lacopresentes.com.br Open in urlscan Pro
158.69.255.13 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ocul.in/6ym
Effective URL:
https://lacopresentes.com.br/Foauth/client4/
Submission: On January 10 via manual (January 10th 2018, 6:43:12 pm UTC) from US

Summary HTTP 31 Redirects Links 1 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 3 countries across 6 domains to perform 31 HTTP transactions. The main IP is 158.69.255.13, located in Montréal, Canada and belongs to OVH, FR. The main domain is lacopresentes.com.br.
TLS certificate: Issued by cPanel, Inc. Certification Authority on December 6th 2017. Valid for: 3 months.

This is the only time lacopresentes.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 1	2400:cb00:204... 2400:cb00:2048:1::6818:73e6		13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	31.31.196.135 31.31.196.135		197695 (AS-REG) (AS-REG)
2	158.69.255.13 158.69.255.13		16276 (OVH) (OVH)
3	151.101.129.63 151.101.129.63		54113 (FASTLY) (FASTLY - Fastly)
31	4

1 2400:cb00:2048:1::6818:73e6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ocul.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.31.196.135 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: server148.hosting.reg.ru

cremmassage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 158.69.255.13 (Montréal, Canada)

ASN16276 (OVH, FR)
PTR: host.uamktdigital.com.br

lacopresentes.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.129.63 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

assets.pagar.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	pagar.me assets.pagar.me
2	lacopresentes.com.br lacopresentes.com.br
1	cremmassage.com cremmassage.com
1	ocul.in 1 redirects ocul.in	218 B
0	googleapis.com Failed ajax.googleapis.com Failed
0	google-analytics.com Failed www.google-analytics.com Failed
31	6

	Domain	Requested by
3	assets.pagar.me	lacopresentes.com.br assets.pagar.me
2	lacopresentes.com.br	lacopresentes.com.br
1	cremmassage.com
1	ocul.in	1 redirects
0	ajax.googleapis.com Failed	assets.pagar.me
0	www.google-analytics.com Failed	lacopresentes.com.br
31	6

This site contains links to these domains. Also see Links.

Domain
www.lexusthemes.com

Subject Issuer	Validity	Valid
lacopresentes.com.br cPanel, Inc. Certification Authority	`2017-12-06` - `2018-03-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://lacopresentes.com.br/Foauth/client4/
Frame ID: (32E942142201A66236D887B971EF51D2)
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://ocul.in/6ym HTTP 302
http://cremmassage.com/common/oauth8/ Page URL
https://lacopresentes.com.br/Foauth/client4/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js/i
script /jquery-ui(?:-|\.)([\d.]*\d)[^\/]*\.js/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui(?:-|\.)([\d.]*\d)[^\/]*\.js/i
script /jquery-ui.*\.js/i

Twitter Bootstrap () Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i

Page Statistics

31
Requests

3 %
HTTPS

25 %
IPv6

6
Domains

6
Subdomains

4
IPs

3
Countries

0 kB
Transfer

130 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.lexusthemes.com/
Title: LexusThemes

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ocul.in/6ym HTTP 302
http://cremmassage.com/common/oauth8/ Page URL
https://lacopresentes.com.br/Foauth/client4/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://ocul.in/6ym HTTP 302
http://cremmassage.com/common/oauth8/

31 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response cremmassage.com/common/oauth8/ Redirect Chain https://ocul.in/6ym http://cremmassage.com/common/oauth8/	107 B 0	122ms 70ms	Document text/html	31.31.196.135 AS-REG
General Check archive.org Show headers Download Go to Full URL http://cremmassage.com/common/oauth8/ Protocol HTTP/1.1 Server 31.31.196.135 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS server148.hosting.reg.ru Software nginx / PHP/5.6.30 Resource Hash `c419afab3dc7388214dac50b07f37f61cdcf5f2973e9838c64b9e3d1eae44ad6` Request headers Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Connection keep-alive Accept-Encoding gzip, deflate Host cremmassage.com Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Wed, 10 Jan 2018 18:43:01 GMT Content-Encoding gzip Server nginx X-Powered-By PHP/5.6.30 Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Redirect headers status 302 date Wed, 10 Jan 2018 18:43:01 GMT server cloudflare set-cookie __cfduid=d3c94eb041147cb4d8c771991beca6d661515609780; expires=Thu, 10-Jan-19 18:43:00 GMT; path=/; domain=.ocul.in; HttpOnly cf-ray 3db1c78a6b309816-FRA location http://cremmassage.com/common/oauth8/ content-type text/html;charset=ISO-8859-1
GET H/1.1	404 Not Found	Primary Request Cookie set / Show response lacopresentes.com.br/Foauth/client4/	17 KB 0	401ms 207ms	Document text/html	158.69.255.13 OVH
General Check archive.org Show headers Download Go to Full URL https://lacopresentes.com.br/Foauth/client4/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 158.69.255.13 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS host.uamktdigital.com.br Software Apache / Resource Hash `663b7048ceddbfb31a29a408188837d8c462138e97db8ba633fa0319d223e7be` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host lacopresentes.com.br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Referer http://cremmassage.com/common/oauth8/ Connection keep-alive Cache-Control no-cache Upgrade-Insecure-Requests 1 Referer http://cremmassage.com/common/oauth8/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Pragma no-cache Date Wed, 10 Jan 2018 18:43:01 GMT Server Apache Transfer-Encoding chunked Content-Type text/html; charset=utf-8 Set-Cookie PHPSESSID=q8c6s9g4l6afbvqfrqj5i4vru5; path=/ language=pt-br; expires=Fri, 09-Feb-2018 18:43:01 GMT; Max-Age=2592000; path=/; domain=lacopresentes.com.br currency=BRL; expires=Fri, 09-Feb-2018 18:43:01 GMT; Max-Age=2592000; path=/; domain=lacopresentes.com.br Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection Keep-Alive Keep-Alive timeout=5, max=100 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET S	200	pagarme.min.js Show response assets.pagar.me/js/	83 KB 0	216ms 20ms	Script application/javascript	151.101.129.63 Fastly
General Check archive.org Show headers Download Go to Full URL https://assets.pagar.me/js/pagarme.min.js Requested by Host: lacopresentes.com.br URL: https://lacopresentes.com.br/Foauth/client4/ Protocol SPDY Server 151.101.129.63 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software nginx / Resource Hash `88f12410d957fc37db81b965be555f01113f8b9b521774c5bf78ac6e96f6f384` Request headers Referer https://lacopresentes.com.br/Foauth/client4/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Wed, 10 Jan 2018 18:43:02 GMT content-encoding gzip age 2343 x-cache HIT, HIT status 200 content-length 22802 x-served-by cache-sea1036-SEA, cache-hhn1527-HHN access-control-allow-origin * last-modified Thu, 26 Jan 2017 18:51:00 GMT server nginx etag "588a4514-14a9c" vary Accept-Encoding access-control-allow-methods GET,HEAD,OPTIONS content-type application/javascript via 1.1 varnish, 1.1 varnish fastly-debug-digest c02b7e8782b2f637d986a6107552d6cd5181e9c5f35baa8a66f7fa2ccb3f2e6a accept-ranges bytes x-cache-hits 34, 1
GET S	200	checkout.js Show response assets.pagar.me/checkout/	7 KB 0	216ms 20ms	Script application/javascript	151.101.129.63 Fastly
General Check archive.org Show headers Download Go to Full URL https://assets.pagar.me/checkout/checkout.js Requested by Host: lacopresentes.com.br URL: https://lacopresentes.com.br/Foauth/client4/ Protocol SPDY Server 151.101.129.63 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software nginx / Resource Hash `076edc0e80203c6c81fa8734d60a9b61dc65949941eceedc27ea22e61df6c7c9` Request headers Referer https://lacopresentes.com.br/Foauth/client4/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Wed, 10 Jan 2018 18:43:02 GMT content-encoding gzip age 4265 x-cache HIT, HIT status 200 content-length 2867 x-served-by cache-sea1023-SEA, cache-hhn1527-HHN access-control-allow-origin * last-modified Mon, 08 Jan 2018 11:45:54 GMT server nginx etag "5a5359f2-1b16" vary Accept-Encoding access-control-allow-methods GET,HEAD,OPTIONS content-type application/javascript via 1.1 varnish, 1.1 varnish fastly-debug-digest 4b8cb300fda3c1fae0d9d6a8a60f18b827f6936cfc4df888b702a6fb8f7b1be9 accept-ranges bytes x-cache-hits 13, 520
GET H/1.1	200 OK	lacologo.png lacopresentes.com.br/image/data/	6 KB 0	192ms 96ms	Image image/png	158.69.255.13 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://lacopresentes.com.br/image/data/lacologo.png Requested by Host: lacopresentes.com.br URL: https://lacopresentes.com.br/Foauth/client4/ Protocol HTTP/1.1 Server 158.69.255.13 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS host.uamktdigital.com.br Software Apache / Resource Hash `d2bf7a7428630e78ae0ea9b8854a0a931ac3d3ea74b8a3fb0c4a12783e67642b` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Wed, 10 Jan 2018 18:43:02 GMT Last-Modified Wed, 01 Jul 2015 17:05:26 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 6567
GET		bootstrap.css lacopresentes.com.br/catalog/view/theme/lexus_maxxshop/stylesheet/	0 0

GET		stylesheet.css lacopresentes.com.br/catalog/view/theme/lexus_maxxshop/stylesheet/	0 0

GET		font.css lacopresentes.com.br/catalog/view/theme/lexus_maxxshop/stylesheet/	0 0

GET		colorbox.css lacopresentes.com.br/catalog/view/javascript/jquery/colorbox/	0 0

GET		jquery-ui-1.8.16.custom.css lacopresentes.com.br/catalog/view/javascript/jquery/ui/themes/ui-lightness/	0 0

GET		laco_new.css lacopresentes.com.br/catalog/view/theme/lexus_maxxshop/stylesheet/customize/	0 0

GET		animation.css lacopresentes.com.br/catalog/view/theme/lexus_maxxshop/stylesheet/	0 0

GET		pavshipping.css lacopresentes.com.br/catalog/view/theme/lexus_maxxshop/stylesheet/	0 0

GET		font-awesome.min.css lacopresentes.com.br/catalog/view/theme/lexus_maxxshop/stylesheet/	0 0

GET		style.css lacopresentes.com.br/catalog/view/theme/lexus_maxxshop/stylesheet/pavmegamenu/	0 0

GET		pavautosearch.css lacopresentes.com.br/catalog/view/theme/lexus_maxxshop/stylesheet/	0 0

GET		jquery-1.7.1.min.js lacopresentes.com.br/catalog/view/javascript/jquery/	0 0

GET		jquery-ui-1.8.16.custom.min.js lacopresentes.com.br/catalog/view/javascript/jquery/ui/	0 0

GET		jquery.cookie.js lacopresentes.com.br/catalog/view/javascript/jquery/ui/external/	0 0

GET		common.js lacopresentes.com.br/catalog/view/javascript/	0 0

GET		common.js lacopresentes.com.br/catalog/view/theme/lexus_maxxshop/javascript/	0 0

GET		bootstrap.min.js lacopresentes.com.br/catalog/view/javascript/jquery/bootstrap/	0 0

GET		jquery.parallax-1.1.3.js lacopresentes.com.br/catalog/view/javascript/parallax/	0 0

GET		jquery.colorbox-min.js lacopresentes.com.br/catalog/view/javascript/jquery/colorbox/	0 0

GET		jquery.jcarousel.min.js lacopresentes.com.br/catalog/view/javascript/jquery/	0 0

GET		analytics.js www.google-analytics.com/	0 0

GET		jquery.min.js ajax.googleapis.com/ajax/libs/jquery/1.11.1/	0 0

GET S	200	easyXDM.js Show response assets.pagar.me/checkout//	17 KB 0	6ms 6ms	Script application/javascript	151.101.129.63 Fastly
General Check archive.org Show headers Download Go to Full URL https://assets.pagar.me/checkout//easyXDM.js Requested by Host: assets.pagar.me URL: https://assets.pagar.me/checkout/checkout.js Protocol SPDY Server 151.101.129.63 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software nginx / Resource Hash `f73596ad8cf45ce4a6c81cb489728d0673fb509eee7d71699d93a432e4c99af5` Request headers Referer https://lacopresentes.com.br/Foauth/client4/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Wed, 10 Jan 2018 18:43:02 GMT content-encoding gzip age 2872 x-cache HIT, HIT status 200 content-length 6379 x-served-by cache-sea1036-SEA, cache-hhn1527-HHN access-control-allow-origin * last-modified Mon, 08 Jan 2018 11:45:51 GMT server nginx etag "5a5359ef-45ca" vary Accept-Encoding access-control-allow-methods GET,HEAD,OPTIONS content-type application/javascript via 1.1 varnish, 1.1 varnish fastly-debug-digest f05c3293d993cc75f3606bf9c05c86ebb907189e4b2060813af434b0648465e6 accept-ranges bytes x-cache-hits 10, 1
GET		jquery.colorbox.js lacopresentes.com.br/catalog/view/javascript/jquery/colorbox/	0 0

GET		colorbox.css lacopresentes.com.br/catalog/view/javascript/jquery/colorbox/	0 0

GET		jquery.colorbox-min.js lacopresentes.com.br/catalog/view/javascript/jquery/colorbox/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: lacopresentes.com.br
URL: http://lacopresentes.com.br/catalog/view/theme/lexus_maxxshop/stylesheet/bootstrap.css

Domain: lacopresentes.com.br
URL: http://lacopresentes.com.br/catalog/view/theme/lexus_maxxshop/stylesheet/stylesheet.css

Domain: lacopresentes.com.br
URL: http://lacopresentes.com.br/catalog/view/theme/lexus_maxxshop/stylesheet/font.css

Domain: lacopresentes.com.br
URL: http://lacopresentes.com.br/catalog/view/javascript/jquery/colorbox/colorbox.css

Domain: lacopresentes.com.br
URL: http://lacopresentes.com.br/catalog/view/javascript/jquery/ui/themes/ui-lightness/jquery-ui-1.8.16.custom.css

Domain: lacopresentes.com.br
URL: http://lacopresentes.com.br/catalog/view/theme/lexus_maxxshop/stylesheet/customize/laco_new.css

Domain: lacopresentes.com.br
URL: http://lacopresentes.com.br/catalog/view/theme/lexus_maxxshop/stylesheet/animation.css

Domain: lacopresentes.com.br
URL: http://lacopresentes.com.br/catalog/view/theme/lexus_maxxshop/stylesheet/pavshipping.css

Domain: lacopresentes.com.br
URL: http://lacopresentes.com.br/catalog/view/theme/lexus_maxxshop/stylesheet/font-awesome.min.css

Domain: lacopresentes.com.br
URL: http://lacopresentes.com.br/catalog/view/theme/lexus_maxxshop/stylesheet/pavmegamenu/style.css

Domain: lacopresentes.com.br
URL: http://lacopresentes.com.br/catalog/view/theme/lexus_maxxshop/stylesheet/pavautosearch.css

Domain: lacopresentes.com.br
URL: http://lacopresentes.com.br/catalog/view/javascript/jquery/jquery-1.7.1.min.js

Domain: lacopresentes.com.br
URL: http://lacopresentes.com.br/catalog/view/javascript/jquery/ui/jquery-ui-1.8.16.custom.min.js

Domain: lacopresentes.com.br
URL: http://lacopresentes.com.br/catalog/view/javascript/jquery/ui/external/jquery.cookie.js

Domain: lacopresentes.com.br
URL: http://lacopresentes.com.br/catalog/view/javascript/common.js

Domain: lacopresentes.com.br
URL: http://lacopresentes.com.br/catalog/view/theme/lexus_maxxshop/javascript/common.js

Domain: lacopresentes.com.br
URL: http://lacopresentes.com.br/catalog/view/javascript/jquery/bootstrap/bootstrap.min.js

Domain: lacopresentes.com.br
URL: http://lacopresentes.com.br/catalog/view/javascript/parallax/jquery.parallax-1.1.3.js

Domain: lacopresentes.com.br
URL: http://lacopresentes.com.br/catalog/view/javascript/jquery/colorbox/jquery.colorbox-min.js

Domain: lacopresentes.com.br
URL: http://lacopresentes.com.br/catalog/view/javascript/jquery/jquery.jcarousel.min.js

Domain: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Domain: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Domain: lacopresentes.com.br
URL: http://lacopresentes.com.br/catalog/view/javascript/jquery/colorbox/jquery.colorbox.js

Domain: lacopresentes.com.br
URL: http://lacopresentes.com.br/catalog/view/javascript/jquery/colorbox/colorbox.css

Domain: lacopresentes.com.br
URL: http://lacopresentes.com.br/catalog/view/javascript/jquery/colorbox/jquery.colorbox-min.js

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onafterprint object| onbeforeprint string| GoogleAnalyticsObject function| ga object| PagarMe object| KJUR object| Hex object| Base64 function| ASN1 function| createTransport object| PagarMeCheckout boolean| PagarMeCheckoutLoadedRetail undefined| resizeTimer function| resizeColorBox object| easyXDM

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.lacopresentes.com.br/	1970-01-18 13:43:21	Name: currency Value: BRL
			.lacopresentes.com.br/	1970-01-18 13:43:21	Name: language Value: pt-br
			lacopresentes.com.br/	1970-01-01 00:00:00	Name: PHPSESSID Value: q8c6s9g4l6afbvqfrqj5i4vru5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets.pagar.me
cremmassage.com
lacopresentes.com.br
ocul.in
www.google-analytics.com
ajax.googleapis.com
lacopresentes.com.br
www.google-analytics.com
151.101.129.63
158.69.255.13
2400:cb00:2048:1::6818:73e6
31.31.196.135
076edc0e80203c6c81fa8734d60a9b61dc65949941eceedc27ea22e61df6c7c9
663b7048ceddbfb31a29a408188837d8c462138e97db8ba633fa0319d223e7be
88f12410d957fc37db81b965be555f01113f8b9b521774c5bf78ac6e96f6f384
c419afab3dc7388214dac50b07f37f61cdcf5f2973e9838c64b9e3d1eae44ad6
d2bf7a7428630e78ae0ea9b8854a0a931ac3d3ea74b8a3fb0c4a12783e67642b
f73596ad8cf45ce4a6c81cb489728d0673fb509eee7d71699d93a432e4c99af5