urlscan.io logo urlscan.io
SecurityTrails logo

www.hwsuite.com Open in urlscan Pro
192.185.52.107  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.hwsuite.com/free-keylogger/
Submission: On September 27 via manual from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 7 countries across 13 domains to perform 39 HTTP transactions. The main IP is 192.185.52.107, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is www.hwsuite.com.
TLS certificate: Issued by R3 on September 14th 2022. Valid for: 3 months.
This is the only time www.hwsuite.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 192.185.52.107 46606 (UNIFIEDLA...)
1 2404:6800:400... 15169 (GOOGLE)
1 6 2a02:6b8::1:119 208722 (GLOBAL_DC)
2 2404:6800:400... 15169 (GOOGLE)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
4 2a03:2880:f00... 32934 (FACEBOOK)
1 142.251.42.162 15169 (GOOGLE)
1 2a03:2880:f10... 32934 (FACEBOOK)
1 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
2 2620:1ec:bdf::46 8068 (MICROSOFT...)
1 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 20.96.88.162 8075 (MICROSOFT...)
1 2 52.231.207.240 8075 (MICROSOFT...)
39 15
14    192.185.52.107 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-185-52-107.unifiedlayer.com
www.hwsuite.com
1    2404:6800:4004:822::2008 (Australia)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
2    2404:6800:4004:821::200e (Australia)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
4    2a03:2880:f00f:8:face:b00c:0:1 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
1    142.251.42.162 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f2.1e100.net
www.googleadservices.com
1    2a03:2880:f10c:381:face:b00c:0:25de (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2404:6800:4008:c13::9d (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2404:6800:4004:81e::2002 (Australia)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2620:1ec:bdf::46 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    2404:6800:4004:80a::2004 (Australia)

ASN15169 (GOOGLE, US)
www.google.com
1    2404:6800:4004:80c::2003 (Australia)

ASN15169 (GOOGLE, US)
www.google.co.jp
1    20.96.88.162 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
k.clarity.ms
2    52.231.207.240 (Busan, Korea, Republic Of)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
Apex Domain
Subdomains		 Transfer
14 hwsuite.com
www.hwsuite.com
143 KB
6 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3603
73 KB
5 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 557
k.clarity.ms — Cisco Umbrella Rank: 5452
c.clarity.ms — Cisco Umbrella Rank: 998
26 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 375
c.bing.com — Cisco Umbrella Rank: 220
13 KB
2 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 748
142 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
88 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
20 KB
1 google.co.jp
www.google.co.jp — Cisco Umbrella Rank: 21141
548 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
548 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
16 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 128
16 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
46 KB
39 13
Domain Requested by
14 www.hwsuite.com www.hwsuite.com
6 mc.yandex.ru 1 redirects www.hwsuite.com
mc.yandex.ru
3 bat.bing.com www.hwsuite.com
bat.bing.com
2 c.clarity.ms 1 redirects
2 static.xx.fbcdn.net www.facebook.com
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 connect.facebook.net www.hwsuite.com
connect.facebook.net
2 www.google-analytics.com www.hwsuite.com
www.google-analytics.com
1 c.bing.com 1 redirects
1 k.clarity.ms www.clarity.ms
1 www.google.co.jp www.hwsuite.com
1 www.google.com www.hwsuite.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.facebook.com connect.facebook.net
1 www.googleadservices.com www.googletagmanager.com
1 www.googletagmanager.com www.hwsuite.com
39 17

This site contains links to these domains. Also see Links.

Domain
store.payproglobal.com
hwsuite.shop
Subject Issuer Validity Valid
*.hwsuite.com
R3		 2022-09-14 -
2022-12-13		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-05-21 -
2022-10-31		 5 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-06 -
2022-10-04		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-27 -
2023-02-27		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.google.co.jp
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02		 2022-06-07 -
2023-06-02		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.hwsuite.com/free-keylogger/
Frame ID: 5FF69FCB21EFCD724C23B8E0075AA218
Requests: 36 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df242534008c46bc%26domain%3Dwww.hwsuite.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.hwsuite.com%252Ffeef6a4bb5db0c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FHWSuite%2F535943949792410&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=70
Frame ID: F38B7ECFA066412F55B110C20DD9DC35
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Free Keylogger simplifies Windows Keylogging - HeavenWard

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Checkout
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

39
Requests

95 %
HTTPS

73 %
IPv6

13
Domains

17
Subdomains

15
IPs

7
Countries

583 kB
Transfer

1774 kB
Size

28
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://mc.yandex.ru/watch/52204843?wmode=7&page-url=https%3A%2F%2Fwww.hwsuite.com%2Ffree-keylogger%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A4282%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A523550991749%3Ahid%3A26456459%3Az%3A0%3Ai%3A20220927010553%3Aet%3A1664240754%3Ac%3A1%3Arn%3A547113450%3Arqn%3A1%3Au%3A1664240754628205705%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A2263%2C333%2C1114%2C2%2C0%2C0%2C%2C684%2C18%2C%2C%2C%2C4397%3Acpf%3A1%3Ans%3A1664240747915%3Arqnl%3A1%3Ast%3A1664240754%3At%3AFree%20Keylogger%20simplifies%20Windows%20Keylogging%20-%20HeavenWard&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/52204843/1?wmode=7&page-url=https%3A%2F%2Fwww.hwsuite.com%2Ffree-keylogger%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A4282%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A523550991749%3Ahid%3A26456459%3Az%3A0%3Ai%3A20220927010553%3Aet%3A1664240754%3Ac%3A1%3Arn%3A547113450%3Arqn%3A1%3Au%3A1664240754628205705%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A2263%2C333%2C1114%2C2%2C0%2C0%2C%2C684%2C18%2C%2C%2C%2C4397%3Acpf%3A1%3Ans%3A1664240747915%3Arqnl%3A1%3Ast%3A1664240754%3At%3AFree%20Keylogger%20simplifies%20Windows%20Keylogging%20-%20HeavenWard&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
Request Chain 35
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=3338803E633045539BF0DCEE7EFB2129&RedC=c.clarity.ms&MXFR=137DF242D96269A3123FE06EDD62673D HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3338803E633045539BF0DCEE7EFB2129&MUID=29DDB264C3E46755235FA048C20E6660

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.hwsuite.com/free-keylogger/ 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hwsuite.com/free-keylogger/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.52.107 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-185-52-107.unifiedlayer.com
Software
Apache /
Resource Hash
25870b5bab67572d651ef5853017e109e4720725f994faea76351f6d44297b51

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
5648
content-type
text/html; charset=UTF-8
date
Tue, 27 Sep 2022 01:05:50 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
vary
Accept-Encoding
bootstrap.css
www.hwsuite.com/static/bootstrap/css/ 		121 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hwsuite.com/static/bootstrap/css/bootstrap.css
Requested by
Host: www.hwsuite.com
URL: https://www.hwsuite.com/free-keylogger/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.52.107 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-185-52-107.unifiedlayer.com
Software
Apache /
Resource Hash
767c321a970efab2ec747611d60563bf98774f5d9ce8fa101c04af78cdc00184

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hwsuite.com/free-keylogger/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 01:05:51 GMT
content-encoding
gzip
last-modified
Fri, 02 Aug 2013 14:28:33 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
text/css
style.css
www.hwsuite.com/static/css/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hwsuite.com/static/css/style.css?v=2
Requested by
Host: www.hwsuite.com
URL: https://www.hwsuite.com/free-keylogger/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.52.107 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-185-52-107.unifiedlayer.com
Software
Apache /
Resource Hash
df8b61d8565c42afcdac6eea160e02fb4c11ec44ff01db101ae9f17f8e404314

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hwsuite.com/free-keylogger/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 01:05:51 GMT
content-encoding
gzip
last-modified
Sun, 14 Nov 2021 07:16:05 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
3638
jquery-1.8.3.min.js
www.hwsuite.com/static/js/ 		91 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hwsuite.com/static/js/jquery-1.8.3.min.js
Requested by
Host: www.hwsuite.com
URL: https://www.hwsuite.com/free-keylogger/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.52.107 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-185-52-107.unifiedlayer.com
Software
Apache /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hwsuite.com/free-keylogger/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 01:05:51 GMT
content-encoding
gzip
last-modified
Fri, 02 Aug 2013 14:28:33 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
application/javascript
bootstrap.min.js
www.hwsuite.com/static/bt/js/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hwsuite.com/static/bt/js/bootstrap.min.js
Requested by
Host: www.hwsuite.com
URL: https://www.hwsuite.com/free-keylogger/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.52.107 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-185-52-107.unifiedlayer.com
Software
Apache /
Resource Hash
7470f9d78491838f5cc3ee51d4ed4d8a232f6c80ae80706dff96c062d3d663b6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hwsuite.com/free-keylogger/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 01:05:51 GMT
content-encoding
gzip
last-modified
Fri, 02 Aug 2013 14:28:33 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
10780
script.js
www.hwsuite.com/static/js/ 		3 KB
1011 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hwsuite.com/static/js/script.js
Requested by
Host: www.hwsuite.com
URL: https://www.hwsuite.com/free-keylogger/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.52.107 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-185-52-107.unifiedlayer.com
Software
Apache /
Resource Hash
0b5b5004b035c0c16dc7425ccde483e480434bd9fa49977c6e2b5eeaeb1a3820

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hwsuite.com/free-keylogger/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 01:05:51 GMT
content-encoding
gzip
last-modified
Sun, 15 Mar 2015 08:26:06 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
912
bowser.js
www.hwsuite.com/static/js/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hwsuite.com/static/js/bowser.js
Requested by
Host: www.hwsuite.com
URL: https://www.hwsuite.com/free-keylogger/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.52.107 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-185-52-107.unifiedlayer.com
Software
Apache /
Resource Hash
4059cb769ba91ec77e08b78fe69673ead637cfa14b1394bef41c928854a2d51d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hwsuite.com/free-keylogger/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 01:05:51 GMT
content-encoding
gzip
last-modified
Sat, 09 Jan 2021 15:53:10 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
5045
js
www.googletagmanager.com/gtag/ 		115 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-992226784
Requested by
Host: www.hwsuite.com
URL: https://www.hwsuite.com/free-keylogger/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7f52affd3a7b756babdbeb87168edd1b6a995f29eda100de821acd1615685ac8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hwsuite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 01:05:52 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46461
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 27 Sep 2022 01:05:52 GMT
free-keylogger-box.png
www.hwsuite.com/static/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hwsuite.com/static/img/free-keylogger-box.png
Requested by
Host: www.hwsuite.com
URL: https://www.hwsuite.com/free-keylogger/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.52.107 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-185-52-107.unifiedlayer.com
Software
Apache /
Resource Hash
cc92f2e68bbe540cd2196f09c702f0ec2c1463d7c0008ba412a1f0e19e737043

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hwsuite.com/free-keylogger/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 01:05:52 GMT
last-modified
Fri, 02 Aug 2013 14:45:54 GMT
server
Apache
accept-ranges
bytes
content-length
6811
content-type
image/png
free-keylogger.png
www.hwsuite.com/static/img/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hwsuite.com/static/img/free-keylogger.png
Requested by
Host: www.hwsuite.com
URL: https://www.hwsuite.com/free-keylogger/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.52.107 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-185-52-107.unifiedlayer.com
Software
Apache /
Resource Hash
956eda095f622e57b2b36efe134ec71b2faec81bb6285b8d7303a7b8e37d0d9f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hwsuite.com/free-keylogger/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 01:05:52 GMT
last-modified
Mon, 28 Dec 2015 14:29:20 GMT
server
Apache
accept-ranges
bytes
content-length
34796
content-type
image/png
hwa.min.js
www.hwsuite.com/static/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hwsuite.com/static/js/hwa.min.js?v=41
Requested by
Host: www.hwsuite.com
URL: https://www.hwsuite.com/free-keylogger/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.52.107 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-185-52-107.unifiedlayer.com
Software
Apache /
Resource Hash
2ddd17c8f9153559cc76eb9ee65d2e787e991ad8fe500d2798af2013086cb652

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hwsuite.com/free-keylogger/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 01:05:52 GMT
content-encoding
gzip
last-modified
Thu, 30 Dec 2021 13:28:04 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1801
spin.js
www.hwsuite.com/static/bt/spin/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hwsuite.com/static/bt/spin/spin.js
Requested by
Host: www.hwsuite.com
URL: https://www.hwsuite.com/free-keylogger/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.52.107 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-185-52-107.unifiedlayer.com
Software
Apache /
Resource Hash
9a51d0384b33ef00516c50e79755630b0e4b7d1c209f98c343a82dd49c83ffa8

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hwsuite.com/free-keylogger/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 01:05:52 GMT
content-encoding
gzip
last-modified
Sun, 16 Dec 2018 11:38:59 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
2329
tag.js
mc.yandex.ru/metrika/ 		206 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: www.hwsuite.com
URL: https://www.hwsuite.com/free-keylogger/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
32052cc706d52301bbfc3cb10546acae464da944a38de9687606e8b5d91eeee9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hwsuite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 01:05:52 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 11:23:31 GMT
etag
"632d6d03-11a95"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
72341
expires
Tue, 27 Sep 2022 02:05:52 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.hwsuite.com
URL: https://www.hwsuite.com/free-keylogger/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hwsuite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
5211
date
Mon, 26 Sep 2022 23:39:01 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19826
expires
Tue, 27 Sep 2022 01:39:01 GMT
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.hwsuite.com
URL: https://www.hwsuite.com/free-keylogger/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hwsuite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 17:32:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 050A4E82C3324EBF818F1332775E423E Ref B: TYAEDGE0706 Ref C: 2022-09-27T01:05:52Z
etag
"80a8697a8a2d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
date
Tue, 27 Sep 2022 01:05:51 GMT
accept-ranges
bytes
content-length
11367
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: www.hwsuite.com
URL: https://www.hwsuite.com/free-keylogger/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
13e5809846608716bdae583b3cd829bffd3bf276b691a0177740d754acafbd56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hwsuite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
xo7BF8876COOPz9YgmwJlg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
8Z8vUPgVIvjswc3vP2rLj4MXtrDWcJPC/hDTH+5ZoQrTzWgYr04fS606L/4VGZfrk9HkIMSHV4aGSn5+4UMvnQ==
x-fb-trip-id
382461245
x-fb-content-md5
dd8f1bfb3aaef8422259d12d9673ee82
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 27 Sep 2022 01:05:52 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"973c33c97e5a6e6c266b11f8397258ba"
timing-allow-origin
*
expires
Tue, 27 Sep 2022 01:10:23 GMT
win-icon.png
www.hwsuite.com/static/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hwsuite.com/static/img/win-icon.png
Requested by
Host: www.hwsuite.com
URL: https://www.hwsuite.com/free-keylogger/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.52.107 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-185-52-107.unifiedlayer.com
Software
Apache /
Resource Hash
6047df15ebebc9be0efc5585c6c6ccc2e3a3824266ec6e182a1511d7125f7c09

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hwsuite.com/free-keylogger/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 01:05:52 GMT
last-modified
Fri, 02 Aug 2013 14:45:54 GMT
server
Apache
accept-ranges
bytes
content-length
1442
content-type
image/png
mac-icon.png
www.hwsuite.com/static/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hwsuite.com/static/img/mac-icon.png
Requested by
Host: www.hwsuite.com
URL: https://www.hwsuite.com/free-keylogger/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.52.107 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-185-52-107.unifiedlayer.com
Software
Apache /
Resource Hash
adbbf921d065960be8dd93ffc138e4d4793455f140377150f1a4f9037f36e4f5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hwsuite.com/free-keylogger/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 01:05:52 GMT
last-modified
Fri, 02 Aug 2013 14:45:54 GMT
server
Apache
accept-ranges
bytes
content-length
1424
content-type
image/png
plus.png
www.hwsuite.com/static/img/ 		263 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hwsuite.com/static/img/plus.png
Requested by
Host: www.hwsuite.com
URL: https://www.hwsuite.com/static/css/style.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.52.107 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-185-52-107.unifiedlayer.com
Software
Apache /
Resource Hash
2fa532d3cdf0f04c5ef39a5c0ae58225d033592b6094158f2ef1c77c1057a5d7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hwsuite.com/static/css/style.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 01:05:52 GMT
last-modified
Fri, 02 Aug 2013 14:45:54 GMT
server
Apache
accept-ranges
bytes
content-length
263
content-type
image/png
all.js
connect.facebook.net/en_US/ 		316 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=ebb03902cda57b0a73745993b870a116
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cb967d610484550eb29d23f97bdc37144a86682bcdd3fdd1baf1d76e46988b7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.hwsuite.com/
Origin
https://www.hwsuite.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Y8a5VLwjhOrjWLgzYBgxKw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
87229
x-fb-rlafr
0
x-fb-debug
0qg8CKk5Qea9n6mYy4jl/f+rqUSwZFm5pX+b3Xflm9oVIX/Z0p1j/CXhrFQFMY6CAAY6s3iav0c3oytvEJJytQ==
x-fb-content-md5
5ee88d7c4217e748dc4098576b3c40f5
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 27 Sep 2022 01:05:52 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"32812eec796c0f3ec3bccf74fa5de645"
timing-allow-origin
*
priority
u=3,i
expires
Wed, 27 Sep 2023 00:43:39 GMT
21006834.js
bat.bing.com/p/action/ 		1 KB
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/21006834.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
d925354bc047a4280957853768ab1aa2889cb6cb33d9b407cfa88bf1d725b3c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hwsuite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C253B62F9C6343198DB5D348AAD73A78 Ref B: TYAEDGE0706 Ref C: 2022-09-27T01:05:52Z
x-powered-by
ARR/3.0
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private,max-age=60
date
Tue, 27 Sep 2022 01:05:52 GMT
content-length
667
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1102505155&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hwsuite.com%2Ffree-keylogger%2F&ul=en-us&de=UTF-8&dt=Free%20Keylogger%20simplifies%20Windows%20Keylogging%20-%20HeavenWard&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=485861887&gjid=1988330839&cid=142739456.1664240752&tid=UA-28883900-1&_gid=681268338.1664240752&_r=1&_slc=1&z=348705987
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hwsuite.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 01:05:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hwsuite.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		41 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-992226784
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
7d6cb07f5836ea5b63a4b5ccf1645bb333ffbbaca64f145bad6a6e4abc6f4f1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hwsuite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 01:05:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15701
x-xss-protection
0
server
cafe
etag
15927311876428925992
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 27 Sep 2022 01:05:52 GMT
like.php
www.facebook.com/plugins/ Frame F38B 		35 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df242534008c46bc%26domain%3Dwww.hwsuite.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.hwsuite.com%252Ffeef6a4bb5db0c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FHWSuite%2F535943949792410&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=70
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=ebb03902cda57b0a73745993b870a116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10c:381:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7638feece4844d1fefbb4678b2246ed9fd7832f8b3aa69520e0796ea646f6409
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hwsuite.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Tue, 27 Sep 2022 01:05:52 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
nel
{"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
s6Wpf842M4f4UmfTO2hwSKYJ5LOj0nZX6R2QkIwboTP8sBP2G5Z0NRoa7dCbzbbyhEy+gja0my2txXXy8ODT/Q==
x-fb-rlafr
0
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		1 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-28883900-1&cid=142739456.1664240752&jid=485861887&gjid=1988330839&_gid=681268338.1664240752&_u=IEBAAEAAAAAAAC~&z=610677148
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c13::9d Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hwsuite.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 27 Sep 2022 01:05:52 GMT
content-type
text/plain
access-control-allow-origin
https://www.hwsuite.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=21006834&Ver=2&mid=3eeb018f-6ca8-4413-a0fe-6da9f15f9a2f&sid=8823cea03e0011edbc2e2f50ee461afe&vid=8823f2a03e0011ed8f246b3f69dfcb62&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Free%20Keylogger%20simplifies%20Windows%20Keylogging%20-%20HeavenWard&kw=Free%20Keylogger,%20freekey%20keylogger,%20keystroke%20monitoring,%20Application%20monitoring,%20Website%20monitoring,%20Clipboard%20monitoring,%20Screen%20captures,%20Keylogger%20software,%20Download%20free%20keylogger%20now&p=https%3A%2F%2Fwww.hwsuite.com%2Ffree-keylogger%2F&r=&lt=4415&evt=pageLoad&sv=1&rn=125000
Requested by
Host: www.hwsuite.com
URL: https://www.hwsuite.com/free-keylogger/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hwsuite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 98DCB0B9BF4F41F89DD595582F199D2B Ref B: TYAEDGE0706 Ref C: 2022-09-27T01:05:52Z
date
Tue, 27 Sep 2022 01:05:52 GMT
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/992226784/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/992226784/?random=1664240752401&cv=9&fst=1664240752401&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9l0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.hwsuite.com%2Ffree-keylogger%2F&tiba=Free%20Keylogger%20simplifies%20Windows%20Keylogging%20-%20HeavenWard&auid=1620070847.1664240752&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81e::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e3965c4bed25c849dded9e6ff31b0e231f53145bdcb06f2ea6d9b97dc7490cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hwsuite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 01:05:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1063
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
21006834
www.clarity.ms/tag/uet/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/21006834
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/21006834.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
5b27f10846c4d80b6817cad94dd8d28076311f69af2508fb5b8e65003edc5a91

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hwsuite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 01:05:52 GMT
x-powered-by
ASP.NET
x-azure-ref
0cEwyYwAAAABBNbqyb9trRa9MHc9uXmD3VFlPMDFFREdFMjMwNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
expires
-1
cache-control
no-cache, no-store
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
/
www.google.com/pagead/1p-user-list/992226784/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/992226784/?random=1664240752401&cv=9&fst=1664240400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9l0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.hwsuite.com%2Ffree-keylogger%2F&tiba=Free%20Keylogger%20simplifies%20Windows%20Keylogging%20-%20HeavenWard&async=1&fmt=3&is_vtc=1&random=561774270&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.hwsuite.com
URL: https://www.hwsuite.com/free-keylogger/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80a::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hwsuite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 01:05:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.jp/pagead/1p-user-list/992226784/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/pagead/1p-user-list/992226784/?random=1664240752401&cv=9&fst=1664240400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9l0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.hwsuite.com%2Ffree-keylogger%2F&tiba=Free%20Keylogger%20simplifies%20Windows%20Keylogging%20-%20HeavenWard&async=1&fmt=3&is_vtc=1&random=561774270&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.hwsuite.com
URL: https://www.hwsuite.com/free-keylogger/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80c::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hwsuite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 01:05:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/eus2-e/s/0.6.41/ 		54 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2-e/s/0.6.41/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/21006834
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
61b9926e5d52c52c383c00d7e52f2c491b15e7cfd715373b53571632a7459517

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hwsuite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 01:05:52 GMT
content-encoding
br
etag
"1d8d107429df470"
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
x-azure-ref
0cEwyYwAAAAC1SE2/ohoLTo0K0ITRh0kKVFlPMDFFREdFMjMwNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges
bytes
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame F38B 		299 B
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df242534008c46bc%26domain%3Dwww.hwsuite.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.hwsuite.com%252Ffeef6a4bb5db0c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FHWSuite%2F535943949792410&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=70
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 01:05:52 GMT
x-content-type-options
nosniff
content-md5
OIlAxCmR79nrM/Ez4ygGlg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
299
x-fb-rlafr
0
x-fb-debug
bE6w43vp3+TNvfHTExtI8eBInQb+69jJy+ZcfCxlyVcwQXa4w+lBne7VIZ11qLNghPps9/plPwhmE2z1R29DQA==
x-fb-trip-id
382461245
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 14 Sep 2023 22:55:09 GMT
3Vt0MMJqJhW.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yT/l/en_US/ Frame F38B 		569 KB
141 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yT/l/en_US/3Vt0MMJqJhW.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df242534008c46bc%26domain%3Dwww.hwsuite.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.hwsuite.com%252Ffeef6a4bb5db0c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FHWSuite%2F535943949792410&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=70
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
85de11f6d964f9468e7ea773780a23a08d750199cdde79a02b1061217b2ffaf7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 01:05:52 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Hb88wLkJ2XGPNkjN7C9l0w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
144131
x-fb-rlafr
0
x-fb-debug
g6dV4HZlw6tetbeGR7rcQ1mJWFken1pVaJEOeZxGagdHsZhcy4lNd2V60LnnfHdI9ugvJDc/IO/BtSW2r0qARQ==
x-fb-trip-id
382461245
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 23 Sep 2023 17:40:33 GMT
collect
k.clarity.ms/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://k.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-e/s/0.6.41/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.hwsuite.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://www.hwsuite.com
date
Tue, 27 Sep 2022 01:05:52 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
1
mc.yandex.ru/watch/52204843/
Redirect Chain
  • https://mc.yandex.ru/watch/52204843?wmode=7&page-url=https%3A%2F%2Fwww.hwsuite.com%2Ffree-keylogger%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A4282%3Afu%3A...
  • https://mc.yandex.ru/watch/52204843/1?wmode=7&page-url=https%3A%2F%2Fwww.hwsuite.com%2Ffree-keylogger%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A4282%3Afu%...
446 B
600 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/52204843/1?wmode=7&page-url=https%3A%2F%2Fwww.hwsuite.com%2Ffree-keylogger%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A4282%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A523550991749%3Ahid%3A26456459%3Az%3A0%3Ai%3A20220927010553%3Aet%3A1664240754%3Ac%3A1%3Arn%3A547113450%3Arqn%3A1%3Au%3A1664240754628205705%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A2263%2C333%2C1114%2C2%2C0%2C0%2C%2C684%2C18%2C%2C%2C%2C4397%3Acpf%3A1%3Ans%3A1664240747915%3Arqnl%3A1%3Ast%3A1664240754%3At%3AFree%20Keylogger%20simplifies%20Windows%20Keylogging%20-%20HeavenWard&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
Requested by
Host: www.hwsuite.com
URL: https://www.hwsuite.com/free-keylogger/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
3949c59c3aa35d1c57d7051bbdb0bd1a8db9ded281644d68a661f62d9cf6afce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hwsuite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 01:05:54 GMT
x-content-type-options
nosniff
last-modified
Tue, 27-Sep-2022 01:05:54 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hwsuite.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
446
x-xss-protection
1; mode=block
expires
Tue, 27-Sep-2022 01:05:54 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 01:05:53 GMT
last-modified
Tue, 27-Sep-2022 01:05:53 GMT
location
/watch/52204843/1?wmode=7&page-url=https%3A%2F%2Fwww.hwsuite.com%2Ffree-keylogger%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A4282%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A523550991749%3Ahid%3A26456459%3Az%3A0%3Ai%3A20220927010553%3Aet%3A1664240754%3Ac%3A1%3Arn%3A547113450%3Arqn%3A1%3Au%3A1664240754628205705%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A2263%2C333%2C1114%2C2%2C0%2C0%2C%2C684%2C18%2C%2C%2C%2C4397%3Acpf%3A1%3Ans%3A1664240747915%3Arqnl%3A1%3Ast%3A1664240754%3At%3AFree%20Keylogger%20simplifies%20Windows%20Keylogging%20-%20HeavenWard&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.hwsuite.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 27-Sep-2022 01:05:53 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: www.hwsuite.com
URL: https://www.hwsuite.com/free-keylogger/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hwsuite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 01:05:53 GMT
last-modified
Fri, 23 Sep 2022 11:23:31 GMT
etag
"632d6d03-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Tue, 27 Sep 2022 02:05:53 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=3338803E633045539BF0DCEE7EFB2129&RedC=c.clarity.ms&MXFR=137DF242D96269A3123FE06EDD62673D
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3338803E633045539BF0DCEE7EFB2129&MUID=29DDB264C3E46755235FA048C20E6660
42 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3338803E633045539BF0DCEE7EFB2129&MUID=29DDB264C3E46755235FA048C20E6660
Protocol
H2
Server
52.231.207.240 Busan, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.hwsuite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 01:05:53 GMT
last-modified
Tue, 13 Sep 2022 03:22:00 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8766f3fc1fc7d81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 01:05:53 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 026B885104C244F9896D93A0D7E4F4DC Ref B: TYAEDGE0706 Ref C: 2022-09-27T01:05:54Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3338803E633045539BF0DCEE7EFB2129&MUID=29DDB264C3E46755235FA048C20E6660
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
52204843
mc.yandex.ru/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/52204843?wmode=0&wv-part=1&wv-hit=26456459&page-url=https%3A%2F%2Fwww.hwsuite.com%2Ffree-keylogger%2F&rn=94142952&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1664240757%3Aw%3A1600x1200%3Av%3A904%3Az%3A0%3Ai%3A20220927010556%3Au%3A1664240754628205705%3Avf%3Aat6op7b9z7b01ildsv2t4%3Awe%3A1%3Ast%3A1664240757&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hwsuite.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 01:05:57 GMT
last-modified
Tue, 27-Sep-2022 01:05:57 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://www.hwsuite.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 27-Sep-2022 01:05:57 GMT
52204843
mc.yandex.ru/webvisor/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/52204843?wmode=0&wv-part=1&wv-hit=26456459&page-url=https%3A%2F%2Fwww.hwsuite.com%2Ffree-keylogger%2F&rn=999569243&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1664240757%3Aw%3A1600x1200%3Av%3A904%3Az%3A0%3Ai%3A20220927010557%3Au%3A1664240754628205705%3Avf%3Aat6op7b9z7b01ildsv2t4%3Awe%3A1%3Ast%3A1664240757&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hwsuite.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 01:05:57 GMT
last-modified
Tue, 27-Sep-2022 01:05:57 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://www.hwsuite.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 27-Sep-2022 01:05:57 GMT

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| wait function| $ function| jQuery object| jQuery183010021844016539894 function| _LanguageMenu function| _SimpleTabs function| SmallTabFix object| bowser object| $info function| ym string| GoogleAnalyticsObject function| ga function| gtag object| dataLayer object| uetq object| FB function| UET function| UET_init function| UET_push object| ueto_a301c53a29 object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| __buffer object| google_tag_manager number| trc boolean| ifr function| hwaexe function| wrongos function| init_ifr function| download_ifr function| update string| token function| __assign object| defaults function| Spinner function| css function| getColor function| drawLines function| parseBoxShadow function| normalizeShadow function| convertOffset function| gtag_report_conversion function| btag_report_conversion function| yatag_report_conversion object| lm function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| clarity object| Ya object| yaCounter52204843

28 Cookies

Domain/Path Name / Value
www.hwsuite.com/ Name: PHPSESSID
Value: 33cfa973564d3b38443e82874928f6ac
.bing.com/ Name: MUID
Value: 29DDB264C3E46755235FA048C20E6660
.bat.bing.com/ Name: MR
Value: 0
.hwsuite.com/ Name: _ga
Value: GA1.2.142739456.1664240752
.hwsuite.com/ Name: _gid
Value: GA1.2.681268338.1664240752
.hwsuite.com/ Name: _gat
Value: 1
.hwsuite.com/ Name: _gcl_au
Value: 1.1.1620070847.1664240752
.hwsuite.com/ Name: _uetsid
Value: 8823cea03e0011edbc2e2f50ee461afe
.hwsuite.com/ Name: _uetvid
Value: 8823f2a03e0011ed8f246b3f69dfcb62
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
www.clarity.ms/ Name: CLID
Value: 1c4bf5007be347209385131dd274f524.20220927.20230927
.hwsuite.com/ Name: _clck
Value: 17ilz7f|1|f58|0
.hwsuite.com/ Name: _clsk
Value: 1092xt1|1664240753540|1|1|k.clarity.ms/collect
.hwsuite.com/ Name: _ym_uid
Value: 1664240754628205705
.hwsuite.com/ Name: _ym_d
Value: 1664240754
.yandex.ru/ Name: yandexuid
Value: 6820842611664240753
.yandex.ru/ Name: yuidss
Value: 6820842611664240753
mc.yandex.ru/ Name: yabs-sid
Value: 2544031541664240753
.yandex.ru/ Name: i
Value: UZpmSWwi3CgQRoTh8GCxE5b3rvRNK6FUhdKcon6JQJicGOg6N5mNxRtYCneFA7UkEdtplWEQYr9CiO1Ii9PFVEpdBd0=
.yandex.ru/ Name: ymex
Value: 1979600753.yrts.1664240753#1979600753.yrtsi.1664240753
.hwsuite.com/ Name: _ym_isad
Value: 2
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 29DDB264C3E46755235FA048C20E6660
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 29DDB264C3E46755235FA048C20E6660
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.hwsuite.com/ Name: _ym_visorc
Value: w

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
c.bing.com
c.clarity.ms
connect.facebook.net
googleads.g.doubleclick.net
k.clarity.ms
mc.yandex.ru
static.xx.fbcdn.net
stats.g.doubleclick.net
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.hwsuite.com
142.251.42.162
192.185.52.107
20.96.88.162
2404:6800:4004:80a::2004
2404:6800:4004:80c::2003
2404:6800:4004:81e::2002
2404:6800:4004:821::200e
2404:6800:4004:822::2008
2404:6800:4008:c13::9d
2620:1ec:bdf::46
2620:1ec:c11::200
2a02:6b8::1:119
2a03:2880:f00f:8:face:b00c:0:1
2a03:2880:f10c:381:face:b00c:0:25de
52.231.207.240
0b5b5004b035c0c16dc7425ccde483e480434bd9fa49977c6e2b5eeaeb1a3820
13e5809846608716bdae583b3cd829bffd3bf276b691a0177740d754acafbd56
1e3965c4bed25c849dded9e6ff31b0e231f53145bdcb06f2ea6d9b97dc7490cc
25870b5bab67572d651ef5853017e109e4720725f994faea76351f6d44297b51
2ddd17c8f9153559cc76eb9ee65d2e787e991ad8fe500d2798af2013086cb652
2fa532d3cdf0f04c5ef39a5c0ae58225d033592b6094158f2ef1c77c1057a5d7
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
32052cc706d52301bbfc3cb10546acae464da944a38de9687606e8b5d91eeee9
3949c59c3aa35d1c57d7051bbdb0bd1a8db9ded281644d68a661f62d9cf6afce
4059cb769ba91ec77e08b78fe69673ead637cfa14b1394bef41c928854a2d51d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b27f10846c4d80b6817cad94dd8d28076311f69af2508fb5b8e65003edc5a91
6047df15ebebc9be0efc5585c6c6ccc2e3a3824266ec6e182a1511d7125f7c09
61b9926e5d52c52c383c00d7e52f2c491b15e7cfd715373b53571632a7459517
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7470f9d78491838f5cc3ee51d4ed4d8a232f6c80ae80706dff96c062d3d663b6
7638feece4844d1fefbb4678b2246ed9fd7832f8b3aa69520e0796ea646f6409
767c321a970efab2ec747611d60563bf98774f5d9ce8fa101c04af78cdc00184
7d6cb07f5836ea5b63a4b5ccf1645bb333ffbbaca64f145bad6a6e4abc6f4f1d
7f52affd3a7b756babdbeb87168edd1b6a995f29eda100de821acd1615685ac8
85de11f6d964f9468e7ea773780a23a08d750199cdde79a02b1061217b2ffaf7
956eda095f622e57b2b36efe134ec71b2faec81bb6285b8d7303a7b8e37d0d9f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a51d0384b33ef00516c50e79755630b0e4b7d1c209f98c343a82dd49c83ffa8
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
adbbf921d065960be8dd93ffc138e4d4793455f140377150f1a4f9037f36e4f5
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
cb967d610484550eb29d23f97bdc37144a86682bcdd3fdd1baf1d76e46988b7d
cc92f2e68bbe540cd2196f09c702f0ec2c1463d7c0008ba412a1f0e19e737043
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
d925354bc047a4280957853768ab1aa2889cb6cb33d9b407cfa88bf1d725b3c1
df8b61d8565c42afcdac6eea160e02fb4c11ec44ff01db101ae9f17f8e404314
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629