urlscan.io logo urlscan.io
SecurityTrails logo

camaramucurici.es.gov.br Open in urlscan Pro
192.99.176.52  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://progressweatherford.com/NATURESPRINGSINVOICE/NATURESPRINGS.htm
Effective URL: https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or...
Submission: On May 13 via api from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 4 domains to perform 27 HTTP transactions. The main IP is 192.99.176.52, located in Montreal, Canada and belongs to OVH, FR. The main domain is camaramucurici.es.gov.br.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 25th 2019. Valid for: 3 months.
This is the only time camaramucurici.es.gov.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 63.247.87.2 11042 (NTHL)
1 23 192.99.176.52 16276 (OVH)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
27 7
1    63.247.87.2 (Spring, United States)

ASN11042 (NTHL - NETWORK TRANSIT HOLDINGS LLC, US)
PTR: ns7.waveservice.com
progressweatherford.com
23    192.99.176.52 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip52.ip-192-99-176.net
camaramucurici.es.gov.br
1    2a02:26f0:6c00:187::356e (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
www.microsoft.com
1    2a02:26f0:6c00:284::356e (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
c.s-microsoft.com
1    2a02:26f0:6c00:299::2b57 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
uhf.microsoft.com
1    2a02:26f0:6c00:183::356e (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
www.microsoft.com
Domain Requested by
23 camaramucurici.es.gov.br 1 redirects camaramucurici.es.gov.br
2 www.microsoft.com camaramucurici.es.gov.br
1 uhf.microsoft.com
1 c.s-microsoft.com camaramucurici.es.gov.br
1 progressweatherford.com
27 5

This site contains no links.

Subject Issuer Validity Valid
progressweatherford.com
cPanel, Inc. Certification Authority		 2019-03-28 -
2019-06-26		 3 months crt.sh
camaramucurici.es.gov.br
Let's Encrypt Authority X3		 2019-04-25 -
2019-07-24		 3 months crt.sh
www.microsoft.com
Microsoft IT TLS CA 4		 2018-01-16 -
2020-01-16		 2 years crt.sh
unistore.www.microsoft.com
Microsoft IT TLS CA 5		 2019-04-30 -
2021-04-30		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
Frame ID: 32F09D2EBA4BE2D1B4A6AC672C8CF866
Requests: 28 HTTP requests in this frame

Frame: https://www.microsoft.com/store/buy/cartcount
Frame ID: 9C9DE829266D003AC0B0922B3D800312
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://progressweatherford.com/NATURESPRINGSINVOICE/NATURESPRINGS.htm Page URL
  2. https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive HTTP 301
    https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/ Page URL
  3. https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmP... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • env /^ko$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

27
Requests

100 %
HTTPS

67 %
IPv6

4
Domains

5
Subdomains

7
IPs

3
Countries

1756 kB
Transfer

1749 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://progressweatherford.com/NATURESPRINGSINVOICE/NATURESPRINGS.htm Page URL
  2. https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive HTTP 301
    https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/ Page URL
  3. https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive HTTP 301
  • https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
NATURESPRINGS.htm
progressweatherford.com/NATURESPRINGSINVOICE/ 		100 B
305 B 		Document
General
Check archive.org
Download Go to
Full URL
https://progressweatherford.com/NATURESPRINGSINVOICE/NATURESPRINGS.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.247.87.2 Spring, United States, ASN11042 (NTHL - NETWORK TRANSIT HOLDINGS LLC, US),
Reverse DNS
ns7.waveservice.com
Software
Apache /
Resource Hash
106df392f76af2ce0d468fcf8283c6b4bd35e7aa99df40283f52c9c4b743f100

Request headers

Host
progressweatherford.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 22:16:30 GMT
Server
Apache
Last-Modified
Mon, 13 May 2019 19:53:30 GMT
Accept-Ranges
bytes
Content-Length
100
Connection
close
Content-Type
text/html
Cookie set /
camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/
Redirect Chain
  • https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive
  • https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/
253 B
633 B 		Document
General
Check archive.org
Download Go to
Full URL
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.176.52 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip52.ip-192-99-176.net
Software
Apache /
Resource Hash
77ac5e9785ff3cc51bd7c0e7e2be40665e1d5f699f74d363f939e9b140bd98fb

Request headers

Host
camaramucurici.es.gov.br
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://progressweatherford.com/NATURESPRINGSINVOICE/NATURESPRINGS.htm
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://progressweatherford.com/NATURESPRINGSINVOICE/NATURESPRINGS.htm

Response headers

Date
Mon, 13 May 2019 22:16:31 GMT
Server
Apache
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Set-Cookie
PHPSESSID=d3fe98e5537024a3fa90dc0973714759; path=/
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Mon, 13 May 2019 22:16:31 GMT
Server
Apache
Location
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/
Content-Length
266
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
Primary Request Main.php
camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/ 		365 KB
365 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
Requested by
Host: camaramucurici.es.gov.br
URL: https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.176.52 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip52.ip-192-99-176.net
Software
Apache /
Resource Hash
9c64321700fa3868516e4b8e548c3e5a1e3d578dda40fa4e27244a4547f977c8

Request headers

Host
camaramucurici.es.gov.br
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/
Accept-Encoding
gzip, deflate, br
Cookie
PHPSESSID=d3fe98e5537024a3fa90dc0973714759
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/

Response headers

Date
Mon, 13 May 2019 22:16:32 GMT
Server
Apache
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Keep-Alive
timeout=5, max=98
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
62-186d68.css
camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/ 		146 KB
146 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/62-186d68.css
Requested by
Host: camaramucurici.es.gov.br
URL: https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.176.52 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip52.ip-192-99-176.net
Software
Apache /
Resource Hash
28c68fd8c3d21374261e3a1cd672aa551f01c0b04c2f49c1b53df95f6d1cdd7b

Request headers

Referer
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 22:16:32 GMT
Last-Modified
Tue, 26 Feb 2019 18:22:16 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
149391
override.css
camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/override.css
Requested by
Host: camaramucurici.es.gov.br
URL: https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.176.52 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip52.ip-192-99-176.net
Software
Apache /
Resource Hash
3d8a9440c1cc7c677f56ec1869ac1cd7c36851dfb9430b7d554137bdb5a75387

Request headers

Referer
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 22:16:32 GMT
Last-Modified
Tue, 26 Feb 2019 18:22:16 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1403
mscc-0.css
camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/mscc-0.css
Requested by
Host: camaramucurici.es.gov.br
URL: https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.176.52 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip52.ip-192-99-176.net
Software
Apache /
Resource Hash
35211f76c4c35c17f2649b96868c0d691f1d78b107f7635d22619948d0ee6880

Request headers

Referer
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 22:16:32 GMT
Last-Modified
Tue, 26 Feb 2019 18:22:16 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1417
knockout-699241a9.js
camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/ 		64 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/knockout-699241a9.js
Requested by
Host: camaramucurici.es.gov.br
URL: https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.176.52 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip52.ip-192-99-176.net
Software
Apache /
Resource Hash
25d54c7f30dc7b1fc88f6dc032a9087044a20165f4aee9350d05ca7ef98d481d

Request headers

Referer
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 22:16:32 GMT
Last-Modified
Tue, 26 Feb 2019 18:22:16 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
65920
home-768b7a22.js
camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/ 		462 KB
462 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/home-768b7a22.js
Requested by
Host: camaramucurici.es.gov.br
URL: https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.176.52 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip52.ip-192-99-176.net
Software
Apache /
Resource Hash
be9f210fa202840034cf6dfaf9b54ba543eca56fe82534a077df3fec37812d48

Request headers

Referer
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 22:16:32 GMT
Last-Modified
Tue, 26 Feb 2019 18:22:16 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
472589
home.js
camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/ 		42 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/home.js
Requested by
Host: camaramucurici.es.gov.br
URL: https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.176.52 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip52.ip-192-99-176.net
Software
Apache /
Resource Hash
b78743ed48fd00f747c5cbc9150699382f8d594f985de557f7fac77bf954986e

Request headers

Referer
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 22:16:33 GMT
Last-Modified
Tue, 26 Feb 2019 18:22:16 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
43100
homeappfonts-6650743a.js
camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/ 		188 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/homeappfonts-6650743a.js
Requested by
Host: camaramucurici.es.gov.br
URL: https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.176.52 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip52.ip-192-99-176.net
Software
Apache /
Resource Hash
0bbca5b14608c41882bc8a6dae980570d0f8cc5ba0cb0a3a3ff5b35dca1ac8d8

Request headers

Referer
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 22:16:33 GMT
Last-Modified
Tue, 26 Feb 2019 18:22:16 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
192527
aria-4cf8a7e2.js
camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/ 		45 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/aria-4cf8a7e2.js
Requested by
Host: camaramucurici.es.gov.br
URL: https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.176.52 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip52.ip-192-99-176.net
Software
Apache /
Resource Hash
977d596ae10ea77c6a86e0a6687ffb03a6a348685af7dd60370b611c426792f9

Request headers

Referer
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 22:16:33 GMT
Last-Modified
Tue, 26 Feb 2019 18:22:16 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
46558
jquery-2.js
camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/ 		84 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/jquery-2.js
Requested by
Host: camaramucurici.es.gov.br
URL: https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.176.52 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip52.ip-192-99-176.net
Software
Apache /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Referer
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 22:16:32 GMT
Last-Modified
Tue, 26 Feb 2019 18:22:16 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
85578
18-d72213
camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/ 		125 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/18-d72213
Requested by
Host: camaramucurici.es.gov.br
URL: https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.176.52 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip52.ip-192-99-176.net
Software
Apache /
Resource Hash
99683519a4dcf1bcdcf5558a5ff5726f67590d817055109e4a63e98ade64c554

Request headers

Referer
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 22:16:32 GMT
Last-Modified
Tue, 26 Feb 2019 18:22:16 GMT
Server
Apache
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
127762
meversion
camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/ 		11 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/meversion
Requested by
Host: camaramucurici.es.gov.br
URL: https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.176.52 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip52.ip-192-99-176.net
Software
Apache /
Resource Hash
c8fc143d2edd34c4e596e314502bfe107fc5cfedaf017a65f3413423e5a58e98

Request headers

Referer
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 22:16:33 GMT
Last-Modified
Tue, 26 Feb 2019 18:22:16 GMT
Server
Apache
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
11630
mscc-0.js
camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/mscc-0.js
Requested by
Host: camaramucurici.es.gov.br
URL: https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.176.52 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip52.ip-192-99-176.net
Software
Apache /
Resource Hash
c87516d7dd7077edd467f5b7b085b035cd4803ecf049670ab19de004e270aba8

Request headers

Referer
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 22:16:32 GMT
Last-Modified
Tue, 26 Feb 2019 18:22:16 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
3560
RE1Mu3b.png
camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/RE1Mu3b.png
Requested by
Host: camaramucurici.es.gov.br
URL: https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.176.52 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip52.ip-192-99-176.net
Software
Apache /
Resource Hash
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960

Request headers

Referer
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 22:16:33 GMT
Last-Modified
Tue, 26 Feb 2019 18:22:16 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
4054
hero_devices.svg
camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/hero_devices.svg
Requested by
Host: camaramucurici.es.gov.br
URL: https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.176.52 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip52.ip-192-99-176.net
Software
Apache /
Resource Hash
687738f7d943a2e5d33eab6a13ae98357a9fe9400f5991a69b08caa4b5e56bf6

Request headers

Referer
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 22:16:33 GMT
Last-Modified
Tue, 26 Feb 2019 18:22:16 GMT
Server
Apache
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
19396
feature_any_device.svg
camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/feature_any_device.svg
Requested by
Host: camaramucurici.es.gov.br
URL: https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.176.52 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip52.ip-192-99-176.net
Software
Apache /
Resource Hash
0eb11b8b06cfff42c15fd64bb74239354cfa81461564aa003345101d67bfdebd

Request headers

Referer
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 22:16:33 GMT
Last-Modified
Tue, 26 Feb 2019 18:22:16 GMT
Server
Apache
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
2517
feature_offline_access.svg
camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/feature_offline_access.svg
Requested by
Host: camaramucurici.es.gov.br
URL: https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.176.52 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip52.ip-192-99-176.net
Software
Apache /
Resource Hash
76185d054aca425130d7880b95c18d19248e4574a1b3af612ebf2af2a207241a

Request headers

Referer
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 22:16:33 GMT
Last-Modified
Tue, 26 Feb 2019 18:22:16 GMT
Server
Apache
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
2389
feature_safety.svg
camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/feature_safety.svg
Requested by
Host: camaramucurici.es.gov.br
URL: https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.176.52 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip52.ip-192-99-176.net
Software
Apache /
Resource Hash
837b394c26a196d6c3b6b4e7a9a9dd1520a82e6d29ec514572ad01b5bb148955

Request headers

Referer
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 22:16:33 GMT
Last-Modified
Tue, 26 Feb 2019 18:22:16 GMT
Server
Apache
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
2535
sidekick_share.svg
camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/sidekick_share.svg
Requested by
Host: camaramucurici.es.gov.br
URL: https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.176.52 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip52.ip-192-99-176.net
Software
Apache /
Resource Hash
18358aa54fce839170c866cd5b28b3e7671e5f81490d4eee29c40cd45e3448ef

Request headers

Referer
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 22:16:33 GMT
Last-Modified
Tue, 26 Feb 2019 18:22:16 GMT
Server
Apache
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
16470
cartcount.htm
camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/ Frame 9C9D 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/cartcount.htm
Requested by
Host: camaramucurici.es.gov.br
URL: https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.176.52 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip52.ip-192-99-176.net
Software
Apache /
Resource Hash
a02b5e3efc0b512896ba254241100307fd00dc912576f41b0e51a102dd180fa7

Request headers

Host
camaramucurici.es.gov.br
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
Accept-Encoding
gzip, deflate, br
Cookie
PHPSESSID=d3fe98e5537024a3fa90dc0973714759
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17

Response headers

Date
Mon, 13 May 2019 22:16:33 GMT
Server
Apache
Last-Modified
Tue, 26 Feb 2019 18:22:16 GMT
Accept-Ranges
bytes
Content-Length
1038
Keep-Alive
timeout=5, max=98
Connection
Keep-Alive
Content-Type
text/html
hero_clouds.svg
camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/hero_clouds.svg
Requested by
Host: camaramucurici.es.gov.br
URL: https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.176.52 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip52.ip-192-99-176.net
Software
Apache /
Resource Hash
e7d8490eda4c512afb94e2609816b9b14490531a8a0a6a470819f1d2d6f52b0a

Request headers

Referer
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 22:16:33 GMT
Last-Modified
Tue, 26 Feb 2019 18:34:16 GMT
Server
Apache
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
2727
truncated
/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
07ec698b1036cdfbb8892f02d9510f5f671284fca9fa003b883996da040a444b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://camaramucurici.es.gov.br

Response headers

Content-Type
font/woff;charset=utf-8
mwfmdl2-v3.07.woff
www.microsoft.com/mwf/_h/v3.07/mwf.app/fonts/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/mwf/_h/v3.07/mwf.app/fonts/mwfmdl2-v3.07.woff
Requested by
Host: camaramucurici.es.gov.br
URL: https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:187::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
7f31cbb16dd8190854789bd1b43f15ae60940fb79afbb7cfbef664e12f8a247c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/62-186d68.css
Origin
https://camaramucurici.es.gov.br

Response headers

date
Mon, 13 May 2019 22:16:33 GMT
x-content-type-options
nosniff
x-rtag
RT
p3p
CP="CAO CONi OTR OUR DEM ONL"
status
200
x-activity-id
43fa36d5-356a-4e1f-826e-9af17ed88839
tls_version
tls1.2
ms-cv
ybeoOLCvu0uEdxjZ.0
content-length
22376
x-xss-protection
1
last-modified
Fri, 07 Dec 2018 20:44:48 GMT
x-az
{did:ebbeaea41e034f1a8d3657f77961d2e1, rid: 4, sn: mwf-eus-prod, dt: 2018-12-07T13:47:44.1817725Z, bt: 2018-12-01T00:33:22.0000000Z}
strict-transport-security
max-age=31536000
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=17965698
access-control-allow-headers
*
x-appversion
1.0.6909.1001
expires
Sat, 07 Dec 2019 20:44:51 GMT
truncated
/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3711ba98ca34a5bc5ce6b79de62a1a2eee453f413d2123e912d1ae6b0b0c8b33

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://camaramucurici.es.gov.br

Response headers

Content-Type
font/woff;charset=utf-8
truncated
/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d5dc6065e67ab6eae9d9a9b1fbc3938b1c54dc5cb2545fde23192feed6bbee2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://camaramucurici.es.gov.br

Response headers

Content-Type
font/woff;charset=utf-8
latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/latest.woff2
Requested by
Host: camaramucurici.es.gov.br
URL: https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:284::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/62-186d68.css
Origin
https://camaramucurici.es.gov.br

Response headers

date
Mon, 13 May 2019 22:16:33 GMT
last-modified
Tue, 01 Mar 2016 17:40:35 GMT
access-control-allow-origin
*
etag
"1D173E175B3AB80"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
status
200
cache-control
public, max-age=594153
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/font-woff2
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
34052
expires
Mon, 20 May 2019 19:19:06 GMT
_log
uhf.microsoft.com/ 		0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uhf.microsoft.com/_log?c=UEhQU0VTU0lE&h=camaramucurici.es.gov.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:299::2b57 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 May 2019 22:16:35 GMT
access-control-allow-origin
*
content-type
text/html
status
204
cache-control
max-age=0, no-cache, no-store
content-length
0
expires
Mon, 13 May 2019 22:16:35 GMT
cartcount
www.microsoft.com/store/buy/ Frame 9C9D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/store/buy/cartcount
Requested by
Host: camaramucurici.es.gov.br
URL: https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/assets/files/18-d72213
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:183::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1

Request headers

:method
GET
:authority
www.microsoft.com
:scheme
https
:path
/store/buy/cartcount
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://camaramucurici.es.gov.br/NATURESPRINGPAY/onedrive/Main.php?sslchannel=true&sessionid=K7lkSZOC2ELYGHmPw5ke3pY8fjimbF4tz4Or1SmJVhZnmM6vvuzIX0nfKMnLy1cIk7KwKVCFlMvW3KLnVB8nD4Bhwc9yc1orFrgEUZKKj0QKOKTPsH74qVw8zcvElKvj17

Response headers

status
200
pragma
no-cache
content-type
text/html; charset=utf-8
content-encoding
gzip
x-activity-id
f89b7039-39b2-489e-91db-f288718a4917
ms-cv
YA2+1cIJYEKFA/6o.0
x-appversion
1.0.7025.30620
x-az
{did:0f33282e4311401e958b35fb1cb65e20, rid: 43, sn: onestore-neu-prod, dt: 2019-04-30T20:21:53.7820100Z, bt: 2019-03-27T17:00:40.0000000Z}
ms-operation-id
6c913b3a68ca04428e9fa661bbb5516e
p3p
CP="NON DSP ADM DEV PSD OUR IND STP PHY PRE NAV UNI"
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
x-xss-protection
1
content-length
358
cache-control
max-age=86400
expires
Tue, 14 May 2019 22:16:35 GMT
date
Mon, 13 May 2019 22:16:35 GMT
vary
Accept-Encoding
tls_version
tls1.2
strict-transport-security
max-age=31536000
x-rtag
Str

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery object| ko object| clienttelemetry_build object| Microsoft object| sct object| microsoft object| mscc object| $Config object| FilesConfig object| Homepage object| MSA object| MeControl function| MejQuery object| msCommonShell undefined| __extends undefined| __assign

1 Cookies

Domain/Path Name / Value
camaramucurici.es.gov.br/ Name: PHPSESSID
Value: d3fe98e5537024a3fa90dc0973714759

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.s-microsoft.com
camaramucurici.es.gov.br
progressweatherford.com
uhf.microsoft.com
www.microsoft.com
192.99.176.52
2a02:26f0:6c00:183::356e
2a02:26f0:6c00:187::356e
2a02:26f0:6c00:284::356e
2a02:26f0:6c00:299::2b57
63.247.87.2
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
07ec698b1036cdfbb8892f02d9510f5f671284fca9fa003b883996da040a444b
0bbca5b14608c41882bc8a6dae980570d0f8cc5ba0cb0a3a3ff5b35dca1ac8d8
0eb11b8b06cfff42c15fd64bb74239354cfa81461564aa003345101d67bfdebd
106df392f76af2ce0d468fcf8283c6b4bd35e7aa99df40283f52c9c4b743f100
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
18358aa54fce839170c866cd5b28b3e7671e5f81490d4eee29c40cd45e3448ef
1d5dc6065e67ab6eae9d9a9b1fbc3938b1c54dc5cb2545fde23192feed6bbee2
25d54c7f30dc7b1fc88f6dc032a9087044a20165f4aee9350d05ca7ef98d481d
28c68fd8c3d21374261e3a1cd672aa551f01c0b04c2f49c1b53df95f6d1cdd7b
35211f76c4c35c17f2649b96868c0d691f1d78b107f7635d22619948d0ee6880
3711ba98ca34a5bc5ce6b79de62a1a2eee453f413d2123e912d1ae6b0b0c8b33
3d8a9440c1cc7c677f56ec1869ac1cd7c36851dfb9430b7d554137bdb5a75387
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b
687738f7d943a2e5d33eab6a13ae98357a9fe9400f5991a69b08caa4b5e56bf6
76185d054aca425130d7880b95c18d19248e4574a1b3af612ebf2af2a207241a
77ac5e9785ff3cc51bd7c0e7e2be40665e1d5f699f74d363f939e9b140bd98fb
7f31cbb16dd8190854789bd1b43f15ae60940fb79afbb7cfbef664e12f8a247c
837b394c26a196d6c3b6b4e7a9a9dd1520a82e6d29ec514572ad01b5bb148955
977d596ae10ea77c6a86e0a6687ffb03a6a348685af7dd60370b611c426792f9
99683519a4dcf1bcdcf5558a5ff5726f67590d817055109e4a63e98ade64c554
9c64321700fa3868516e4b8e548c3e5a1e3d578dda40fa4e27244a4547f977c8
a02b5e3efc0b512896ba254241100307fd00dc912576f41b0e51a102dd180fa7
b78743ed48fd00f747c5cbc9150699382f8d594f985de557f7fac77bf954986e
be9f210fa202840034cf6dfaf9b54ba543eca56fe82534a077df3fec37812d48
c87516d7dd7077edd467f5b7b085b035cd4803ecf049670ab19de004e270aba8
c8fc143d2edd34c4e596e314502bfe107fc5cfedaf017a65f3413423e5a58e98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d8490eda4c512afb94e2609816b9b14490531a8a0a6a470819f1d2d6f52b0a