urlscan.io logo urlscan.io
SecurityTrails logo

active.clewm.net Open in urlscan Pro
121.41.108.72  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://active.clewm.net/CSKeYR?qrurl=http://qr06.cn/CSKeYR&gtype=1&key=49fd6173071e54e3501597541785bc7c7f6a802993
Effective URL: https://active.clewm.net/CSKeYR?qrurl=http://c3.clewm.net/CSKeYR&gtype=1&key=0550e17e1e518cd8b01598c2e631cb5b9ce4464088
Submission: On December 03 via manual from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 5 domains to perform 18 HTTP transactions. The main IP is 121.41.108.72, located in Hangzhou, China and belongs to ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN. The main domain is active.clewm.net.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on July 3rd 2023. Valid for: a year.
This is the only time active.clewm.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 121.41.108.72 37963 (ALIBABA-C...)
1 1 47.98.169.181 37963 (ALIBABA-C...)
2 47.110.175.101 37963 (ALIBABA-C...)
12 163.181.92.237 24429 (TAOBAO Zh...)
1 103.235.46.191 55967 (BAIDU Bei...)
1 1 142.250.186.142 15169 (GOOGLE)
1 173.194.76.157 15169 (GOOGLE)
18 6
2    121.41.108.72 (Hangzhou, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
active.clewm.net
1    47.98.169.181 (Hangzhou, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
c3.clewm.net
2    47.110.175.101 (Hangzhou, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
targurl.clewm.net
tongji.cli.im
12    163.181.92.237 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
static.clewm.net
1    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
1    142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net
www.google-analytics.com
1    173.194.76.157 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f157.1e100.net
stats.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
16 clewm.net
active.clewm.net
c3.clewm.net
targurl.clewm.net
static.clewm.net — Cisco Umbrella Rank: 627628
153 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
337 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
345 B
1 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 10115
636 B
1 cli.im
tongji.cli.im
clitotalentr.cli.im Failed
875 B
18 5
Domain Requested by
12 static.clewm.net active.clewm.net
static.clewm.net
2 active.clewm.net 1 redirects targurl.clewm.net
1 stats.g.doubleclick.net active.clewm.net
1 www.google-analytics.com 1 redirects
1 hm.baidu.com active.clewm.net
1 tongji.cli.im active.clewm.net
1 targurl.clewm.net
1 c3.clewm.net 1 redirects
0 clitotalentr.cli.im Failed static.clewm.net
18 9

This site contains links to these domains. Also see Links.

Domain
apps.apple.com
play.google.com
www.pgyer.com
Subject Issuer Validity Valid
*.clewm.net
Encryption Everywhere DV TLS CA - G1		 2023-07-03 -
2024-07-03		 a year crt.sh
*.cli.im
GeoTrust CN RSA CA G1		 2023-07-03 -
2024-07-02		 a year crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2023-07-06 -
2024-08-06		 a year crt.sh

This page contains 1 frames:

Primary Page: https://active.clewm.net/CSKeYR?qrurl=http://c3.clewm.net/CSKeYR&gtype=1&key=0550e17e1e518cd8b01598c2e631cb5b9ce4464088
Frame ID: 652D8B27CF6DC856CA1DD243CA99076C
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://active.clewm.net/CSKeYR?qrurl=http://qr06.cn/CSKeYR&gtype=1&key=49fd6173071e54e3501597541785b... HTTP 302
    https://c3.clewm.net/CSKeYR?qrurl=http%3A%2F%2Fqr06.cn%2FCSKeYR&gtype=1 HTTP 301
    https://targurl.clewm.net/jump?coding=CSKeYR&targurl=aHR0cHM6Ly9hY3RpdmUuY2xld20ubmV0L0NTS2VZUj9xcnVyb... Page URL
  2. https://active.clewm.net/CSKeYR?qrurl=http://c3.clewm.net/CSKeYR&gtype=1&key=0550e17e1e518cd8b01598c2... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

89 %
HTTPS

0 %
IPv6

5
Domains

9
Subdomains

6
IPs

4
Countries

155 kB
Transfer

415 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://active.clewm.net/CSKeYR?qrurl=http://qr06.cn/CSKeYR&gtype=1&key=49fd6173071e54e3501597541785bc7c7f6a802993 HTTP 302
    https://c3.clewm.net/CSKeYR?qrurl=http%3A%2F%2Fqr06.cn%2FCSKeYR&gtype=1 HTTP 301
    https://targurl.clewm.net/jump?coding=CSKeYR&targurl=aHR0cHM6Ly9hY3RpdmUuY2xld20ubmV0L0NTS2VZUj9xcnVybD1odHRwJTNBJTJGJTJGYzMuY2xld20ubmV0JTJGQ1NLZVlSJmd0eXBlPTE%3D&key=0550e17e1e518cd8b01598c2e631cb5b9ce4464088 Page URL
  2. https://active.clewm.net/CSKeYR?qrurl=http://c3.clewm.net/CSKeYR&gtype=1&key=0550e17e1e518cd8b01598c2e631cb5b9ce4464088 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://active.clewm.net/CSKeYR?qrurl=http://qr06.cn/CSKeYR&gtype=1&key=49fd6173071e54e3501597541785bc7c7f6a802993 HTTP 302
  • https://c3.clewm.net/CSKeYR?qrurl=http%3A%2F%2Fqr06.cn%2FCSKeYR&gtype=1 HTTP 301
  • https://targurl.clewm.net/jump?coding=CSKeYR&targurl=aHR0cHM6Ly9hY3RpdmUuY2xld20ubmV0L0NTS2VZUj9xcnVybD1odHRwJTNBJTJGJTJGYzMuY2xld20ubmV0JTJGQ1NLZVlSJmd0eXBlPTE%3D&key=0550e17e1e518cd8b01598c2e631cb5b9ce4464088
Request Chain 16
  • https://www.google-analytics.com/r/collect?v=1&_v=j46&a=1391390925&t=pageview&_s=1&dl=https%3A%2F%2Factive.clewm.net%2FCSKeYR%3Fqrurl%3Dhttp%3A%2F%2Fc3.clewm.net%2FCSKeYR%26gtype%3D1%26key%3D0550e17e1e518cd8b01598c2e631cb5b9ce4464088&dr=https%3A%2F%2Ftargurl.clewm.net%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=AEAAAEABI~&jid=1987854058&cid=1442209780.1701598092&tid=UA-84134968-1&_r=1&z=264610713 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-84134968-1&cid=1442209780.1701598092&jid=1987854058&_v=j46&z=264610713

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
jump
targurl.clewm.net/
Redirect Chain
  • https://active.clewm.net/CSKeYR?qrurl=http://qr06.cn/CSKeYR&gtype=1&key=49fd6173071e54e3501597541785bc7c7f6a802993
  • https://c3.clewm.net/CSKeYR?qrurl=http%3A%2F%2Fqr06.cn%2FCSKeYR&gtype=1
  • https://targurl.clewm.net/jump?coding=CSKeYR&targurl=aHR0cHM6Ly9hY3RpdmUuY2xld20ubmV0L0NTS2VZUj9xcnVybD1odHRwJTNBJTJGJTJGYzMuY2xld20ubmV0JTJGQ1NLZVlSJmd0eXBlPTE%3D&key=0550e17e1e518cd8b01598c2e631c...
506 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://targurl.clewm.net/jump?coding=CSKeYR&targurl=aHR0cHM6Ly9hY3RpdmUuY2xld20ubmV0L0NTS2VZUj9xcnVybD1odHRwJTNBJTJGJTJGYzMuY2xld20ubmV0JTJGQ1NLZVlSJmd0eXBlPTE%3D&key=0550e17e1e518cd8b01598c2e631cb5b9ce4464088
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.110.175.101 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
morrighan /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
ctoken,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,request_type,Auth-CL,Caoliao-Identity-Flag,sentry-trace
Access-Control-Allow-Methods
PUT,POST,GET,OPTIONS
Cache-Control
private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Sun, 03 Dec 2023 10:08:10 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
morrighan
Transfer-Encoding
chunked

Redirect headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 03 Dec 2023 10:08:08 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://targurl.clewm.net/jump?coding=CSKeYR&targurl=aHR0cHM6Ly9hY3RpdmUuY2xld20ubmV0L0NTS2VZUj9xcnVybD1odHRwJTNBJTJGJTJGYzMuY2xld20ubmV0JTJGQ1NLZVlSJmd0eXBlPTE%3D&key=0550e17e1e518cd8b01598c2e631cb5b9ce4464088
pragma
no-cache
server
morrighan
Primary Request CSKeYR
active.clewm.net/ 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://active.clewm.net/CSKeYR?qrurl=http://c3.clewm.net/CSKeYR&gtype=1&key=0550e17e1e518cd8b01598c2e631cb5b9ce4464088
Requested by
Host: targurl.clewm.net
URL: https://targurl.clewm.net/jump?coding=CSKeYR&targurl=aHR0cHM6Ly9hY3RpdmUuY2xld20ubmV0L0NTS2VZUj9xcnVybD1odHRwJTNBJTJGJTJGYzMuY2xld20ubmV0JTJGQ1NLZVlSJmd0eXBlPTE%3D&key=0550e17e1e518cd8b01598c2e631cb5b9ce4464088
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
121.41.108.72 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
morrighan /
Resource Hash
faa6fc65d17a0c01e6ff1438bd2b68e1d0e995c11b2e284f92ab30766c74dd17

Request headers

Referer
https://targurl.clewm.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 03 Dec 2023 10:08:10 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
k8s-pod-name
app-cli-web-586ddf9cd5-2zlds
pragma
no-cache
server
morrighan
vary
Accept-Encoding
frozen.css
static.clewm.net/cli/css/ 		73 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.clewm.net/cli/css/frozen.css
Requested by
Host: active.clewm.net
URL: https://active.clewm.net/CSKeYR?qrurl=http://c3.clewm.net/CSKeYR&gtype=1&key=0550e17e1e518cd8b01598c2e631cb5b9ce4464088
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.92.237 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
554d50aa6e865d6db4c6ea71980e1c5c4633d135e9fd5a60e7951146ae327ef6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://active.clewm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 14:33:38 GMT
via
cache20.l2de2[0,1,200-0,H], cache5.l2de2[3,0], ens-cache7.de5[0,0,200-0,H], ens-cache4.de5[1,0]
content-encoding
br
age
5772873
x-swift-cachetime
4021140
x-cache
HIT TCP_MEM_HIT dirn:13:801499570
x-swift-savetime
Fri, 10 Nov 2023 01:34:39 GMT
last-modified
Tue, 26 Sep 2023 08:29:27 GMT
server
Tengine
etag
W/"65129667-1230a"
vary
Accept-Encoding
ali-swift-global-savetime
1695825219
content-type
text/css
access-control-allow-origin
*
access-control-allow-methods
GET,POST,PUT,HEAD,OPTIONS
timing-allow-origin
*
eagleid
a3b55c9817015980922883938e
mobile_present_fe1b518.css
static.clewm.net/static/css/ 		19 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.clewm.net/static/css/mobile_present_fe1b518.css
Requested by
Host: active.clewm.net
URL: https://active.clewm.net/CSKeYR?qrurl=http://c3.clewm.net/CSKeYR&gtype=1&key=0550e17e1e518cd8b01598c2e631cb5b9ce4464088
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.92.237 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
a1002ae971b53fa119223c891b9fcaddb5693020ff389fd9659857c51becfec9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://active.clewm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 08:56:15 GMT
via
cache20.l2de2[0,0,200-0,H], cache14.l2de2[1,0], ens-cache15.de5[0,0,200-0,H], ens-cache4.de5[4,0]
content-encoding
br
age
5793117
x-swift-cachetime
4000896
x-cache
HIT TCP_MEM_HIT dirn:13:802081753
x-swift-savetime
Fri, 10 Nov 2023 01:34:39 GMT
last-modified
Tue, 26 Sep 2023 10:02:55 GMT
server
Tengine
etag
W/"6512ac4f-4abc"
vary
Accept-Encoding
ali-swift-global-savetime
1695804975
content-type
text/css
access-control-allow-origin
*
access-control-allow-methods
GET,POST,PUT,HEAD,OPTIONS
timing-allow-origin
*
eagleid
a3b55c9817015980922883939e
page-coding-new_3473358.css
static.clewm.net/static/css/ 		9 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.clewm.net/static/css/page-coding-new_3473358.css
Requested by
Host: active.clewm.net
URL: https://active.clewm.net/CSKeYR?qrurl=http://c3.clewm.net/CSKeYR&gtype=1&key=0550e17e1e518cd8b01598c2e631cb5b9ce4464088
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.92.237 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
d1f4458df1a7a0a02fbb640d6c2833d0e20d0c48f9a265a2015d1808d6e6b6cf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://active.clewm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 12:40:19 GMT
via
cache20.l2de2[0,4,200-0,H], cache10.l2de2[6,0], ens-cache2.de5[0,0,200-0,H], ens-cache4.de5[3,0]
content-encoding
br
age
5779673
x-swift-cachetime
4014340
x-cache
HIT TCP_MEM_HIT dirn:13:933430505
x-swift-savetime
Fri, 10 Nov 2023 01:34:39 GMT
last-modified
Tue, 26 Sep 2023 10:02:55 GMT
server
Tengine
etag
W/"6512ac4f-22dc"
vary
Accept-Encoding
ali-swift-global-savetime
1695818419
content-type
text/css
access-control-allow-origin
*
access-control-allow-methods
GET,POST,PUT,HEAD,OPTIONS
timing-allow-origin
*
eagleid
a3b55c9817015980922893943e
ueditor_list.css
static.clewm.net/cli/css/ 		52 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.clewm.net/cli/css/ueditor_list.css
Requested by
Host: active.clewm.net
URL: https://active.clewm.net/CSKeYR?qrurl=http://c3.clewm.net/CSKeYR&gtype=1&key=0550e17e1e518cd8b01598c2e631cb5b9ce4464088
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.92.237 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
98c56a57a6c50d911d1ea66b049a5f787eb8473111863e380852a4204ac35632

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://active.clewm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 22:24:41 GMT
via
cache17.l2fr1[0,0,200-0,H], cache9.l2fr1[1,0], ens-cache11.de5[0,0,200-0,H], ens-cache4.de5[3,0]
content-encoding
br
age
4275811
x-swift-cachetime
4683104
x-cache
HIT TCP_MEM_HIT dirn:12:120385715
x-swift-savetime
Sun, 19 Nov 2023 17:32:57 GMT
last-modified
Thu, 12 Oct 2023 15:29:55 GMT
server
Tengine
etag
W/"652810f3-ce93"
vary
Accept-Encoding
ali-swift-global-savetime
1697322281
content-type
text/css
access-control-allow-origin
*
access-control-allow-methods
GET,POST,PUT,HEAD,OPTIONS
timing-allow-origin
*
eagleid
a3b55c9817015980922893941e
mobile_collect_bottom.css
static.clewm.net/cli/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.clewm.net/cli/css/mobile_collect_bottom.css?v=1701438942482
Requested by
Host: active.clewm.net
URL: https://active.clewm.net/CSKeYR?qrurl=http://c3.clewm.net/CSKeYR&gtype=1&key=0550e17e1e518cd8b01598c2e631cb5b9ce4464088
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.92.237 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
8ec54991b610c33c3b1ef3976e76099ed23fbdff326c3c5cbe2193c4d345015a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://active.clewm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 14:03:47 GMT
via
cache20.l2de2[0,0,200-0,H], cache12.l2de2[0,0], ens-cache12.de5[0,0,200-0,H], ens-cache4.de5[3,0]
content-encoding
br
age
158665
x-swift-cachetime
7775984
x-cache
HIT TCP_MEM_HIT dirn:12:852416545
x-swift-savetime
Fri, 01 Dec 2023 14:04:03 GMT
last-modified
Thu, 23 Nov 2023 09:42:16 GMT
server
Tengine
etag
W/"655f1e78-3294"
vary
Accept-Encoding
ali-swift-global-savetime
1701439427
content-type
text/css
access-control-allow-origin
*
access-control-allow-methods
GET,POST,PUT,HEAD,OPTIONS
timing-allow-origin
*
eagleid
a3b55c9817015980922893942e
jquery191.js
static.clewm.net/cli/js/lib/ 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.clewm.net/cli/js/lib/jquery191.js
Requested by
Host: active.clewm.net
URL: https://active.clewm.net/CSKeYR?qrurl=http://c3.clewm.net/CSKeYR&gtype=1&key=0550e17e1e518cd8b01598c2e631cb5b9ce4464088
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.92.237 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
aa084d3968ab19898ebbed807ebc134b622fab78a888e7b36ae8386841636801

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://active.clewm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 08:48:51 GMT
via
cache20.l2de2[0,0,200-0,H], cache23.l2de2[1,0], ens-cache7.de5[0,0,200-0,H], ens-cache4.de5[3,0]
content-encoding
br
age
5793561
x-swift-cachetime
7775993
x-cache
HIT TCP_MEM_HIT dirn:13:209315173
x-swift-savetime
Wed, 27 Sep 2023 08:48:58 GMT
last-modified
Tue, 26 Sep 2023 08:29:49 GMT
server
Tengine
etag
W/"6512967d-169d6"
vary
Accept-Encoding
ali-swift-global-savetime
1695804531
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST,PUT,HEAD,OPTIONS
timing-allow-origin
*
eagleid
a3b55c9817015980922893946e
jweixin-1.3.2.js
static.clewm.net/cli/js/lib/weixin/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.clewm.net/cli/js/lib/weixin/jweixin-1.3.2.js
Requested by
Host: active.clewm.net
URL: https://active.clewm.net/CSKeYR?qrurl=http://c3.clewm.net/CSKeYR&gtype=1&key=0550e17e1e518cd8b01598c2e631cb5b9ce4464088
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.92.237 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
8970d87dc5fb273b406c465a1e68e46b577dc447ee9f80b9f13f062d72badd9b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://active.clewm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 04:05:28 GMT
via
cache20.l2de2[0,0,200-0,H], cache6.l2de2[1,0], ens-cache1.de5[0,0,200-0,H], ens-cache4.de5[3,0]
content-encoding
br
age
4600964
x-swift-cachetime
5193049
x-cache
HIT TCP_MEM_HIT dirn:13:602837142
x-swift-savetime
Fri, 10 Nov 2023 01:34:39 GMT
last-modified
Wed, 11 Oct 2023 04:01:13 GMT
server
Tengine
etag
W/"65261e09-3014"
vary
Accept-Encoding
ali-swift-global-savetime
1696997128
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST,PUT,HEAD,OPTIONS
timing-allow-origin
*
eagleid
a3b55c9817015980922893947e
footer_new_8859de8.js
static.clewm.net/static/js/mobile/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.clewm.net/static/js/mobile/footer_new_8859de8.js
Requested by
Host: active.clewm.net
URL: https://active.clewm.net/CSKeYR?qrurl=http://c3.clewm.net/CSKeYR&gtype=1&key=0550e17e1e518cd8b01598c2e631cb5b9ce4464088
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.92.237 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
547ce9bd5ebff3491025f2bcab1b16b96ba7be9c053fa759943e704d6db58a1e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://active.clewm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 13:12:37 GMT
via
cache15.l2de2[0,0,200-0,H], cache15.l2de2[1,0], ens-cache3.de5[0,0,200-0,H], ens-cache4.de5[1,0]
content-encoding
br
age
5777735
x-swift-cachetime
4016278
x-cache
HIT TCP_MEM_HIT dirn:13:30747265
x-swift-savetime
Fri, 10 Nov 2023 01:34:39 GMT
last-modified
Tue, 26 Sep 2023 10:03:05 GMT
server
Tengine
etag
W/"6512ac59-8e7"
vary
Accept-Encoding
ali-swift-global-savetime
1695820357
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST,PUT,HEAD,OPTIONS
timing-allow-origin
*
eagleid
a3b55c9817015980923023968e
take
tongji.cli.im/ 		0
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tongji.cli.im/take?sn=sFLasKGYV51Vf4WyV1yGpdefloduVJWUbmxllZiWVFxXo8+rlpKY0pegnspXaoZ0tYGXvoZUjoWonKjIwdGTnZpSoFmNqG2WZ3CM2GtlnWq+q2jJZ5S+2GxrZJSE4A==
Requested by
Host: active.clewm.net
URL: https://active.clewm.net/CSKeYR?qrurl=http://c3.clewm.net/CSKeYR&gtype=1&key=0550e17e1e518cd8b01598c2e631cb5b9ce4464088
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.110.175.101 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
morrighan /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://active.clewm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Dec 2023 10:08:11 GMT
Content-Encoding
gzip
Server
morrighan
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Length
20
Expires
Thu, 19 Nov 1981 08:52:00 GMT
jquery.js
static.clewm.net/cli/js/lib/ 		67 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.clewm.net/cli/js/lib/jquery.js
Requested by
Host: active.clewm.net
URL: https://active.clewm.net/CSKeYR?qrurl=http://c3.clewm.net/CSKeYR&gtype=1&key=0550e17e1e518cd8b01598c2e631cb5b9ce4464088
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.92.237 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
9df85d8e664efdde246f752032f17050bc19aa8e81f2128bc61a5b47a8a13e32

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://active.clewm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 07:07:34 GMT
via
cache6.l2de2[0,0,200-0,H], cache14.l2de2[1,0], ens-cache11.de5[0,0,200-0,H], ens-cache4.de5[3,0]
content-encoding
br
age
5626838
x-swift-cachetime
7518525
x-cache
HIT TCP_MEM_HIT dirn:12:400349191
x-swift-savetime
Mon, 02 Oct 2023 06:38:49 GMT
last-modified
Tue, 26 Sep 2023 08:29:49 GMT
server
Tengine
etag
W/"6512967d-10bd4"
vary
Accept-Encoding
ali-swift-global-savetime
1695971254
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST,PUT,HEAD,OPTIONS
timing-allow-origin
*
eagleid
a3b55c9817015980922893944e
hm.gif
hm.baidu.com/ 		43 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?si=702c43c086294cf6b0a2474d75381e26&et=0&nv=1&st=3&su=https%3A%2F%2Ftargurl.clewm.net%2F&v=wap-0-0.2&rnd=8973186813
Requested by
Host: active.clewm.net
URL: https://active.clewm.net/CSKeYR?qrurl=http://c3.clewm.net/CSKeYR&gtype=1&key=0550e17e1e518cd8b01598c2e631cb5b9ce4464088
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://active.clewm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Dec 2023 10:08:11 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
cli_analytics.js
static.clewm.net/public/ 		1 KB
946 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.clewm.net/public/cli_analytics.js
Requested by
Host: active.clewm.net
URL: https://active.clewm.net/CSKeYR?qrurl=http://c3.clewm.net/CSKeYR&gtype=1&key=0550e17e1e518cd8b01598c2e631cb5b9ce4464088
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.92.237 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
e6d0c92f1ad7ce7ed7e2585a6c4ba0190d1382356f2598651bef0f7fe2b3becd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://active.clewm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 13:36:36 GMT
via
cache5.l2de2[0,0,200-0,H], cache16.l2de2[0,0], ens-cache15.de5[0,0,200-0,H], ens-cache4.de5[1,0]
content-encoding
br
age
3357096
x-swift-cachetime
6442866
x-cache
HIT TCP_MEM_HIT dirn:13:739381611
x-swift-savetime
Thu, 09 Nov 2023 23:55:30 GMT
last-modified
Tue, 16 May 2023 17:05:37 GMT
server
Tengine
etag
W/"6463b7e1-473"
vary
Accept-Encoding
ali-swift-global-savetime
1698240996
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST,PUT,HEAD,OPTIONS
timing-allow-origin
*
eagleid
a3b55c9817015980923294015e
mobile_collect_bottom_v1.js
static.clewm.net/cli/js/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.clewm.net/cli/js/mobile_collect_bottom_v1.js?v=1701438942482
Requested by
Host: active.clewm.net
URL: https://active.clewm.net/CSKeYR?qrurl=http://c3.clewm.net/CSKeYR&gtype=1&key=0550e17e1e518cd8b01598c2e631cb5b9ce4464088
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.92.237 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
976b1be51b2b17ded2ef1d0dd3d33e588a0ff5d5e8dc71c01a57845966c2083e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://active.clewm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 14:03:47 GMT
via
cache6.l2de2[0,0,200-0,H], cache8.l2de2[2,0], ens-cache1.de5[0,0,200-0,H], ens-cache4.de5[1,0]
content-encoding
br
age
158665
x-swift-cachetime
7775984
x-cache
HIT TCP_MEM_HIT dirn:13:278525226
x-swift-savetime
Fri, 01 Dec 2023 14:04:03 GMT
last-modified
Thu, 23 Nov 2023 09:41:52 GMT
server
Tengine
etag
W/"655f1e60-99b5"
vary
Accept-Encoding
ali-swift-global-savetime
1701439427
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST,PUT,HEAD,OPTIONS
timing-allow-origin
*
eagleid
a3b55c9817015980923294017e
analytics.js
static.clewm.net/public/ 		27 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.clewm.net/public/analytics.js
Requested by
Host: static.clewm.net
URL: https://static.clewm.net/public/cli_analytics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.92.237 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
4344462fab66b7d9d12cdbcf54b45fc2f366f305ef7c1b19b7e7a8f7f4e67603

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://active.clewm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 11:13:52 GMT
via
cache7.l2de2[721,721,304-0,M], cache25.l2de2[723,0], ens-cache16.de5[0,0,200-0,H], ens-cache4.de5[1,0]
content-encoding
br
age
5784860
x-swift-cachetime
7776000
x-cache
HIT TCP_MEM_HIT dirn:3:693447725
x-swift-savetime
Wed, 27 Sep 2023 11:13:52 GMT
last-modified
Tue, 16 May 2023 17:05:37 GMT
server
Tengine
etag
W/"6463b7e1-6ca0"
vary
Accept-Encoding
ali-swift-global-savetime
1695813232
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST,PUT,HEAD,OPTIONS
timing-allow-origin
*
eagleid
a3b55c9817015980923964142e
get
clitotalentr.cli.im/Code/ 		0
0
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j46&a=1391390925&t=pageview&_s=1&dl=https%3A%2F%2Factive.clewm.net%2FCSKeYR%3Fqrurl%3Dhttp%3A%2F%2Fc3.clewm.net%2FCSKeYR%26gtype%3D1%26key%3D0550e1...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-84134968-1&cid=1442209780.1701598092&jid=1987854058&_v=j46&z=264610713
35 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-84134968-1&cid=1442209780.1701598092&jid=1987854058&_v=j46&z=264610713
Requested by
Host: active.clewm.net
URL: https://active.clewm.net/CSKeYR?qrurl=http://c3.clewm.net/CSKeYR&gtype=1&key=0550e17e1e518cd8b01598c2e631cb5b9ce4464088
Protocol
H2
Server
173.194.76.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://active.clewm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 03 Dec 2023 10:08:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 10:08:12 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/html; charset=UTF-8
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-84134968-1&cid=1442209780.1701598092&jid=1987854058&_v=j46&z=264610713
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
368
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
clitotalentr.cli.im
URL
https://clitotalentr.cli.im/Code/get

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery string| gldomain string| coding string| edition_id object| jWeixin object| wx number| winheight number| bodyheight object| elment function| ajax function| getqr function| loadmcover function| makecall function| isAndroid string| GoogleAnalyticsObject function| ga number| c_start object| doc object| heads object| TEST_CODING boolean| HAS_CLICKLOG function| in_array function| base64Decode function| intval function| insertAfter function| getPos function| createAjax function| isJson function| ajax_jsonp function| getScrollTop function| getScrollHeight function| getWindowHeight function| getScroll function| getCookie function| setCookie function| getDomain function| _cvid_is_conditions_three function| setCvid function| scroller function| setPowerBy function| uuid function| AnalysisData function| powerBySeen function| newWin function| is_weixin_env function| bizfree object| at function| addLoadEvent function| sendHeight object| jQuery18206925858928655566 object| gaplugins object| gaGlobal object| gaData

11 Cookies

Domain/Path Name / Value
active.clewm.net/ Name: PHPSESSID
Value: 0eofoigr9ol0ouui1sq3dapi82
c3.clewm.net/ Name: PHPSESSID
Value: khvlbmqs0lmok00n8g4s29rai4
targurl.clewm.net/ Name: acw_tc
Value: 707c9fcb17015980902936189e0307cf967752cc38bc92bbf9b55ac6149a17
targurl.clewm.net/ Name: PHPSESSID
Value: 4171krpru5tkr3crskknjsp513
active.clewm.net/ Name: Hm_lpvt_702c43c086294cf6b0a2474d75381e26
Value: 1701598090
active.clewm.net/ Name: Hm_lvt_702c43c086294cf6b0a2474d75381e26
Value: 1701598090
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 79C250C8A7BF09A7
tongji.cli.im/ Name: _uvmark[6d32f105d6744e0acb21e40f29b22cd5]
Value: 44145a76d2c5ee47ffa4f2d1cf98d13f
tongji.cli.im/ Name: _uvmask[6d32f105d6744e0acb21e40f29b22cd5]
Value: 701daaa5a9aed56e6ae2c8ec846b007a
.clewm.net/ Name: _ga
Value: GA1.2.1442209780.1701598092
.clewm.net/ Name: _gat
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

active.clewm.net
c3.clewm.net
clitotalentr.cli.im
hm.baidu.com
static.clewm.net
stats.g.doubleclick.net
targurl.clewm.net
tongji.cli.im
www.google-analytics.com
clitotalentr.cli.im
103.235.46.191
121.41.108.72
142.250.186.142
163.181.92.237
173.194.76.157
47.110.175.101
47.98.169.181
4344462fab66b7d9d12cdbcf54b45fc2f366f305ef7c1b19b7e7a8f7f4e67603
547ce9bd5ebff3491025f2bcab1b16b96ba7be9c053fa759943e704d6db58a1e
554d50aa6e865d6db4c6ea71980e1c5c4633d135e9fd5a60e7951146ae327ef6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8970d87dc5fb273b406c465a1e68e46b577dc447ee9f80b9f13f062d72badd9b
8ec54991b610c33c3b1ef3976e76099ed23fbdff326c3c5cbe2193c4d345015a
976b1be51b2b17ded2ef1d0dd3d33e588a0ff5d5e8dc71c01a57845966c2083e
98c56a57a6c50d911d1ea66b049a5f787eb8473111863e380852a4204ac35632
9df85d8e664efdde246f752032f17050bc19aa8e81f2128bc61a5b47a8a13e32
a1002ae971b53fa119223c891b9fcaddb5693020ff389fd9659857c51becfec9
aa084d3968ab19898ebbed807ebc134b622fab78a888e7b36ae8386841636801
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1f4458df1a7a0a02fbb640d6c2833d0e20d0c48f9a265a2015d1808d6e6b6cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6d0c92f1ad7ce7ed7e2585a6c4ba0190d1382356f2598651bef0f7fe2b3becd
faa6fc65d17a0c01e6ff1438bd2b68e1d0e995c11b2e284f92ab30766c74dd17