xlapp.cloware.com Open in urlscan Pro
54.91.29.242 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/3iq6CFp
Effective URL:
https://xlapp.cloware.com/mobileapp/mobile_input.php?a=45209
Submission: On June 04 via manual (June 4th 2021, 5:46:36 am UTC) from IN

Summary HTTP 13 Redirects Links 1 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 13 HTTP transactions. The main IP is 54.91.29.242, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is xlapp.cloware.com.
TLS certificate: Issued by R3 on May 1st 2021. Valid for: 3 months.

This is the only time xlapp.cloware.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 1	67.199.248.11 67.199.248.11		396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
11	54.91.29.242 54.91.29.242		14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:827::200e		15169 (GOOGLE) (GOOGLE)
13	3

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 54.91.29.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-91-29-242.compute-1.amazonaws.com

xlapp.cloware.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	cloware.com xlapp.cloware.com	781 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	bit.ly 1 redirects bit.ly	275 B
13	3

	Domain	Requested by
11	xlapp.cloware.com	xlapp.cloware.com
2	www.google-analytics.com	xlapp.cloware.com www.google-analytics.com
1	bit.ly	1 redirects
13	3

This site contains links to these domains. Also see Links.

Domain
xlapp.io

Subject Issuer	Validity	Valid
xlapp.cloware.com R3	`2021-05-01` - `2021-07-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://xlapp.cloware.com/mobileapp/mobile_input.php?a=45209
Frame ID: F88018691739F3468663680672F6033E
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://bit.ly/3iq6CFp HTTP 301
https://xlapp.cloware.com/mobileapp/mobile_input.php?a=45209 Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /php\/?([\d.]+)?/i

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

Amazon EC2 (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /\(Amazon\)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers server /\(Amazon\)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

13
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

801 kB
Transfer

827 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://xlapp.io/
Title: Powered by XLApp.io

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/3iq6CFp HTTP 301
https://xlapp.cloware.com/mobileapp/mobile_input.php?a=45209 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set mobile_input.php Show response
xlapp.cloware.com/mobileapp/
Redirect Chain

https://bit.ly/3iq6CFp
https://xlapp.cloware.com/mobileapp/mobile_input.php?a=45209

14 KB
15 KB

422ms
142ms

Document
text/html

54.91.29.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://xlapp.cloware.com/mobileapp/mobile_input.php?a=45209
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.29.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-29-242.compute-1.amazonaws.com
Software: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/5.5.38 / PHP/5.5.38
Resource Hash: e82dc1540d9d3bb241c16dcbe93bbbbcca74b3da408526637888bc1245630173

Request headers

Host: xlapp.cloware.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 05:46:18 GMT
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/5.5.38
X-Powered-By: PHP/5.5.38
Set-Cookie: PHPSESSID=o0va0pujjfa0ukqg9ddppenoe3; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

server: nginx
date: Fri, 04 Jun 2021 05:46:17 GMT
content-type: text/html; charset=utf-8
content-length: 147
cache-control: private, max-age=90
content-security-policy: referrer always;
location: https://xlapp.cloware.com/mobileapp/mobile_input.php?a=45209
referrer-policy: unsafe-url
set-cookie: _bit=l545Kh-2411c712e507a952d1-002; Domain=bit.ly; Expires=Wed, 01 Dec 2021 05:46:17 GMT
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK mobile_io.js Show response
xlapp.cloware.com/js_mobile/ 44 KB
45 KB 135ms
134ms Script
text/javascript 54.91.29.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://xlapp.cloware.com/js_mobile/mobile_io.js
Requested by: Host: xlapp.cloware.com
URL: https://xlapp.cloware.com/mobileapp/mobile_input.php?a=45209
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.29.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-29-242.compute-1.amazonaws.com
Software: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/5.5.38 /
Resource Hash: 1478b174db007cc729eb207c9f469f80cd68697afc861293636bd4878b7bfbf7

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: xlapp.cloware.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://xlapp.cloware.com/mobileapp/mobile_input.php?a=45209
Cookie: PHPSESSID=o0va0pujjfa0ukqg9ddppenoe3
Connection: keep-alive
Referer: https://xlapp.cloware.com/mobileapp/mobile_input.php?a=45209
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 05:46:18 GMT
Last-Modified: Mon, 21 Mar 2016 08:16:12 GMT
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/5.5.38
ETag: "b138-52e8ab5ae0b00"
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 45368

GET
H/1.1 200
OK mobile_io.css
xlapp.cloware.com/css_mobile/ 647 B
961 B 381ms
134ms Stylesheet
text/css 54.91.29.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://xlapp.cloware.com/css_mobile/mobile_io.css
Requested by: Host: xlapp.cloware.com
URL: https://xlapp.cloware.com/mobileapp/mobile_input.php?a=45209
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.29.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-29-242.compute-1.amazonaws.com
Software: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/5.5.38 /
Resource Hash: 742cbd395aab167388d57387999591e7b113388ec3708ba9bb5af0c840dc848e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: xlapp.cloware.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://xlapp.cloware.com/mobileapp/mobile_input.php?a=45209
Cookie: PHPSESSID=o0va0pujjfa0ukqg9ddppenoe3
Connection: keep-alive
Referer: https://xlapp.cloware.com/mobileapp/mobile_input.php?a=45209
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 05:46:18 GMT
Last-Modified: Fri, 13 Mar 2015 13:09:40 GMT
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/5.5.38
ETag: "287-5112b368c8d00"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 647

GET
H/1.1 200
OK jquery-1.11.2.min.js Show response
xlapp.cloware.com/js_mobile/ 94 KB
94 KB 404ms
135ms Script
text/javascript 54.91.29.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://xlapp.cloware.com/js_mobile/jquery-1.11.2.min.js
Requested by: Host: xlapp.cloware.com
URL: https://xlapp.cloware.com/mobileapp/mobile_input.php?a=45209
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.29.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-29-242.compute-1.amazonaws.com
Software: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/5.5.38 /
Resource Hash: 2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: xlapp.cloware.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://xlapp.cloware.com/mobileapp/mobile_input.php?a=45209
Cookie: PHPSESSID=o0va0pujjfa0ukqg9ddppenoe3
Connection: keep-alive
Referer: https://xlapp.cloware.com/mobileapp/mobile_input.php?a=45209
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 05:46:18 GMT
Last-Modified: Mon, 23 Feb 2015 20:44:50 GMT
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/5.5.38
ETag: "176bb-50fc779355480"
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 95931

GET
H/1.1 200
OK jquery.mobile-1.4.5.min.js Show response
xlapp.cloware.com/js_mobile/ 195 KB
196 KB 404ms
134ms Script
text/javascript 54.91.29.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://xlapp.cloware.com/js_mobile/jquery.mobile-1.4.5.min.js
Requested by: Host: xlapp.cloware.com
URL: https://xlapp.cloware.com/mobileapp/mobile_input.php?a=45209
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.29.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-29-242.compute-1.amazonaws.com
Software: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/5.5.38 /
Resource Hash: 2ec93e0833cecd36a92e8033596d06fd6790795892dc5333cb0a733d957c4979

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: xlapp.cloware.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://xlapp.cloware.com/mobileapp/mobile_input.php?a=45209
Cookie: PHPSESSID=o0va0pujjfa0ukqg9ddppenoe3
Connection: keep-alive
Referer: https://xlapp.cloware.com/mobileapp/mobile_input.php?a=45209
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 05:46:18 GMT
Last-Modified: Fri, 31 Oct 2014 13:33:46 GMT
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/5.5.38
ETag: "30dcf-506b80bd7e280"
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 200143

GET
H/1.1 200
OK jquery.mobile-1.4.5.min.css
xlapp.cloware.com/js_mobile/ 203 KB
203 KB 397ms
132ms Stylesheet
text/css 54.91.29.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://xlapp.cloware.com/js_mobile/jquery.mobile-1.4.5.min.css
Requested by: Host: xlapp.cloware.com
URL: https://xlapp.cloware.com/mobileapp/mobile_input.php?a=45209
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.29.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-29-242.compute-1.amazonaws.com
Software: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/5.5.38 /
Resource Hash: a1f1132059ae29789542297e710d6d45e60307f961d25acccb12ddb30f8d1bcc

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: xlapp.cloware.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://xlapp.cloware.com/mobileapp/mobile_input.php?a=45209
Cookie: PHPSESSID=o0va0pujjfa0ukqg9ddppenoe3
Connection: keep-alive
Referer: https://xlapp.cloware.com/mobileapp/mobile_input.php?a=45209
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 05:46:18 GMT
Last-Modified: Fri, 31 Oct 2014 13:33:46 GMT
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/5.5.38
ETag: "32a69-506b80bd7e280"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 207465

GET
H/1.1 200
OK jquery.mobile.squareui.min.css
xlapp.cloware.com/css_mobile/themes/square/ 139 KB
140 KB 397ms
133ms Stylesheet
text/css 54.91.29.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://xlapp.cloware.com/css_mobile/themes/square/jquery.mobile.squareui.min.css
Requested by: Host: xlapp.cloware.com
URL: https://xlapp.cloware.com/mobileapp/mobile_input.php?a=45209
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.29.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-29-242.compute-1.amazonaws.com
Software: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/5.5.38 /
Resource Hash: c7bcafc015f9fa5b24b819c1aa78f59672bada1fb1a1e24d4042a76e61b5970a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: xlapp.cloware.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://xlapp.cloware.com/mobileapp/mobile_input.php?a=45209
Cookie: PHPSESSID=o0va0pujjfa0ukqg9ddppenoe3
Connection: keep-alive
Referer: https://xlapp.cloware.com/mobileapp/mobile_input.php?a=45209
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 05:46:18 GMT
Last-Modified: Tue, 14 Apr 2015 03:38:36 GMT
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/5.5.38
ETag: "22dd5-513a6f72d6700"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 142805

GET
H/1.1 200
OK mobile_getimge.php
xlapp.cloware.com/mobileapp/ 8 KB
9 KB 134ms
134ms Image
image/png 54.91.29.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xlapp.cloware.com/mobileapp/mobile_getimge.php?a=45209&f=xlapp_0_10_2.png
Requested by: Host: xlapp.cloware.com
URL: https://xlapp.cloware.com/mobileapp/mobile_input.php?a=45209
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.29.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-29-242.compute-1.amazonaws.com
Software: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/5.5.38 / PHP/5.5.38
Resource Hash: 3d01503344c897a0c0513d7e35bb55f11bbea8451f6b22d37842734ce5637087

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: xlapp.cloware.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://xlapp.cloware.com/mobileapp/mobile_input.php?a=45209
Cookie: PHPSESSID=o0va0pujjfa0ukqg9ddppenoe3
Connection: keep-alive
Referer: https://xlapp.cloware.com/mobileapp/mobile_input.php?a=45209
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
Date: Fri, 04 Jun 2021 05:46:19 GMT
Last-Modified: Thu, 03 Jun 2021 07:42:42 GMT
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/5.5.38
X-Powered-By: PHP/5.5.38
Etag: d28c23c3b4a325ae02a98059cf51c81f
Content-Type: image/png
Cache-Control
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 8493
Expires

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: xlapp.cloware.com
URL: https://xlapp.cloware.com/mobileapp/mobile_input.php?a=45209

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://xlapp.cloware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 2096
date: Fri, 04 Jun 2021 05:11:23 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 04 Jun 2021 07:11:23 GMT

GET
H/1.1 200
OK lato-regular.woff
xlapp.cloware.com/css_mobile/themes/square/fonts/ 35 KB
35 KB 135ms
135ms Font
application/octet-stream 54.91.29.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://xlapp.cloware.com/css_mobile/themes/square/fonts/lato-regular.woff
Requested by: Host: xlapp.cloware.com
URL: https://xlapp.cloware.com/css_mobile/themes/square/jquery.mobile.squareui.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.29.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-29-242.compute-1.amazonaws.com
Software: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/5.5.38 /
Resource Hash: 65c762033cdc5bddf9937ef72857c085b424f9a9ecb2bd03c37595142e2420c4

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://xlapp.cloware.com
Accept-Encoding: gzip, deflate, br
Host: xlapp.cloware.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://xlapp.cloware.com/css_mobile/themes/square/jquery.mobile.squareui.min.css
Cookie: PHPSESSID=o0va0pujjfa0ukqg9ddppenoe3
Connection: keep-alive
Origin: https://xlapp.cloware.com
Referer: https://xlapp.cloware.com/css_mobile/themes/square/jquery.mobile.squareui.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 05:46:19 GMT
Last-Modified: Tue, 14 Apr 2015 03:38:36 GMT
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/5.5.38
ETag: "8c0c-513a6f72d6700"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 35852

GET
H/1.1 200
OK ajax-loader.gif
xlapp.cloware.com/css_mobile/themes/square/images/ 8 KB
8 KB 133ms
133ms Image
image/gif 54.91.29.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xlapp.cloware.com/css_mobile/themes/square/images/ajax-loader.gif
Requested by: Host: xlapp.cloware.com
URL: https://xlapp.cloware.com/css_mobile/themes/square/jquery.mobile.squareui.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.29.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-29-242.compute-1.amazonaws.com
Software: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/5.5.38 /
Resource Hash: 6ad159790587aeed2e2598356ea659fe327c99976f7243899b011695b9ad526f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: xlapp.cloware.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://xlapp.cloware.com/css_mobile/themes/square/jquery.mobile.squareui.min.css
Cookie: PHPSESSID=o0va0pujjfa0ukqg9ddppenoe3
Connection: keep-alive
Referer: https://xlapp.cloware.com/css_mobile/themes/square/jquery.mobile.squareui.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 05:46:19 GMT
Last-Modified: Tue, 14 Apr 2015 03:38:36 GMT
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/5.5.38
ETag: "1e91-513a6f72d6700"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 7825

GET
H/1.1 200
OK lato-bold.woff
xlapp.cloware.com/css_mobile/themes/square/fonts/ 36 KB
37 KB 135ms
134ms Font
application/octet-stream 54.91.29.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://xlapp.cloware.com/css_mobile/themes/square/fonts/lato-bold.woff
Requested by: Host: xlapp.cloware.com
URL: https://xlapp.cloware.com/css_mobile/themes/square/jquery.mobile.squareui.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.29.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-29-242.compute-1.amazonaws.com
Software: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/5.5.38 /
Resource Hash: 5dd6342d4d3c04f9bae33c478d327df9389109792aeae1ae0e08f0b97d6099df

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://xlapp.cloware.com
Accept-Encoding: gzip, deflate, br
Host: xlapp.cloware.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://xlapp.cloware.com/css_mobile/themes/square/jquery.mobile.squareui.min.css
Cookie: PHPSESSID=o0va0pujjfa0ukqg9ddppenoe3
Connection: keep-alive
Origin: https://xlapp.cloware.com
Referer: https://xlapp.cloware.com/css_mobile/themes/square/jquery.mobile.squareui.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 05:46:19 GMT
Last-Modified: Tue, 14 Apr 2015 03:38:36 GMT
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/5.5.38
ETag: "9188-513a6f72d6700"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 37256

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 12f3711213e0ab8c90322f49890fef6c182bc4275285492a5f2d3582f6417201

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 164 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae56073276f6deee1062bea386aae731763e4bae63a4215ae7e024263b62fe65

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 151 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7209e3e5ac5db936ce01427f93a2371180b3e9b27cb25eb06453967dd7c35f9a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 159 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6a3e2e11bd2251fcbbc98b0925a16fc703d551108c10933835c5fb99187fd21

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 171 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39d023034dcba8a4f294c876cec0666e5ffb009fafc7969aa6688930d6c9dadd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 280 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c590429a1451e01c32feb019b5d147b6524c8af0b6285475c6c9491dbd7569e0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 190 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff37adaaed1062902da680de3aebeecf83e6f1cd99cb5282b7ad5535a2dec30c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 53ms
26ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=83166730&t=pageview&_s=1&dl=https%3A%2F%2Fxlapp.cloware.com%2Fmobileapp%2Fmobile_input.php%3Fa%3D45209&ul=en-us&de=UTF-8&dt=1%20%E0%A4%9C%E0%A5%81%E0%A4%B2%E0%A5%88%20%E0%A4%B5%E0%A5%87%E0%A4%A4%E0%A4%A8%E0%A4%B5%E0%A4%BE%E0%A4%A2%20-%20%E0%A4%AC%E0%A5%87%E0%A4%B8%E0%A4%BF%E0%A4%95&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=198758715&gjid=619292247&cid=498749376.1622785580&tid=UA-58158246-1&_gid=477056756.1622785580&_r=1&_slc=1&z=1996077621

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://xlapp.cloware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 05:46:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xlapp.cloware.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| JSDateToExcelDate function| msToExcelSerialDate function| ExcelDateToJSDate2 function| SelectActiveTab function| checkGroup function| checkEmail function| proper function| gAlert function| hasAttr function| ShowFieldsInHiddenAreas function| ValidateCellTypes function| ValidateFieldCellID function| ValidateAllBeforeSubmit function| HandleSectionShowHide function| RecalcSheetOffline function| RecalcSheet function| PopulateFormWithData function| FixDataBeforeSend function| HandleNewDataReceived undefined| g_SourceFldID function| PercentFieldValidate function| DateFieldValidate function| NumFieldValidate function| TextLengthFieldValidate function| UpdateDateWidgetFromField function| DisplayAllDateWidgets function| DisplayAllDATAListWidgets function| UpdateDATAWidgetFromField function| OnDataListChange function| ResetDataList function| PopulateDataListUnique function| DisplayAllSwitchBoxWidgets function| toFixed function| DisplayAllPercentFields function| ConvertAllPercentFields function| ConvertAllCheckBoxes function| ConvertAllRangeSliders function| pz1 function| gGetTime function| gGetDate function| ConvertDateWidgetDataToSerial function| ReloadPageForEdit boolean| CamRunning function| SetupCam function| SnapPicStopCam undefined| canvas object| signaturePad function| resizeCanvas function| signaturePad_init function| signaturePad_save function| GetGeoLocation function| SetFilterSelectValue function| refreshPage function| ShowLoading function| HideLoading function| OpenSlideShow function| get_new_token1 function| SetupNotification function| InputPageInit function| SubmitButtonClicked function| OutputPageInit function| SetupRecSelectorSearchBox undefined| g_LookUpResponseData function| PopulateLookUpResults function| SetupLookupBoxes function| SubmitInputFilter function| ChangePage function| SubmitSearch function| ResetSearch function| $ function| jQuery object| jQuery11120020875990174717973 string| token number| AppID number| InputID number| CurrentPage number| g_UseOfflineJS number| g_RecalcOnLoad string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.cloware.com/	1970-01-19 18:46:25	Name: _gat Value: 1
			.cloware.com/	1970-01-19 18:47:51	Name: _gid Value: GA1.2.477056756.1622785580
			.cloware.com/	1970-01-20 12:17:37	Name: _ga Value: GA1.2.498749376.1622785580
			xlapp.cloware.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: o0va0pujjfa0ukqg9ddppenoe3

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://xlapp.cloware.com/js_mobile/mobile_io.js(Line 1491) Message: XLApp APP Not Detected.
console-api	log	URL: https://xlapp.cloware.com/js_mobile/mobile_io.js(Line 1498) Message: token Detected. 6ac860761b7dd9f901f898f9fe0f8e9decf4cd04098897575fa6534c97a43b2fdc87c283e0cdd0660b939b6a932e6b3a3cfb8dc573c55a7be02a5ea1dd0f0f911a12680512554e73504230f885531dac20dbad2046a5b8a636fca623ff9272a1515f38bbc0bed6b3cb69a6a4b113ceaf9d3a3e45fa505f5f9fb3b384275c0456
console-api	log	URL: https://xlapp.cloware.com/js_mobile/mobile_io.js(Line 1514) Message: XLApp App NOT Detected.
console-api	log	URL: https://xlapp.cloware.com/js_mobile/mobile_io.js(Line 1738) Message: SetupLookupBoxes

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
www.google-analytics.com
xlapp.cloware.com
2a00:1450:4001:827::200e
54.91.29.242
67.199.248.11
12f3711213e0ab8c90322f49890fef6c182bc4275285492a5f2d3582f6417201
1478b174db007cc729eb207c9f469f80cd68697afc861293636bd4878b7bfbf7
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2ec93e0833cecd36a92e8033596d06fd6790795892dc5333cb0a733d957c4979
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
39d023034dcba8a4f294c876cec0666e5ffb009fafc7969aa6688930d6c9dadd
3d01503344c897a0c0513d7e35bb55f11bbea8451f6b22d37842734ce5637087
5dd6342d4d3c04f9bae33c478d327df9389109792aeae1ae0e08f0b97d6099df
65c762033cdc5bddf9937ef72857c085b424f9a9ecb2bd03c37595142e2420c4
6ad159790587aeed2e2598356ea659fe327c99976f7243899b011695b9ad526f
7209e3e5ac5db936ce01427f93a2371180b3e9b27cb25eb06453967dd7c35f9a
742cbd395aab167388d57387999591e7b113388ec3708ba9bb5af0c840dc848e
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1f1132059ae29789542297e710d6d45e60307f961d25acccb12ddb30f8d1bcc
ae56073276f6deee1062bea386aae731763e4bae63a4215ae7e024263b62fe65
b6a3e2e11bd2251fcbbc98b0925a16fc703d551108c10933835c5fb99187fd21
c590429a1451e01c32feb019b5d147b6524c8af0b6285475c6c9491dbd7569e0
c7bcafc015f9fa5b24b819c1aa78f59672bada1fb1a1e24d4042a76e61b5970a
e82dc1540d9d3bb241c16dcbe93bbbbcca74b3da408526637888bc1245630173
ff37adaaed1062902da680de3aebeecf83e6f1cd99cb5282b7ad5535a2dec30c