urlscan.io logo urlscan.io
SecurityTrails logo

bwaval.gq Open in urlscan Pro
162.240.68.191  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Submission: On May 10 via manual from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 5 countries across 14 domains to perform 38 HTTP transactions. The main IP is 162.240.68.191, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is bwaval.gq.
TLS certificate: Issued by R3 on April 24th 2022. Valid for: 3 months.
This is the only time bwaval.gq was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: So-net (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
3 10 162.240.68.191 46606 (UNIFIEDLA...)
2 2600:140b:2:9... 20940 (AKAMAI-ASN1)
12 2001:3b8:207:... 2527 (SO-NET So...)
7 52.69.152.28 16509 (AMAZON-02)
2 2001:4de0:ac1... 20446 (STACKPATH...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 117.18.232.200 15133 (EDGECAST)
2 63.140.50.163 16509 (AMAZON-02)
1 1 52.76.153.185 16509 (AMAZON-02)
1 54.248.211.131 16509 (AMAZON-02)
2 2 142.250.196.98 15169 (GOOGLE)
1 104.244.42.3 13414 (TWITTER)
1 1 202.232.238.40 2497 (IIJ Inter...)
2 2 2600:1901:0:80:: 15169 (GOOGLE)
2 2 99.84.128.47 16509 (AMAZON-02)
38 11
10    162.240.68.191 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 5819104.monkey.com
bwaval.gq
2    2600:140b:2:9ad::1e80 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
12    2001:3b8:207:2e::f2:142 (Japan)

ASN2527 (SO-NET Sony Network Communications Inc., JP)
www.so-net.ne.jp
7    52.69.152.28 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-69-152-28.ap-northeast-1.compute.amazonaws.com
dpm.demdex.net
2    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    117.18.232.200 (Australia)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
2    63.140.50.163 (United States)

ASN16509 (AMAZON-02, US)
ssmr.so-net.ne.jp
1    52.76.153.185 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-153-185.ap-southeast-1.compute.amazonaws.com
cm.everesttech.net
1    54.248.211.131 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-248-211-131.ap-northeast-1.compute.amazonaws.com
sonet.demdex.net
2    142.250.196.98 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s35-in-f2.1e100.net
cm.g.doubleclick.net
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    202.232.238.40 (Minato-ku, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)
sync.dmp.fout.jp
2    2600:1901:0:80:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
aw.dw.impact-ad.jp
2    99.84.128.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-128-47.nrt57.r.cloudfront.net
cr-p10060.ladsp.com
Apex Domain
Subdomains		 Transfer
14 so-net.ne.jp
www.so-net.ne.jp — Cisco Umbrella Rank: 665835
ssmr.so-net.ne.jp
125 KB
10 bwaval.gq
bwaval.gq
63 KB
8 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 283
sonet.demdex.net
11 KB
2 ladsp.com
cr-p10060.ladsp.com — Cisco Umbrella Rank: 77769
956 B
2 impact-ad.jp
aw.dw.impact-ad.jp — Cisco Umbrella Rank: 44333
345 B
2 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 289
1 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 341
12 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 936
53 KB
2 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 469
254 KB
1 fout.jp
sync.dmp.fout.jp — Cisco Umbrella Rank: 62003
503 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 800
355 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1413
517 B
1 aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 2187
30 KB
1 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3175
15 KB
38 14
Domain Requested by
12 www.so-net.ne.jp bwaval.gq
10 bwaval.gq 3 redirects bwaval.gq
7 dpm.demdex.net assets.adobedtm.com
bwaval.gq
2 cr-p10060.ladsp.com 2 redirects
2 aw.dw.impact-ad.jp 2 redirects
2 cm.g.doubleclick.net 2 redirects
2 ssmr.so-net.ne.jp assets.adobedtm.com
bwaval.gq
2 cdnjs.cloudflare.com bwaval.gq
2 code.jquery.com bwaval.gq
2 assets.adobedtm.com bwaval.gq
assets.adobedtm.com
1 sync.dmp.fout.jp 1 redirects
1 analytics.twitter.com bwaval.gq
1 sonet.demdex.net assets.adobedtm.com
1 cm.everesttech.net 1 redirects
1 ajax.aspnetcdn.com bwaval.gq
1 stackpath.bootstrapcdn.com bwaval.gq
38 16

This site contains links to these domains. Also see Links.

Domain
www.so-net.ne.jp
www.sonynetwork.co.jp
privacymark.jp
Subject Issuer Validity Valid
bwaval.gq
R3		 2022-04-24 -
2022-07-23		 3 months crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-10 -
2022-09-10		 a year crt.sh
*.so-net.ne.jp
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-02 -
2022-09-16		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2021-08-06 -
2022-08-06		 a year crt.sh
ssmr.so-net.ne.jp
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-28 -
2022-08-28		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-24 -
2023-01-23		 a year crt.sh

This page contains 2 frames:

Primary Page: https://bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Frame ID: E552EF9FF00F91CF78CE560750BE48E4
Requests: 32 HTTP requests in this frame

Frame: https://sonet.demdex.net/dest5.html?d_nsid=0
Frame ID: 909B05FB32F611E5E2B93575BCD545A9
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Access mailbox(追加メールボックス)|ログイン

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

38
Requests

79 %
HTTPS

38 %
IPv6

14
Domains

16
Subdomains

11
IPs

5
Countries

563 kB
Transfer

1449 kB
Size

21
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://bwaval.gq/webmail/js/jquery-2.1.4.min.js?1.0.16 HTTP 301
  • https://bwaval.gq:2096/js/jquery-2.1.4.min.js?1.0.16
Request Chain 7
  • https://bwaval.gq/webmail/js/run.js?1.0.16 HTTP 301
  • https://bwaval.gq:2096/js/run.js?1.0.16
Request Chain 15
  • https://bwaval.gq/webmail/image/blank.png HTTP 301
  • https://bwaval.gq:2096/image/blank.png
Request Chain 28
  • https://cm.everesttech.net/cm/dd?d_uuid=45416360611334228183489170832981302708 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YnnGaQAAAMX8sQQm
Request Chain 31
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDU0MTYzNjA2MTEzMzQyMjgxODM0ODkxNzA4MzI5ODEzMDI3MDg= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NDU0MTYzNjA2MTEzMzQyMjgxODM0ODkxNzA4MzI5ODEzMDI3MDg=&google_tc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIqLZqGId7N36hXRUxx_iyw&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 33
  • https://sync.dmp.fout.jp/serve/?id=6836&mt=127 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=16292&dpuuid=xNiL5BVSligQb6uFnZDPPfXS5Jo
Request Chain 34
  • https://aw.dw.impact-ad.jp/c/u/?oid=mone.6c51c563bd5&rdr=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D47438%26dpuuid%3D%7BAONEID%7D HTTP 303
  • https://aw.dw.impact-ad.jp/c/ur/?oid=mone.6c51c563bd5&rdr=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D47438%26dpuuid%3D%7BAONEID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=47438&dpuuid=767783c1-5198-44a6-a787-8803c9947352
Request Chain 35
  • https://cr-p10060.ladsp.com/pid/10060 HTTP 302
  • https://cr-p10060.ladsp.com/cr/10060 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=57289&dpuuid=AZye3WCiV71Cks8ADql8IWTccs0nTA

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
bwaval.gq/so-net.ne.jp_webmail3/W/ 		23 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.240.68.191 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
5819104.monkey.com
Software
Apache /
Resource Hash
c6b61dc254825a526cccf0aa4015fee363a74b004002459038ce08603a8f3da3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Tue, 10 May 2022 01:56:54 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
satelliteLib-ea3bae92bad6869bca2ee96094be75c242840f35.js
assets.adobedtm.com/17361013af29ef6ae83ffd4113ce414f44be89b8/ 		879 KB
234 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/17361013af29ef6ae83ffd4113ce414f44be89b8/satelliteLib-ea3bae92bad6869bca2ee96094be75c242840f35.js
Requested by
Host: bwaval.gq
URL: https://bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:2:9ad::1e80 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
81326998f8bcc36f1f6b5c5a0235299c964646faf7c9dabb6b0516cc5626d085

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 01:56:55 GMT
content-encoding
gzip
last-modified
Mon, 09 May 2022 04:12:28 GMT
server
AkamaiNetStorage
etag
"e8b6e657b1cbd5ae87ba14d3d1a32fdd:1652069548.630648"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://bwaval.gq
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
239098
expires
Tue, 10 May 2022 02:56:55 GMT
webmail_pclogin.css
www.so-net.ne.jp/webmail/css/ 		8 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.so-net.ne.jp/webmail/css/webmail_pclogin.css?1.0.16
Requested by
Host: bwaval.gq
URL: https://bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:3b8:207:2e::f2:142 , Japan, ASN2527 (SO-NET Sony Network Communications Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
c6616e27a1f1d4024d26cac27af5ac26396e8edfc74ac35a004144ede6109940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 01:56:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 10 Dec 2021 07:30:46 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000;includeSubDomains
Content-Type
text/css
Connection
Keep-Alive
Content-Security-Policy-Report-Only
default-src 'unsafe-eval' 'unsafe-inline' 'self' http: https: data: wss: blob: chrome-extension ; report-uri /cgi-bin/csp-reports.cgi
Content-Length
8581
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=70
webmail_common.css
www.so-net.ne.jp/webmail/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.so-net.ne.jp/webmail/css/webmail_common.css?1.0.16
Requested by
Host: bwaval.gq
URL: https://bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:3b8:207:2e::f2:142 , Japan, ASN2527 (SO-NET Sony Network Communications Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
14e9b38d9549db3c9183b6379e9432aacc9d0bfbd04eb460828aaeb1ad0a1508
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 01:56:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 10 Dec 2021 07:30:46 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000;includeSubDomains
Content-Type
text/css
Connection
Keep-Alive
Content-Security-Policy-Report-Only
default-src 'unsafe-eval' 'unsafe-inline' 'self' http: https: data: wss: blob: chrome-extension ; report-uri /cgi-bin/csp-reports.cgi
Content-Length
2962
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=70
style.css
www.so-net.ne.jp/webmail/css/ 		25 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.so-net.ne.jp/webmail/css/style.css?1.0.16
Requested by
Host: bwaval.gq
URL: https://bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:3b8:207:2e::f2:142 , Japan, ASN2527 (SO-NET Sony Network Communications Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
405221ae8179f34dc3a020060112179fa5c9ebc1be586126a1dec338110bc660
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 01:56:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 10 Dec 2021 07:30:46 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000;includeSubDomains
Content-Type
text/css
Connection
Keep-Alive
Content-Security-Policy-Report-Only
default-src 'unsafe-eval' 'unsafe-inline' 'self' http: https: data: wss: blob: chrome-extension ; report-uri /cgi-bin/csp-reports.cgi
Content-Length
25126
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=70
jquery-2.1.4.min.js
bwaval.gq/js/
Redirect Chain
  • https://bwaval.gq/webmail/js/jquery-2.1.4.min.js?1.0.16
  • https://bwaval.gq:2096/js/jquery-2.1.4.min.js?1.0.16
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bwaval.gq:2096/js/jquery-2.1.4.min.js?1.0.16
Requested by
Host: bwaval.gq
URL: https://bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Server
162.240.68.191 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
5819104.monkey.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Redirect headers

location
https://bwaval.gq:2096/js/jquery-2.1.4.min.js?1.0.16
date
Tue, 10 May 2022 01:56:54 GMT
server
Apache
content-length
0
content-type
application/cgi
rwd.css
www.so-net.ne.jp/common/hf1704/css/ 		28 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.so-net.ne.jp/common/hf1704/css/rwd.css
Requested by
Host: bwaval.gq
URL: https://bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:3b8:207:2e::f2:142 , Japan, ASN2527 (SO-NET Sony Network Communications Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
3c17e51dbaf56467422e01a0d79110a3809cd161ab37e707b79332180c3735ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 01:56:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 01 Sep 2021 01:00:04 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000;includeSubDomains
Upgrade
h2
Connection
Upgrade, Keep-Alive
Accept-Ranges
none
Content-Type
text/css
Content-Security-Policy-Report-Only
default-src 'unsafe-eval' 'unsafe-inline' 'self' http: https: data: wss: blob: chrome-extension ; report-uri /cgi-bin/csp-reports.cgi
Content-Length
28823
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=70
init.js
www.so-net.ne.jp/common/hf1704/js/ 		396 B
971 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.so-net.ne.jp/common/hf1704/js/init.js
Requested by
Host: bwaval.gq
URL: https://bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:3b8:207:2e::f2:142 , Japan, ASN2527 (SO-NET Sony Network Communications Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
888a45715a43fedad2a1450402e761969440920910730a9fa063754126f17b84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 01:56:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 03 Mar 2017 04:35:17 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000;includeSubDomains
Upgrade
h2
Connection
Upgrade, Keep-Alive
Accept-Ranges
none
Content-Type
application/javascript
Content-Security-Policy-Report-Only
default-src 'unsafe-eval' 'unsafe-inline' 'self' http: https: data: wss: blob: chrome-extension ; report-uri /cgi-bin/csp-reports.cgi
Content-Length
396
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=70
run.js
bwaval.gq/js/
Redirect Chain
  • https://bwaval.gq/webmail/js/run.js?1.0.16
  • https://bwaval.gq:2096/js/run.js?1.0.16
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bwaval.gq:2096/js/run.js?1.0.16
Requested by
Host: bwaval.gq
URL: https://bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Server
162.240.68.191 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
5819104.monkey.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Redirect headers

location
https://bwaval.gq:2096/js/run.js?1.0.16
date
Tue, 10 May 2022 01:56:54 GMT
server
Apache
content-type
application/cgi
gHd_gFt2016_run.js
www.so-net.ne.jp/common/ui_ver2/js/ 		21 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.so-net.ne.jp/common/ui_ver2/js/gHd_gFt2016_run.js
Requested by
Host: bwaval.gq
URL: https://bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:3b8:207:2e::f2:142 , Japan, ASN2527 (SO-NET Sony Network Communications Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
3a198eff27f5a0cbe6ddd51406f0fabb11a181184dec3dd6263c2f2df0112e4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 01:56:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 05 Aug 2021 05:01:04 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000;includeSubDomains
Upgrade
h2
Connection
Upgrade, Keep-Alive
Accept-Ranges
none
Content-Type
application/javascript
Content-Security-Policy-Report-Only
default-src 'unsafe-eval' 'unsafe-inline' 'self' http: https: data: wss: blob: chrome-extension ; report-uri /cgi-bin/csp-reports.cgi
Content-Length
21568
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=70
so_net-util.min.js
www.so-net.ne.jp/common/js/ 		360 B
913 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.so-net.ne.jp/common/js/so_net-util.min.js
Requested by
Host: bwaval.gq
URL: https://bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:3b8:207:2e::f2:142 , Japan, ASN2527 (SO-NET Sony Network Communications Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
75e9cad8399336821ee090f0efec5d9ddeef105cab6b9dc24bb1505e5a0f1531
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 01:56:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 01 Jul 2016 01:01:59 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000;includeSubDomains
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
none
Content-Security-Policy-Report-Only
default-src 'unsafe-eval' 'unsafe-inline' 'self' http: https: data: wss: blob: chrome-extension ; report-uri /cgi-bin/csp-reports.cgi
Content-Length
360
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=69
style.css
bwaval.gq/so-net.ne.jp_webmail3/W/css/ 		348 B
413 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bwaval.gq/so-net.ne.jp_webmail3/W/css/style.css
Requested by
Host: bwaval.gq
URL: https://bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.240.68.191 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
5819104.monkey.com
Software
Apache /
Resource Hash
42b4a2d493bcaf3a4512e7fc66dbc7db3944f46c58ffce13c1f5cababd61d6d8

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bwaval.gq/so-net.ne.jp_webmail3/W/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 01:56:54 GMT
last-modified
Tue, 27 Apr 2021 18:56:46 GMT
server
Apache
accept-ranges
bytes
content-length
348
content-type
text/css
logo-sony.png
www.so-net.ne.jp/common/hf1704/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.so-net.ne.jp/common/hf1704/img/logo-sony.png
Requested by
Host: bwaval.gq
URL: https://bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:3b8:207:2e::f2:142 , Japan, ASN2527 (SO-NET Sony Network Communications Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
82df9cbcc508ac2aec7863f8bcfd63ce9b13cb1e15f93573ad5af74f046a60c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 01:56:57 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 03 Mar 2017 04:35:16 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000;includeSubDomains
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
none
Content-Security-Policy-Report-Only
default-src 'unsafe-eval' 'unsafe-inline' 'self' http: https: data: wss: blob: chrome-extension ; report-uri /cgi-bin/csp-reports.cgi
Content-Length
1929
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=69
logo.png
www.so-net.ne.jp/common/hf1704/img/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.so-net.ne.jp/common/hf1704/img/logo.png
Requested by
Host: bwaval.gq
URL: https://bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:3b8:207:2e::f2:142 , Japan, ASN2527 (SO-NET Sony Network Communications Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
dfae4e1fc0be3ec5c1e17a1fd9ce7bb05b457baf0b348753ad009a5f1c7e341f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 01:56:57 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 01 Sep 2021 01:00:04 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000;includeSubDomains
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
none
Content-Security-Policy-Report-Only
default-src 'unsafe-eval' 'unsafe-inline' 'self' http: https: data: wss: blob: chrome-extension ; report-uri /cgi-bin/csp-reports.cgi
Content-Length
6521
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=68
id
dpm.demdex.net/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=969F02BE53295D3C0A490D4C%40AdobeOrg&d_nsid=0&ts=1652147815188
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/17361013af29ef6ae83ffd4113ce414f44be89b8/satelliteLib-ea3bae92bad6869bca2ee96094be75c242840f35.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.69.152.28 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-69-152-28.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
4d8e0f00281fc1e601f43b19476ef765c60ea55e626a3fd1cc710528bc922e7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bwaval.gq/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-tyo3-1-v029-04d5f9ce2.edge-tyo3.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
/eaGEParTtE=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://bwaval.gq
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
641
Expires
Thu, 01 Jan 1970 00:00:00 UTC
EXdf696e9a51f24937af66d11ac4867fd7-libraryCode_source.min.js
assets.adobedtm.com/b38dcb8dbbd6/1368969e5ef3/b4745da788ec/ 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b38dcb8dbbd6/1368969e5ef3/b4745da788ec/EXdf696e9a51f24937af66d11ac4867fd7-libraryCode_source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/17361013af29ef6ae83ffd4113ce414f44be89b8/satelliteLib-ea3bae92bad6869bca2ee96094be75c242840f35.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:2:9ad::1e80 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
92c7d324f8296beff6619d336943dd02aadb6875d409fbf2f99bdf8e4a9a8ab0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 01:56:57 GMT
content-encoding
gzip
last-modified
Mon, 09 May 2022 04:12:29 GMT
server
AkamaiNetStorage
etag
"55da09c6490de8e8ff5b2b2b6af9c26d:1652069549.433444"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://bwaval.gq
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
20114
expires
Tue, 10 May 2022 02:56:57 GMT
blank.png
bwaval.gq/image/
Redirect Chain
  • https://bwaval.gq/webmail/image/blank.png
  • https://bwaval.gq:2096/image/blank.png
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bwaval.gq:2096/image/blank.png
Requested by
Host: bwaval.gq
URL: https://bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Server
162.240.68.191 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
5819104.monkey.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Redirect headers

location
https://bwaval.gq:2096/image/blank.png
date
Tue, 10 May 2022 01:56:56 GMT
server
Apache
content-type
application/cgi
isp.png
www.so-net.ne.jp/common/hf1704/img/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.so-net.ne.jp/common/hf1704/img/isp.png
Requested by
Host: bwaval.gq
URL: https://bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:3b8:207:2e::f2:142 , Japan, ASN2527 (SO-NET Sony Network Communications Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
95c97e58c55dd3399e51380e549c0e391d65768a1fb1e656cf9fce38b3d61d2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 01:56:57 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 03 Mar 2017 04:35:16 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000;includeSubDomains
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
none
Content-Security-Policy-Report-Only
default-src 'unsafe-eval' 'unsafe-inline' 'self' http: https: data: wss: blob: chrome-extension ; report-uri /cgi-bin/csp-reports.cgi
Content-Length
8895
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=69
pmark.png
www.so-net.ne.jp/common/hf1704/img/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.so-net.ne.jp/common/hf1704/img/pmark.png
Requested by
Host: bwaval.gq
URL: https://bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:3b8:207:2e::f2:142 , Japan, ASN2527 (SO-NET Sony Network Communications Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
95129765aa2102c10a8d4dbb7df48069926b1eaf8d21db8e89144f5de4e89a6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 01:56:57 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 03 Mar 2017 04:35:16 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000;includeSubDomains
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
none
Content-Security-Policy-Report-Only
default-src 'unsafe-eval' 'unsafe-inline' 'self' http: https: data: wss: blob: chrome-extension ; report-uri /cgi-bin/csp-reports.cgi
Content-Length
8936
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=69
isms.png
www.so-net.ne.jp/common/hf1704/img/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.so-net.ne.jp/common/hf1704/img/isms.png
Requested by
Host: bwaval.gq
URL: https://bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:3b8:207:2e::f2:142 , Japan, ASN2527 (SO-NET Sony Network Communications Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
b143e0728abbb59467aaee3e9b31cf40d7df50f562e1b4bb7682d3da5dcb7547
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 01:56:57 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 29 Nov 2017 07:06:27 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000;includeSubDomains
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
none
Content-Security-Policy-Report-Only
default-src 'unsafe-eval' 'unsafe-inline' 'self' http: https: data: wss: blob: chrome-extension ; report-uri /cgi-bin/csp-reports.cgi
Content-Length
6151
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=68
loading.gif
bwaval.gq/so-net.ne.jp_webmail3/W/img/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bwaval.gq/so-net.ne.jp_webmail3/W/img/loading.gif
Requested by
Host: bwaval.gq
URL: https://bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.240.68.191 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
5819104.monkey.com
Software
Apache /
Resource Hash
5e3d5246b17e19e65385092db07554d8e1c5c4a226a6d7f97824b8e1e8571e34

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bwaval.gq/so-net.ne.jp_webmail3/W/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 01:56:56 GMT
last-modified
Sat, 11 Aug 2018 18:03:52 GMT
server
Apache
accept-ranges
bytes
content-length
38636
content-type
image/gif
jquery-3.2.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.2.1.min.js
Requested by
Host: bwaval.gq
URL: https://bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 01:56:57 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15283"
vary
Accept-Encoding
x-hw
1652147817.dop122.sj3.t,1652147817.cds210.sj3.hn,1652147817.cds091.sj3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30125
jquery-3.3.1.slim.min.js
code.jquery.com/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by
Host: bwaval.gq
URL: https://bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

Referer
https://bwaval.gq/
Origin
https://bwaval.gq
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 01:56:57 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-1111d"
vary
Accept-Encoding
x-hw
1652147817.dop090.sj3.t,1652147817.cds213.sj3.hn,1652147817.cds120.sj3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
24038
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
Requested by
Host: bwaval.gq
URL: https://bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://bwaval.gq/
Origin
https://bwaval.gq
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 01:56:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4084291
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6458
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-500f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DW0pLe9BS0OqR4oxf9%2BumVH%2B0mvfqaw9kq2juOAGinvRZw9%2FcWptDMG2DuVNN%2FhsIuql4Uiw2gyhu4YvmUXgXIvTnIXxl4ZyZ2ZPtEZjOzVYiEUXWSHP%2FpeaQBWCqn%2F2ZrWSEXieoXW3vakkDMTBjtCR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
708f0fb1c87f203d-NRT
expires
Sun, 30 Apr 2023 01:56:57 GMT
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/ 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js
Requested by
Host: bwaval.gq
URL: https://bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bwaval.gq/
Origin
https://bwaval.gq
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 01:56:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
603, 718, 718
age
310
cdn-cachedat
2021-06-08 10:19:10
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:05 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
e66395509049f3049a21bde686d63a78
cf-ray
708f0fb1e94d1f3b-NRT
cdn-requestcountrycode
BR
cdn-status
200
cdn-requestpullsuccess
True
jquery-3.3.1.min.js
ajax.aspnetcdn.com/ajax/jQuery/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js
Requested by
Host: bwaval.gq
URL: https://bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
117.18.232.200 , Australia, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (tka/899A) /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 01:56:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26459741
x-cache
HIT
content-length
30394
x-xss-protection
1; mode=block
last-modified
Mon, 22 Jan 2018 19:27:49 GMT
server
ECAcc (tka/899A)
etag
"80288516b793d31:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
jquery.mask.js
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js
Requested by
Host: bwaval.gq
URL: https://bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 01:56:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
16016744
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4517
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec3-4e98"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gksep5NA897qqswtTWuxkMG%2B0Iasfa4zWH8Q2GmGWNMil6FlUiiuCYN%2F78rY6QPLnX1xElK3xvzptILzKJvrderrhj1%2FN7Pl%2F1jxiE%2F8B4vwsKHFIVEjJ2KjvZKIZrO2LPFFlaQzqhO%2Bjlm8nu4%2FYgYa"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
708f0fb1dba2f8d3-NRT
expires
Sun, 30 Apr 2023 01:56:57 GMT
actions.js
bwaval.gq/so-net.ne.jp_webmail3/W/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bwaval.gq/so-net.ne.jp_webmail3/W/js/actions.js
Requested by
Host: bwaval.gq
URL: https://bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.240.68.191 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
5819104.monkey.com
Software
Apache /
Resource Hash
70e85a009826725354b61dda5e78f14418a117f6d4646550d2c55c499ec64a50

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bwaval.gq/so-net.ne.jp_webmail3/W/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 01:56:56 GMT
last-modified
Mon, 18 Jan 2021 21:00:58 GMT
server
Apache
accept-ranges
bytes
content-length
1294
content-type
application/javascript
id
ssmr.so-net.ne.jp/ 		89 B
657 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssmr.so-net.ne.jp/id?d_visid_ver=5.0.1&d_fieldgroup=A&mcorgid=969F02BE53295D3C0A490D4C%40AdobeOrg&mid=45653596343249400703472360987329247344&ts=1652147815256
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/17361013af29ef6ae83ffd4113ce414f44be89b8/satelliteLib-ea3bae92bad6869bca2ee96094be75c242840f35.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.50.163 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
jag /
Resource Hash
bb5b2adadcd496d7ff7fde60f5d320869fff0a3925b4030768a407d37ac5b100
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bwaval.gq/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 10 May 2022 01:56:55 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-5b7d4f44fb-w552n
vary
Origin
x-c
main-1640.Id95fac.M0-564
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://bwaval.gq
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
89
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YnnGaQAAAMX8sQQm
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=45416360611334228183489170832981302708
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YnnGaQAAAMX8sQQm
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YnnGaQAAAMX8sQQm
Requested by
Host: bwaval.gq
URL: https://bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Server
52.69.152.28 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-69-152-28.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

DCS
dcs-prod-tyo3-1-v029-0781f94cb.edge-tyo3.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
HV9UBr2GQEk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YnnGaQAAAMX8sQQm
Date
Tue, 10 May 2022 01:56:57 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
id
dpm.demdex.net/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=969F02BE53295D3C0A490D4C%40AdobeOrg&d_nsid=0&d_mid=45653596343249400703472360987329247344&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=AVID%01313CE333B1D220AD-400015E93F887093&ts=1652147815387
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/17361013af29ef6ae83ffd4113ce414f44be89b8/satelliteLib-ea3bae92bad6869bca2ee96094be75c242840f35.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.69.152.28 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-69-152-28.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
da29f8716ff41568bf13a67419748c076b575b594c4293505ef1c0f7e9029a52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bwaval.gq/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-tyo3-1-v029-0bea6dd3d.edge-tyo3.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
k7XB7vwaQB4=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://bwaval.gq
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
642
Expires
Thu, 01 Jan 1970 00:00:00 UTC
dest5.html
sonet.demdex.net/ Frame 909B 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sonet.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/17361013af29ef6ae83ffd4113ce414f44be89b8/satelliteLib-ea3bae92bad6869bca2ee96094be75c242840f35.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.248.211.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-248-211-131.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bwaval.gq/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-tyo3-2-v029-00e2fb97e.edge-tyo3.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
7A8jbkVYQPs=
content-encoding
gzip
date
Tue, 10 May 2022 01:56:57 GMT
last-modified
Wed, 27 Apr 2022 09:31:42 GMT
vary
accept-encoding
ibs:dpid=771&dpuuid=CAESEIqLZqGId7N36hXRUxx_iyw&google_cver=1
dpm.demdex.net/ Frame 909B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDU0MTYzNjA2MTEzMzQyMjgxODM0ODkxNzA4MzI5ODEzMDI3MDg=
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NDU0MTYzNjA2MTEzMzQyMjgxODM0ODkxNzA4MzI5ODEzMDI3MDg=&google_tc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIqLZqGId7N36hXRUxx_iyw&google_cver=1?gdpr=0&gdpr_consent=
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIqLZqGId7N36hXRUxx_iyw&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: bwaval.gq
URL: https://bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Server
52.69.152.28 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-69-152-28.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sonet.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

DCS
dcs-prod-tyo3-1-v029-0d2787835.edge-tyo3.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
vmY9WrJ7RuQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 10 May 2022 01:56:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIqLZqGId7N36hXRUxx_iyw&google_cver=1?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
analytics.twitter.com/i/ Frame 909B 		43 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?p_user_id=45416360611334228183489170832981302708&p_id=38594
Requested by
Host: bwaval.gq
URL: https://bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_m /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sonet.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-response-time
112
date
Tue, 10 May 2022 01:56:57 GMT
server
tsa_m
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
897b1a2ff7b858e28cb016d40592888a6617027acb9e28b346a5d8f0a7c0a96e
content-length
43
ibs:dpid=16292&dpuuid=xNiL5BVSligQb6uFnZDPPfXS5Jo
dpm.demdex.net/ Frame 909B
Redirect Chain
  • https://sync.dmp.fout.jp/serve/?id=6836&mt=127
  • https://dpm.demdex.net/ibs:dpid=16292&dpuuid=xNiL5BVSligQb6uFnZDPPfXS5Jo
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=16292&dpuuid=xNiL5BVSligQb6uFnZDPPfXS5Jo
Requested by
Host: bwaval.gq
URL: https://bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Server
52.69.152.28 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-69-152-28.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sonet.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

DCS
dcs-prod-tyo3-1-v029-0d2787835.edge-tyo3.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
sMHMYdhUTKQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Tue, 10 May 2022 01:56:57 GMT
Server
nginx
Strict-Transport-Security
max-age=15768000
P3P
CP="ADM NOI OUR"
Location
https://dpm.demdex.net/ibs:dpid=16292&dpuuid=xNiL5BVSligQb6uFnZDPPfXS5Jo
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
ibs:dpid=47438&dpuuid=767783c1-5198-44a6-a787-8803c9947352
dpm.demdex.net/ Frame 909B
Redirect Chain
  • https://aw.dw.impact-ad.jp/c/u/?oid=mone.6c51c563bd5&rdr=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D47438%26dpuuid%3D%7BAONEID%7D
  • https://aw.dw.impact-ad.jp/c/ur/?oid=mone.6c51c563bd5&rdr=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D47438%26dpuuid%3D%7BAONEID%7D
  • https://dpm.demdex.net/ibs:dpid=47438&dpuuid=767783c1-5198-44a6-a787-8803c9947352
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=47438&dpuuid=767783c1-5198-44a6-a787-8803c9947352
Requested by
Host: bwaval.gq
URL: https://bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Server
52.69.152.28 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-69-152-28.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sonet.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

DCS
dcs-prod-tyo3-2-v029-0883c8d1e.edge-tyo3.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ybNqKAkbSN0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=47438&dpuuid=767783c1-5198-44a6-a787-8803c9947352
date
Tue, 10 May 2022 01:56:57 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000; includeSubDomains;
content-type
text/plain; charset=utf-8
ibs:dpid=57289&dpuuid=AZye3WCiV71Cks8ADql8IWTccs0nTA
dpm.demdex.net/ Frame 909B
Redirect Chain
  • https://cr-p10060.ladsp.com/pid/10060
  • https://cr-p10060.ladsp.com/cr/10060
  • https://dpm.demdex.net/ibs:dpid=57289&dpuuid=AZye3WCiV71Cks8ADql8IWTccs0nTA
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=57289&dpuuid=AZye3WCiV71Cks8ADql8IWTccs0nTA
Requested by
Host: bwaval.gq
URL: https://bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
HTTP/1.1
Server
52.69.152.28 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-69-152-28.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sonet.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

DCS
dcs-prod-tyo3-1-v029-0faca1e5b.edge-tyo3.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
oDiVVDSxTMM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 10 May 2022 01:56:57 GMT
via
1.1 ec7e029564542f4eb6196ab046d31626.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
NRT57-C3
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://dpm.demdex.net/ibs:dpid=57289&dpuuid=AZye3WCiV71Cks8ADql8IWTccs0nTA
cache-control
no-cache
content-length
0
x-amz-cf-id
rbLA0e4woZY7iLbDEj7BnkBbyISMOaaYZDOT6Gf0L9HC-midJb_PZg==
expires
-1
s63713116014570
ssmr.so-net.ne.jp/b/ss/sonysonetglobal/1/JS-2.6.0-LCS4/ 		43 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssmr.so-net.ne.jp/b/ss/sonysonetglobal/1/JS-2.6.0-LCS4/s63713116014570?AQB=1&ndh=1&pf=1&t=10%2F4%2F2022%201%3A56%3A58%202%200&mid=45653596343249400703472360987329247344&aid=313CE333B1D220AD-400015E93F887093&aamlh=11&ce=UTF-8&ns=sonysonet&cdp=3&fpCookieDomainPeriods=2&pageName=https%3A%2F%2Fbwaval.gq%2Fso-net.ne.jp_webmail3%2FW&g=https%3A%2F%2Fbwaval.gq%2Fso-net.ne.jp_webmail3%2FW%2Findex.php%23wa%3Dwsignin1.0%26rpsnv%3D13%26ct%3D1539585327%26rver%3D7.0.6737.0%26wp%3DMBI_SSL%26wreply%3Dhttps%253a%252f%252foutlook.live.com%252fowa%252f%253fnlp%253d1%2526RpsCsrfState%253d715d44a2-2f11-4282-f625-a066679e96e2%26id%3D292841%26CBCXT%3Dout%26lw%3D1%26fl%3D&cc=JPY&ch=bwaval.gq%2Fso-net.ne.jp_webmail3&server=sonysonetglobal&events=event2&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&h1=bwaval.gq%2Fso-net.ne.jp_webmail3%2FW&c2=D%3Dv2&v2=n&c4=Access%20mailbox%EF%BC%88%E8%BF%BD%E5%8A%A0%E3%83%A1%E3%83%BC%E3%83%AB%E3%83%9C%E3%83%83%E3%82%AF%E3%82%B9%EF%BC%89%EF%BD%9C%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3&c5=D%3Dg&c6=bwaval.gq%2Fso-net.ne.jp_webmail3%2FW&c7=bwaval.gq%2Fso-net.ne.jp_webmail3&v15=D%3Dc62&v16=D%3Dc63&v17=D%3Dc62&v18=D%3Dc63&c39=313CE333B1D220AD-400015E93F887093&c40=D%3Dv20&c41=10%3A45AM-Tuesday&v41=D%3Dc41&c44=New&v44=New&c45=First%20Visit&v45=D%3Dc45&c49=D%3Dv0&c61=bwaval&c62=bwaval%2Fso-net.ne.jp_webmail3&c63=bwaval%2Fso-net.ne.jp_webmail3%2FW&c64=bwaval%2Fso-net.ne.jp_webmail3%2FW%2Findex.php&c65=D%3DpageName&c74=bwaval.gq&c75=VisitorAPI%20Present&v79=0.6455723135266787_1652147818238&v120=None&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=dob%252cflname%252cwld%26cobrandid%3D90015%26domain%3D&mcorgid=969F02BE53295D3C0A490D4C%40AdobeOrg&AQE=1
Requested by
Host: bwaval.gq
URL: https://bwaval.gq/so-net.ne.jp_webmail3/W/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.50.163 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bwaval.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 01:56:58 GMT
x-content-type-options
nosniff
x-c
main-1640.Id95fac.M0-564
p3p
CP="This is not a P3P policy"
vary
*
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 11 May 2022 01:56:58 GMT
server
jag
xserver
anedge-5b7d4f44fb-htbzd
etag
3547960424929689600-4619558344507124797
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Mon, 09 May 2022 01:56:58 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: So-net (Telecommunication)

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| onYouTubeIframeAPIReady object| targetGlobalSettings function| mboxCreate function| mboxDefine function| mboxUpdate function| sc_requestAjax object| _sc object| UIUtil function| SmR_doPlugins function| sc_trackTNT function| sc_trackLink function| sc_setDirName function| sc_setPropDir function| sc_setCk function| sc_getCk function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq function| AppMeasurement_Module_Integrate object| SmR string| sc_rootDomain string| sc_ref string| sc_socialMedia boolean| sc_socialFlg undefined| sc_refTmp undefined| sc_refQry undefined| dcq undefined| dcqLeng undefined| sc_QParam undefined| sc_refDomainTmp number| numsl string| sc_refDomain boolean| sc_naturalSrhFlg number| s_objectID number| s_giq function| $ function| jQuery function| Popper object| bootstrap string| $c string| $current_email function| decodeCustom function| isValidEmail function| getUrlParameter string| currentEmail object| ListEntries undefined| e undefined| domain function| extractDomain object| dc object| fl object| cd number| utc object| tz number| thisy number| thish number| thismin number| thisd string| f0 object| pasArr object| _uxa string| s_tnt object| s_i_sonysonetglobal

21 Cookies

Domain/Path Name / Value
bwaval.gq/ Name: PHPSESSID
Value: 67a97132c58cba5e4d6c1457c16da365
.demdex.net/ Name: demdex
Value: 45416360611334228183489170832981302708
.bwaval.gq/ Name: AMCVS_969F02BE53295D3C0A490D4C%40AdobeOrg
Value: 1
bwaval.gq/ Name: roundcube_cookies
Value: enabled
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YnnGaQAAAMX8sQQm
.dpm.demdex.net/ Name: dpm
Value: 45416360611334228183489170832981302708
.bwaval.gq/ Name: AMCV_969F02BE53295D3C0A490D4C%40AdobeOrg
Value: 359503849%7CMCIDTS%7C19123%7CMCMID%7C45653596343249400703472360987329247344%7CMCAAMLH-1652752615%7C11%7CMCAAMB-1652752615%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1652155015s%7CNONE%7CMCAID%7C313CE333B1D220AD-400015E93F887093%7CMCSYNCSOP%7C411-19130%7CvVersion%7C5.0.1
.doubleclick.net/ Name: IDE
Value: AHWqTUkdFJPJI0vdPKfC1X77J0XZ541e_t1Do_-ROhnHPYczwwFB2V7e41aId9_utUw
.impact-ad.jp/ Name: tuuid
Value: 767783c1-5198-44a6-a787-8803c9947352
.demdex.net/ Name: dextp
Value: 771-1-1652147817405|1123-1-1652147817508|16292-1-1652147817610|47438-1-1652147817727|57289-1-1652147817827
.ladsp.com/ Name: cr
Value: 1
.ladsp.com/ Name: smn_uid
Value: -o58G1ZVDkDnrup3kg-_Tg6pfCFk3HI
.twitter.com/ Name: personalization_id
Value: "v1_iwra+t+9mH+rNhon1hu/6A=="
.fout.jp/ Name: uid
Value: xNiL5BVSligQb6uFnZDPPfXS5Jo
.bwaval.gq/ Name: s_nr
Value: 1652147818235-New
.bwaval.gq/ Name: s_pv
Value: https%3A%2F%2Fbwaval.gq%2Fso-net.ne.jp_webmail3%2FW
.bwaval.gq/ Name: s_lv
Value: 1652147818237
.bwaval.gq/ Name: s_lv_s
Value: First%20Visit
.bwaval.gq/ Name: _cs_mk
Value: 0.6455723135266787_1652147818238
.bwaval.gq/ Name: s_cc
Value: true
bwaval.gq/ Name: webmailsession
Value: %3aYGfRW3GSC0ToGDWQ%2c4482f4291f44429c366d49f52a432d26

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
analytics.twitter.com
assets.adobedtm.com
aw.dw.impact-ad.jp
bwaval.gq
cdnjs.cloudflare.com
cm.everesttech.net
cm.g.doubleclick.net
code.jquery.com
cr-p10060.ladsp.com
dpm.demdex.net
sonet.demdex.net
ssmr.so-net.ne.jp
stackpath.bootstrapcdn.com
sync.dmp.fout.jp
www.so-net.ne.jp
104.244.42.3
117.18.232.200
142.250.196.98
162.240.68.191
2001:3b8:207:2e::f2:142
2001:4de0:ac18::1:a:3b
202.232.238.40
2600:140b:2:9ad::1e80
2600:1901:0:80::
2606:4700::6811:180e
2606:4700::6812:acf
52.69.152.28
52.76.153.185
54.248.211.131
63.140.50.163
99.84.128.47
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
14e9b38d9549db3c9183b6379e9432aacc9d0bfbd04eb460828aaeb1ad0a1508
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
3a198eff27f5a0cbe6ddd51406f0fabb11a181184dec3dd6263c2f2df0112e4a
3c17e51dbaf56467422e01a0d79110a3809cd161ab37e707b79332180c3735ca
405221ae8179f34dc3a020060112179fa5c9ebc1be586126a1dec338110bc660
42b4a2d493bcaf3a4512e7fc66dbc7db3944f46c58ffce13c1f5cababd61d6d8
4d8e0f00281fc1e601f43b19476ef765c60ea55e626a3fd1cc710528bc922e7a
5e3d5246b17e19e65385092db07554d8e1c5c4a226a6d7f97824b8e1e8571e34
70e85a009826725354b61dda5e78f14418a117f6d4646550d2c55c499ec64a50
75e9cad8399336821ee090f0efec5d9ddeef105cab6b9dc24bb1505e5a0f1531
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
81326998f8bcc36f1f6b5c5a0235299c964646faf7c9dabb6b0516cc5626d085
82df9cbcc508ac2aec7863f8bcfd63ce9b13cb1e15f93573ad5af74f046a60c0
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
888a45715a43fedad2a1450402e761969440920910730a9fa063754126f17b84
92c7d324f8296beff6619d336943dd02aadb6875d409fbf2f99bdf8e4a9a8ab0
95129765aa2102c10a8d4dbb7df48069926b1eaf8d21db8e89144f5de4e89a6a
95c97e58c55dd3399e51380e549c0e391d65768a1fb1e656cf9fce38b3d61d2a
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b143e0728abbb59467aaee3e9b31cf40d7df50f562e1b4bb7682d3da5dcb7547
bb5b2adadcd496d7ff7fde60f5d320869fff0a3925b4030768a407d37ac5b100
be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44
c6616e27a1f1d4024d26cac27af5ac26396e8edfc74ac35a004144ede6109940
c6b61dc254825a526cccf0aa4015fee363a74b004002459038ce08603a8f3da3
da29f8716ff41568bf13a67419748c076b575b594c4293505ef1c0f7e9029a52
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
dfae4e1fc0be3ec5c1e17a1fd9ce7bb05b457baf0b348753ad009a5f1c7e341f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629