urlscan.io logo urlscan.io
SecurityTrails logo

columbus-erp.com Open in urlscan Pro
185.2.4.90  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://columbus-erp.com/Login/Login.htm
Submission: On April 09 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 5 countries across 9 domains to perform 32 HTTP transactions. The main IP is 185.2.4.90, located in Italy and belongs to REGISTER_UK-AS, GB. The main domain is columbus-erp.com.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on June 11th 2018. Valid for: 2 years.
This is the only time columbus-erp.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Office 365 (Online)

Domain & IP information

IP Address AS Autonomous System
12 185.2.4.90 203461 (REGISTER_...)
9 45.60.13.52 19551 (INCAPSULA)
1 185.67.45.137 201682 (LIQUID-WE...)
1 7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 151.101.112.217 54113 (FASTLY)
32 9
12    185.2.4.90 (Italy)

ASN203461 (REGISTER_UK-AS, GB)
PTR: lhcp1090.webapps.net
columbus-erp.com
9    45.60.13.52 (United States)

ASN19551 (INCAPSULA, US)
cdn.clareitysecurity.net
collector.clareity.net
1    185.67.45.137 (Netherlands)

ASN201682 (LIQUID-WEB-BV, NL)
PTR: uranus.mspcloudhost.com
www.novosco.com
7    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)
stackpath.bootstrapcdn.com
1    151.101.112.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
player.vimeo.com
Domain Requested by
12 columbus-erp.com columbus-erp.com
8 cdn.clareitysecurity.net columbus-erp.com
cdn.clareitysecurity.net
7 www.google-analytics.com 1 redirects cdn.clareitysecurity.net
columbus-erp.com
1 player.vimeo.com columbus-erp.com
1 stackpath.bootstrapcdn.com columbus-erp.com
1 fonts.googleapis.com columbus-erp.com
1 stats.g.doubleclick.net columbus-erp.com
1 www.novosco.com columbus-erp.com
1 collector.clareity.net columbus-erp.com
32 9

This site contains links to these domains. Also see Links.

Domain
www.google.com
Subject Issuer Validity Valid
www.columbus-erp.com
GeoTrust TLS RSA CA G1		 2018-06-11 -
2020-07-10		 2 years crt.sh
cdn.clareitysecurity.net
DigiCert SHA2 High Assurance Server CA		 2020-03-31 -
2022-04-05		 2 years crt.sh
*.clareity.net
DigiCert SHA2 High Assurance Server CA		 2020-01-06 -
2022-01-10		 2 years crt.sh
*.novosco.com
Go Daddy Secure Certificate Authority - G2		 2019-01-21 -
2021-02-15		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-03-24 -
2020-06-16		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-03-24 -
2020-06-16		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-03-24 -
2020-06-16		 3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
vimeo.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-04-02 -
2020-11-08		 7 months crt.sh

This page contains 2 frames:

Primary Page: https://columbus-erp.com/Login/Login.htm
Frame ID: 1D97C1E0131C5D499790A0326087D218
Requests: 17 HTTP requests in this frame

Frame: https://columbus-erp.com/idp/server.jsp
Frame ID: B8C98AA5B1BBFAA1EA724E46EAF897FA
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery-ui.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery-ui.*\.js/i

Page Statistics

32
Requests

100 %
HTTPS

50 %
IPv6

9
Domains

9
Subdomains

9
IPs

5
Countries

2087 kB
Transfer

2341 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1304872713&t=pageview&_s=1&dl=https%3A%2F%2Fcolumbus-erp.com%2FLogin%2FLogin.htm&ul=en-us&de=UTF-8&dt=SafeAccess%C2%AE%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUAB~&jid=990127294&gjid=1313789552&cid=1855977516.1586445135&tid=UA-45101381-2&_gid=665498542.1586445135&_r=1&z=71618707 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-45101381-2&cid=1855977516.1586445135&jid=990127294&_gid=665498542.1586445135&gjid=1313789552&_v=j81&z=71618707

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Login.htm
columbus-erp.com/Login/ 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://columbus-erp.com/Login/Login.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.2.4.90 , Italy, ASN203461 (REGISTER_UK-AS, GB),
Reverse DNS
lhcp1090.webapps.net
Software
Apache /
Resource Hash
0a27dc147ed1d0048a35f49ae3977452fd2050a59a569f790954afdf7f170c33

Request headers

Host
columbus-erp.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Date
Thu, 09 Apr 2020 15:12:14 GMT
Server
Apache
Last-Modified
Wed, 11 Mar 2020 03:57:02 GMT
ETag
"ca0070-d69-5a08c3a90ff80"
Accept-Ranges
bytes
Content-Length
3433
Keep-Alive
timeout=5, max=150
Connection
Keep-Alive
Content-Type
text/html
login.css
cdn.clareitysecurity.net/css/ 		10 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.clareitysecurity.net/css/login.css
Requested by
Host: columbus-erp.com
URL: https://columbus-erp.com/Login/Login.htm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.13.52 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
b7e5367878f252a70a3eaecd650b0613a9bf53439c6a73fc76213fab103baad9

Request headers

Referer
https://columbus-erp.com/Login/Login.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Thu, 09 Apr 2020 15:12:14 GMT
Via
1.1 google
X-CDN
Incapsula, Incapsula
Transfer-Encoding
chunked
X-Cache
HIT
P3P
CP="CAO PSA OUR"
X-Iinfo
10-32833148-32833151 NNNN CT(1 4 0) RT(1584490052457 3) q(0 0 0 1) r(2 2) U5, 4-30696428-30696466 NNNY CT(0 0 0) RT(1586445134501 22) q(0 1 1 100) r(1 1) U5
Connection
keep-alive
Content-Encoding
gzip
Alt-Svc
clear
Last-Modified
Thu, 19 Sep 2019 17:26:26 GMT
Server
NetDNA-cache/2.2
ETag
W/"10321-1568913986000"
Content-Type
text/css
Access-Control-Allow-Origin
*
Link
<https://cdn.clareity.net/css/login.css>; rel="canonical"
jquery.min.js
cdn.clareitysecurity.net/js/ 		91 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.clareitysecurity.net/js/jquery.min.js
Requested by
Host: columbus-erp.com
URL: https://columbus-erp.com/Login/Login.htm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.13.52 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
9de5950e705f78d02ae70cc5ee55ee333562d8ec083384f64e8d4a401a809e7a

Request headers

Referer
https://columbus-erp.com/Login/Login.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 09 Apr 2020 15:12:14 GMT
Via
1.1 google
X-CDN
Incapsula, Incapsula
Transfer-Encoding
chunked
X-Cache
HIT
P3P
CP="CAO PSA OUR"
X-Iinfo
0-21616137-21616144 NNNN CT(1 4 0) RT(1585553941167 6) q(0 0 0 1) r(2 2) U5, 1-8921032-8921038 NNNN CT(0 4 0) RT(1586445134501 22) q(0 1 1 101) r(1 1) U5
Connection
keep-alive
Content-Encoding
gzip
Alt-Svc
clear
Last-Modified
Thu, 19 Sep 2019 17:27:48 GMT
Server
NetDNA-cache/2.2
ETag
W/"93061-1568914068000"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Link
<https://cdn.clareity.net/js/jquery.min.js>; rel="canonical"
loginxkd-dd-2.9.min.js
cdn.clareitysecurity.net/js/ 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.clareitysecurity.net/js/loginxkd-dd-2.9.min.js
Requested by
Host: columbus-erp.com
URL: https://columbus-erp.com/Login/Login.htm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.13.52 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
d4c1acdde2d8dc96d4347a5da9c0a7198dfb1985fc6b863511f6eaa7bde4cc99

Request headers

Referer
https://columbus-erp.com/Login/Login.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 09 Apr 2020 15:12:14 GMT
Via
1.1 google
X-CDN
Incapsula, Incapsula
Transfer-Encoding
chunked
X-Cache
HIT
P3P
CP="CAO PSA OUR"
X-Iinfo
3-40833040-40833060 NNNN CT(0 4 0) RT(1585552103067 190) q(0 0 0 0) r(1 1) U5, 3-21891501-21891518 NNNN CT(0 5 0) RT(1586445134501 22) q(0 1 1 101) r(1 1) U5
Connection
keep-alive
Content-Encoding
gzip
Alt-Svc
clear
Last-Modified
Mon, 28 Oct 2019 15:54:03 GMT
Server
NetDNA-cache/2.2
ETag
W/"41698-1572278043000"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Link
<https://cdn.clareity.net/js/loginxkd-dd-2.9.min.js>; rel="canonical"
1583937068116
collector.clareity.net/kdl/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://collector.clareity.net/kdl/1583937068116?trxId=85143446b5ad7592524a5d61c8d9a7920aa3e5d7&deviceId=d0bea4362eff62c13bcbe1c63236b70243878dd1&systemName=rae&toc=1583937068116
Requested by
Host: columbus-erp.com
URL: https://columbus-erp.com/Login/Login.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.13.52 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
557cda85e24f236f7564d666b9a889ced11aff101227e3b3365cf248830f5cbc

Request headers

Referer
https://columbus-erp.com/Login/Login.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 09 Apr 2020 15:12:14 GMT
via
1.1 google
content-type
text/javascript;charset=ISO-8859-1
server
Apache-Coyote/1.1
p3p
CP="CAO PSA OUR"
status
200
x-iinfo
10-40558021-40558079 NNYY CT(0 0 0) RT(1586445134525 0) q(0 1 1 95) r(2 2) U5
content-encoding
gzip
alt-svc
clear
x-cdn
Incapsula
googletrack.js
cdn.clareitysecurity.net/sys/alberta/ 		651 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.clareitysecurity.net/sys/alberta/googletrack.js
Requested by
Host: columbus-erp.com
URL: https://columbus-erp.com/Login/Login.htm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.13.52 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
00f973f96f9fcebd037f59485a24ac1f3f073d0fb20879ddf445265c7ef77d87

Request headers

Referer
https://columbus-erp.com/Login/Login.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 09 Apr 2020 15:12:14 GMT
Via
1.1 google
X-CDN
Incapsula, Incapsula
Transfer-Encoding
chunked
X-Cache
HIT
P3P
CP="CAO PSA OUR"
X-Iinfo
10-10387102-10387144 NNNN CT(0 4 0) RT(1586295272985 199) q(0 0 0 1) r(1 1) U5, 4-30696429-30696465 NNNY CT(0 0 0) RT(1586445134501 22) q(0 1 1 99) r(1 1) U5
Connection
keep-alive
Content-Encoding
gzip
Alt-Svc
clear
Last-Modified
Thu, 19 Sep 2019 17:27:49 GMT
Server
NetDNA-cache/2.2
ETag
W/"651-1568914069000"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Link
<https://cdn.clareity.net/sys/alberta/googletrack.js>; rel="canonical"
Office-365.jpg
www.novosco.com/images/easyblog_articles/37/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.novosco.com/images/easyblog_articles/37/Office-365.jpg
Requested by
Host: columbus-erp.com
URL: https://columbus-erp.com/Login/Login.htm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.67.45.137 , Netherlands, ASN201682 (LIQUID-WEB-BV, NL),
Reverse DNS
uranus.mspcloudhost.com
Software
Apache /
Resource Hash
64907bac65b3d6080557dbc26e2cc1ec94433cce8a4b7ad63dcf7ba4b959f948
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://columbus-erp.com/Login/Login.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 09 Apr 2020 15:12:14 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 04 Apr 2019 14:55:00 GMT
Server
Apache
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=1000
Content-Length
59082
Expires
Sat, 09 May 2020 15:12:14 GMT
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn.clareitysecurity.net
URL: https://cdn.clareitysecurity.net/sys/alberta/googletrack.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://columbus-erp.com/Login/Login.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
2324
date
Thu, 09 Apr 2020 14:33:30 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Thu, 09 Apr 2020 16:33:30 GMT
server.jsp
columbus-erp.com/idp/ Frame B8C9 		23 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://columbus-erp.com/idp/server.jsp
Requested by
Host: columbus-erp.com
URL: https://columbus-erp.com/Login/Login.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.2.4.90 , Italy, ASN203461 (REGISTER_UK-AS, GB),
Reverse DNS
lhcp1090.webapps.net
Software
Apache / PHP/7.2.22
Resource Hash
2667e4e07d4ef3578541f5759c9bb6e97f2b58a9b5f96459121d095b9f8de84f

Request headers

Host
columbus-erp.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Referer
https://columbus-erp.com/Login/Login.htm
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://columbus-erp.com/Login/Login.htm

Response headers

Date
Thu, 09 Apr 2020 15:12:14 GMT
Server
Apache
X-Powered-By
PHP/7.2.22
Expires
Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control
no-cache, must-revalidate, max-age=0
Link
<https://columbus-erp.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=149
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
paragon-login-background.png
cdn.clareitysecurity.net/sys/alberta/ 		860 KB
862 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.clareitysecurity.net/sys/alberta/paragon-login-background.png
Requested by
Host: cdn.clareitysecurity.net
URL: https://cdn.clareitysecurity.net/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.13.52 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
17cecc18ee875908251a0ab107cc1ec9dd5fe73af2b759caa69316f5793c85b9

Request headers

Referer
https://columbus-erp.com/Login/Login.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 09 Apr 2020 15:12:14 GMT
Via
1.1 google
X-CDN
Incapsula, Incapsula
X-Cache
HIT
P3P
CP="CAO PSA OUR"
X-Iinfo
11-11653247-11653299 NNNY CT(0 0 0) RT(1586295273131 183) q(0 0 0 0) r(1 1) U5, 1-8921032-8921038 SNNN RT(1586445134501 271) q(0 0 0 -1) r(0 0) U5
Connection
keep-alive
Alt-Svc
clear
Content-Length
881145
Last-Modified
Thu, 19 Sep 2019 17:27:49 GMT
Server
NetDNA-cache/2.2
ETag
W/"881145-1568914069000"
Content-Type
image/png
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Link
<https://cdn.clareity.net/sys/alberta/paragon-login-background.png>; rel="canonical"
paragon-login-bg.png
cdn.clareitysecurity.net/sys/alberta/ 		395 KB
396 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.clareitysecurity.net/sys/alberta/paragon-login-bg.png
Requested by
Host: cdn.clareitysecurity.net
URL: https://cdn.clareitysecurity.net/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.13.52 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
1dcab816ca5ee2317f01c1822391bcf8d8f9fdfaa3e5d776592d6c3ce6e559af

Request headers

Referer
https://columbus-erp.com/Login/Login.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 09 Apr 2020 15:12:14 GMT
Via
1.1 google
X-CDN
Incapsula, Incapsula
X-Cache
HIT
P3P
CP="CAO PSA OUR"
X-Iinfo
10-10387226-10387264 NNNY CT(0 0 0) RT(1586295273425 181) q(0 0 0 47) r(0 0) U5, 3-21891501-21891518 SNNN RT(1586445134501 271) q(0 0 0 -1) r(0 0) U5
Connection
keep-alive
Alt-Svc
clear
Content-Length
404857
Last-Modified
Thu, 19 Sep 2019 17:27:49 GMT
Server
NetDNA-cache/2.2
ETag
W/"404857-1568914069000"
Content-Type
image/png
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Link
<https://cdn.clareity.net/sys/alberta/paragon-login-bg.png>; rel="canonical"
jquery-ui.min.js
cdn.clareitysecurity.net/js/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.clareitysecurity.net/js/jquery-ui.min.js?_=1586445134753
Requested by
Host: cdn.clareitysecurity.net
URL: https://cdn.clareitysecurity.net/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.13.52 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
15cc6fc3f739fa8573e2785f1f6af0cff8cebd1118a4b4f11df63d0f51c3bb64

Request headers

Referer
https://columbus-erp.com/Login/Login.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 09 Apr 2020 15:12:14 GMT
Via
1.1 google
X-CDN
Incapsula, Incapsula
Transfer-Encoding
chunked
X-Cache
HIT
P3P
CP="CAO PSA OUR"
X-Iinfo
3-40833105-40833116 NNNY CT(0 0 0) RT(1585552104014 180) q(0 0 0 0) r(1 1) U5, 3-21891543-21891518 PNNN RT(1586445134804 20) q(0 0 0 -1) r(0 0) U5
Connection
keep-alive
Content-Encoding
gzip
Alt-Svc
clear
Last-Modified
Thu, 19 Sep 2019 17:27:48 GMT
Server
NetDNA-cache/2.2
ETag
W/"87902-1568914068000"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Link
<https://cdn.clareity.net/js/jquery-ui.min.js>; rel="canonical"
jquery-ui.min.css
cdn.clareitysecurity.net/css/ 		30 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.clareitysecurity.net/css/jquery-ui.min.css
Requested by
Host: cdn.clareitysecurity.net
URL: https://cdn.clareitysecurity.net/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.13.52 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
5265f71403a318cdbeb0c4ec01dbba2f00fbc8f046b0a79e40e8abe675b398ce

Request headers

Referer
https://columbus-erp.com/Login/Login.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Thu, 09 Apr 2020 15:12:14 GMT
Via
1.1 google
X-CDN
Incapsula, Incapsula
Transfer-Encoding
chunked
X-Cache
HIT
P3P
CP="CAO PSA OUR"
X-Iinfo
8-50192753-50192769 NNNY CT(0 0 0) RT(1585553941695 5) q(0 1 1 127) r(2 2) U5, 9-26706489-26706499 NNNY CT(0 0 0) RT(1586445134803 21) q(0 0 0 -1) r(0 0) U5
Connection
keep-alive
Content-Encoding
gzip
Alt-Svc
clear
Last-Modified
Thu, 19 Sep 2019 17:26:26 GMT
Server
NetDNA-cache/2.2
ETag
W/"30585-1568913986000"
Content-Type
text/css
Access-Control-Allow-Origin
*
Link
<https://cdn.clareity.net/css/jquery-ui.min.css>; rel="canonical"
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1304872713&t=pageview&_s=1&dl=https%3A%2F%2Fcolumbus-erp.com%2FLogin%2FLogin.htm&ul=en-us&de=UTF-8&dt=SafeAccess%C2%AE%20Login&sd=24-bit&sr=1...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-45101381-2&cid=1855977516.1586445135&jid=990127294&_gid=665498542.1586445135&gjid=1313789552&_v=j81&z=71618707
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-45101381-2&cid=1855977516.1586445135&jid=990127294&_gid=665498542.1586445135&gjid=1313789552&_v=j81&z=71618707
Requested by
Host: columbus-erp.com
URL: https://columbus-erp.com/Login/Login.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://columbus-erp.com/Login/Login.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Thu, 09 Apr 2020 15:12:14 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 09 Apr 2020 15:12:14 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-45101381-2&cid=1855977516.1586445135&jid=990127294&_gid=665498542.1586445135&gjid=1313789552&_v=j81&z=71618707
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
416
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/r/ 		35 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1304872713&t=pageview&_s=1&dl=https%3A%2F%2Fcolumbus-erp.com%2FLogin%2FLogin.htm&ul=en-us&de=UTF-8&dt=SafeAccess%C2%AE%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUAB~&jid=1545868882&gjid=61315876&cid=1855977516.1586445135&tid=UA-39826640-43&_gid=665498542.1586445135&_r=1&z=1421167003
Requested by
Host: columbus-erp.com
URL: https://columbus-erp.com/Login/Login.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://columbus-erp.com/Login/Login.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Thu, 09 Apr 2020 15:12:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame B8C9 		2 KB
582 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:300,400,700
Requested by
Host: columbus-erp.com
URL: https://columbus-erp.com/idp/server.jsp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
16ad30dc7c52842f580962e62e29bd0474f9d3d99c93c81b8d384bdb52553719
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://columbus-erp.com/idp/server.jsp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 09 Apr 2020 15:12:15 GMT
server
ESF
date
Thu, 09 Apr 2020 15:12:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 09 Apr 2020 15:12:15 GMT
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame B8C9 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: columbus-erp.com
URL: https://columbus-erp.com/idp/server.jsp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer
https://columbus-erp.com/idp/server.jsp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Thu, 09 Apr 2020 15:12:17 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:35:20 GMT
access-control-allow-origin
*
etag
"1544639720"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
7050
style.min.css
columbus-erp.com/wp-includes/css/dist/block-library/ Frame B8C9 		52 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://columbus-erp.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4
Requested by
Host: columbus-erp.com
URL: https://columbus-erp.com/idp/server.jsp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.2.4.90 , Italy, ASN203461 (REGISTER_UK-AS, GB),
Reverse DNS
lhcp1090.webapps.net
Software
Apache /
Resource Hash
d02934f0a5b722dbd076dda86e34373e037158a672a8a10409bcbdb5a9040b42

Request headers

Referer
https://columbus-erp.com/idp/server.jsp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Thu, 09 Apr 2020 15:12:15 GMT
Last-Modified
Sat, 04 Apr 2020 08:47:22 GMT
Server
Apache
ETag
"f80119-d0f1-5a2731518b332"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=148
Content-Length
53489
videobackgroundpro.css
columbus-erp.com/wp-content/plugins/video-background-pro-S3HEFd/dist/ Frame B8C9 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://columbus-erp.com/wp-content/plugins/video-background-pro-S3HEFd/dist/videobackgroundpro.css?ver=4.0.5
Requested by
Host: columbus-erp.com
URL: https://columbus-erp.com/idp/server.jsp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.2.4.90 , Italy, ASN203461 (REGISTER_UK-AS, GB),
Reverse DNS
lhcp1090.webapps.net
Software
Apache /
Resource Hash
4c7194ca1acc1f5f8ba29da5df11a88f88ff0431e704f5fbbfd1b58890217c26

Request headers

Referer
https://columbus-erp.com/idp/server.jsp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Thu, 09 Apr 2020 15:12:15 GMT
Last-Modified
Sat, 04 Apr 2020 08:49:39 GMT
Server
Apache
ETag
"1163c98-608-5a2731d49ad0e"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=150
Content-Length
1544
main.min.css
columbus-erp.com/wp-content/themes/columbusenergy/assets/css/ Frame B8C9 		165 KB
166 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://columbus-erp.com/wp-content/themes/columbusenergy/assets/css/main.min.css?ver=1586445135
Requested by
Host: columbus-erp.com
URL: https://columbus-erp.com/idp/server.jsp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.2.4.90 , Italy, ASN203461 (REGISTER_UK-AS, GB),
Reverse DNS
lhcp1090.webapps.net
Software
Apache /
Resource Hash
65971d5f591a42f2548bcdcfd72e1cb238c8f884986d768db891c4ff99a900a3

Request headers

Referer
https://columbus-erp.com/idp/server.jsp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Thu, 09 Apr 2020 15:12:15 GMT
Last-Modified
Thu, 03 Oct 2019 07:48:12 GMT
Server
Apache
ETag
"f830a6-29598-593fcceac6700"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=150
Content-Length
169368
frontend.js
columbus-erp.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/ Frame B8C9 		23 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://columbus-erp.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.js?ver=7.10.4
Requested by
Host: columbus-erp.com
URL: https://columbus-erp.com/idp/server.jsp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.2.4.90 , Italy, ASN203461 (REGISTER_UK-AS, GB),
Reverse DNS
lhcp1090.webapps.net
Software
Apache /
Resource Hash
cffd9a45fadaba1379d434bc2db74f39bd11a2013950994760175ddfbd3aa158

Request headers

Referer
https://columbus-erp.com/idp/server.jsp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 09 Apr 2020 15:12:15 GMT
Last-Modified
Thu, 13 Feb 2020 13:16:14 GMT
Server
Apache
ETag
"1661105-5dab-59e74e4bd937e"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=150
Content-Length
23979
jquery.js
columbus-erp.com/wp-includes/js/jquery/ Frame B8C9 		95 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://columbus-erp.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: columbus-erp.com
URL: https://columbus-erp.com/idp/server.jsp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.2.4.90 , Italy, ASN203461 (REGISTER_UK-AS, GB),
Reverse DNS
lhcp1090.webapps.net
Software
Apache /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://columbus-erp.com/idp/server.jsp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 09 Apr 2020 15:12:15 GMT
Last-Modified
Mon, 03 Jun 2019 15:08:40 GMT
Server
Apache
ETag
"f8050c-17a69-58a6cbd43ee00"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=150
Content-Length
96873
jquery-migrate.min.js
columbus-erp.com/wp-includes/js/jquery/ Frame B8C9 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://columbus-erp.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: columbus-erp.com
URL: https://columbus-erp.com/idp/server.jsp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.2.4.90 , Italy, ASN203461 (REGISTER_UK-AS, GB),
Reverse DNS
lhcp1090.webapps.net
Software
Apache /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
https://columbus-erp.com/idp/server.jsp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 09 Apr 2020 15:12:15 GMT
Last-Modified
Fri, 20 May 2016 08:11:28 GMT
Server
Apache
ETag
"f80502-2748-53341a33b0c00"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=150
Content-Length
10056
player.js
player.vimeo.com/api/ Frame B8C9 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/api/player.js?ver=5.4
Requested by
Host: columbus-erp.com
URL: https://columbus-erp.com/idp/server.jsp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2a760066fcee7a17505ce4d13428f8b5dc8907cb2ba6acc0020ddde89869a5e0
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://columbus-erp.com/idp/server.jsp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

X-Varnish-Cache
1
Content-Security-Policy
default-src 'none'; style-src 'unsafe-inline'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
1313
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
X-Cache-Hits
2095
Connection
keep-alive
X-VServer
infra-playproxy-a-9
Content-Length
5185
X-Xss-Protection
1; mode=block
X-Served-By
cache-hhn4024-HHN
X-Vimeo-DC
ge
Server
nginx
X-Timer
S1586445135.404634,VS0,VE0
Date
Thu, 09 Apr 2020 15:12:15 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/javascript;charset=utf-8
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Accept-Ranges
bytes
Expires
Thu, 09 Apr 2020 15:20:06 GMT
newlogo2.svg
columbus-erp.com/wp-content/uploads/2017/06/ Frame B8C9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://columbus-erp.com/wp-content/uploads/2017/06/newlogo2.svg
Requested by
Host: columbus-erp.com
URL: https://columbus-erp.com/idp/server.jsp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.2.4.90 , Italy, ASN203461 (REGISTER_UK-AS, GB),
Reverse DNS
lhcp1090.webapps.net
Software
Apache /
Resource Hash
0e3fc4b2a21ea53249715a01cbf7f30b32f57af3e4d0354e2145f1cfa8f5e65c

Request headers

Referer
https://columbus-erp.com/idp/server.jsp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 09 Apr 2020 15:12:15 GMT
Last-Modified
Mon, 05 Jun 2017 17:10:10 GMT
Server
Apache
ETag
"f82bf9-83c-55139934f8080"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=149
Content-Length
2108
VideoBackgroundPro.js
columbus-erp.com/wp-content/plugins/video-background-pro-S3HEFd/dist/ Frame B8C9 		26 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://columbus-erp.com/wp-content/plugins/video-background-pro-S3HEFd/dist/VideoBackgroundPro.js?ver=4.0.5
Requested by
Host: columbus-erp.com
URL: https://columbus-erp.com/idp/server.jsp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.2.4.90 , Italy, ASN203461 (REGISTER_UK-AS, GB),
Reverse DNS
lhcp1090.webapps.net
Software
Apache /
Resource Hash
c6ef9f8587c0ea0a68513dac0aea52516ca82b424331a07fcdb43701e9e4705b

Request headers

Referer
https://columbus-erp.com/idp/server.jsp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 09 Apr 2020 15:12:15 GMT
Last-Modified
Sat, 04 Apr 2020 08:49:39 GMT
Server
Apache
ETag
"1163c96-6843-5a2731d49ad0e"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=147
Content-Length
26691
app.min.js
columbus-erp.com/wp-content/themes/columbusenergy/assets/js/ Frame B8C9 		210 KB
210 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://columbus-erp.com/wp-content/themes/columbusenergy/assets/js/app.min.js?ver=1586445135
Requested by
Host: columbus-erp.com
URL: https://columbus-erp.com/idp/server.jsp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.2.4.90 , Italy, ASN203461 (REGISTER_UK-AS, GB),
Reverse DNS
lhcp1090.webapps.net
Software
Apache /
Resource Hash
d90f7ba613d7755d20df301724010a22211fe3b43c4f3969c7e17c866eaf23bc

Request headers

Referer
https://columbus-erp.com/idp/server.jsp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 09 Apr 2020 15:12:15 GMT
Last-Modified
Thu, 03 Oct 2019 07:47:53 GMT
Server
Apache
ETag
"f830b8-34782-593fccd8a7c40"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=148
Content-Length
214914
wp-embed.min.js
columbus-erp.com/wp-includes/js/ Frame B8C9 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://columbus-erp.com/wp-includes/js/wp-embed.min.js?ver=5.4
Requested by
Host: columbus-erp.com
URL: https://columbus-erp.com/idp/server.jsp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.2.4.90 , Italy, ASN203461 (REGISTER_UK-AS, GB),
Reverse DNS
lhcp1090.webapps.net
Software
Apache /
Resource Hash
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer
https://columbus-erp.com/idp/server.jsp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 09 Apr 2020 15:12:15 GMT
Last-Modified
Sat, 04 Apr 2020 08:47:20 GMT
Server
Apache
ETag
"f8026f-59a-5a27314fd206d"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=146
Content-Length
1434
collect
www.google-analytics.com/ 		35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=1304872713&t=event&_s=2&dl=https%3A%2F%2Fcolumbus-erp.com%2FLogin%2FLogin.htm&ul=en-us&de=UTF-8&dt=SafeAccess%C2%AE%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Collector%20Script&ea=Failed&_u=aEDAAUAB~&jid=&gjid=&cid=1855977516.1586445135&tid=UA-45101381-2&_gid=665498542.1586445135&z=1467912793
Requested by
Host: columbus-erp.com
URL: https://columbus-erp.com/Login/Login.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://columbus-erp.com/Login/Login.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Wed, 01 Apr 2020 14:28:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
693799
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=1304872713&t=event&_s=3&dl=https%3A%2F%2Fcolumbus-erp.com%2FLogin%2FLogin.htm&ul=en-us&de=UTF-8&dt=SafeAccess%C2%AE%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=KD%20Script&ea=Loaded&el=madKD2.2.min.js&_u=aEDAAUAB~&jid=&gjid=&cid=1855977516.1586445135&tid=UA-45101381-2&_gid=665498542.1586445135&z=1733466543
Requested by
Host: columbus-erp.com
URL: https://columbus-erp.com/Login/Login.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://columbus-erp.com/Login/Login.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Wed, 01 Apr 2020 14:28:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
693799
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02324fbade97fbc223834e6afa838dc1e01185bd0393f8e26e084834b512ae69

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
analytics.js
www.google-analytics.com/ Frame B8C9 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: columbus-erp.com
URL: https://columbus-erp.com/idp/server.jsp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://columbus-erp.com/idp/server.jsp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
2328
date
Thu, 09 Apr 2020 14:33:30 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Thu, 09 Apr 2020 16:33:30 GMT
collect
www.google-analytics.com/r/ Frame B8C9 		35 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1853558718&t=pageview&_s=1&dl=https%3A%2F%2Fcolumbus-erp.com%2Fidp%2Fserver.jsp&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20Columbus%20Energy%20Resources%20plc&sd=24-bit&sr=1600x1200&vp=&je=0&_u=IEBAAEAB~&jid=1149676889&gjid=188886339&cid=1065383340.1586445138&tid=UA-102560754-1&_gid=242748675.1586445138&_r=1&z=1125229648
Requested by
Host: columbus-erp.com
URL: https://columbus-erp.com/idp/server.jsp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://columbus-erp.com/idp/server.jsp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Thu, 09 Apr 2020 15:12:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Office 365 (Online)

155 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery string| url boolean| isOnQA boolean| alertMe undefined| debugit boolean| ie8 function| isIE string| requiredKd string| idpurl string| cdnUrl string| jQueryUiUrl string| jQueryUiCssUrl string| ie8CssUrl string| inputs string| pleasewait string| loginTypeVal string| loginTypeMsg string| failureMsgId string| failMsg string| logincssMsg string| logoMsg string| loginbtnMsg string| loginXkdMsg string| loginformMsg string| warnalert number| keyedChars boolean| isChrome object| loginXkdId string| loginXkdUrl undefined| oldbrowserWarnData undefined| oldbrowserUrlData undefined| setFocus undefined| inputAutoData undefined| disablePageData undefined| backSpaceClearData undefined| savePwdData undefined| fakeSafariPwdData undefined| fakeChromePwdData undefined| fontIconsData undefined| redirectUrlData undefined| idpTimeoutData undefined| secondsLeftData undefined| sessionWarnData undefined| loadingData undefined| collectorIcon undefined| kdIconData boolean| oldie function| cdnCheck string| googleTrackMsg string| googleJsUrlMsg string| googleJsUrlCdnMsg string| mlsgooglecode boolean| trackit function| googleCheck string| forgotPwdUrlMsg string| changePwdUrlMsg function| passLinks string| setFocusMsg object| usernameInput function| setInputFocus string| inputAutoMsg boolean| autocomp function| autoComplete string| disablePageMsg string| disablePageDiv boolean| disablepage string| backSpaceClearMsg boolean| backspace function| backspaceClear string| savePwdMsg boolean| savepassword string| fakeSafariPwdMsg boolean| fakepwdadded boolean| fakepwd function| fakeSafariPwd string| fakeChromePwdMsg function| fakeChromePwd string| fontIconsUrl string| fontIconsMsg boolean| fontawesome function| iconsFonts string| redirectUrl string| redirectUrlMsg number| idpTimeout string| idpTimeoutMsg number| secondsLeft string| secondsLeftMsg string| sessionWarnMsg boolean| sessionWarnMe string| sessionDialogHtml function| sessionPop function| runSessionDialog object| assocDropdownId object| assocDropdownRememberJsId undefined| assocDropdownRememberJsUrl string| assocDropdownRememberJsMsg string| assocDropdownMsg string| assocDropdownCookieMsg boolean| assocDrop object| assocDropdownCookie function| checkDropDown function| setDropDown function| saveDropdown function| inputCheck object| loadingId string| loadingMsg object| loginFormId string| loginFormMsg function| showInputs string| checkBootStrapMsg boolean| useboostrap function| checkBootStrap string| ssoTypeMsg function| ssoType function| basicLogin function| doLogin function| keyPress function| submitLoginForm object| collectIframe string| collectorMsg string| collectorIconMsg boolean| collectorchecker function| checkCollector function| collecterSet boolean| docollect function| collectObjectCheck object| kdCollecterId string| kdCollecterMsg string| kdIconMsg boolean| didkdload function| loginKd string| qaDialogHtml function| runQaDialog function| qaDialog boolean| fakechromepwdadded boolean| fakechromepwd function| initCallback_3xkd function| validCallback_3xkd function| kdFailed_3xkd object| CLAREITY function| xkd object| _0x6bf2 function| CLAREITY_KD function| madKD_getVersion object| _0xb3d3 object| b64 string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

3 Cookies

Domain/Path Name / Value
.columbus-erp.com/ Name: _gat
Value: 1
.columbus-erp.com/ Name: _gid
Value: GA1.2.242748675.1586445138
.columbus-erp.com/ Name: _ga
Value: GA1.2.1065383340.1586445138

1 Console Messages

Source Level URL
Text
console-api log URL: https://columbus-erp.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.clareitysecurity.net
collector.clareity.net
columbus-erp.com
fonts.googleapis.com
player.vimeo.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
www.google-analytics.com
www.novosco.com
151.101.112.217
185.2.4.90
185.67.45.137
2001:4de0:ac19::1:b:3b
2a00:1450:4001:808::200a
2a00:1450:4001:81c::200e
2a00:1450:400c:c00::9a
45.60.13.52
00f973f96f9fcebd037f59485a24ac1f3f073d0fb20879ddf445265c7ef77d87
02324fbade97fbc223834e6afa838dc1e01185bd0393f8e26e084834b512ae69
0a27dc147ed1d0048a35f49ae3977452fd2050a59a569f790954afdf7f170c33
0e3fc4b2a21ea53249715a01cbf7f30b32f57af3e4d0354e2145f1cfa8f5e65c
15cc6fc3f739fa8573e2785f1f6af0cff8cebd1118a4b4f11df63d0f51c3bb64
16ad30dc7c52842f580962e62e29bd0474f9d3d99c93c81b8d384bdb52553719
17cecc18ee875908251a0ab107cc1ec9dd5fe73af2b759caa69316f5793c85b9
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1dcab816ca5ee2317f01c1822391bcf8d8f9fdfaa3e5d776592d6c3ce6e559af
2667e4e07d4ef3578541f5759c9bb6e97f2b58a9b5f96459121d095b9f8de84f
2a760066fcee7a17505ce4d13428f8b5dc8907cb2ba6acc0020ddde89869a5e0
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4c7194ca1acc1f5f8ba29da5df11a88f88ff0431e704f5fbbfd1b58890217c26
5265f71403a318cdbeb0c4ec01dbba2f00fbc8f046b0a79e40e8abe675b398ce
557cda85e24f236f7564d666b9a889ced11aff101227e3b3365cf248830f5cbc
64907bac65b3d6080557dbc26e2cc1ec94433cce8a4b7ad63dcf7ba4b959f948
65971d5f591a42f2548bcdcfd72e1cb238c8f884986d768db891c4ff99a900a3
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9de5950e705f78d02ae70cc5ee55ee333562d8ec083384f64e8d4a401a809e7a
b7e5367878f252a70a3eaecd650b0613a9bf53439c6a73fc76213fab103baad9
c6ef9f8587c0ea0a68513dac0aea52516ca82b424331a07fcdb43701e9e4705b
cffd9a45fadaba1379d434bc2db74f39bd11a2013950994760175ddfbd3aa158
d02934f0a5b722dbd076dda86e34373e037158a672a8a10409bcbdb5a9040b42
d4c1acdde2d8dc96d4347a5da9c0a7198dfb1985fc6b863511f6eaa7bde4cc99
d90f7ba613d7755d20df301724010a22211fe3b43c4f3969c7e17c866eaf23bc
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d