sabunamorea.com Open in urlscan Pro
104.238.145.6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sabunamorea.com/
Submission: On March 21 via api (March 21st 2024, 12:03:21 pm UTC) from US — Scanned from US

Summary HTTP 26 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 26 HTTP transactions. The main IP is 104.238.145.6, located in Dallas, United States and belongs to AS-CHOOPA, US. The main domain is sabunamorea.com.
TLS certificate: Issued by R3 on March 19th 2024. Valid for: 3 months.

This is the only time sabunamorea.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
20	104.238.145.6 104.238.145.6		20473 (AS-CHOOPA) (AS-CHOOPA)
2	2607:f8b0:400... 2607:f8b0:4006:81c::200a		15169 (GOOGLE) (GOOGLE)
1	103.9.161.219 103.9.161.219		135302 (CLOUDSIGM...) (CLOUDSIGMA-AS-AP CLOUDSIGMA-)
26	4

20 104.238.145.6 (Dallas, United States)

ASN20473 (AS-CHOOPA, US)
PTR: us03.kuncihosting.com

sabunamorea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.9.161.219 (Perth, Australia)

ASN135302 (CLOUDSIGMA-AS-AP CLOUDSIGMA-, AU)
PTR: 219-161-9-103.dcwest.net.au

www.ineedhits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	sabunamorea.com sabunamorea.com	403 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	7 KB
1	ineedhits.com www.ineedhits.com
0	feedjit.com Failed feedjit.com Failed
0	zuperpush.com Failed zuperpush.com Failed
26	5

	Domain	Requested by
20	sabunamorea.com	sabunamorea.com
2	fonts.googleapis.com	sabunamorea.com
1	www.ineedhits.com	sabunamorea.com
0	feedjit.com Failed	sabunamorea.com
0	zuperpush.com Failed	sabunamorea.com
26	5

This site contains no links.

Subject Issuer	Validity	Valid
*.sabunamorea.com R3	`2024-03-19` - `2024-06-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.ineedhits.com Go Daddy Secure Certificate Authority - G2	`2019-12-06` - `2021-12-06`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://sabunamorea.com/
Frame ID: 12E1D36E4A8328EA2FDB2A5244A4B814
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

26
Requests

85 %
HTTPS

33 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

410 kB
Transfer

1004 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
sabunamorea.com/ 95 KB
18 KB 1566ms
818ms Document
text/html 104.238.145.6
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://sabunamorea.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.238.145.6 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: us03.kuncihosting.com
Software: LiteSpeed / PHP/7.4.33
Resource Hash: 191817308d393f5cade8e4fa1ca13ff4017666c6c988afc80c496094fbab2d93

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 21 Mar 2024 12:02:41 GMT
link: <https://sabunamorea.com/wp-json/>; rel="https://api.w.org/"
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 style-gc-message-bar.php
sabunamorea.com/wp-content/plugins/gc-message-bar/ 12 KB
2 KB 2322ms
2317ms Stylesheet
text/css 104.238.145.6
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://sabunamorea.com/wp-content/plugins/gc-message-bar/style-gc-message-bar.php?ver=6.3.3
Requested by: Host: sabunamorea.com
URL: https://sabunamorea.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.238.145.6 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: us03.kuncihosting.com
Software: LiteSpeed / PHP/7.4.33
Resource Hash: 4c7ca7c95cfcc9dd9f8ecf5e6f5f22d57706cc432faa87b4d54e42f3b452f764

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sabunamorea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 12:02:43 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=604800
expires: Thu, 28 Mar 2024 12:02:43 GMT

GET
H2 200 css
fonts.googleapis.com/ 130 KB
6 KB 214ms
58ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CLato%3A100%2C300%2C400%2C700%2C900%2C100italic%2C300italic%2C400italic%2C700italic%2C900italic%7CPT+Sans%3A400%2C700%2C400italic%2C700italic%7CBitter%3A400%2C700%2C400italic%7CDroid+Serif%3A400%2C700%2C700italic%2C400italic%7COpen+Sans%3A300italic%2C400italic%2C600italic%2C700italic%2C800italic%2C400%2C800%2C700%2C600%2C300%7COswald%3A400%2C700%2C300%7COpen+Sans+Condensed%3A300%2C300italic%2C700%7CYanone+Kaffeesatz%3A400%2C700%2C300%2C200%7CRoboto%3A400%2C900italic%2C700italic%2C900%2C700%2C500italic%2C500%2C400italic%2C300italic%2C300%2C100italic%2C100&subset=latin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese&ver=6.3.3

Requested by

Host: sabunamorea.com
URL: https://sabunamorea.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

85cc9ccdec3ae75d80eb31e7a34957eaced60c4f136dbd202918d01bc1ff1db6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sabunamorea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Mar 2024 12:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 12:02:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Mar 2024 12:02:41 GMT

GET
H2 200 style.min.css
sabunamorea.com/wp-includes/css/dist/block-library/ 102 KB
13 KB 66ms
62ms Stylesheet
text/css 104.238.145.6
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://sabunamorea.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3.3
Requested by: Host: sabunamorea.com
URL: https://sabunamorea.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.238.145.6 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: us03.kuncihosting.com
Software: LiteSpeed /
Resource Hash: 67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sabunamorea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 12:02:41 GMT
content-encoding: br
last-modified: Wed, 19 Jul 2023 09:43:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 12962
expires: Thu, 28 Mar 2024 12:02:41 GMT

GET
H2 200 font-awesome.min.css
sabunamorea.com/wp-content/themes/cleanead/css/ 28 KB
6 KB 149ms
145ms Stylesheet
text/css 104.238.145.6
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://sabunamorea.com/wp-content/themes/cleanead/css/font-awesome.min.css?ver=6.3.3
Requested by: Host: sabunamorea.com
URL: https://sabunamorea.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.238.145.6 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: us03.kuncihosting.com
Software: LiteSpeed /
Resource Hash: b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sabunamorea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 12:02:41 GMT
content-encoding: br
last-modified: Tue, 05 Jul 2016 04:09:16 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6213
expires: Thu, 28 Mar 2024 12:02:41 GMT

GET
H2 200 bootstrap.css
sabunamorea.com/wp-content/themes/cleanead/css/ 142 KB
20 KB 86ms
83ms Stylesheet
text/css 104.238.145.6
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://sabunamorea.com/wp-content/themes/cleanead/css/bootstrap.css?ver=6.3.3
Requested by: Host: sabunamorea.com
URL: https://sabunamorea.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.238.145.6 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: us03.kuncihosting.com
Software: LiteSpeed /
Resource Hash: 39da5ac831051236667eec850683ff6f7fee5edbc8624857a2fde26bdf248e15

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sabunamorea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 12:02:41 GMT
content-encoding: br
last-modified: Tue, 05 Jul 2016 04:09:16 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 19943
expires: Thu, 28 Mar 2024 12:02:41 GMT

GET
H2 200 style.css
sabunamorea.com/wp-content/themes/cleanead/ 39 KB
7 KB 113ms
110ms Stylesheet
text/css 104.238.145.6
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://sabunamorea.com/wp-content/themes/cleanead/style.css?ver=6.3.3
Requested by: Host: sabunamorea.com
URL: https://sabunamorea.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.238.145.6 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: us03.kuncihosting.com
Software: LiteSpeed /
Resource Hash: 698e0c59093c0cede3b547d5f134932897fd8768fa983545aa8eb8d0cf6e6bff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sabunamorea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 12:02:41 GMT
content-encoding: br
last-modified: Tue, 05 Jul 2016 04:09:14 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7255
expires: Thu, 28 Mar 2024 12:02:41 GMT

GET
H2 200 jquery.min.js Show response
sabunamorea.com/wp-includes/js/jquery/ 85 KB
29 KB 114ms
111ms Script
application/javascript 104.238.145.6
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://sabunamorea.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by: Host: sabunamorea.com
URL: https://sabunamorea.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.238.145.6 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: us03.kuncihosting.com
Software: LiteSpeed /
Resource Hash: 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sabunamorea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 12:02:41 GMT
content-encoding: br
last-modified: Fri, 26 May 2023 10:03:36 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29712
expires: Thu, 28 Mar 2024 12:02:41 GMT

GET
H2 200 jquery-migrate.min.js Show response
sabunamorea.com/wp-includes/js/jquery/ 13 KB
5 KB 111ms
108ms Script
application/javascript 104.238.145.6
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://sabunamorea.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: sabunamorea.com
URL: https://sabunamorea.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.238.145.6 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: us03.kuncihosting.com
Software: LiteSpeed /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sabunamorea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 12:02:41 GMT
content-encoding: br
last-modified: Fri, 09 Jun 2023 04:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Thu, 28 Mar 2024 12:02:41 GMT

GET
H2 200 utils.min.js Show response
sabunamorea.com/wp-includes/js/ 2 KB
812 B 113ms
110ms Script
application/javascript 104.238.145.6
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://sabunamorea.com/wp-includes/js/utils.min.js?ver=6.3.3
Requested by: Host: sabunamorea.com
URL: https://sabunamorea.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.238.145.6 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: us03.kuncihosting.com
Software: LiteSpeed /
Resource Hash: a2687fe8e299a3aad2d4701478f7a7ea3689ef4f470372e3484cf28b84b019b1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sabunamorea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 12:02:41 GMT
content-encoding: br
last-modified: Fri, 23 Sep 2022 18:25:30 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 756
expires: Thu, 28 Mar 2024 12:02:41 GMT

GET 105983169
zuperpush.com/integration/build/ 0
0

GET
H2 404 Cream-Khusus-yang-ampuh-dengan-cepat-untuk-Flek-Membandel-714x362.jpg
sabunamorea.com/wp-content/uploads/2018/04/ 57 KB
57 KB 2324ms
2321ms Image
text/html 104.238.145.6
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sabunamorea.com/wp-content/uploads/2018/04/Cream-Khusus-yang-ampuh-dengan-cepat-untuk-Flek-Membandel-714x362.jpg
Requested by: Host: sabunamorea.com
URL: https://sabunamorea.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.238.145.6 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: us03.kuncihosting.com
Software: LiteSpeed / PHP/7.4.33
Resource Hash: c76d13900d8a3305393d43d90a1f543b7298b5f4cb80cb50f544515df3df4d58

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sabunamorea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 12:02:43 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://sabunamorea.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 efek-tosca-sozo-cream-pada-Kulit-berbopeng-berjerawat-dan-sangat-berminyak-714x450.jpg
sabunamorea.com/wp-content/uploads/2018/03/ 57 KB
57 KB 2420ms
2418ms Image
text/html 104.238.145.6
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sabunamorea.com/wp-content/uploads/2018/03/efek-tosca-sozo-cream-pada-Kulit-berbopeng-berjerawat-dan-sangat-berminyak-714x450.jpg
Requested by: Host: sabunamorea.com
URL: https://sabunamorea.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.238.145.6 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: us03.kuncihosting.com
Software: LiteSpeed / PHP/7.4.33
Resource Hash: df833d4adc2283873ac4e8801d1833832d0a493c169c8795a68b4ba9714122cc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sabunamorea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 12:02:43 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://sabunamorea.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 pengobatan-demodex-pada-manusia-dengan-tosca-sozo.png
sabunamorea.com/wp-content/uploads/2018/03/ 56 KB
56 KB 2383ms
2381ms Image
text/html 104.238.145.6
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sabunamorea.com/wp-content/uploads/2018/03/pengobatan-demodex-pada-manusia-dengan-tosca-sozo.png
Requested by: Host: sabunamorea.com
URL: https://sabunamorea.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.238.145.6 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: us03.kuncihosting.com
Software: LiteSpeed / PHP/7.4.33
Resource Hash: e83a0ee0f25401c96edb0080aedd6345ffbcbe693661d65481010a6b22e1a585

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sabunamorea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 12:02:43 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://sabunamorea.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 404 beli-sabun-amoorea-tosca-di-jakarta.jpg
sabunamorea.com/wp-content/uploads/2017/02/ 56 KB
56 KB 1096ms
1096ms Image
text/html 104.238.145.6
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sabunamorea.com/wp-content/uploads/2017/02/beli-sabun-amoorea-tosca-di-jakarta.jpg
Requested by: Host: sabunamorea.com
URL: https://sabunamorea.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.238.145.6 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: us03.kuncihosting.com
Software: LiteSpeed / PHP/7.4.33
Resource Hash: 331d783f4469e06e88e53f03609fb72a50fcfef3ab7adc2a550071bdbd80636d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sabunamorea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 12:02:44 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://sabunamorea.com/wp-json/>; rel="https://api.w.org/"
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 404 BAB-berdarah-tanpa-rasa-sakit-minum-sufran-fiber.jpg
sabunamorea.com/wp-content/uploads/2017/11/ 2 KB
2 KB 1090ms
1090ms Image
text/html 104.238.145.6
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sabunamorea.com/wp-content/uploads/2017/11/BAB-berdarah-tanpa-rasa-sakit-minum-sufran-fiber.jpg
Requested by: Host: sabunamorea.com
URL: https://sabunamorea.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.238.145.6 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: us03.kuncihosting.com
Software: LiteSpeed / PHP/7.4.33
Resource Hash: c7394b8d86cbf5b68eed9d3a0e44a87a14091bdee10c8b8122b603ffa9940bba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sabunamorea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 12:02:44 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://sabunamorea.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET /
feedjit.com/serve/ 0
0

GET
H3 404 AMOOREA-TOSCA-VS-GLUTAVIA-BEAUTY-DRINK.jpg
sabunamorea.com/wp-content/uploads/2016/08/ 56 KB
56 KB 681ms
681ms Image
text/html 104.238.145.6
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sabunamorea.com/wp-content/uploads/2016/08/AMOOREA-TOSCA-VS-GLUTAVIA-BEAUTY-DRINK.jpg
Requested by: Host: sabunamorea.com
URL: https://sabunamorea.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.238.145.6 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: us03.kuncihosting.com
Software: LiteSpeed / PHP/7.4.33
Resource Hash: 2e439d4efaf82064f90f12a2b5b4f490b59b54ffdeafc147015da21e339bb19d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sabunamorea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 12:02:45 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://sabunamorea.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 SFbutton.gif
www.ineedhits.com/images/trackingbuttons/ 0
0 1062ms
274ms Image
text/html 103.9.161.219
CLOUDSIGMA-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ineedhits.com/images/trackingbuttons/SFbutton.gif?ref=1650406
Requested by: Host: sabunamorea.com
URL: https://sabunamorea.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.9.161.219 Perth, Australia, ASN135302 (CLOUDSIGMA-AS-AP CLOUDSIGMA-, AU),
Reverse DNS: 219-161-9-103.dcwest.net.au
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sabunamorea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H3 200 effect.min.js Show response
sabunamorea.com/wp-includes/js/jquery/ui/ 17 KB
6 KB 49ms
48ms Script
application/javascript 104.238.145.6
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://sabunamorea.com/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.2
Requested by: Host: sabunamorea.com
URL: https://sabunamorea.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.238.145.6 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: us03.kuncihosting.com
Software: LiteSpeed /
Resource Hash: e01066b294dfd407a252a6a27d433b576931311f83b52352633bd6a1a3ae16cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sabunamorea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 12:02:44 GMT
content-encoding: br
last-modified: Thu, 02 Feb 2023 15:06:32 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6307
expires: Thu, 28 Mar 2024 12:02:44 GMT

GET
H3 200 bootstrap.min.js Show response
sabunamorea.com/wp-content/themes/cleanead/js/ 36 KB
9 KB 49ms
48ms Script
application/javascript 104.238.145.6
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://sabunamorea.com/wp-content/themes/cleanead/js/bootstrap.min.js?ver=20151215
Requested by: Host: sabunamorea.com
URL: https://sabunamorea.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.238.145.6 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: us03.kuncihosting.com
Software: LiteSpeed /
Resource Hash: 2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sabunamorea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 12:02:44 GMT
content-encoding: br
last-modified: Tue, 05 Jul 2016 04:09:14 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9449
expires: Thu, 28 Mar 2024 12:02:44 GMT

GET
H3 200 script.js Show response
sabunamorea.com/wp-content/themes/cleanead/js/ 3 KB
1014 B 49ms
49ms Script
application/javascript 104.238.145.6
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://sabunamorea.com/wp-content/themes/cleanead/js/script.js?ver=20151215
Requested by: Host: sabunamorea.com
URL: https://sabunamorea.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.238.145.6 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: us03.kuncihosting.com
Software: LiteSpeed /
Resource Hash: 980fb43b322e265b16412096359190e29850d8261d456e59107986e739197fca

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sabunamorea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 12:02:44 GMT
content-encoding: br
last-modified: Tue, 05 Jul 2016 04:09:14 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 992
expires: Thu, 28 Mar 2024 12:02:44 GMT

GET
H3 200 navigation.js Show response
sabunamorea.com/wp-content/themes/cleanead/js/ 2 KB
776 B 49ms
48ms Script
application/javascript 104.238.145.6
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://sabunamorea.com/wp-content/themes/cleanead/js/navigation.js?ver=20151215
Requested by: Host: sabunamorea.com
URL: https://sabunamorea.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.238.145.6 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: us03.kuncihosting.com
Software: LiteSpeed /
Resource Hash: a545fe148926bea910674f88ba47fd4aca984902ebccad3a4942142360524347

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sabunamorea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 12:02:44 GMT
content-encoding: br
last-modified: Tue, 05 Jul 2016 04:09:14 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 754
expires: Thu, 28 Mar 2024 12:02:44 GMT

GET
H3 200 skip-link-focus-fix.js Show response
sabunamorea.com/wp-content/themes/cleanead/js/ 880 B
402 B 49ms
49ms Script
application/javascript 104.238.145.6
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://sabunamorea.com/wp-content/themes/cleanead/js/skip-link-focus-fix.js?ver=20151215
Requested by: Host: sabunamorea.com
URL: https://sabunamorea.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.238.145.6 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: us03.kuncihosting.com
Software: LiteSpeed /
Resource Hash: c9104efada1e3f4b091183121a645b8298608c10a5b16bc3b1cbcb409b4f2777

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sabunamorea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 12:02:44 GMT
content-encoding: br
last-modified: Tue, 05 Jul 2016 04:09:14 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 380
expires: Thu, 28 Mar 2024 12:02:44 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
862 B 51ms
51ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:400,400italic,700,700italic,300italic,300

Requested by

Host: sabunamorea.com
URL: https://sabunamorea.com/wp-content/themes/cleanead/style.css?ver=6.3.3

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1a3cad7d2b4a4e7001a77397ccd07be4607679163ba1990caf8141b5f7b3370f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sabunamorea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Mar 2024 12:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 12:02:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Mar 2024 12:02:41 GMT

GET
BLOB 200
OK f8db1466-f173-403d-bdb5-7a260ef3a9e8
https://sabunamorea.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://sabunamorea.com/f8db1466-f173-403d-bdb5-7a260ef3a9e8
Requested by: Host: sabunamorea.com
URL: https://sabunamorea.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: zuperpush.com
URL: https://zuperpush.com/integration/build/105983169

Domain: feedjit.com
URL: https://feedjit.com/serve/?vv=1022&tft=3&dd=0&wid=cf9c03f8750e2a06&pid=0&proid=0&bc=FFFFFF&tc=000000&brd1=012B6B&lnk=135D9E&hc=FFFFFF&hfc=2853A8&btn=C99700&ww=200&wne=6&wh=Live+Traffic+Feed&hl=0&hlnks=0&hfce=0&srefs=0&hbars=0

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wpemojiSettings undefined| $ function| jQuery object| userSettings object| wpCookies function| getUserSetting function| setUserSetting function| deleteUserSetting function| getAllUserSettings string| image_save_msg string| no_menu_msg string| smessage function| disableEnterKey function| wccp_free_iscontenteditable function| disable_copy function| disable_copy_ie function| reEnable function| disableSelection function| onlongtouch undefined| timer number| touchduration string| elemtype function| touchstart function| touchend function| wccp_pro_is_passive function| nocontext undefined| e

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sabunamorea.com/wp-content/uploads/2018/04/Cream-Khusus-yang-ampuh-dengan-cepat-untuk-Flek-Membandel-714x362.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sabunamorea.com/wp-content/uploads/2018/03/pengobatan-demodex-pada-manusia-dengan-tosca-sozo.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sabunamorea.com/wp-content/uploads/2018/03/efek-tosca-sozo-cream-pada-Kulit-berbopeng-berjerawat-dan-sangat-berminyak-714x450.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sabunamorea.com/wp-content/uploads/2017/02/beli-sabun-amoorea-tosca-di-jakarta.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://feedjit.com/serve/?vv=1022&tft=3&dd=0&wid=cf9c03f8750e2a06&pid=0&proid=0&bc=FFFFFF&tc=000000&brd1=012B6B&lnk=135D9E&hc=FFFFFF&hfc=2853A8&btn=C99700&ww=200&wne=6&wh=Live+Traffic+Feed&hl=0&hlnks=0&hfce=0&srefs=0&hbars=0 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sabunamorea.com/wp-content/uploads/2017/11/BAB-berdarah-tanpa-rasa-sakit-minum-sufran-fiber.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sabunamorea.com/wp-content/uploads/2016/08/AMOOREA-TOSCA-VS-GLUTAVIA-BEAUTY-DRINK.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.ineedhits.com/images/trackingbuttons/SFbutton.gif?ref=1650406 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

feedjit.com
fonts.googleapis.com
sabunamorea.com
www.ineedhits.com
zuperpush.com
feedjit.com
zuperpush.com
103.9.161.219
104.238.145.6
2607:f8b0:4006:81c::200a
191817308d393f5cade8e4fa1ca13ff4017666c6c988afc80c496094fbab2d93
1a3cad7d2b4a4e7001a77397ccd07be4607679163ba1990caf8141b5f7b3370f
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2e439d4efaf82064f90f12a2b5b4f490b59b54ffdeafc147015da21e339bb19d
331d783f4469e06e88e53f03609fb72a50fcfef3ab7adc2a550071bdbd80636d
39da5ac831051236667eec850683ff6f7fee5edbc8624857a2fde26bdf248e15
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4c7ca7c95cfcc9dd9f8ecf5e6f5f22d57706cc432faa87b4d54e42f3b452f764
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
698e0c59093c0cede3b547d5f134932897fd8768fa983545aa8eb8d0cf6e6bff
85cc9ccdec3ae75d80eb31e7a34957eaced60c4f136dbd202918d01bc1ff1db6
980fb43b322e265b16412096359190e29850d8261d456e59107986e739197fca
a2687fe8e299a3aad2d4701478f7a7ea3689ef4f470372e3484cf28b84b019b1
a545fe148926bea910674f88ba47fd4aca984902ebccad3a4942142360524347
b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d
c7394b8d86cbf5b68eed9d3a0e44a87a14091bdee10c8b8122b603ffa9940bba
c76d13900d8a3305393d43d90a1f543b7298b5f4cb80cb50f544515df3df4d58
c9104efada1e3f4b091183121a645b8298608c10a5b16bc3b1cbcb409b4f2777
df833d4adc2283873ac4e8801d1833832d0a493c169c8795a68b4ba9714122cc
e01066b294dfd407a252a6a27d433b576931311f83b52352633bd6a1a3ae16cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e83a0ee0f25401c96edb0080aedd6345ffbcbe693661d65481010a6b22e1a585