URL: https://zone.itcloud.ca/login.php
Submission Tags: @phishunt_io
Submission: On July 27 via api from DE — Scanned from CA

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 28 HTTP transactions. The main IP is 69.196.24.101, located in Trois-Rivières, Canada and belongs to XITTEL-AS, CA. The main domain is zone.itcloud.ca.
TLS certificate: Issued by Entrust Certification Authority - L1K on October 18th 2021. Valid for: a year.
This is the only time zone.itcloud.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification


Live information

Domain & IP information

IP Address AS Autonomous System
25 69.196.24.101 30336 (XITTEL-AS)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
28 3
Apex Domain
Subdomains
Transfer
25 itcloud.ca
zone.itcloud.ca
2 MB
2 gstatic.com
fonts.gstatic.com
64 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 72
1 KB
28 3
Domain Requested by
25 zone.itcloud.ca zone.itcloud.ca
2 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com zone.itcloud.ca
28 3

This site contains links to these domains. Also see Links.

Domain
itcloud.ca
Subject Issuer Validity Valid
*.zone.itcloud.ca
Entrust Certification Authority - L1K
2021-10-18 -
2022-10-28
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-07-04 -
2022-09-26
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-07-04 -
2022-09-26
3 months crt.sh

This page contains 1 frames:

Primary Page: https://zone.itcloud.ca/login.php
Frame ID: 35529BF6B9316D47E9BEB99865D55E60
Requests: 28 HTTP requests in this frame

Screenshot

Page Title

ITCloud.ca Portal Access

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont

Overall confidence: 100%
Detected patterns
  • select2(?:\.min|\.full)?\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

2036 kB
Transfer

2032 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login.php
zone.itcloud.ca/
4 KB
5 KB
Document
General
Full URL
https://zone.itcloud.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.196.24.101 Trois-Rivières, Canada, ASN30336 (XITTEL-AS, CA),
Reverse DNS
Software
/
Resource Hash
69000bdaeca5bcbd6db7cd915ad9d60c597715e557ac248731c61047e97a833b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/html; charset=utf-8
date
Wed, 27 Jul 2022 01:19:56 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
x-frame-options
sameorigin
font-awesome.min.css
zone.itcloud.ca/includes/css/
28 KB
28 KB
Stylesheet
General
Full URL
https://zone.itcloud.ca/includes/css/font-awesome.min.css?v=2022-07-13
Requested by
Host: zone.itcloud.ca
URL: https://zone.itcloud.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.196.24.101 Trois-Rivières, Canada, ASN30336 (XITTEL-AS, CA),
Reverse DNS
Software
/
Resource Hash
362ae4d51c05c9c741214bb98169e3b1b8a502fe09a380a93fa8b2c566e67e9a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://zone.itcloud.ca/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 01:19:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Jul 2022 15:59:02 GMT
etag
"62cd9a46-7056"
x-frame-options
sameorigin
content-type
text/css
strict-transport-security
max-age=63072000
accept-ranges
bytes
content-length
28758
ui.all.css
zone.itcloud.ca/includes/jscript/css/
26 KB
26 KB
Stylesheet
General
Full URL
https://zone.itcloud.ca/includes/jscript/css/ui.all.css?v=2022-07-13
Requested by
Host: zone.itcloud.ca
URL: https://zone.itcloud.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.196.24.101 Trois-Rivières, Canada, ASN30336 (XITTEL-AS, CA),
Reverse DNS
Software
/
Resource Hash
3fdf494db003e8023e6d8580c2c08d417e9c24651deee5bca3df52a6a87a17c0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://zone.itcloud.ca/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 01:19:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Jul 2022 15:58:42 GMT
etag
"62cd9a32-68ff"
x-frame-options
sameorigin
content-type
text/css
strict-transport-security
max-age=63072000
accept-ranges
bytes
content-length
26879
select2.css
zone.itcloud.ca/includes/jscript/css/
17 KB
18 KB
Stylesheet
General
Full URL
https://zone.itcloud.ca/includes/jscript/css/select2.css?v=2022-07-13
Requested by
Host: zone.itcloud.ca
URL: https://zone.itcloud.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.196.24.101 Trois-Rivières, Canada, ASN30336 (XITTEL-AS, CA),
Reverse DNS
Software
/
Resource Hash
05ed134f23ea098b5d13aa16ab8a356f99b79e2939e3e5db238949aa4f74caf9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://zone.itcloud.ca/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 01:19:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Jul 2022 15:59:06 GMT
etag
"62cd9a4a-4527"
x-frame-options
sameorigin
content-type
text/css
strict-transport-security
max-age=63072000
accept-ranges
bytes
content-length
17703
bootstrap.css
zone.itcloud.ca/templates/rev/css/
87 KB
88 KB
Stylesheet
General
Full URL
https://zone.itcloud.ca/templates/rev/css/bootstrap.css?v=2022-07-13
Requested by
Host: zone.itcloud.ca
URL: https://zone.itcloud.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.196.24.101 Trois-Rivières, Canada, ASN30336 (XITTEL-AS, CA),
Reverse DNS
Software
/
Resource Hash
df860d9d5efbf5a35eaf97ce8c989cc709426900dfac343f8787a8064c6aa7d0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://zone.itcloud.ca/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 01:19:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Jul 2022 15:58:34 GMT
etag
"62cd9a2a-15df8"
x-frame-options
sameorigin
content-type
text/css
strict-transport-security
max-age=63072000
accept-ranges
bytes
content-length
89592
whmcs.css
zone.itcloud.ca/templates/rev/css/
107 KB
108 KB
Stylesheet
General
Full URL
https://zone.itcloud.ca/templates/rev/css/whmcs.css?v=2022-07-13
Requested by
Host: zone.itcloud.ca
URL: https://zone.itcloud.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.196.24.101 Trois-Rivières, Canada, ASN30336 (XITTEL-AS, CA),
Reverse DNS
Software
/
Resource Hash
ccf99e61c6284df3f4550026b88de670f36567951c3db5d49bbf503fcaf1a31a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://zone.itcloud.ca/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 01:19:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Jul 2022 15:59:09 GMT
etag
"62cd9a4d-1ade8"
x-frame-options
sameorigin
content-type
text/css
strict-transport-security
max-age=63072000
accept-ranges
bytes
content-length
110056
login.css
zone.itcloud.ca/templates/rev/css/
2 KB
3 KB
Stylesheet
General
Full URL
https://zone.itcloud.ca/templates/rev/css/login.css?v=2022-07-13
Requested by
Host: zone.itcloud.ca
URL: https://zone.itcloud.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.196.24.101 Trois-Rivières, Canada, ASN30336 (XITTEL-AS, CA),
Reverse DNS
Software
/
Resource Hash
c1385a84585493695dc86ef81cc3d12acf7ebcfa04895dd117e581defde9bf17
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://zone.itcloud.ca/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 01:19:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Jul 2022 15:58:35 GMT
etag
"62cd9a2b-9f9"
x-frame-options
sameorigin
content-type
text/css
strict-transport-security
max-age=63072000
accept-ranges
bytes
content-length
2553
mobile.css
zone.itcloud.ca/templates/rev/css/
4 KB
5 KB
Stylesheet
General
Full URL
https://zone.itcloud.ca/templates/rev/css/mobile.css?v=2022-07-13
Requested by
Host: zone.itcloud.ca
URL: https://zone.itcloud.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.196.24.101 Trois-Rivières, Canada, ASN30336 (XITTEL-AS, CA),
Reverse DNS
Software
/
Resource Hash
a5538544064c69bb170944ad1d78afd8a19dca8e1952c6b5e0968c8f67e96467
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://zone.itcloud.ca/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 01:19:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Jul 2022 15:58:57 GMT
etag
"62cd9a41-11e4"
x-frame-options
sameorigin
content-type
text/css
strict-transport-security
max-age=63072000
accept-ranges
bytes
content-length
4580
jquery.js
zone.itcloud.ca/includes/jscript/
93 KB
93 KB
Script
General
Full URL
https://zone.itcloud.ca/includes/jscript/jquery.js?v=2022-07-13
Requested by
Host: zone.itcloud.ca
URL: https://zone.itcloud.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.196.24.101 Trois-Rivières, Canada, ASN30336 (XITTEL-AS, CA),
Reverse DNS
Software
/
Resource Hash
be89b521e1cdc0114d05d49d3bea531b2df8e69aa344c4b8887f9bb3979b7a97
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://zone.itcloud.ca/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 01:19:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Jul 2022 15:58:55 GMT
etag
"62cd9a3f-1727d"
x-frame-options
sameorigin
content-type
application/javascript
strict-transport-security
max-age=63072000
accept-ranges
bytes
content-length
94845
jqueryui.js
zone.itcloud.ca/includes/jscript/
207 KB
208 KB
Script
General
Full URL
https://zone.itcloud.ca/includes/jscript/jqueryui.js?v=2022-07-13
Requested by
Host: zone.itcloud.ca
URL: https://zone.itcloud.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.196.24.101 Trois-Rivières, Canada, ASN30336 (XITTEL-AS, CA),
Reverse DNS
Software
/
Resource Hash
1ca24aa3005bb9942009a9a40834a21ccca39a3a9ff91b6df17dce09fbebe8be
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://zone.itcloud.ca/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 01:19:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Jul 2022 15:59:09 GMT
etag
"62cd9a4d-33dca"
x-frame-options
sameorigin
content-type
application/javascript
strict-transport-security
max-age=63072000
accept-ranges
bytes
content-length
212426
b64.js
zone.itcloud.ca/includes/jscript/
4 KB
4 KB
Script
General
Full URL
https://zone.itcloud.ca/includes/jscript/b64.js?v=2022-07-13
Requested by
Host: zone.itcloud.ca
URL: https://zone.itcloud.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.196.24.101 Trois-Rivières, Canada, ASN30336 (XITTEL-AS, CA),
Reverse DNS
Software
/
Resource Hash
96a56a8ee9572ff250e3d7b03480355a373dc56530fbff73679f5133fdfa86a7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://zone.itcloud.ca/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 01:19:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Jul 2022 15:58:37 GMT
etag
"62cd9a2d-fc9"
x-frame-options
sameorigin
content-type
application/javascript
strict-transport-security
max-age=63072000
accept-ranges
bytes
content-length
4041
cookies.js
zone.itcloud.ca/includes/jscript/
1 KB
1 KB
Script
General
Full URL
https://zone.itcloud.ca/includes/jscript/cookies.js?v=2022-07-13
Requested by
Host: zone.itcloud.ca
URL: https://zone.itcloud.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.196.24.101 Trois-Rivières, Canada, ASN30336 (XITTEL-AS, CA),
Reverse DNS
Software
/
Resource Hash
5c2caf655ccb839d9bea8f1149cb6ea8f188e5f044ed8b1fb952bb89ed38b551
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://zone.itcloud.ca/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 01:19:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Jul 2022 15:58:41 GMT
etag
"62cd9a31-44b"
x-frame-options
sameorigin
content-type
application/javascript
strict-transport-security
max-age=63072000
accept-ranges
bytes
content-length
1099
lang.js
zone.itcloud.ca/includes/jscript/
606 B
826 B
Script
General
Full URL
https://zone.itcloud.ca/includes/jscript/lang.js?v=2022-07-13
Requested by
Host: zone.itcloud.ca
URL: https://zone.itcloud.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.196.24.101 Trois-Rivières, Canada, ASN30336 (XITTEL-AS, CA),
Reverse DNS
Software
/
Resource Hash
f626d87bec7826da42373e9e32b93b0b1189a962d4669450e4af8eff65bef666
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://zone.itcloud.ca/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 01:19:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Jul 2022 15:58:58 GMT
etag
"62cd9a42-25e"
x-frame-options
sameorigin
content-type
application/javascript
strict-transport-security
max-age=63072000
accept-ranges
bytes
content-length
606
popup.js
zone.itcloud.ca/includes/jscript/
6 KB
6 KB
Script
General
Full URL
https://zone.itcloud.ca/includes/jscript/popup.js?v=2022-07-13
Requested by
Host: zone.itcloud.ca
URL: https://zone.itcloud.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.196.24.101 Trois-Rivières, Canada, ASN30336 (XITTEL-AS, CA),
Reverse DNS
Software
/
Resource Hash
4192e212b933d1d900f7f9cbd2ec9d37af573d2594ca4ce072c02dc3ddfb0e32
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://zone.itcloud.ca/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 01:19:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Jul 2022 15:58:50 GMT
etag
"62cd9a3a-162c"
x-frame-options
sameorigin
content-type
application/javascript
strict-transport-security
max-age=63072000
accept-ranges
bytes
content-length
5676
modal.js
zone.itcloud.ca/includes/jscript/
2 KB
2 KB
Script
General
Full URL
https://zone.itcloud.ca/includes/jscript/modal.js?v=2022-07-13
Requested by
Host: zone.itcloud.ca
URL: https://zone.itcloud.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.196.24.101 Trois-Rivières, Canada, ASN30336 (XITTEL-AS, CA),
Reverse DNS
Software
/
Resource Hash
cd488c97759f4419d26d5e099dd251dfffd0bd7b6918a888cf2c604f13573d3e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://zone.itcloud.ca/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 01:19:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Jul 2022 15:58:49 GMT
etag
"62cd9a39-72a"
x-frame-options
sameorigin
content-type
application/javascript
strict-transport-security
max-age=63072000
accept-ranges
bytes
content-length
1834
formutils.js
zone.itcloud.ca/includes/jscript/
3 KB
3 KB
Script
General
Full URL
https://zone.itcloud.ca/includes/jscript/formutils.js?v=2022-07-13
Requested by
Host: zone.itcloud.ca
URL: https://zone.itcloud.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.196.24.101 Trois-Rivières, Canada, ASN30336 (XITTEL-AS, CA),
Reverse DNS
Software
/
Resource Hash
fb2c8bf23ffb7c6aca2ad5596f24cec57287aa854006d2b430196d64393be902
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://zone.itcloud.ca/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 01:19:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Jul 2022 15:59:03 GMT
etag
"62cd9a47-ccd"
x-frame-options
sameorigin
content-type
application/javascript
strict-transport-security
max-age=63072000
accept-ranges
bytes
content-length
3277
ajaxutils.js
zone.itcloud.ca/includes/jscript/
2 KB
2 KB
Script
General
Full URL
https://zone.itcloud.ca/includes/jscript/ajaxutils.js?v=2022-07-13
Requested by
Host: zone.itcloud.ca
URL: https://zone.itcloud.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.196.24.101 Trois-Rivières, Canada, ASN30336 (XITTEL-AS, CA),
Reverse DNS
Software
/
Resource Hash
6551b5be3193ccfa8c2aae71a1ca276c481521aeddc48041055c83f8cae39338
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://zone.itcloud.ca/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 01:19:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Jul 2022 15:59:05 GMT
etag
"62cd9a49-803"
x-frame-options
sameorigin
content-type
application/javascript
strict-transport-security
max-age=63072000
accept-ranges
bytes
content-length
2051
select2.js
zone.itcloud.ca/includes/jscript/
279 KB
279 KB
Script
General
Full URL
https://zone.itcloud.ca/includes/jscript/select2.js?v=2022-07-13
Requested by
Host: zone.itcloud.ca
URL: https://zone.itcloud.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.196.24.101 Trois-Rivières, Canada, ASN30336 (XITTEL-AS, CA),
Reverse DNS
Software
/
Resource Hash
30a82617211e4bda2d4759fc5163bf797a9f16d2dc4c87da819fb74d312b9415
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://zone.itcloud.ca/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 01:19:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Jul 2022 15:59:04 GMT
etag
"62cd9a48-45be7"
x-frame-options
sameorigin
content-type
application/javascript
strict-transport-security
max-age=63072000
accept-ranges
bytes
content-length
285671
whmcs.js
zone.itcloud.ca/templates/rev/js/
6 KB
6 KB
Script
General
Full URL
https://zone.itcloud.ca/templates/rev/js/whmcs.js?v=2022-07-13
Requested by
Host: zone.itcloud.ca
URL: https://zone.itcloud.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.196.24.101 Trois-Rivières, Canada, ASN30336 (XITTEL-AS, CA),
Reverse DNS
Software
/
Resource Hash
f9989f3c9a0f4eecc4cab4f0b86338711b71b9279039eaa2a23cc0e0d7d34390
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://zone.itcloud.ca/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 01:19:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Jul 2022 15:58:40 GMT
etag
"62cd9a30-17f5"
x-frame-options
sameorigin
content-type
application/javascript
strict-transport-security
max-age=63072000
accept-ranges
bytes
content-length
6133
common.js
zone.itcloud.ca/templates/rev/js/
2 KB
2 KB
Script
General
Full URL
https://zone.itcloud.ca/templates/rev/js/common.js?v=2022-07-13
Requested by
Host: zone.itcloud.ca
URL: https://zone.itcloud.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.196.24.101 Trois-Rivières, Canada, ASN30336 (XITTEL-AS, CA),
Reverse DNS
Software
/
Resource Hash
93c78f32b62a6b02766a0f9f91b4abbb340cf3f8d1989f7e3cbe4db671f8c73a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://zone.itcloud.ca/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 01:19:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Jul 2022 15:59:07 GMT
etag
"62cd9a4b-7eb"
x-frame-options
sameorigin
content-type
application/javascript
strict-transport-security
max-age=63072000
accept-ranges
bytes
content-length
2027
documents.js
zone.itcloud.ca/templates/rev/js/
249 B
468 B
Script
General
Full URL
https://zone.itcloud.ca/templates/rev/js/documents.js?v=2022-07-13
Requested by
Host: zone.itcloud.ca
URL: https://zone.itcloud.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.196.24.101 Trois-Rivières, Canada, ASN30336 (XITTEL-AS, CA),
Reverse DNS
Software
/
Resource Hash
b520e65de45653697fa78db41f5c124a075cf69d4f5466dea3ab02ebcfb3b959
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://zone.itcloud.ca/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 01:19:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Jul 2022 15:58:46 GMT
etag
"62cd9a36-f9"
x-frame-options
sameorigin
content-type
application/javascript
strict-transport-security
max-age=63072000
accept-ranges
bytes
content-length
249
bk_mail_logo.png
zone.itcloud.ca/images/mail/
6 KB
6 KB
Image
General
Full URL
https://zone.itcloud.ca/images/mail/bk_mail_logo.png
Requested by
Host: zone.itcloud.ca
URL: https://zone.itcloud.ca/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.196.24.101 Trois-Rivières, Canada, ASN30336 (XITTEL-AS, CA),
Reverse DNS
Software
/
Resource Hash
c821f701ddbc4b092eba7b6efd8216c8aeb37fb9db2893816e9dfb973fdf00af
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://zone.itcloud.ca/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 01:19:57 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Jul 2022 15:58:44 GMT
etag
"62cd9a34-1691"
x-frame-options
sameorigin
content-type
image/png
strict-transport-security
max-age=63072000
accept-ranges
bytes
content-length
5777
css
fonts.googleapis.com/
5 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Ubuntu:400,500,700
Requested by
Host: zone.itcloud.ca
URL: https://zone.itcloud.ca/templates/rev/css/whmcs.css?v=2022-07-13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1a4dc72e06e5b57e48602f778bb66a0aa46bbfbfaad1975f20627a519f0684cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://zone.itcloud.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 01:10:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 27 Jul 2022 01:19:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 27 Jul 2022 01:19:57 GMT
loginbglow.png
zone.itcloud.ca/images/
705 KB
705 KB
Image
General
Full URL
https://zone.itcloud.ca/images/loginbglow.png
Requested by
Host: zone.itcloud.ca
URL: https://zone.itcloud.ca/templates/rev/css/login.css?v=2022-07-13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.196.24.101 Trois-Rivières, Canada, ASN30336 (XITTEL-AS, CA),
Reverse DNS
Software
/
Resource Hash
63197bb75d6e6e35ae91e550141491d702e2b017da782d860492f324179534cf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://zone.itcloud.ca/templates/rev/css/login.css?v=2022-07-13
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 01:19:57 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Jul 2022 15:59:04 GMT
etag
"62cd9a48-b0248"
x-frame-options
sameorigin
content-type
image/png
strict-transport-security
max-age=63072000
accept-ranges
bytes
content-length
721480
4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/
29 KB
30 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://zone.itcloud.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 22:56:33 GMT
x-content-type-options
nosniff
age
95004
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29752
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:05:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Jul 2023 22:56:33 GMT
fontawesome-webfont.woff2
zone.itcloud.ca/includes/fonts/
69 KB
69 KB
Font
General
Full URL
https://zone.itcloud.ca/includes/fonts/fontawesome-webfont.woff2?v=4.6.1
Requested by
Host: zone.itcloud.ca
URL: https://zone.itcloud.ca/includes/css/font-awesome.min.css?v=2022-07-13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.196.24.101 Trois-Rivières, Canada, ASN30336 (XITTEL-AS, CA),
Reverse DNS
Software
/
Resource Hash
d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://zone.itcloud.ca/includes/css/font-awesome.min.css?v=2022-07-13
Origin
https://zone.itcloud.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 01:19:57 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Jul 2022 15:59:05 GMT
etag
"62cd9a49-11448"
x-frame-options
sameorigin
content-type
application/octet-stream
strict-transport-security
max-age=63072000
accept-ranges
bytes
content-length
70728
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/
34 KB
34 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://zone.itcloud.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 22:12:19 GMT
x-content-type-options
nosniff
age
97658
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34852
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:31:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Jul 2023 22:12:19 GMT
getlang.php
zone.itcloud.ca/
302 KB
302 KB
XHR
General
Full URL
https://zone.itcloud.ca/getlang.php
Requested by
Host: zone.itcloud.ca
URL: https://zone.itcloud.ca/includes/jscript/jquery.js?v=2022-07-13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.196.24.101 Trois-Rivières, Canada, ASN30336 (XITTEL-AS, CA),
Reverse DNS
Software
/
Resource Hash
756b85b25776b77ab24b011dac2303b67e3ab804bebe03e5acff0eaeff2b7dc3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Accept
*/*
Referer
https://zone.itcloud.ca/login.php
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 01:19:57 GMT
x-content-type-options
nosniff
x-frame-options
sameorigin
content-type
application/json
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security
max-age=63072000
expires
Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| DP_jQuery_1658884797126 function| base64_encode function| base64_decode function| base64url_encode function| base64url_decode function| expireCookies function| setCookie function| getCookie object| lang function| setlanguage number| popHeight number| popWidth boolean| popFixed function| closePopup function| refreshPopup function| redirectPopupParent function| redirectPopup function| popupClose function| popupIframe function| popupFixedIframe function| popupHtml function| popupAjax function| popupOpen function| popupResize function| popupInit function| loadCss function| isPopup function| Modal function| passwordPrompt function| processFormInputs function| clearAllFormData function| restoreFormData function| resetFormErrors function| highlightErrorInputs function| fillFormFields function| showLoading function| hideLoading function| defaultHandling function| standardHandling function| downloadFile function| getRootUrl function| toggleCheckboxes function| disableFields function| popupWindow function| extraTicketAttachment function| rating_hover function| rating_leave function| rating_select function| delay function| dl function| setObjectClicked

1 Cookies

Domain/Path Name / Value
zone.itcloud.ca/ Name: WHMCSAzmc8t4qtBc9
Value: v32uluqi6htvrph8hrqs81u4e4

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
zone.itcloud.ca
2607:f8b0:4006:806::200a
2607:f8b0:4006:80c::2003
69.196.24.101
05ed134f23ea098b5d13aa16ab8a356f99b79e2939e3e5db238949aa4f74caf9
1a4dc72e06e5b57e48602f778bb66a0aa46bbfbfaad1975f20627a519f0684cc
1ca24aa3005bb9942009a9a40834a21ccca39a3a9ff91b6df17dce09fbebe8be
30a82617211e4bda2d4759fc5163bf797a9f16d2dc4c87da819fb74d312b9415
362ae4d51c05c9c741214bb98169e3b1b8a502fe09a380a93fa8b2c566e67e9a
3fdf494db003e8023e6d8580c2c08d417e9c24651deee5bca3df52a6a87a17c0
4192e212b933d1d900f7f9cbd2ec9d37af573d2594ca4ce072c02dc3ddfb0e32
5c2caf655ccb839d9bea8f1149cb6ea8f188e5f044ed8b1fb952bb89ed38b551
63197bb75d6e6e35ae91e550141491d702e2b017da782d860492f324179534cf
6551b5be3193ccfa8c2aae71a1ca276c481521aeddc48041055c83f8cae39338
69000bdaeca5bcbd6db7cd915ad9d60c597715e557ac248731c61047e97a833b
756b85b25776b77ab24b011dac2303b67e3ab804bebe03e5acff0eaeff2b7dc3
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
93c78f32b62a6b02766a0f9f91b4abbb340cf3f8d1989f7e3cbe4db671f8c73a
96a56a8ee9572ff250e3d7b03480355a373dc56530fbff73679f5133fdfa86a7
a5538544064c69bb170944ad1d78afd8a19dca8e1952c6b5e0968c8f67e96467
b520e65de45653697fa78db41f5c124a075cf69d4f5466dea3ab02ebcfb3b959
be89b521e1cdc0114d05d49d3bea531b2df8e69aa344c4b8887f9bb3979b7a97
c1385a84585493695dc86ef81cc3d12acf7ebcfa04895dd117e581defde9bf17
c821f701ddbc4b092eba7b6efd8216c8aeb37fb9db2893816e9dfb973fdf00af
ccf99e61c6284df3f4550026b88de670f36567951c3db5d49bbf503fcaf1a31a
cd488c97759f4419d26d5e099dd251dfffd0bd7b6918a888cf2c604f13573d3e
d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d
df860d9d5efbf5a35eaf97ce8c989cc709426900dfac343f8787a8064c6aa7d0
f626d87bec7826da42373e9e32b93b0b1189a962d4669450e4af8eff65bef666
f9989f3c9a0f4eecc4cab4f0b86338711b71b9279039eaa2a23cc0e0d7d34390
fb2c8bf23ffb7c6aca2ad5596f24cec57287aa854006d2b430196d64393be902