urlscan.io logo urlscan.io
SecurityTrails logo

fdsgdsfgfddhdfgjh.xyz Open in urlscan Pro
2606:4700:3037::6815:1f0a  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://fdsgdsfgfddhdfgjh.xyz/
Effective URL: https://fdsgdsfgfddhdfgjh.xyz/jp/login
Submission Tags: 7353506
Submission: On November 16 via api from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 7 domains to perform 31 HTTP transactions. The main IP is 2606:4700:3037::6815:1f0a, located in United States and belongs to CLOUDFLARENET, US. The main domain is fdsgdsfgfddhdfgjh.xyz.
TLS certificate: Issued by R3 on November 16th 2021. Valid for: 3 months.
This is the only time fdsgdsfgfddhdfgjh.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DMM.com (Gaming)

Domain & IP information

IP Address AS Autonomous System
1 5 2606:4700:303... 13335 (CLOUDFLAR...)
8 13.224.96.61 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:219... 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
6 13.224.98.235 16509 (AMAZON-02)
1 13.224.96.13 16509 (AMAZON-02)
1 13.224.96.91 16509 (AMAZON-02)
2 103.254.145.149 23620 (DMM DMM.c...)
31 11
5    2606:4700:3037::6815:1f0a (United States)

ASN13335 (CLOUDFLARENET, US)
fdsgdsfgfddhdfgjh.xyz
8    13.224.96.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-61.zrh50.r.cloudfront.net
navismithapis-cdn.com
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2600:9000:2190:1600:b:c3e6:7700:93a1 (United States)

ASN16509 (AMAZON-02, US)
stat.i3.dmm.com
4    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
6    13.224.98.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-98-235.zrh50.r.cloudfront.net
www.dmm.com
1    13.224.96.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-13.zrh50.r.cloudfront.net
p-smith.com
1    13.224.96.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-91.zrh50.r.cloudfront.net
cdj.dap.dmm.com
2    103.254.145.149 (Japan)

ASN23620 (DMM DMM.com LLC, JP)
PTR: 103x254x145x149
p.dmm.com
Domain Requested by
8 navismithapis-cdn.com fdsgdsfgfddhdfgjh.xyz
6 www.dmm.com fdsgdsfgfddhdfgjh.xyz
cdnjs.cloudflare.com
5 fdsgdsfgfddhdfgjh.xyz 1 redirects fdsgdsfgfddhdfgjh.xyz
4 cdnjs.cloudflare.com fdsgdsfgfddhdfgjh.xyz
2 p.dmm.com fdsgdsfgfddhdfgjh.xyz
2 www.google-analytics.com fdsgdsfgfddhdfgjh.xyz
1 cdj.dap.dmm.com fdsgdsfgfddhdfgjh.xyz
1 p-smith.com fdsgdsfgfddhdfgjh.xyz
1 stat.i3.dmm.com fdsgdsfgfddhdfgjh.xyz
1 www.gstatic.com fdsgdsfgfddhdfgjh.xyz
31 10
Subject Issuer Validity Valid
*.fdsgdsfgfddhdfgjh.xyz
R3		 2021-11-16 -
2022-02-14		 3 months crt.sh
navismithapis-cdn.com
Amazon		 2021-09-23 -
2022-10-22		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.stat.i3.dmm.com
Amazon		 2021-05-18 -
2022-06-16		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.dmm.com
GlobalSign RSA OV SSL CA 2018		 2020-04-13 -
2022-07-01		 2 years crt.sh
p-smith.com
Amazon		 2021-09-02 -
2022-10-01		 a year crt.sh
cdj.dap.dmm.com
Amazon		 2021-01-19 -
2022-02-16		 a year crt.sh

This page contains 1 frames:

Primary Page: https://fdsgdsfgfddhdfgjh.xyz/jp/login
Frame ID: B52F09DD23132DDD6930A2F71E5A14DE
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

DMM.com ログイン - DMM.com

Page URL History Show full URLs

  1. https://fdsgdsfgfddhdfgjh.xyz/ HTTP 302
    https://fdsgdsfgfddhdfgjh.xyz/jp/login Page URL

Page Statistics

31
Requests

97 %
HTTPS

50 %
IPv6

7
Domains

10
Subdomains

11
IPs

3
Countries

420 kB
Transfer

1110 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://fdsgdsfgfddhdfgjh.xyz/ HTTP 302
    https://fdsgdsfgfddhdfgjh.xyz/jp/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://fdsgdsfgfddhdfgjh.xyz/service/scripts/bundle-login-password-sp.js HTTP 302
  • https://www.dmm.com/

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
fdsgdsfgfddhdfgjh.xyz/jp/
Redirect Chain
  • https://fdsgdsfgfddhdfgjh.xyz/
  • https://fdsgdsfgfddhdfgjh.xyz/jp/login
70 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fdsgdsfgfddhdfgjh.xyz/jp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:1f0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d7fc28a9c10d0c3af98379c4ffb149d5eab703f20950cd85ed40c4a4bbfc69f6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 20:46:43 GMT
content-type
text/html; charset=utf-8
x-powered-by
Express
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bn93hnGWBSqfCDCp0UtDj%2BRWH0Td30zbuSmCmbUwu0g1Cg%2B3YSNq0fVS7akVbl5S71rRTaKYw94SSDuLm0zafOR1xgoMvnKRIv4CY3xdHbG7apeoa%2F%2BEtfR7uhG1xXR1ZFHO9r31tlEQEt8NDh3YUFZh4Gk%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6af391f7386059e9-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Tue, 16 Nov 2021 20:46:41 GMT
content-type
text/html; charset=utf-8
x-powered-by
Express
location
/jp/login
vary
Accept
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DL37uJN8R9RqwKhClm8VIXlmSsXJFHpdjdq5aL7TDQGYHEPI5EhNXPaXKEEDQUMm7SBvHlfIMMzYR6W6FIpKBygIdqooVT7uqyQ4djV%2Bl7Uay4XuTYkE9FZnVaxA%2Bb%2FWVP%2BCUztiFnMVtJuNo7UIlLFRbOY%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6af391f1d8ac59e9-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
login_password.css
fdsgdsfgfddhdfgjh.xyz/sp/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fdsgdsfgfddhdfgjh.xyz/sp/css/login_password.css
Requested by
Host: fdsgdsfgfddhdfgjh.xyz
URL: https://fdsgdsfgfddhdfgjh.xyz/jp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:1f0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2352600c5aa740e56c7c6f4f5db83492a2f069fd6ddc8be0939cd4ce23f5b332

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://fdsgdsfgfddhdfgjh.xyz/jp/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 20:46:44 GMT
content-encoding
br
etag
W/"3083-17d24f9316b"
cf-cache-status
MISS
last-modified
Mon, 15 Nov 2021 19:00:50 GMT
server
cloudflare
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2BvhA05Y7WU480jYs5TH9FnO2jmppeeQtFn6XtrlWm17%2FIgVlpCxMv8elsAaCWD0j92e4kGgOlWVkapKs32DrYkFbQW5rVYjF5OaGdOXK7bnM5Z5a8GGelFaswjuh6HbvL9clHeSNwxiryFn1BCMRm2FDAM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6af392012de459e9-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
min.css
navismithapis-cdn.com/css/sp/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://navismithapis-cdn.com/css/sp/min.css?v=3.1.12
Requested by
Host: fdsgdsfgfddhdfgjh.xyz
URL: https://fdsgdsfgfddhdfgjh.xyz/jp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-61.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7fac11288b8efcd7559833dd074a827c0f91036d6fadd49f8f7643477e137db5

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://fdsgdsfgfddhdfgjh.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
krH0IzAz7BtvU_OppOSjKp60WA38XHbU
content-encoding
br
last-modified
Fri, 05 Nov 2021 02:51:19 GMT
server
AmazonS3
age
211
etag
W/"f843a0e7bace3281ebc3ada862b9519e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
date
Tue, 16 Nov 2021 20:43:48 GMT
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
FOUKH4Xm5tNlndKNF3Q5dzbjPT3dLyN9BlQXlZkQP4kmAJvNBs4qbg==
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: fdsgdsfgfddhdfgjh.xyz
URL: https://fdsgdsfgfddhdfgjh.xyz/jp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://fdsgdsfgfddhdfgjh.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 20:20:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1557
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 16 Nov 2021 21:20:47 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: fdsgdsfgfddhdfgjh.xyz
URL: https://fdsgdsfgfddhdfgjh.xyz/jp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://fdsgdsfgfddhdfgjh.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2738
date
Tue, 16 Nov 2021 20:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 16 Nov 2021 22:01:06 GMT
recaptcha__ja.js
www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/ 		360 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/recaptcha__ja.js
Requested by
Host: fdsgdsfgfddhdfgjh.xyz
URL: https://fdsgdsfgfddhdfgjh.xyz/jp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8c337d9310a02ecf2314141fcdb77cdefaff695f889ac701150a66201b09291
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fdsgdsfgfddhdfgjh.xyz/
Origin
https://fdsgdsfgfddhdfgjh.xyz
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 08:50:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42971
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
140125
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 21:26:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Wed, 16 Nov 2022 08:50:33 GMT
dmm.tracking.min.js
stat.i3.dmm.com/latest/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stat.i3.dmm.com/latest/js/dmm.tracking.min.js
Requested by
Host: fdsgdsfgfddhdfgjh.xyz
URL: https://fdsgdsfgfddhdfgjh.xyz/jp/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:1600:b:c3e6:7700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7f7be209d20712d7fcf07ee463225e324e928059acfdd6d15b47339ab5410fcb

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://fdsgdsfgfddhdfgjh.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
BF1SR1WOrRJ.3Mtlvhywd5m5yuTzH8f2
Content-Encoding
gzip
ETag
W/"61d58dc87c055918b98645acb5a2b9a0"
Age
126
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:ap-northeast-1:226825234638:build/prd-tracking-js-build:d1b9e025-f188-4a75-94ac-335d76f888e4
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
x-amz-meta-codebuild-content-md5
8679cb6b32dcf4be3e98ab9a244693b9
Last-Modified
Wed, 10 Nov 2021 06:33:26 GMT
Server
AmazonS3
Date
Tue, 16 Nov 2021 20:46:02 GMT
Vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
9f85b0c754369f8f42aee401089e1f814af7a4435bdb716d300ac8178eba55db
Via
1.1 6b0e09b8a7d995016df1513b4b11c17e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
ZRH50-C1
Content-Type
application/x-javascript
X-Amz-Cf-Id
EyNDZJyXgVKfH9RXVLjm2lwZvFvUFyB4nppQCejNgr2HwyPkWM8L-A==
sp-switch.js
navismithapis-cdn.com/js/ 		6 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://navismithapis-cdn.com/js/sp-switch.js?v=3.1.12
Requested by
Host: fdsgdsfgfddhdfgjh.xyz
URL: https://fdsgdsfgfddhdfgjh.xyz/jp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-61.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be1788fa66c030500de4bce1e526c2b491547fa09c6dac2013a72eecf77f53d0

Request headers

Referer
https://fdsgdsfgfddhdfgjh.xyz/
Origin
https://fdsgdsfgfddhdfgjh.xyz
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 07:52:58 GMT
content-encoding
br
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
46427
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Fri, 05 Nov 2021 02:51:23 GMT
server
AmazonS3
etag
W/"5e312f0fe9a3070c89e5444e92869329"
access-control-max-age
300
access-control-allow-methods
GET, HEAD
x-amz-version-id
LcqJcGlpUBut0EPCc63sOh39DzvN7BrP
via
1.1 e6b325a976b10aa826ec63757afbdedb.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
content-type
application/javascript
x-amz-cf-id
2pq-v7YzJfu_eABfMiykBXrhHEF39VXryYJBP1oAMwS6llV7WpNlFg==
pigeon.js
navismithapis-cdn.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://navismithapis-cdn.com/js/pigeon.js?v=3.1.12
Requested by
Host: fdsgdsfgfddhdfgjh.xyz
URL: https://fdsgdsfgfddhdfgjh.xyz/jp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-61.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
50dfa8d018c8604581d554f42ff1a3457aff790605821179cd93dbdd5ae91517

Request headers

Referer
https://fdsgdsfgfddhdfgjh.xyz/
Origin
https://fdsgdsfgfddhdfgjh.xyz
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 07:52:58 GMT
content-encoding
br
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
46427
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Fri, 05 Nov 2021 02:51:22 GMT
server
AmazonS3
etag
W/"4b1aeab7175e9aa4daae4249edc000ec"
access-control-max-age
300
access-control-allow-methods
GET, HEAD
x-amz-version-id
TYzVNbqpa5mG69A4MYi9v3QCcp5dCxJx
via
1.1 e6b325a976b10aa826ec63757afbdedb.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
content-type
application/javascript
x-amz-cf-id
Y4jcU_fA7FuMnkAZo0ie4xcsJydM6JO1mLwVxxCdTSU4KU8xOxHPTw==
sp-global-floor.js
navismithapis-cdn.com/js/ 		813 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://navismithapis-cdn.com/js/sp-global-floor.js?v=3.1.12
Requested by
Host: fdsgdsfgfddhdfgjh.xyz
URL: https://fdsgdsfgfddhdfgjh.xyz/jp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-61.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3d4d2098263ccbe940d9c18109cdd47cc782783e920ade9abd5b835e05c12f5e

Request headers

Referer
https://fdsgdsfgfddhdfgjh.xyz/
Origin
https://fdsgdsfgfddhdfgjh.xyz
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 07:52:58 GMT
via
1.1 e6b325a976b10aa826ec63757afbdedb.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
46427
x-cache
Hit from cloudfront
content-length
813
last-modified
Fri, 05 Nov 2021 02:51:23 GMT
server
AmazonS3
etag
"084cbb935dc1bcf18448e772ceca9182"
access-control-max-age
300
access-control-allow-methods
GET, HEAD
x-amz-version-id
EzPS3tKuaXlkM7X9AIkuK0O1JAyR_HsT
access-control-allow-origin
*
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
6khgopY88xhOVnIwcqLSmgfvCFHyS3b6nG2s85YLORLhiKNyCk1NCQ==
sp-global-app.js
navismithapis-cdn.com/js/ 		836 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://navismithapis-cdn.com/js/sp-global-app.js?v=3.1.12
Requested by
Host: fdsgdsfgfddhdfgjh.xyz
URL: https://fdsgdsfgfddhdfgjh.xyz/jp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-61.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b3a7150360b4f87d7aaeb51c81397d8cefa7b84d592c107ffdd6790bf3ed279

Request headers

Referer
https://fdsgdsfgfddhdfgjh.xyz/
Origin
https://fdsgdsfgfddhdfgjh.xyz
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 07:52:58 GMT
via
1.1 e6b325a976b10aa826ec63757afbdedb.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
46427
x-cache
Hit from cloudfront
content-length
836
last-modified
Fri, 05 Nov 2021 02:51:22 GMT
server
AmazonS3
etag
"1dd72529f7fac623a07fe0259b0fb44d"
access-control-max-age
300
access-control-allow-methods
GET, HEAD
x-amz-version-id
HQtHt7H6SrLrI1A8yb219DakEF51PICF
access-control-allow-origin
*
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
1fn2D1bOy4zQUE3YDdZAlzFIDKnTlmf0CICZuUsaDgXbuEgCndTFuw==
translate.js
navismithapis-cdn.com/js/ 		1 KB
957 B 		Script
General
Check archive.org
Download Go to
Full URL
https://navismithapis-cdn.com/js/translate.js?v=3.1.12
Requested by
Host: fdsgdsfgfddhdfgjh.xyz
URL: https://fdsgdsfgfddhdfgjh.xyz/jp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-61.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d2e1152f55b6a7d27a42708fd361248114991f12efc5f5401d9c6d4ff06eddca

Request headers

Referer
https://fdsgdsfgfddhdfgjh.xyz/
Origin
https://fdsgdsfgfddhdfgjh.xyz
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 07:52:58 GMT
content-encoding
br
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
46427
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Fri, 05 Nov 2021 02:51:23 GMT
server
AmazonS3
etag
W/"a146e0c2c67106d80e80f2da8879f4c4"
access-control-max-age
300
access-control-allow-methods
GET, HEAD
x-amz-version-id
wPYG.0Ll7GGp6GjmSYfbPyQ2vXQM6EwG
via
1.1 e6b325a976b10aa826ec63757afbdedb.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
content-type
application/javascript
x-amz-cf-id
sM4drKZQ1OSuffq3lbAZMojYZSTACFJp0De-z7tleoMn1oaF_D-b4w==
axios.min.js
cdnjs.cloudflare.com/ajax/libs/axios/0.16.1/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/axios/0.16.1/axios.min.js
Requested by
Host: fdsgdsfgfddhdfgjh.xyz
URL: https://fdsgdsfgfddhdfgjh.xyz/jp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b2114a050aed49f4a24237d4d1f437b75ca10c6fc8623eae23c0558c53a7e21
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://fdsgdsfgfddhdfgjh.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 20:46:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5965521
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9848
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:06:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d6a-879a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RnGUT2gn3Gr5f2vBCLt3%2BkzjHVeCsRRAccL%2FOsWaLYjci6jGIWstVK5p7AJZL2Hk8To3Ok0GzlyyVOWJY0nDgABhN12pKHn47HvQDSXK9OuooVh6aEYh%2B%2FMRS2%2FGPfkNUPHPmbf%2FKS%2FMaLQId4%2F4Qfuq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6af392019ac70f66-MXP
expires
Sun, 06 Nov 2022 20:46:43 GMT
ajv.min.js
cdnjs.cloudflare.com/ajax/libs/ajv/5.1.1/ 		116 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/ajv/5.1.1/ajv.min.js
Requested by
Host: fdsgdsfgfddhdfgjh.xyz
URL: https://fdsgdsfgfddhdfgjh.xyz/jp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98003c5be90833ea2273a0b2e8c7b73e0a94ce7f4a8d75bfe263cbf72e362d11
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://fdsgdsfgfddhdfgjh.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 20:46:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
17935298
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
25211
cf-request-id
099f12a57a00000e1a7888a000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:10 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03cfa-1d1ac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S0vM1WfYTLD5k%2Bbjiq6ZGr%2FLBszUIBsdjU30mlPKAKj3Ce3WO%2BWdOf5g8dHZqR3aHLaPgwKbCkzGovoQuICOoSHny6Zz%2BrPtt3lwjL1CcNnx96w8ZIZAP5Cw2IlSP2WuUqszMyjGf7gIpqu6fp5EM%2BbG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6af392019ace0f66-MXP
expires
Sun, 06 Nov 2022 20:46:43 GMT
core.min.js
cdnjs.cloudflare.com/ajax/libs/core-js/2.5.1/ 		86 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/core-js/2.5.1/core.min.js
Requested by
Host: fdsgdsfgfddhdfgjh.xyz
URL: https://fdsgdsfgfddhdfgjh.xyz/jp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c062e44ef26a7b57ee5e158af4af360561ed6f3d18d96e4c1faa9b69097add0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://fdsgdsfgfddhdfgjh.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 20:46:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
689727
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
25572
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-156f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vr002ynjdBr2oXehZHaBDCGF6zbaSXGHr24d%2FCAtzKfoDAfZLHioYqHSp1S26IdosL%2FragghxtRsLnQGXyqv1LlbrBWbbh7PkA1Yw0HTwAN9nYw36v4aj9VRZNGJLcZJ8lwkXVbE2yDjvE75kATrH7%2B1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6af392019ad10f66-MXP
expires
Sun, 06 Nov 2022 20:46:43 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.8.3/ 		91 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: fdsgdsfgfddhdfgjh.xyz
URL: https://fdsgdsfgfddhdfgjh.xyz/jp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://fdsgdsfgfddhdfgjh.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 20:46:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4693565
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
29822
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-16dc4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LoMStCPq1ftx%2BrjnfBhZHKuQPYt60DMCN91i0V6BIF3r5nhMaqHcuyo3qgQ08RQpGHUe%2FWVvbwQlJfweES9Q5SFML4cZVf5WOFb17rcqLL6OeNdYNV0eDQLVxIXzl%2Bs10VugjHaHANzHjoGZM00ozuxE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6af392019ad20f66-MXP
expires
Sun, 06 Nov 2022 20:46:43 GMT
base.sp.js
www.dmm.com/js/common/ 		32 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dmm.com/js/common/base.sp.js?1636949206694
Requested by
Host: fdsgdsfgfddhdfgjh.xyz
URL: https://fdsgdsfgfddhdfgjh.xyz/jp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.98.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-98-235.zrh50.r.cloudfront.net
Software
Apache /
Resource Hash
3ab6590e76624953347f1651baeec0cb1b17c3bd10437aafee81ad94f88dca97

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://fdsgdsfgfddhdfgjh.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 20:46:44 GMT
content-encoding
gzip
last-modified
Mon, 21 Aug 2017 06:41:02 GMT
server
Apache
x-amz-cf-pop
ZRH50-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
content-length
8446
x-amz-cf-id
zLrbrpHz9sePBiNCMSnwspAnHggTPpzuna1ejHcQUIR8YZiHKc9M1g==
expires
Wed, 16 Nov 2022 20:46:44 GMT
assemble_library.sp.js
www.dmm.com/js/common/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dmm.com/js/common/assemble_library.sp.js?1636949206694
Requested by
Host: fdsgdsfgfddhdfgjh.xyz
URL: https://fdsgdsfgfddhdfgjh.xyz/jp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.98.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-98-235.zrh50.r.cloudfront.net
Software
Apache /
Resource Hash
9d39c3cec6d1b46fd959450ab019fc348db2e0ff907a33733eb3355b29c7b043

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://fdsgdsfgfddhdfgjh.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 20:46:44 GMT
content-encoding
gzip
last-modified
Thu, 24 Apr 2014 03:19:50 GMT
server
Apache
x-amz-cf-pop
ZRH50-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
content-length
801
x-amz-cf-id
h3PSGQuXc27x0l2X0N1LHUorZaRPbNH72gi1O5WvoQGQ-zFJm09C5w==
expires
Wed, 16 Nov 2022 20:46:44 GMT
set_tracking.js
www.dmm.com/js/common/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dmm.com/js/common/set_tracking.js
Requested by
Host: fdsgdsfgfddhdfgjh.xyz
URL: https://fdsgdsfgfddhdfgjh.xyz/jp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.98.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-98-235.zrh50.r.cloudfront.net
Software
Apache /
Resource Hash
841fda56791eeaa7b538ddbe8b0b5ac4d746cbc0d861137f680c927502df0188

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://fdsgdsfgfddhdfgjh.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 20:46:44 GMT
content-encoding
gzip
last-modified
Tue, 17 May 2016 09:34:25 GMT
server
Apache
x-amz-cf-pop
ZRH50-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
content-length
864
x-amz-cf-id
WgT6l3nPN07zULcE1Br3uJoq5P5Xi_3zlNSc8GEDtxfv2tz7tlKbMg==
s_code_dummy.js
www.dmm.com/js/ 		95 B
426 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dmm.com/js/s_code_dummy.js
Requested by
Host: fdsgdsfgfddhdfgjh.xyz
URL: https://fdsgdsfgfddhdfgjh.xyz/jp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.98.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-98-235.zrh50.r.cloudfront.net
Software
Apache /
Resource Hash
2e82f8c8feea64e85be7841ae1bb4856f58a9a9c311ec094c601531c9dee26cc

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://fdsgdsfgfddhdfgjh.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 20:46:44 GMT
content-encoding
gzip
last-modified
Thu, 27 Dec 2012 10:28:02 GMT
server
Apache
x-amz-cf-pop
ZRH50-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
content-length
105
x-amz-cf-id
FoCl_Q_Kht2wfv-HkQD06J97TCMZvAFSI61gzvd0mC7cUnwuLEEHWA==
conf.js
www.dmm.com/js/marketing/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dmm.com/js/marketing/conf.js
Requested by
Host: fdsgdsfgfddhdfgjh.xyz
URL: https://fdsgdsfgfddhdfgjh.xyz/jp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.98.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-98-235.zrh50.r.cloudfront.net
Software
Apache /
Resource Hash
61cdcceb5d311981eab4f005a172aba979ed5eb0d83076b88e27b1f73af24b1c

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://fdsgdsfgfddhdfgjh.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 20:46:44 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 07:05:54 GMT
server
Apache
x-amz-cf-pop
ZRH50-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
content-length
836
x-amz-cf-id
U0b8BsGI4CwgUJQZt8lZmmKdPTLG6KDk1KaSueDa9yUF_GmURXKRBQ==
service.svg
navismithapis-cdn.com/img/ 		1013 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://navismithapis-cdn.com/img/service.svg
Requested by
Host: fdsgdsfgfddhdfgjh.xyz
URL: https://fdsgdsfgfddhdfgjh.xyz/jp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-61.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0cb5d24a50ac7ec34ad0d2710b653b047b2765a741e63d8d738ebd39889dcf70

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://fdsgdsfgfddhdfgjh.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
AkCjRU6n_2Q7PIq25AIeUBcqsKtZRfzq
content-encoding
gzip
last-modified
Fri, 05 Nov 2021 02:51:22 GMT
server
AmazonS3
age
299
etag
W/"73a1c3c6698ddd44f0890e031df48490"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
date
Tue, 16 Nov 2021 20:46:02 GMT
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
gCOdoGqmhL8k_0fmnKQUJZalzvmzPPEAvJ8QWRw4vm2DVWyKxDW0Jw==
dmm_com.svg
p-smith.com/logo/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p-smith.com/logo/dmm_com.svg
Requested by
Host: fdsgdsfgfddhdfgjh.xyz
URL: https://fdsgdsfgfddhdfgjh.xyz/jp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-13.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18e7b9f3f619b67bf1dec733c60c2c5f2d29e5e31c335cac236b5101b16b56ed

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://fdsgdsfgfddhdfgjh.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 05:53:10 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 09:21:25 GMT
server
AmazonS3
age
53615
etag
W/"87cb5454bdc8b864f826143ef9e5a5ba"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
8rw8RtkFPgEgmQyc_s0WrSDGmxKES1RD
via
1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
content-type
image/svg+xml
x-amz-cf-id
C50gJ6cH6fxbaaEiDuFg9Gd4p7Gu28iXiNECikwKd5nb2EqNs5q8cA==
translate.svg
navismithapis-cdn.com/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://navismithapis-cdn.com/img/translate.svg
Requested by
Host: fdsgdsfgfddhdfgjh.xyz
URL: https://fdsgdsfgfddhdfgjh.xyz/jp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-61.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7ccce3da481ba29f42abc21921bfc0582c4a14178ff369f8def343790609ee3d

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://fdsgdsfgfddhdfgjh.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
DIXLRzBijLe.kXLpn6reezVCQSe4ES1k
content-encoding
br
last-modified
Fri, 05 Nov 2021 02:51:22 GMT
server
AmazonS3
age
79
etag
W/"eb22c4339ec974549bb731d770a1390f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
date
Tue, 16 Nov 2021 20:46:02 GMT
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
vru4CHWXI6KGIiz8lqWil9XN40raClIn_nxb38LUGzADHsWJbdiUZQ==
dmm-c-sdk.js
cdj.dap.dmm.com/ 		107 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdj.dap.dmm.com/dmm-c-sdk.js
Requested by
Host: fdsgdsfgfddhdfgjh.xyz
URL: https://fdsgdsfgfddhdfgjh.xyz/jp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-91.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3e1a60ff56f8077d5c772537b5c89349dbe6556e644de5d0749298981f48ffd0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://fdsgdsfgfddhdfgjh.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
eu43Fu570FHEfKyTy2krKljSCn67tQnm
content-encoding
gzip
last-modified
Wed, 22 Sep 2021 04:11:08 GMT
server
AmazonS3
age
41
etag
W/"06a42c97e06aa54911fc30a7a45b5b7c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a06cb72e779e366fcd004926eacd5b85.cloudfront.net (CloudFront)
date
Tue, 16 Nov 2021 20:46:04 GMT
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
lHX3KA3WJ8xPn9ZM31P0VeEJOEaWQq5uxJP3GzAmP6ROZHR1c9pZhA==
banner_pointclub.png
fdsgdsfgfddhdfgjh.xyz/images/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fdsgdsfgfddhdfgjh.xyz/images/banner_pointclub.png
Requested by
Host: fdsgdsfgfddhdfgjh.xyz
URL: https://fdsgdsfgfddhdfgjh.xyz/jp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:1f0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
579e676193603a798e60cd34f4c858936277f6686de29122fb3a10d0715d20ba

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://fdsgdsfgfddhdfgjh.xyz/jp/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 20:46:45 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
26745
last-modified
Mon, 15 Nov 2021 19:00:50 GMT
server
cloudflare
etag
W/"6879-17d24f93162"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Owmr%2FuenJTEH2t9%2FHJldxy%2BuwFtjFCZ1EHPiEHkjYUsAsQmoQz9oZ6DYe3Jr%2F9WJVEFiC%2Fd%2FziSYTQCB9cMOscrUtq40Zh2RrX%2BSi6W8ztm%2F6tO8wL72WDTeWJJNgiVsTDAZdZn6jsAaoTSd75siU%2B5EAdw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6af39207cbc459e9-MXP
banner_creditcard_normal.jpg
fdsgdsfgfddhdfgjh.xyz/images/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fdsgdsfgfddhdfgjh.xyz/images/banner_creditcard_normal.jpg
Requested by
Host: fdsgdsfgfddhdfgjh.xyz
URL: https://fdsgdsfgfddhdfgjh.xyz/jp/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:1f0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
372345dd1b3ff7777482ff2f04fe359ad64582972ff32641070216029942a2c4

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://fdsgdsfgfddhdfgjh.xyz/jp/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 20:46:45 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
30078
last-modified
Mon, 15 Nov 2021 19:00:50 GMT
server
cloudflare
etag
W/"757e-17d24f93162"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yuwBWOhVT3dM%2FJnZCPIUKlTEEwqOAKAiBR0wfZ06RDmaWKsAI4Pig1D68WvjLTy8TWwQkw7wmkkatg4snHTlMr2N5YuyE%2B3RLzLig6eq0kGjf%2FR1Pdw%2FetbBmhuZ1LyfnFUE%2BVRxYSk%2B1vkCI97%2F5gyk0ng%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6af39207cbc659e9-MXP
banner_fictitious.jpg
p.dmm.com/p/top/banner/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.dmm.com/p/top/banner/banner_fictitious.jpg
Requested by
Host: fdsgdsfgfddhdfgjh.xyz
URL: https://fdsgdsfgfddhdfgjh.xyz/jp/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.254.145.149 , Japan, ASN23620 (DMM DMM.com LLC, JP),
Reverse DNS
103x254x145x149
Software
openresty /
Resource Hash
224a6b034649ac45cf2016990bb9d23447699248bb81993c1f8d26dbe2b275a6

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://fdsgdsfgfddhdfgjh.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 20:46:45 GMT
last-modified
Fri, 03 Jul 2015 05:22:29 GMT
server
openresty
etag
"55961c15-2712"
x-cache-status
HIT
content-type
image/jpeg
accept-ranges
bytes
content-length
10002
banner_reuse.jpg
p.dmm.com/p/top/banner/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.dmm.com/p/top/banner/banner_reuse.jpg
Requested by
Host: fdsgdsfgfddhdfgjh.xyz
URL: https://fdsgdsfgfddhdfgjh.xyz/jp/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.254.145.149 , Japan, ASN23620 (DMM DMM.com LLC, JP),
Reverse DNS
103x254x145x149
Software
openresty /
Resource Hash
71dbc98cf1113f97157bc64f12ffa01ae57ce7ffb19d7b74744ee393ce7da3a6

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://fdsgdsfgfddhdfgjh.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 20:46:45 GMT
last-modified
Wed, 01 Aug 2018 05:35:47 GMT
server
openresty
etag
"5b6146b3-5b20"
x-cache-status
HIT
content-type
image/jpeg
accept-ranges
bytes
content-length
23328
/
www.dmm.com/
Redirect Chain
  • https://fdsgdsfgfddhdfgjh.xyz/service/scripts/bundle-login-password-sp.js
  • https://www.dmm.com/
0
0
/
www.dmm.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.dmm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.98.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-98-235.zrh50.r.cloudfront.net
Software
awselb/2.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-requested-with
Origin
https://fdsgdsfgfddhdfgjh.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
text/html
content-length
520
server
awselb/2.0
date
Tue, 16 Nov 2021 20:46:46 GMT
x-cache
Error from cloudfront
via
1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
Inzq4L4h0hUfFpG6pT6RpLJ-D2t9HrwF5cJUbObc1nzkjtFZ8NXg3Q==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.dmm.com
URL
https://www.dmm.com/

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DMM.com (Gaming)

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| axios function| Ajv object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate function| Dict function| delay object| _ function| $ function| jQuery function| slidebtn_run function| createURL function| dmmSubmit function| openerSubdomain function| switchOrientation function| hdGlobalTouch function| hdSearchTouch function| hdAcountTouch function| naviClose function| fn_slidedown function| fn_slidedown_run function| fn_popup function| fn_popupOverlayAdjust function| preventLink function| fnPagetop function| fn_dmmNaviBehavior object| dmmLib function| navi_tracking_function function| s_customLinkTrack object| Marketing object| dataLayer string| id object| se object| mailmagazineCheckboxStatus function| MailmagazineCheckboxStatus function| NaviApiSpSwitch object| NaviApiPigeon function| NaviApiSpGlobalFloor function| NaviApiSpGlobalApp function| NaviApiTranslate string| myDevice object| $body object| $hdGlobal object| jQuery1830208039639979948 object| gaplugins function| ga function| i3 object| google_tag_data object| regeneratorRuntime function| iFrameResize boolean| is_send_request object| recaptcha

4 Cookies

Domain/Path Name / Value
fdsgdsfgfddhdfgjh.xyz/ Name: mercar:sid
Value: s%3A5d57748a-2ad8-431e-a47f-042da6b554d0.0TgTtQ49r1BP22wW3Uad7dZhdZj0ADc0FJ9gJsWmfgU
fdsgdsfgfddhdfgjh.xyz/ Name:
Value: _gaSessionTime\x3d2021-11-17 05:46:46
fdsgdsfgfddhdfgjh.xyz/ Name: _gaReferrer
Value:
.fdsgdsfgfddhdfgjh.xyz/ Name: i3_ab
Value: 21583030-187a-44a8-bbc9-d6ec5464d600

3 Console Messages

Source Level URL
Text
deprecation warning URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.8.3/jquery.min.js(Line 1)
Message:
Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.
javascript error URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.8.3/jquery.min.js(Line 1)
Message:
Access to XMLHttpRequest at 'https://www.dmm.com/' (redirected from 'https://fdsgdsfgfddhdfgjh.xyz/service/scripts/bundle-login-password-sp.js') from origin 'https://fdsgdsfgfddhdfgjh.xyz' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.8.3/jquery.min.js(Line 1)
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdj.dap.dmm.com
cdnjs.cloudflare.com
fdsgdsfgfddhdfgjh.xyz
navismithapis-cdn.com
p-smith.com
p.dmm.com
stat.i3.dmm.com
www.dmm.com
www.google-analytics.com
www.gstatic.com
www.dmm.com
103.254.145.149
13.224.96.13
13.224.96.61
13.224.96.91
13.224.98.235
2600:9000:2190:1600:b:c3e6:7700:93a1
2606:4700:3037::6815:1f0a
2606:4700::6810:125e
2a00:1450:4001:80e::2003
2a00:1450:4001:831::200e
0cb5d24a50ac7ec34ad0d2710b653b047b2765a741e63d8d738ebd39889dcf70
18e7b9f3f619b67bf1dec733c60c2c5f2d29e5e31c335cac236b5101b16b56ed
1b3a7150360b4f87d7aaeb51c81397d8cefa7b84d592c107ffdd6790bf3ed279
224a6b034649ac45cf2016990bb9d23447699248bb81993c1f8d26dbe2b275a6
2352600c5aa740e56c7c6f4f5db83492a2f069fd6ddc8be0939cd4ce23f5b332
2e82f8c8feea64e85be7841ae1bb4856f58a9a9c311ec094c601531c9dee26cc
372345dd1b3ff7777482ff2f04fe359ad64582972ff32641070216029942a2c4
3ab6590e76624953347f1651baeec0cb1b17c3bd10437aafee81ad94f88dca97
3d4d2098263ccbe940d9c18109cdd47cc782783e920ade9abd5b835e05c12f5e
3e1a60ff56f8077d5c772537b5c89349dbe6556e644de5d0749298981f48ffd0
4c062e44ef26a7b57ee5e158af4af360561ed6f3d18d96e4c1faa9b69097add0
50dfa8d018c8604581d554f42ff1a3457aff790605821179cd93dbdd5ae91517
579e676193603a798e60cd34f4c858936277f6686de29122fb3a10d0715d20ba
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
61cdcceb5d311981eab4f005a172aba979ed5eb0d83076b88e27b1f73af24b1c
6b2114a050aed49f4a24237d4d1f437b75ca10c6fc8623eae23c0558c53a7e21
71dbc98cf1113f97157bc64f12ffa01ae57ce7ffb19d7b74744ee393ce7da3a6
7ccce3da481ba29f42abc21921bfc0582c4a14178ff369f8def343790609ee3d
7f7be209d20712d7fcf07ee463225e324e928059acfdd6d15b47339ab5410fcb
7fac11288b8efcd7559833dd074a827c0f91036d6fadd49f8f7643477e137db5
841fda56791eeaa7b538ddbe8b0b5ac4d746cbc0d861137f680c927502df0188
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
98003c5be90833ea2273a0b2e8c7b73e0a94ce7f4a8d75bfe263cbf72e362d11
9d39c3cec6d1b46fd959450ab019fc348db2e0ff907a33733eb3355b29c7b043
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
be1788fa66c030500de4bce1e526c2b491547fa09c6dac2013a72eecf77f53d0
d2e1152f55b6a7d27a42708fd361248114991f12efc5f5401d9c6d4ff06eddca
d7fc28a9c10d0c3af98379c4ffb149d5eab703f20950cd85ed40c4a4bbfc69f6
f8c337d9310a02ecf2314141fcdb77cdefaff695f889ac701150a66201b09291