urlscan.io logo urlscan.io
SecurityTrails logo

www.passepartout.store Open in urlscan Pro
52.57.153.70  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ppt.gattinonitravelstore.it/
Effective URL: https://www.passepartout.store/accesso/agenzia
Submission: On March 22 via api from VN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 19 HTTP transactions. The main IP is 52.57.153.70, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.passepartout.store.
TLS certificate: Issued by Amazon on August 12th 2020. Valid for: a year.
This is the only time www.passepartout.store was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 137.116.211.8 8075 (MICROSOFT...)
1 15 52.57.153.70 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:6ea0:c70... 60068 (CDN77 (^_^)/)
19 4
1    137.116.211.8 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ppt.gattinonitravelstore.it
15    52.57.153.70 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-153-70.eu-central-1.compute.amazonaws.com
www.passepartout.store
3    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a02:6ea0:c700::4 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
rec.smartlook.com
Domain Requested by
15 www.passepartout.store 1 redirects www.passepartout.store
3 cdnjs.cloudflare.com www.passepartout.store
1 rec.smartlook.com www.passepartout.store
1 fonts.googleapis.com www.passepartout.store
1 ppt.gattinonitravelstore.it 1 redirects
19 5

This site contains links to these domains. Also see Links.

Domain
www.be2sea.com
Subject Issuer Validity Valid
www.passepartout.store
Amazon		 2020-08-12 -
2021-09-12		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
1610534878.rsc.cdn77.org
R3		 2021-02-09 -
2021-05-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.passepartout.store/accesso/agenzia
Frame ID: CCA75C1B2E0F92CFC370A1E0993452A0
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://ppt.gattinonitravelstore.it/ HTTP 302
    https://www.passepartout.store/ HTTP 302
    https://www.passepartout.store/accesso/agenzia Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

19
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

1314 kB
Transfer

4486 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ppt.gattinonitravelstore.it/ HTTP 302
    https://www.passepartout.store/ HTTP 302
    https://www.passepartout.store/accesso/agenzia Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request agenzia
www.passepartout.store/accesso/
Redirect Chain
  • https://ppt.gattinonitravelstore.it/
  • https://www.passepartout.store/
  • https://www.passepartout.store/accesso/agenzia
14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.passepartout.store/accesso/agenzia
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.153.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-153-70.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d8780353110aee1abb7960378820a744209f4e109286a3bc7b720e9465e555e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.passepartout.store
:scheme
https
:path
/accesso/agenzia
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
XSRF-TOKEN=eyJpdiI6ImR5aE5sMGhpNEU2OEl6MzQ0bnU4cFE9PSIsInZhbHVlIjoiREZHSVRzXC9rM3V4dVA2Z0xwVEdYUUR1d3VoN09nTVwvMVQwSVdHUlpReWpHK3g5K1ZFNEVrbTQ2c0hSa3I2REJ1IiwibWFjIjoiNjZjODMxNWU1NTk2Y2FjOWFjMDIwMmUzZjQzMjdiNGFlODE3OWE0NmQ5MWFmNjMwM2E2ZGY5YTBjM2YwMzE1OCJ9; gattinoni_mondo_di_vacanze_passepartout_session=eyJpdiI6InVqRGpcL2ZScWlmaEdnTzhXdmNVajFnPT0iLCJ2YWx1ZSI6IkQxN2NGZmgzTEVNYWpUNUQ5NU5MKzNLNDJmY2pBR3B1dUhkRGR3MlRyNEtHcnFJSW5NZlJuUmVQYWkrZ2xsbloiLCJtYWMiOiJhMGMyY2JlMDYwOTdjZjVlMmY0Zjc3ZmRiOThlZjRkZDIzNTRlNjUyMzEwZWViOWNlNDkzZTZhMDRmNjBkMjMyIn0%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 06:55:27 GMT
content-type
text/html; charset=UTF-8
server
nginx/1.14.0 (Ubuntu)
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
pragma
no-cache
expires
Sun, 02 Jan 1990 00:00:00 GMT
set-cookie
XSRF-TOKEN=eyJpdiI6IkNVa2VPU2Mzb3M5dW5VMlF5YUlGNGc9PSIsInZhbHVlIjoiZzVNRG1uNm80RlQ5XC9CMll5bUVGeVZEajVTZHk2MkNUdXkydHBUUlk4SWV5WHVrajk0ZzBKUXRGN3BnWFZSckoiLCJtYWMiOiJlOWE0OTg1YzkzNTk1NDQyMjNjMWM0Y2NkZWYxMmU5ZDM1N2MxODUyY2Y1Y2NmNGRhOTQ2MWNhZmMyNjFhZmY0In0%3D; expires=Mon, 22-Mar-2021 08:55:27 GMT; Max-Age=7200; path=/ gattinoni_mondo_di_vacanze_passepartout_session=eyJpdiI6IkpYYnhvYkI4dmtWVUR5bllORGg4Vmc9PSIsInZhbHVlIjoiZGF0WDZZTUVwNlU4SnB5dGNybFNYNnlYWmJVWkVMbGhySzVvT3BvbW8yUHBubjE0clF2bkJIQVwvR0srVWUxTVkiLCJtYWMiOiI0OGVmOTFjYzk3ZjQ5YzAxOTljOTY5NGVkMmNkNGU2M2NmZWQ0YjAxNGNiZDVlYmE4NTIzYTZjMTU0YThkNmFiIn0%3D; expires=Mon, 22-Mar-2021 08:55:27 GMT; Max-Age=7200; path=/; httponly
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
content-encoding
gzip

Redirect headers

date
Mon, 22 Mar 2021 06:55:27 GMT
content-type
text/html; charset=UTF-8
location
https://www.passepartout.store/accesso/agenzia
server
nginx/1.14.0 (Ubuntu)
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
pragma
no-cache
expires
Sun, 02 Jan 1990 00:00:00 GMT
set-cookie
XSRF-TOKEN=eyJpdiI6ImR5aE5sMGhpNEU2OEl6MzQ0bnU4cFE9PSIsInZhbHVlIjoiREZHSVRzXC9rM3V4dVA2Z0xwVEdYUUR1d3VoN09nTVwvMVQwSVdHUlpReWpHK3g5K1ZFNEVrbTQ2c0hSa3I2REJ1IiwibWFjIjoiNjZjODMxNWU1NTk2Y2FjOWFjMDIwMmUzZjQzMjdiNGFlODE3OWE0NmQ5MWFmNjMwM2E2ZGY5YTBjM2YwMzE1OCJ9; expires=Mon, 22-Mar-2021 08:55:27 GMT; Max-Age=7200; path=/ gattinoni_mondo_di_vacanze_passepartout_session=eyJpdiI6InVqRGpcL2ZScWlmaEdnTzhXdmNVajFnPT0iLCJ2YWx1ZSI6IkQxN2NGZmgzTEVNYWpUNUQ5NU5MKzNLNDJmY2pBR3B1dUhkRGR3MlRyNEtHcnFJSW5NZlJuUmVQYWkrZ2xsbloiLCJtYWMiOiJhMGMyY2JlMDYwOTdjZjVlMmY0Zjc3ZmRiOThlZjRkZDIzNTRlNjUyMzEwZWViOWNlNDkzZTZhMDRmNjBkMjMyIn0%3D; expires=Mon, 22-Mar-2021 08:55:27 GMT; Max-Age=7200; path=/; httponly
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
CenturyGothi.css
www.passepartout.store/fonts/ 		865 B
464 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.passepartout.store/fonts/CenturyGothi.css
Requested by
Host: www.passepartout.store
URL: https://www.passepartout.store/accesso/agenzia
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.153.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-153-70.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
81f15f61b091fcf2f9a9fe7508b2035126c5475ef54ada3ad4f45c009a5b5588
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.passepartout.store/accesso/agenzia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 06:55:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 30 Aug 2019 10:25:15 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5d68f98b-361"
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
MyriadWebPro.css
www.passepartout.store/fonts/ 		757 B
420 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.passepartout.store/fonts/MyriadWebPro.css
Requested by
Host: www.passepartout.store
URL: https://www.passepartout.store/accesso/agenzia
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.153.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-153-70.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
3af8bcf78c6185de2fe0d49933d9bc6773fcee117ea4c2e84ed523821fd3450c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.passepartout.store/accesso/agenzia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 06:55:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 16 Dec 2019 16:34:54 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5df7b22e-2f5"
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
gmv-logo2.png
www.passepartout.store/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.passepartout.store/img/gmv-logo2.png
Requested by
Host: www.passepartout.store
URL: https://www.passepartout.store/accesso/agenzia
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.153.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-153-70.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
409c814b270c727dfd5178527447f2fb457d2e73080c4db52fe5982902e4ae3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.passepartout.store/accesso/agenzia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 06:55:27 GMT
x-content-type-options
nosniff
last-modified
Fri, 30 Aug 2019 10:25:15 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5d68f98b-1821"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
6177
x-xss-protection
1; mode=block
passeportout.png
www.passepartout.store/img/logo/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.passepartout.store/img/logo/passeportout.png
Requested by
Host: www.passepartout.store
URL: https://www.passepartout.store/accesso/agenzia
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.153.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-153-70.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cecf999b959b976246fe2b8f1737ff93f70e8110b8105bd74852e70cb0878751
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.passepartout.store/accesso/agenzia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 06:55:27 GMT
x-content-type-options
nosniff
last-modified
Fri, 30 Aug 2019 10:25:15 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5d68f98b-1ca8"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
7336
x-xss-protection
1; mode=block
0bwJHd1eHeBQUEE30EAW4rz4AuMHvyy7Fw2pfcCD.png
www.passepartout.store/storage/images/original/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.passepartout.store/storage/images/original/0bwJHd1eHeBQUEE30EAW4rz4AuMHvyy7Fw2pfcCD.png
Requested by
Host: www.passepartout.store
URL: https://www.passepartout.store/accesso/agenzia
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.153.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-153-70.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69f8d1a581af5bda2ce1cc4930f990956c9a92c303ddabb730cbcf35047ddd3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.passepartout.store/accesso/agenzia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 06:55:27 GMT
x-content-type-options
nosniff
last-modified
Wed, 17 Mar 2021 14:30:57 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"605212a1-1ac5c"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
109660
x-xss-protection
1; mode=block
app.js
www.passepartout.store/js/ 		3 MB
824 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.passepartout.store/js/app.js?v=0.0.58
Requested by
Host: www.passepartout.store
URL: https://www.passepartout.store/accesso/agenzia
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.153.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-153-70.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a444810c2e9e486c4a89de40f71679dc74fc59ec48be4d0a7a8dfc64e8c9c643
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.passepartout.store/accesso/agenzia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 06:55:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Mar 2021 14:52:53 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6050c645-34a00e"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
toastr.min.js
cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.3/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.3/toastr.min.js
Requested by
Host: www.passepartout.store
URL: https://www.passepartout.store/accesso/agenzia
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8d6ca635cba876adb55c42d7f46fc96ae1afb1a64b7215cde9498a06018d6a4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.passepartout.store/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 06:55:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5220526
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1763
cf-request-id
08fa50a5a800004e80e09e3000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffe-1483"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DBRE8UITsS2Q3uwkT0W8w6xlwUPhPP2sXBO%2FR%2FY0ec%2B3V2L%2BV%2FVaiPWml06ViARj5peA6DlnLORKTU0rLO5zgIKW%2FhyLpHhXiNIeR1Du4nUbApAbjhR5XeJoY9sJ%2Br%2FPuA%3D%3D"}],"max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
633d83b5d9e14e80-FRA
expires
Sat, 12 Mar 2022 06:55:27 GMT
custom.js
www.passepartout.store/js/backend/ 		129 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.passepartout.store/js/backend/custom.js?v=0.0.58
Requested by
Host: www.passepartout.store
URL: https://www.passepartout.store/accesso/agenzia
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.153.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-153-70.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
9caa3419d2d6ac8a3bf414ce1486bd83223a484613493d952a66ebc2645b9388
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.passepartout.store/accesso/agenzia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 06:55:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 05 Sep 2019 07:57:20 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5d70bfe0-2022b"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
auth.js
www.passepartout.store/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.passepartout.store/js/auth.js
Requested by
Host: www.passepartout.store
URL: https://www.passepartout.store/accesso/agenzia
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.153.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-153-70.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
5ce25068de6d8ad13bfa50647fc0f0fb6434f3600d3cb6ade864eca005bb9e28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.passepartout.store/accesso/agenzia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 06:55:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Oct 2019 08:14:57 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5da6d181-1164"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		2 KB
615 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:100,200,400,700
Requested by
Host: www.passepartout.store
URL: https://www.passepartout.store/accesso/agenzia
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
089822305b9af8e8bf8797060fa68e6d18068b4fd7e8938f30b125ab6f61a2b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.passepartout.store/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 22 Mar 2021 06:55:27 GMT
server
ESF
date
Mon, 22 Mar 2021 06:55:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Mar 2021 06:55:27 GMT
bootstrap.min.css
www.passepartout.store/css/ 		150 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.passepartout.store/css/bootstrap.min.css
Requested by
Host: www.passepartout.store
URL: https://www.passepartout.store/accesso/agenzia
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.153.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-153-70.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.passepartout.store/accesso/agenzia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 06:55:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 30 Aug 2019 10:25:15 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5d68f98b-2565e"
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.passepartout.store
URL: https://www.passepartout.store/accesso/agenzia
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.passepartout.store/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 06:55:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
307515
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5631
cf-request-id
08fa50a55a00004e80c11e4000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Qs65G%2BNnDmO7h6advElBUFJRgvJzNuJrErL09cqC8BZYpLQC7dJQ%2B2TE4TL2mAFx8hU1q%2FZBoGJC5OknVZNUHZOSAjTBeHpM2um1SEB97uyBI%2FLXuwveMblO1OgrvD6pjw%3D%3D"}],"max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
633d83b5594d4e80-FRA
expires
Sat, 12 Mar 2022 06:55:27 GMT
app.css
www.passepartout.store/css/ 		421 KB
68 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.passepartout.store/css/app.css?v=0.0.58
Requested by
Host: www.passepartout.store
URL: https://www.passepartout.store/accesso/agenzia
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.153.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-153-70.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d4b285e14c9d8c9265386d967f111491f407b596cb5daf70d01ef5f9120eb0f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.passepartout.store/accesso/agenzia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 06:55:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Mar 2021 14:52:53 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6050c645-69573"
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
custom.css
www.passepartout.store/css/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.passepartout.store/css/custom.css?v=0.0.58
Requested by
Host: www.passepartout.store
URL: https://www.passepartout.store/accesso/agenzia
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.153.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-153-70.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
3f64e0970b308553b4206721556570b49e67bebfc46a7a6030f9eefc79fbd147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.passepartout.store/accesso/agenzia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 06:55:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 10:38:57 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"604f3941-49a5"
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
toastr.min.css
cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.3/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.3/toastr.min.css
Requested by
Host: www.passepartout.store
URL: https://www.passepartout.store/accesso/agenzia
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47dd690f8f315bea076e92581a7e7147443bb4c847e313ab5a7d50a8c44836d0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.passepartout.store/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 06:55:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3392769
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2517
cf-request-id
08fa50a55b00004e80a20cc000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffe-1936"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sg1u1sCDJyIXMLdASdEImNCcRJGU2eAGDIy%2Bw4fRoP0LMMXjTIcNjQ9FJ6YlCije2g0HgW6MaFF8uFqJ1%2BIR%2B891e6hTm3oscJxs5SC9DqrI%2FvmiflttgaKZh64Xi5l7KA%3D%3D"}],"max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
633d83b559514e80-FRA
expires
Sat, 12 Mar 2022 06:55:27 GMT
recorder.js
rec.smartlook.com/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rec.smartlook.com/recorder.js
Requested by
Host: www.passepartout.store
URL: https://www.passepartout.store/accesso/agenzia
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
71e504ca473dd24608ae81d89516363a3c2b01e1f080192291eaaf7151dad1e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.passepartout.store/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 22 Mar 2021 06:55:27 GMT
content-encoding
br
vary
Accept-Encoding
x-77-nzt-ray
FtBIWQMnjZM=
x-77-cache
HIT
x-cache
HIT
x-age
29
x-77-nzt
AcO1rzXXpZLvHQAAAA==
last-modified
Fri, 12 Feb 2021 00:44:22 GMT
server
CDN77-Turbo
etag
W/"6025cf66-6ca0"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=600
MyriadWebPro-Bold.ttf
www.passepartout.store/fonts/ 		97 KB
97 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.passepartout.store/fonts/MyriadWebPro-Bold.ttf
Requested by
Host: www.passepartout.store
URL: https://www.passepartout.store/fonts/MyriadWebPro.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.153.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-153-70.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
19bc1563afe00770eeb22a9845228a6bb20d387e4102165cbf85f8e6eb701740
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.passepartout.store
Referer
https://www.passepartout.store/fonts/MyriadWebPro.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 06:55:27 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Dec 2019 16:34:54 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5df7b22e-1841c"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
accept-ranges
bytes
content-length
99356
x-xss-protection
1; mode=block
MyriadWebPro.ttf
www.passepartout.store/fonts/ 		91 KB
92 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.passepartout.store/fonts/MyriadWebPro.ttf
Requested by
Host: www.passepartout.store
URL: https://www.passepartout.store/fonts/MyriadWebPro.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.153.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-153-70.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a66fa7c866833e32eb226e243541159c25238966a582306a886475cb69ad3f83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.passepartout.store
Referer
https://www.passepartout.store/fonts/MyriadWebPro.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 06:55:27 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Dec 2019 16:34:54 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5df7b22e-16cf8"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
accept-ranges
bytes
content-length
93432
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| smartlook object| webpackJsonp function| setImmediate function| clearImmediate object| regeneratorRuntime function| _ function| $ function| Popper function| jQuery object| $eventHandler object| toastr object| cities object| provinces object| region object| nations function| autocomplete function| clearSearch function| defineParameter function| submitFlag function| confirmDeleteAgency function| confirmDeleteAccount function| confirmDeleteAccount2 function| submitInvoiceForm boolean| isDownloaded function| checkForUniqueUsernames function| checkForUniqueEmails undefined| message string| permissionMessage object| datatable_lang_config function| alertForPermission

2 Cookies

Domain/Path Name / Value
www.passepartout.store/ Name: gattinoni_mondo_di_vacanze_passepartout_session
Value: eyJpdiI6IkpYYnhvYkI4dmtWVUR5bllORGg4Vmc9PSIsInZhbHVlIjoiZGF0WDZZTUVwNlU4SnB5dGNybFNYNnlYWmJVWkVMbGhySzVvT3BvbW8yUHBubjE0clF2bkJIQVwvR0srVWUxTVkiLCJtYWMiOiI0OGVmOTFjYzk3ZjQ5YzAxOTljOTY5NGVkMmNkNGU2M2NmZWQ0YjAxNGNiZDVlYmE4NTIzYTZjMTU0YThkNmFiIn0%3D
www.passepartout.store/ Name: XSRF-TOKEN
Value: eyJpdiI6IkNVa2VPU2Mzb3M5dW5VMlF5YUlGNGc9PSIsInZhbHVlIjoiZzVNRG1uNm80RlQ5XC9CMll5bUVGeVZEajVTZHk2MkNUdXkydHBUUlk4SWV5WHVrajk0ZzBKUXRGN3BnWFZSckoiLCJtYWMiOiJlOWE0OTg1YzkzNTk1NDQyMjNjMWM0Y2NkZWYxMmU5ZDM1N2MxODUyY2Y1Y2NmNGRhOTQ2MWNhZmMyNjFhZmY0In0%3D

2 Console Messages

Source Level URL
Text
console-api info URL: https://www.passepartout.store/js/app.js?v=0.0.58(Line 79884)
Message:
Download the Vue Devtools extension for a better development experience: https://github.com/vuejs/vue-devtools
console-api info URL: https://www.passepartout.store/js/app.js?v=0.0.58(Line 79893)
Message:
You are running Vue in development mode. Make sure to turn on production mode when deploying for production. See more tips at https://vuejs.org/guide/deployment.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
ppt.gattinonitravelstore.it
rec.smartlook.com
www.passepartout.store
137.116.211.8
2606:4700::6810:125e
2a00:1450:4001:813::200a
2a02:6ea0:c700::4
52.57.153.70
089822305b9af8e8bf8797060fa68e6d18068b4fd7e8938f30b125ab6f61a2b9
19bc1563afe00770eeb22a9845228a6bb20d387e4102165cbf85f8e6eb701740
3af8bcf78c6185de2fe0d49933d9bc6773fcee117ea4c2e84ed523821fd3450c
3f64e0970b308553b4206721556570b49e67bebfc46a7a6030f9eefc79fbd147
409c814b270c727dfd5178527447f2fb457d2e73080c4db52fe5982902e4ae3b
47dd690f8f315bea076e92581a7e7147443bb4c847e313ab5a7d50a8c44836d0
5ce25068de6d8ad13bfa50647fc0f0fb6434f3600d3cb6ade864eca005bb9e28
69f8d1a581af5bda2ce1cc4930f990956c9a92c303ddabb730cbcf35047ddd3a
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
71e504ca473dd24608ae81d89516363a3c2b01e1f080192291eaaf7151dad1e7
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
81f15f61b091fcf2f9a9fe7508b2035126c5475ef54ada3ad4f45c009a5b5588
9caa3419d2d6ac8a3bf414ce1486bd83223a484613493d952a66ebc2645b9388
a444810c2e9e486c4a89de40f71679dc74fc59ec48be4d0a7a8dfc64e8c9c643
a66fa7c866833e32eb226e243541159c25238966a582306a886475cb69ad3f83
c8d6ca635cba876adb55c42d7f46fc96ae1afb1a64b7215cde9498a06018d6a4
cecf999b959b976246fe2b8f1737ff93f70e8110b8105bd74852e70cb0878751
d4b285e14c9d8c9265386d967f111491f407b596cb5daf70d01ef5f9120eb0f3
d8780353110aee1abb7960378820a744209f4e109286a3bc7b720e9465e555e9