hmpremoldados.online
Open in
urlscan Pro
2a06:98c1:3121::3
Public Scan
Effective URL: https://hmpremoldados.online/
Submission Tags: suspect
Submission: On August 27 via api from BR — Scanned from NL
Summary
TLS certificate: Issued by WE1 on August 26th 2024. Valid for: 3 months.
This is the only time hmpremoldados.online was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 9 | 2a06:98c1:312... 2a06:98c1:3121::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
8 | 76.76.21.21 76.76.21.21 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:831::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a04:4e42:400... 2a04:4e42:400::720 | 54113 (FASTLY) (FASTLY) | |
4 | 157.240.253.1 157.240.253.1 | 32934 (FACEBOOK) (FACEBOOK) | |
4 | 2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
3 | 2a00:1450:400... 2a00:1450:4001:81d::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 65.9.86.81 65.9.86.81 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2620:1ec:29:1... 2620:1ec:29:1::72 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 2001:4860:480... 2001:4860:4802:32::36 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:400c:c1d::9a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:829::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 52.152.143.207 52.152.143.207 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
31 | 13 |
ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net
connect.facebook.net |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-81.ams1.r.cloudfront.net
cdn.rifei.co |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
hmpremoldados.online
8 redirects
hmpremoldados.online |
13 KB |
8 |
rifei.com.br
rifei.com.br |
127 KB |
4 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 108 |
4 KB |
4 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236 |
75 KB |
3 |
clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1114 o.clarity.ms — Cisco Umbrella Rank: 12757 |
28 KB |
3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112 |
293 KB |
2 |
google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3773 |
|
2 |
imgix.net
rifei.imgix.net |
74 KB |
1 |
google.si
www.google.si — Cisco Umbrella Rank: 20991 |
408 B |
1 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 252 |
257 B |
1 |
rifei.co
cdn.rifei.co |
2 KB |
1 |
gstatic.com
fonts.gstatic.com |
48 KB |
31 | 12 |
Domain | Requested by | |
---|---|---|
9 | hmpremoldados.online | 8 redirects |
8 | rifei.com.br |
hmpremoldados.online
|
4 | www.facebook.com |
hmpremoldados.online
|
4 | connect.facebook.net |
hmpremoldados.online
connect.facebook.net www.googletagmanager.com |
3 | www.googletagmanager.com |
hmpremoldados.online
www.googletagmanager.com |
2 | region1.analytics.google.com |
www.googletagmanager.com
|
2 | www.clarity.ms |
hmpremoldados.online
www.clarity.ms |
2 | rifei.imgix.net |
hmpremoldados.online
|
1 | o.clarity.ms |
www.clarity.ms
|
1 | www.google.si | |
1 | stats.g.doubleclick.net |
www.googletagmanager.com
|
1 | cdn.rifei.co | |
1 | fonts.gstatic.com |
hmpremoldados.online
|
31 | 13 |
This site contains links to these domains. Also see Links.
Domain |
---|
rifei.com.br |
Subject Issuer | Validity | Valid | |
---|---|---|---|
hmpremoldados.online WE1 |
2024-08-26 - 2024-11-24 |
3 months | crt.sh |
*.gstatic.com WR2 |
2024-07-30 - 2024-10-22 |
3 months | crt.sh |
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2023 Q4 |
2023-12-07 - 2025-01-07 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2024-06-05 - 2024-09-03 |
3 months | crt.sh |
*.google-analytics.com WR2 |
2024-07-30 - 2024-10-22 |
3 months | crt.sh |
rifei.com.br Amazon RSA 2048 M02 |
2023-12-23 - 2025-01-21 |
a year | crt.sh |
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1 |
2023-12-07 - 2024-12-07 |
a year | crt.sh |
*.g.doubleclick.net WR2 |
2024-07-30 - 2024-10-22 |
3 months | crt.sh |
*.google.si WR2 |
2024-07-30 - 2024-10-22 |
3 months | crt.sh |
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08 |
2024-06-23 - 2025-06-18 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://hmpremoldados.online/
Frame ID: 4B71A7695DE7824B621C651B06F069E2
Requests: 31 HTTP requests in this frame
Screenshot
Page Title
Campanhas | HM premoldadosPage URL History Show full URLs
-
http://hmpremoldados.online/
HTTP 307
https://hmpremoldados.online/ Page URL
Detected technologies
Facebook (Widgets) ExpandDetected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics (Analytics) Expand
Detected patterns
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Termos de uso
Search URL Search Domain Scan URL
Title: PolÃtica de privacidade
Search URL Search Domain Scan URL
Title: Rifei
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://hmpremoldados.online/
HTTP 307
https://hmpremoldados.online/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://hmpremoldados.online/_next/static/css/d05bfb1745c8d69d.css HTTP 302
- https://rifei.com.br/_next/static/css/d05bfb1745c8d69d.css
- https://hmpremoldados.online/_next/static/chunks/webpack-4a2024d990a62354.js HTTP 302
- https://rifei.com.br/_next/static/chunks/webpack-4a2024d990a62354.js
- https://hmpremoldados.online/_next/static/chunks/framework-4ed89e9640adfb9e.js HTTP 302
- https://rifei.com.br/_next/static/chunks/framework-4ed89e9640adfb9e.js
- https://hmpremoldados.online/_next/static/chunks/main-77dba4523bde2cd9.js HTTP 302
- https://rifei.com.br/_next/static/chunks/main-77dba4523bde2cd9.js
- https://hmpremoldados.online/_next/static/chunks/pages/_app-2e7af36098f80402.js HTTP 302
- https://rifei.com.br/_next/static/chunks/pages/_app-2e7af36098f80402.js
- https://hmpremoldados.online/_next/static/chunks/pages/campanhas/%5Busername%5D-964f8e4292cbe641.js HTTP 302
- https://rifei.com.br/_next/static/chunks/pages/campanhas/%5Busername%5D-964f8e4292cbe641.js
- https://hmpremoldados.online/_next/static/7HzjbqvkXX0rVwScs6h0y/_buildManifest.js HTTP 302
- https://rifei.com.br/_next/static/7HzjbqvkXX0rVwScs6h0y/_buildManifest.js
- https://hmpremoldados.online/_next/static/7HzjbqvkXX0rVwScs6h0y/_ssgManifest.js HTTP 302
- https://rifei.com.br/_next/static/7HzjbqvkXX0rVwScs6h0y/_ssgManifest.js
31 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
hmpremoldados.online/ Redirect Chain
|
40 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d05bfb1745c8d69d.css
rifei.com.br/_next/static/css/ Redirect Chain
|
13 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webpack-4a2024d990a62354.js
rifei.com.br/_next/static/chunks/ Redirect Chain
|
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
framework-4ed89e9640adfb9e.js
rifei.com.br/_next/static/chunks/ Redirect Chain
|
138 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-77dba4523bde2cd9.js
rifei.com.br/_next/static/chunks/ Redirect Chain
|
107 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_app-2e7af36098f80402.js
rifei.com.br/_next/static/chunks/pages/ Redirect Chain
|
67 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
%5Busername%5D-964f8e4292cbe641.js
rifei.com.br/_next/static/chunks/pages/campanhas/ Redirect Chain
|
57 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_buildManifest.js
rifei.com.br/_next/static/7HzjbqvkXX0rVwScs6h0y/ Redirect Chain
|
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_ssgManifest.js
rifei.com.br/_next/static/7HzjbqvkXX0rVwScs6h0y/ Redirect Chain
|
412 B 724 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0Q5nw.woff2
fonts.gstatic.com/s/inter/v18/ |
47 KB 48 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cm0b1f5560nrjwbjxfjjt2afm.jpeg
rifei.imgix.net/uploads/logos/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cm0b7s10m2i1owbjxadou6t06.jpeg
rifei.imgix.net/uploads/images/ |
63 KB 63 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fbevents.js
connect.facebook.net/en_US/ |
225 KB 58 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
796656588771068
connect.facebook.net/signals/config/ |
73 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 274 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ |
67 B 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
272 KB 95 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cm0b1fl7t0cu6gljr7gofe2ui.png
cdn.rifei.co/uploads/favicons/ |
2 KB 2 KB |
Other
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
319 KB 106 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
6365538940125955
connect.facebook.net/signals/config/ |
23 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fbevents.js
connect.facebook.net/en_US/ |
225 KB 0 |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9xf9l33c3l
www.clarity.ms/tag/ |
501 B 758 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
269 KB 92 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.analytics.google.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 257 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.si/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 102 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ |
67 B 278 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clarity.js
www.clarity.ms/s/0.7.45/ |
64 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collect
o.clarity.ms/ |
0 284 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.analytics.google.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| webpackChunk_N_E function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST function| fbq function| _fbq function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| _randomPageId object| _fbq_gtm_ids function| clarity function| onYouTubeIframeAPIReady object| gaGlobal4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.hmpremoldados.online/ | Name: _fbp Value: fb.1.1724765638203.599302468218363569 |
|
.hmpremoldados.online/ | Name: _gcl_au Value: 1.1.1509408366.1724765639 |
|
.hmpremoldados.online/ | Name: _ga Value: GA1.1.325323309.1724765639 |
|
.hmpremoldados.online/ | Name: _ga_9VKB6NHRWL Value: GS1.1.1724765638.1.0.1724765638.60.0.0 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=63072000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.rifei.co
connect.facebook.net
fonts.gstatic.com
hmpremoldados.online
o.clarity.ms
region1.analytics.google.com
rifei.com.br
rifei.imgix.net
stats.g.doubleclick.net
www.clarity.ms
www.facebook.com
www.google.si
www.googletagmanager.com
157.240.253.1
2001:4860:4802:32::36
2620:1ec:29:1::72
2a00:1450:4001:81d::2008
2a00:1450:4001:829::2003
2a00:1450:4001:831::2003
2a00:1450:400c:c1d::9a
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:400::720
2a06:98c1:3121::3
52.152.143.207
65.9.86.81
76.76.21.21
18e014bc1193d100a5ff1bbbc1a5b87c7dc02892b3b5da95f11f39ecf7915700
1de78213cc0a68336f41af677c02156ac1890ac5748ecdf17a72284d2367d83b
1fe713050da18a20f7dec1cc8cbb78e1d6423d8cdc7a924ec0724cf4b7ebc82e
2173bd65c63829e208246246e5ef3550430f5e6d43a9e661fd18ea5a98ae7f97
25c040dc39c301dde47947833df184603b5b723634433c94a1e1f4933229f23f
264532af47b2cfb6620970592478c442a0cd429beccead9d062ff5a91284dc15
49a95d128ac841cc44f30b6504182158b1521d9e4b25fcf5dcb298120280cace
4b0d78c11f2ca42713874a9b9aeeaf444a3dbcc48223377f17bcb8b57ea600ce
64149dcf258e9d745f989cd3e94b3c486d00ac03ff5b393f961600bc2ec894a9
649f892ddd86ed8cba6f12eaf1c28d96461f53544d1ee96c65a5cac69ced8d1b
82adafd2815d9ca49a6771392b15c4c7683f0490a8825ead54dd2d2594d44c62
8b219e2882c6c3918baca761cc2f4b4212b90d1664a43608155b1200013939ca
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b38b3c76882270d76a1186288e302e4ac91b00e99bc75a325b358a785e14f181
bc3e02056f242e4bdf2ee82dba981e35eb27380accddf61a8130b71e8c2531af
c88db2401bef7e1203e0933cc5525a0f81863bfd076756db12acea5596f089ec
c97e8d6b8e9cf4cc0a55b7057ee4ca50eb0b1681326a1638cc62182a8d977cf9
caa1e3f2ae2e75cff978cbeae06aa093d40b2d5ae7349f24527590d70967b6aa
de5b60ef934b3b49f8641a37755cb415ab9dd46968daebb4f04f6b61a631443c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f54285d870324e17e438cec2a30bad0840095c36956ef433088b2c3d8e21b6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f54edb5eb2354ff3cd10e738e11882b6fe3d3b74c2c41a226c67e2514632fde1
f9dc97f511ca9ba83938f082707e6f98c2547d29a38f0e9bd319158e16551c2d