval.gq
URL: https://www.bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:3b8:207:2e::f2:142 , Japan, ASN2527 (SO-NET Sony Network Communications Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
b143e0728abbb59467aaee3e9b31cf40d7df50f562e1b4bb7682d3da5dcb7547
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 01:57:32 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 29 Nov 2017 07:06:27 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000;includeSubDomains
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
none
Content-Security-Policy-Report-Only
default-src 'unsafe-eval' 'unsafe-inline' 'self' http: https: data: wss: blob: chrome-extension ; report-uri /cgi-bin/csp-reports.cgi
Content-Length
6151
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=67
loading.gif
www.bwaval.gq/so-net.ne.jp_webmail3/W/img/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bwaval.gq/so-net.ne.jp_webmail3/W/img/loading.gif
Requested by
Host: www.bwaval.gq
URL: https://www.bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.240.68.191 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
5819104.monkey.com
Software
Apache /
Resource Hash
5e3d5246b17e19e65385092db07554d8e1c5c4a226a6d7f97824b8e1e8571e34

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.bwaval.gq/so-net.ne.jp_webmail3/W/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 01:57:31 GMT
last-modified
Sat, 11 Aug 2018 18:03:52 GMT
server
Apache
accept-ranges
bytes
content-length
38636
content-type
image/gif
jquery-3.2.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.2.1.min.js
Requested by
Host: www.bwaval.gq
URL: https://www.bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 01:57:32 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15283"
vary
Accept-Encoding
x-hw
1652147852.dop090.sj3.t,1652147852.cds097.sj3.hn,1652147852.cds091.sj3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30125
jquery-3.3.1.slim.min.js
code.jquery.com/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by
Host: www.bwaval.gq
URL: https://www.bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

Referer
https://www.bwaval.gq/
Origin
https://www.bwaval.gq
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 01:57:32 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-1111d"
vary
Accept-Encoding
x-hw
1652147852.dop203.sj3.t,1652147852.cds207.sj3.hn,1652147852.cds120.sj3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
24038
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
Requested by
Host: www.bwaval.gq
URL: https://www.bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bwaval.gq/
Origin
https://www.bwaval.gq
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 01:57:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4084326
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6458
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-500f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OhGJ7BKgOPeF7skqs0Sd6HA7iTBw7ZSkk1s%2BQKvproARonZhnIWFqU76DtsLZZNMljsGVXJIWJZ2u9WLMpbQTLazMIwIRfyx9%2F640FMiJyDy8qQ%2BaotDLbiND6AJNdgVulo5wbW6C9XffygueMocQrKG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
708f108dff691eb8-NRT
expires
Sun, 30 Apr 2023 01:57:32 GMT
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/ 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js
Requested by
Host: www.bwaval.gq
URL: https://www.bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bwaval.gq/
Origin
https://www.bwaval.gq
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 01:57:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
906
access-control-allow-origin
*
cdn-cachedat
04/10/2022 19:53:16
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.02
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:05 GMT
server
cloudflare
cdn-requestpullcode
200
etag
W/"ce6e785579ae4cb555c9de311d1b9271"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
11ebd1b7b3c7c010f93ce7f9c5679bf0
cf-ray
708f108df9ce7827-NRT
cdn-requestcountrycode
BR
cdn-status
200
cdn-requestpullsuccess
True
jquery-3.3.1.min.js
ajax.aspnetcdn.com/ajax/jQuery/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js
Requested by
Host: www.bwaval.gq
URL: https://www.bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
117.18.232.200 , Australia, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (tka/899A) /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 01:57:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26459776
x-cache
HIT
content-length
30394
x-xss-protection
1; mode=block
last-modified
Mon, 22 Jan 2018 19:27:49 GMT
server
ECAcc (tka/899A)
etag
"80288516b793d31:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
jquery.mask.js
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js
Requested by
Host: www.bwaval.gq
URL: https://www.bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 01:57:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
16016779
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4517
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec3-4e98"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LqJC5sqIx9TA8gH5iofwL3iFQ4hIXRKjcN%2BsFg2N6iejM4cQ%2FsyUAuTfm5JmiSBL9MXSVYJLLvrqgYsPoGH1oB%2BA5zEvkDlFH9fT9uPvY2xqnLMiZR4qNRw1BcVlI1hHRrw%2BxWv2fSfBp190FDUySCEQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
708f108df86af8b3-NRT
expires
Sun, 30 Apr 2023 01:57:32 GMT
actions.js
www.bwaval.gq/so-net.ne.jp_webmail3/W/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bwaval.gq/so-net.ne.jp_webmail3/W/js/actions.js
Requested by
Host: www.bwaval.gq
URL: https://www.bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.240.68.191 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
5819104.monkey.com
Software
Apache /
Resource Hash
70e85a009826725354b61dda5e78f14418a117f6d4646550d2c55c499ec64a50

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.bwaval.gq/so-net.ne.jp_webmail3/W/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 01:57:31 GMT
last-modified
Mon, 18 Jan 2021 21:00:58 GMT
server
Apache
accept-ranges
bytes
content-length
1294
content-type
application/javascript
id
ssmr.so-net.ne.jp/ 		89 B
659 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssmr.so-net.ne.jp/id?d_visid_ver=5.0.1&d_fieldgroup=A&mcorgid=969F02BE53295D3C0A490D4C%40AdobeOrg&mid=88661692423714525213034261864403098429&ts=1652147850644
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/17361013af29ef6ae83ffd4113ce414f44be89b8/satelliteLib-ea3bae92bad6869bca2ee96094be75c242840f35.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.50.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
jag /
Resource Hash
684e1c2379c6f870b7792d5dcf663239524b6fdab88ec9a2db99fc862133916a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bwaval.gq/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 10 May 2022 01:57:30 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-5b7d4f44fb-b65c9
vary
Origin
x-c
main-1640.Id95fac.M0-564
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bwaval.gq
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
89
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YnnGjAAAABg7BQQX
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=88875003459103159493046569285107121913
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YnnGjAAAABg7BQQX
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YnnGjAAAABg7BQQX
Requested by
Host: www.bwaval.gq
URL: https://www.bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Server
3.115.249.132 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-115-249-132.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

DCS
dcs-prod-tyo3-2-v029-012f5f64f.edge-tyo3.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
e0RsF6laTAY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YnnGjAAAABg7BQQX
Date
Tue, 10 May 2022 01:57:32 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
id
dpm.demdex.net/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=969F02BE53295D3C0A490D4C%40AdobeOrg&d_nsid=0&d_mid=88661692423714525213034261864403098429&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=AVID%01313CE3450021774C-40000A8C7F893A2D&ts=1652147850711
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/17361013af29ef6ae83ffd4113ce414f44be89b8/satelliteLib-ea3bae92bad6869bca2ee96094be75c242840f35.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.115.249.132 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-115-249-132.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
5a4742901d8d6bbfc644872b330fa566a3efa6b089fa5153eb35634039bd5075
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.bwaval.gq/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-tyo3-1-v029-0a653dcaf.edge-tyo3.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
KG9hPcMRRak=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.bwaval.gq
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
642
Expires
Thu, 01 Jan 1970 00:00:00 UTC
dest5.html
sonet.demdex.net/ Frame D562 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sonet.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/17361013af29ef6ae83ffd4113ce414f44be89b8/satelliteLib-ea3bae92bad6869bca2ee96094be75c242840f35.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.199.15.7 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-15-7.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.bwaval.gq/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-tyo3-1-v029-0d2787835.edge-tyo3.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
EspRaoWjTxE=
content-encoding
gzip
date
Tue, 10 May 2022 01:57:32 GMT
last-modified
Wed, 27 Apr 2022 09:31:02 GMT
vary
accept-encoding
ibs:dpid=771&dpuuid=CAESEGiYlipvFRKitD5-DCBKteY&google_cver=1
dpm.demdex.net/ Frame D562
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODg4NzUwMDM0NTkxMDMxNTk0OTMwNDY1NjkyODUxMDcxMjE5MTM=
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=ODg4NzUwMDM0NTkxMDMxNTk0OTMwNDY1NjkyODUxMDcxMjE5MTM=&google_tc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEGiYlipvFRKitD5-DCBKteY&google_cver=1?gdpr=0&gdpr_consent=
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEGiYlipvFRKitD5-DCBKteY&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: www.bwaval.gq
URL: https://www.bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Server
3.115.249.132 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-115-249-132.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sonet.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

DCS
dcs-prod-tyo3-1-v029-03cc0d144.edge-tyo3.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
G472Y5PLRLU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 10 May 2022 01:57:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEGiYlipvFRKitD5-DCBKteY&google_cver=1?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
analytics.twitter.com/i/ Frame D562 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?p_user_id=88875003459103159493046569285107121913&p_id=38594
Requested by
Host: www.bwaval.gq
URL: https://www.bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_m /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sonet.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-response-time
108
date
Tue, 10 May 2022 01:57:32 GMT
server
tsa_m
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
cd88dce4a5fec1d2ae96dd7b3111f239ce7efdc0189c0f14ea5e84b4b7d3e231
content-length
43
ibs:dpid=16292&dpuuid=fY4Jlfxxduy42wjoZi1pmfFInSc
dpm.demdex.net/ Frame D562
Redirect Chain
  • https://sync.dmp.fout.jp/serve/?id=6836&mt=127
  • https://dpm.demdex.net/ibs:dpid=16292&dpuuid=fY4Jlfxxduy42wjoZi1pmfFInSc
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=16292&dpuuid=fY4Jlfxxduy42wjoZi1pmfFInSc
Requested by
Host: www.bwaval.gq
URL: https://www.bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Server
3.115.249.132 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-115-249-132.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sonet.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

DCS
dcs-prod-tyo3-1-v029-057306d18.edge-tyo3.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
79/RhkQbQi4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Tue, 10 May 2022 01:57:33 GMT
Server
nginx
Strict-Transport-Security
max-age=15768000
P3P
CP="ADM NOI OUR"
Location
https://dpm.demdex.net/ibs:dpid=16292&dpuuid=fY4Jlfxxduy42wjoZi1pmfFInSc
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
ibs:dpid=47438&dpuuid=6ce936f7-258b-4ec7-85a8-d918abe49ef4
dpm.demdex.net/ Frame D562
Redirect Chain
  • https://aw.dw.impact-ad.jp/c/u/?oid=mone.6c51c563bd5&rdr=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D47438%26dpuuid%3D%7BAONEID%7D
  • https://aw.dw.impact-ad.jp/c/ur/?oid=mone.6c51c563bd5&rdr=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D47438%26dpuuid%3D%7BAONEID%7D
  • https://dpm.demdex.net/ibs:dpid=47438&dpuuid=6ce936f7-258b-4ec7-85a8-d918abe49ef4
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=47438&dpuuid=6ce936f7-258b-4ec7-85a8-d918abe49ef4
Requested by
Host: www.bwaval.gq
URL: https://www.bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Server
3.115.249.132 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-115-249-132.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sonet.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

DCS
dcs-prod-tyo3-2-v029-068adc8dd.edge-tyo3.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
azLgxGTcQUA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=47438&dpuuid=6ce936f7-258b-4ec7-85a8-d918abe49ef4
date
Tue, 10 May 2022 01:57:32 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000; includeSubDomains;
content-type
text/plain; charset=utf-8
ibs:dpid=57289&dpuuid=AS7lu63gDPXwks8ADqiTTOxLGs0nTA
dpm.demdex.net/ Frame D562
Redirect Chain
  • https://cr-p10060.ladsp.com/pid/10060
  • https://cr-p10060.ladsp.com/cr/10060
  • https://dpm.demdex.net/ibs:dpid=57289&dpuuid=AS7lu63gDPXwks8ADqiTTOxLGs0nTA
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=57289&dpuuid=AS7lu63gDPXwks8ADqiTTOxLGs0nTA
Requested by
Host: www.bwaval.gq
URL: https://www.bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Server
3.115.249.132 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-115-249-132.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sonet.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

DCS
dcs-prod-tyo3-1-v029-00b1359ab.edge-tyo3.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
EvnlJ7PlR+c=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 10 May 2022 01:57:33 GMT
via
1.1 b8a08c0d748faf705ea0429a0bc6145c.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
NRT57-C3
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://dpm.demdex.net/ibs:dpid=57289&dpuuid=AS7lu63gDPXwks8ADqiTTOxLGs0nTA
cache-control
no-cache
content-length
0
x-amz-cf-id
h2BcViU8mYrfyK5_4eWqA1smcwg5MfPRhwNmL8SDNs6yn1h_mF11cA==
expires
-1
s68477973195682
ssmr.so-net.ne.jp/b/ss/sonysonetglobal/1/JS-2.6.0-LCS4/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssmr.so-net.ne.jp/b/ss/sonysonetglobal/1/JS-2.6.0-LCS4/s68477973195682?AQB=1&ndh=1&pf=1&t=10%2F4%2F2022%201%3A57%3A33%202%200&mid=88661692423714525213034261864403098429&aid=313CE3450021774C-40000A8C7F893A2D&aamlh=11&ce=UTF-8&ns=sonysonet&cdp=3&fpCookieDomainPeriods=2&pageName=https%3A%2F%2Fwww.bwaval.gq%2Fso-net.ne.jp_webmail3%2FW&g=https%3A%2F%2Fwww.bwaval.gq%2Fso-net.ne.jp_webmail3%2FW%2Findex.php%23wa%3Dwsignin1.0%26rpsnv%3D13%26ct%3D1539585327%26rver%3D7.0.6737.0%26wp%3DMBI_SSL%26wreply%3Dhttps%253a%252f%252foutlook.live.com%252fowa%252f%253fnlp%253d1%2526RpsCsrfState%253d715d44a2-2f11-4282-f625-a066679e96e2%26id%3D292841%26CBCXT%3Dout%26lw%3D1&cc=JPY&ch=www.bwaval.gq%2Fso-net.ne.jp_webmail3&server=sonysonetglobal&events=event2&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&h1=www.bwaval.gq%2Fso-net.ne.jp_webmail3%2FW&c2=D%3Dv2&v2=n&c4=Access%20mailbox%EF%BC%88%E8%BF%BD%E5%8A%A0%E3%83%A1%E3%83%BC%E3%83%AB%E3%83%9C%E3%83%83%E3%82%AF%E3%82%B9%EF%BC%89%EF%BD%9C%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3&c5=D%3Dg&c6=bwaval.gq%2Fso-net.ne.jp_webmail3%2FW&c7=bwaval.gq%2Fso-net.ne.jp_webmail3&v15=D%3Dc62&v16=D%3Dc63&v17=D%3Dc62&v18=D%3Dc63&c39=313CE3450021774C-40000A8C7F893A2D&c40=D%3Dv20&c41=10%3A45AM-Tuesday&v41=D%3Dc41&c44=New&v44=New&c45=First%20Visit&v45=D%3Dc45&c49=D%3Dv0&c61=www&c62=www%2Fso-net.ne.jp_webmail3&c63=www%2Fso-net.ne.jp_webmail3%2FW&c64=www%2Fso-net.ne.jp_webmail3%2FW%2Findex.php&c65=D%3DpageName&c74=www.bwaval.gq&c75=VisitorAPI%20Present&v79=0.5743194827575242_1652147853647&v120=None&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=%26fl%3Ddob%252cflname%252cwld%26cobrandid%3D90015%26domain%3D&mcorgid=969F02BE53295D3C0A490D4C%40AdobeOrg&AQE=1
Requested by
Host: www.bwaval.gq
URL: https://www.bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.50.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 01:57:33 GMT
x-content-type-options
nosniff
x-c
main-1640.Id95fac.M0-564
p3p
CP="This is not a P3P policy"
vary
*
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 11 May 2022 01:57:33 GMT
server
jag
xserver
anedge-5b7d4f44fb-88wnd
etag
3547960498822086656-4619566469511511571
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Mon, 09 May 2022 01:57:33 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: So-net (Telecommunication)

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| onYouTubeIframeAPIReady object| targetGlobalSettings function| mboxCreate function| mboxDefine function| mboxUpdate function| sc_requestAjax object| _sc object| UIUtil function| SmR_doPlugins function| sc_trackTNT function| sc_trackLink function| sc_setDirName function| sc_setPropDir function| sc_setCk function| sc_getCk function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq function| AppMeasurement_Module_Integrate object| SmR string| sc_rootDomain string| sc_ref string| sc_socialMedia boolean| sc_socialFlg undefined| sc_refTmp undefined| sc_refQry undefined| dcq undefined| dcqLeng undefined| sc_QParam undefined| sc_refDomainTmp number| numsl string| sc_refDomain boolean| sc_naturalSrhFlg number| s_objectID number| s_giq function| $ function| jQuery function| Popper object| bootstrap string| $c string| $current_email function| decodeCustom function| isValidEmail function| getUrlParameter string| currentEmail object| ListEntries undefined| e undefined| domain function| extractDomain object| dc object| fl object| cd number| utc object| tz number| thisy number| thish number| thismin number| thisd string| f0 object| pasArr object| _uxa string| s_tnt object| s_i_sonysonetglobal

21 Cookies

Domain/Path Name / Value
www.bwaval.gq/ Name: PHPSESSID
Value: 65eb598c1465a973627740ea640425f9
.demdex.net/ Name: demdex
Value: 88875003459103159493046569285107121913
.bwaval.gq/ Name: AMCVS_969F02BE53295D3C0A490D4C%40AdobeOrg
Value: 1
www.bwaval.gq/ Name: roundcube_cookies
Value: enabled
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YnnGjAAAABg7BQQX
.dpm.demdex.net/ Name: dpm
Value: 88875003459103159493046569285107121913
.bwaval.gq/ Name: AMCV_969F02BE53295D3C0A490D4C%40AdobeOrg
Value: 359503849%7CMCIDTS%7C19123%7CMCMID%7C88661692423714525213034261864403098429%7CMCAAMLH-1652752650%7C11%7CMCAAMB-1652752650%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1652155050s%7CNONE%7CMCAID%7C313CE3450021774C-40000A8C7F893A2D%7CMCSYNCSOP%7C411-19130%7CvVersion%7C5.0.1
.doubleclick.net/ Name: IDE
Value: AHWqTUniN6nlERjeXrItfB_kaLdIOh1tUUx62YgMm89LqyxI7puOEn4w7KaaNszjCAM
.impact-ad.jp/ Name: tuuid
Value: 6ce936f7-258b-4ec7-85a8-d918abe49ef4
.demdex.net/ Name: dextp
Value: 771-1-1652147852606|1123-1-1652147852707|16292-1-1652147852807|47438-1-1652147852915|57289-1-1652147853016
.ladsp.com/ Name: cr
Value: 1
.ladsp.com/ Name: smn_uid
Value: jL2IpYtghgdQv27DOhBxhQ6ok0zsSxo
.twitter.com/ Name: personalization_id
Value: "v1_Ej9DyX1aQ9DdmJYOOC612Q=="
.fout.jp/ Name: uid
Value: fY4Jlfxxduy42wjoZi1pmfFInSc
.bwaval.gq/ Name: s_nr
Value: 1652147853631-New
.bwaval.gq/ Name: s_pv
Value: https%3A%2F%2Fwww.bwaval.gq%2Fso-net.ne.jp_webmail3%2FW
.bwaval.gq/ Name: s_lv
Value: 1652147853639
.bwaval.gq/ Name: s_lv_s
Value: First%20Visit
.bwaval.gq/ Name: _cs_mk
Value: 0.5743194827575242_1652147853647
.bwaval.gq/ Name: s_cc
Value: true
www.bwaval.gq/ Name: webmailsession
Value: %3ahbxiXMPJKIshkTR0%2ca89ab0c64f16cd873919acc2e74790c3

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
analytics.twitter.com
assets.adobedtm.com
aw.dw.impact-ad.jp
cdnjs.cloudflare.com
cm.everesttech.net
cm.g.doubleclick.net
code.jquery.com
cr-p10060.ladsp.com
dpm.demdex.net
sonet.demdex.net
ssmr.so-net.ne.jp
stackpath.bootstrapcdn.com
sync.dmp.fout.jp
www.bwaval.gq
www.so-net.ne.jp
104.244.42.67
117.18.232.200
142.250.196.98
162.240.68.191
2001:3b8:207:2e::f2:142
2001:4de0:ac18::1:a:1a
202.232.238.40
2600:140b:2:980::1e80
2600:1901:0:80::
2606:4700::6811:190e
2606:4700::6812:acf
3.115.249.132
52.199.15.7
52.76.153.185
63.140.50.18
99.84.128.29
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
14e9b38d9549db3c9183b6379e9432aacc9d0bfbd04eb460828aaeb1ad0a1508
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
3a198eff27f5a0cbe6ddd51406f0fabb11a181184dec3dd6263c2f2df0112e4a
3c17e51dbaf56467422e01a0d79110a3809cd161ab37e707b79332180c3735ca
405221ae8179f34dc3a020060112179fa5c9ebc1be586126a1dec338110bc660
42b4a2d493bcaf3a4512e7fc66dbc7db3944f46c58ffce13c1f5cababd61d6d8
5a4742901d8d6bbfc644872b330fa566a3efa6b089fa5153eb35634039bd5075
5e3d5246b17e19e65385092db07554d8e1c5c4a226a6d7f97824b8e1e8571e34
684e1c2379c6f870b7792d5dcf663239524b6fdab88ec9a2db99fc862133916a
70e85a009826725354b61dda5e78f14418a117f6d4646550d2c55c499ec64a50
75e9cad8399336821ee090f0efec5d9ddeef105cab6b9dc24bb1505e5a0f1531
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
81326998f8bcc36f1f6b5c5a0235299c964646faf7c9dabb6b0516cc5626d085
82df9cbcc508ac2aec7863f8bcfd63ce9b13cb1e15f93573ad5af74f046a60c0
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
888a45715a43fedad2a1450402e761969440920910730a9fa063754126f17b84
92c7d324f8296beff6619d336943dd02aadb6875d409fbf2f99bdf8e4a9a8ab0
95129765aa2102c10a8d4dbb7df48069926b1eaf8d21db8e89144f5de4e89a6a
95c97e58c55dd3399e51380e549c0e391d65768a1fb1e656cf9fce38b3d61d2a
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b143e0728abbb59467aaee3e9b31cf40d7df50f562e1b4bb7682d3da5dcb7547
be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44
c6616e27a1f1d4024d26cac27af5ac26396e8edfc74ac35a004144ede6109940
c6b61dc254825a526cccf0aa4015fee363a74b004002459038ce08603a8f3da3
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
dfae4e1fc0be3ec5c1e17a1fd9ce7bb05b457baf0b348753ad009a5f1c7e341f
e00a37d2a95e22ee6ea77fc20fed729c13178e8ff0a05957b4cc464332d554e2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629