urlscan.io logo urlscan.io
SecurityTrails logo

infovenda.store Open in urlscan Pro
143.244.203.79  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://infovenda.store/
Effective URL: https://infovenda.store/
Submission Tags: suspect
Submission: On May 25 via api from BR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 24 HTTP transactions. The main IP is 143.244.203.79, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is infovenda.store.
TLS certificate: Issued by R3 on May 25th 2024. Valid for: 3 months.
This is the only time infovenda.store was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 143.244.203.79 14061 (DIGITALOC...)
12 24.199.82.24 14061 (DIGITALOC...)
1 138.197.230.28 14061 (DIGITALOC...)
6 2606:4700:303... 13335 (CLOUDFLAR...)
1 65.108.75.112 24940 (HETZNER-AS)
2 172.67.71.12 13335 (CLOUDFLAR...)
24 7
2    143.244.203.79 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
infovenda.store
12    24.199.82.24 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
cdn2.123tp.net
1    138.197.230.28 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
c1.cdn1tp.net
6    2606:4700:3034::6815:34e0 (United States)

ASN13335 (CLOUDFLARENET, US)
clarasiqueira.com
1    65.108.75.112 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: wtfismyip.com
ipv4.wtfismyip.com
2    172.67.71.12 (United States)

ASN13335 (CLOUDFLARENET, US)
analytics.123tapronto.com
Domain Requested by
12 cdn2.123tp.net infovenda.store
cdn2.123tp.net
6 clarasiqueira.com infovenda.store
2 analytics.123tapronto.com c1.cdn1tp.net
2 infovenda.store
1 ipv4.wtfismyip.com c1.cdn1tp.net
1 c1.cdn1tp.net infovenda.store
24 6

This site contains links to these domains. Also see Links.

Domain
go.hotmart.com
Subject Issuer Validity Valid
infovenda.store
R3		 2024-05-25 -
2024-08-23		 3 months crt.sh
cdn2.123tp.net
R3		 2024-04-24 -
2024-07-23		 3 months crt.sh
c1.cdn1tp.net
R3		 2024-04-15 -
2024-07-14		 3 months crt.sh
clarasiqueira.com
GTS CA 1P5		 2024-05-15 -
2024-08-13		 3 months crt.sh
wtfismyip.com
GTS CA 1P5		 2024-05-11 -
2024-08-09		 3 months crt.sh
123tapronto.com
GTS CA 1P5		 2024-05-12 -
2024-08-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://infovenda.store/
Frame ID: 00AA92A941EF18D58A4C1925E2F29549
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Código PEV Oficial – Clara Siqueira

Page URL History Show full URLs

  1. http://infovenda.store/ HTTP 307
    https://infovenda.store/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

24
Requests

100 %
HTTPS

17 %
IPv6

6
Domains

6
Subdomains

7
IPs

2
Countries

1672 kB
Transfer

2332 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://infovenda.store/ HTTP 307
    https://infovenda.store/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
infovenda.store/
Redirect Chain
  • http://infovenda.store/
  • https://infovenda.store/
90 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://infovenda.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.244.203.79 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3fef7599b17dd80338933304183608eeea6e97bc547ab88f7ce3632bf76ac694

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
referer
https://www.google.com

Response headers

content-encoding
gzip
content-type
text/html
date
Sat, 25 May 2024 14:46:47 GMT
etag
W/"665171a6-16714"
last-modified
Sat, 25 May 2024 05:05:42 GMT
server
nginx/1.18.0 (Ubuntu)

Redirect headers

Location
https://infovenda.store/
Non-Authoritative-Reason
HttpsUpgrades
1071e9ccd4068eca56803301668cf962.css
cdn2.123tp.net/26540789f33646e29ae64b5d68bacc3e/css/ 		417 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.123tp.net/26540789f33646e29ae64b5d68bacc3e/css/1071e9ccd4068eca56803301668cf962.css
Requested by
Host: infovenda.store
URL: https://infovenda.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
24.199.82.24 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f011c12ccf17544328140977445649490510ffe2202937c21453bb771c226be3

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sat, 25 May 2024 14:46:47 GMT
content-encoding
gzip
last-modified
Fri, 17 Nov 2023 09:00:10 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"65572b9a-d55f"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
content-length
54623
expires
Thu, 31 Dec 2037 23:55:55 GMT
post-6.css
cdn2.123tp.net/26540789f33646e29ae64b5d68bacc3e/css/ 		1 KB
605 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.123tp.net/26540789f33646e29ae64b5d68bacc3e/css/post-6.css
Requested by
Host: infovenda.store
URL: https://infovenda.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
24.199.82.24 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ef97593a5f8c40170ca830b0a50491cd23f236a52a64171b7386a2955a12f80b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sat, 25 May 2024 14:46:47 GMT
content-encoding
gzip
last-modified
Fri, 17 Nov 2023 09:00:06 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"65572b96-193"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
content-length
403
expires
Thu, 31 Dec 2037 23:55:55 GMT
global.css
cdn2.123tp.net/26540789f33646e29ae64b5d68bacc3e/css/ 		39 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.123tp.net/26540789f33646e29ae64b5d68bacc3e/css/global.css
Requested by
Host: infovenda.store
URL: https://infovenda.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
24.199.82.24 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2ea32745038fb86ac45a5012d079cbc2a88e56ce9217f1072207ca74713ef3ac

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sat, 25 May 2024 14:46:47 GMT
content-encoding
gzip
last-modified
Fri, 17 Nov 2023 09:00:08 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"65572b98-a2f"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
content-length
2607
expires
Thu, 31 Dec 2037 23:55:55 GMT
post-339.css
cdn2.123tp.net/26540789f33646e29ae64b5d68bacc3e/css/ 		35 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.123tp.net/26540789f33646e29ae64b5d68bacc3e/css/post-339.css
Requested by
Host: infovenda.store
URL: https://infovenda.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
24.199.82.24 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6341e6327fdc0566a1bf5c1a1f2206653d46f2f430c74b3a13f5119b37fd470f

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sat, 25 May 2024 14:46:47 GMT
content-encoding
gzip
last-modified
Fri, 17 Nov 2023 09:00:07 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"65572b97-c1d"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
content-length
3101
expires
Thu, 31 Dec 2037 23:55:55 GMT
css.css
cdn2.123tp.net/26540789f33646e29ae64b5d68bacc3e/css/ 		85 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.123tp.net/26540789f33646e29ae64b5d68bacc3e/css/css.css
Requested by
Host: infovenda.store
URL: https://infovenda.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
24.199.82.24 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9c4b814bcfb9e815d328db3fe1b902c17d2bbd14a5bcbb256842f3ade3e456de

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sat, 25 May 2024 14:46:47 GMT
content-encoding
gzip
last-modified
Fri, 17 Nov 2023 09:00:05 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"65572b95-756"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
content-length
1878
expires
Thu, 31 Dec 2037 23:55:55 GMT
lazyload.min.js
cdn2.123tp.net/26540789f33646e29ae64b5d68bacc3e/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.123tp.net/26540789f33646e29ae64b5d68bacc3e/js/lazyload.min.js
Requested by
Host: infovenda.store
URL: https://infovenda.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
24.199.82.24 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sat, 25 May 2024 14:46:48 GMT
content-encoding
gzip
last-modified
Fri, 17 Nov 2023 09:00:17 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"65572ba1-b05"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
content-length
2821
expires
Thu, 31 Dec 2037 23:55:55 GMT
googletagmanager.js
c1.cdn1tp.net/ghelper/ 		55 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.cdn1tp.net/ghelper/googletagmanager.js
Requested by
Host: infovenda.store
URL: https://infovenda.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
138.197.230.28 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
915d1c26e09c77b86be215d59a55cfa9f8b6a2920cbb0b0ef43bc5da4cf79edd

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sat, 25 May 2024 14:46:48 GMT
content-encoding
gzip
last-modified
Sat, 17 Feb 2024 03:30:02 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"65d0283a-47db"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
content-length
18395
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		64 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2239451a127ff206cf62b2948678d1f05aebf4e77971e7fbc5c33eb0a8a800ff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5c33473cf5260931a06b24561bda87c3a4881122590d9eb52ae43a9108e5bca8

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

Content-Type
image/svg+xml
bgnovo1.jpeg
cdn2.123tp.net/26540789f33646e29ae64b5d68bacc3e/images/ 		129 KB
129 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn2.123tp.net/26540789f33646e29ae64b5d68bacc3e/images/bgnovo1.jpeg
Requested by
Host: cdn2.123tp.net
URL: https://cdn2.123tp.net/26540789f33646e29ae64b5d68bacc3e/css/post-339.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
24.199.82.24 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
856a957d63865475b574773cb15276174e3cabe2e7953c001f48f5cf9f603040

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sat, 25 May 2024 14:46:48 GMT
last-modified
Fri, 17 Nov 2023 09:00:18 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"65572ba2-20338"
vary
Accept
content-type
image/webp
accept-ranges
bytes
content-length
131896
02.jpg
cdn2.123tp.net/26540789f33646e29ae64b5d68bacc3e/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn2.123tp.net/26540789f33646e29ae64b5d68bacc3e/images/02.jpg
Requested by
Host: cdn2.123tp.net
URL: https://cdn2.123tp.net/26540789f33646e29ae64b5d68bacc3e/css/post-339.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
24.199.82.24 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2e1c6fb1e0bb994b4e716fd3276b857becd0ca58d4bbeadea027ddd3c530d84b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sat, 25 May 2024 14:46:48 GMT
last-modified
Fri, 17 Nov 2023 09:00:18 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"65572ba2-483e"
vary
Accept
content-type
image/webp
accept-ranges
bytes
content-length
18494
05.jpg
cdn2.123tp.net/26540789f33646e29ae64b5d68bacc3e/images/ 		180 KB
180 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn2.123tp.net/26540789f33646e29ae64b5d68bacc3e/images/05.jpg
Requested by
Host: cdn2.123tp.net
URL: https://cdn2.123tp.net/26540789f33646e29ae64b5d68bacc3e/css/post-339.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
24.199.82.24 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a0291780bc976526a321916401397223b7fe6c2f354730f4e0fb5c89cddaff1d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sat, 25 May 2024 14:46:48 GMT
last-modified
Fri, 17 Nov 2023 09:00:17 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"65572ba1-2ce12"
vary
Accept
content-type
image/webp
accept-ranges
bytes
content-length
183826
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
cdn2.123tp.net/26540789f33646e29ae64b5d68bacc3e/fonts/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn2.123tp.net/26540789f33646e29ae64b5d68bacc3e/fonts/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: cdn2.123tp.net
URL: https://cdn2.123tp.net/26540789f33646e29ae64b5d68bacc3e/css/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
24.199.82.24 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Request headers

Referer
https://www.google.com
Origin
https://infovenda.store
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sat, 25 May 2024 14:46:48 GMT
last-modified
Fri, 17 Nov 2023 08:32:51 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"65572533-8144"
content-type
application/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
content-length
33092
KFOmCnqEu92Fr1Mu4mxK.woff2
cdn2.123tp.net/26540789f33646e29ae64b5d68bacc3e/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn2.123tp.net/26540789f33646e29ae64b5d68bacc3e/fonts/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: cdn2.123tp.net
URL: https://cdn2.123tp.net/26540789f33646e29ae64b5d68bacc3e/css/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
24.199.82.24 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Request headers

Referer
https://www.google.com
Origin
https://infovenda.store
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sat, 25 May 2024 14:46:48 GMT
last-modified
Fri, 17 Nov 2023 08:32:51 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"65572533-3d80"
content-type
application/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
content-length
15744
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
cdn2.123tp.net/26540789f33646e29ae64b5d68bacc3e/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn2.123tp.net/26540789f33646e29ae64b5d68bacc3e/fonts/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: cdn2.123tp.net
URL: https://cdn2.123tp.net/26540789f33646e29ae64b5d68bacc3e/css/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
24.199.82.24 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Request headers

Referer
https://www.google.com
Origin
https://infovenda.store
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sat, 25 May 2024 14:46:48 GMT
last-modified
Fri, 17 Nov 2023 08:32:51 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"65572533-3df4"
content-type
application/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
content-length
15860
CODIGO-PEV-branco.png
clarasiqueira.com/wp-content/uploads/2023/02/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clarasiqueira.com/wp-content/uploads/2023/02/CODIGO-PEV-branco.png
Requested by
Host: infovenda.store
URL: https://infovenda.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:34e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1446ef09c3479451e94feaa8f2732307e6b1c419f6517804e987e3faf1c0043d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sat, 25 May 2024 14:46:48 GMT
content-security-policy
upgrade-insecure-requests
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
14221
last-modified
Wed, 08 Feb 2023 11:04:10 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vjjQjNwdsRs0zt4pv4fTAaOWhzoDPwk5OWLDVoaQ4Yx9VKQGV4K5XV4rJqouuZOVJjOmd93saTEOEslX77kufm0pxUdVkNdTAiALFrzyzCyytDlxIzEbV8efst9U6ivUplF6aSoAXWbHppttI9LY3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=10368000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
88965127cb329737-FRA
expires
Sun, 22 Sep 2024 14:46:48 GMT
1-em-primeiro.jpeg
clarasiqueira.com/wp-content/uploads/2023/07/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clarasiqueira.com/wp-content/uploads/2023/07/1-em-primeiro.jpeg
Requested by
Host: infovenda.store
URL: https://infovenda.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:34e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81065f23f7a0e6b4aeb8a8ac11148df4f2dfcadfb581fda89c16818064f04721
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sat, 25 May 2024 14:46:48 GMT
content-security-policy
upgrade-insecure-requests
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
83732
last-modified
Mon, 24 Jul 2023 18:05:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KsreAdNypn0%2F9lrvkZqBl1uVdaomOgTwDMS0t1EMqLOKftwokpqWQLeAhVV%2F%2Bfh93YugOYh9zaIe%2BtFbs%2FSZLmhAvyNr3nkgjIZcRhrZ2ZHdJUtAFD9xZEUhFLvZW0X%2Fz7ndLfGORUuy3nbP3DmZxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=10368000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
88965127cb359737-FRA
expires
Sun, 22 Sep 2024 14:46:48 GMT
0Antes.jpg
clarasiqueira.com/wp-content/uploads/2023/07/ 		199 KB
200 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clarasiqueira.com/wp-content/uploads/2023/07/0Antes.jpg
Requested by
Host: infovenda.store
URL: https://infovenda.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:34e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c415829a090aeae942f4c1bfff3503cc155e24cc98d22c0bea770c3ade92ee01
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sat, 25 May 2024 14:46:48 GMT
content-security-policy
upgrade-insecure-requests
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
204167
last-modified
Mon, 24 Jul 2023 18:38:15 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ctfZglCrmPhDhkLTYimIy32V%2FAcwUTfxqVfkuxCaCkMuVpiRJM%2BotNAsWARaPgm3ozNj12QrX7UCQ%2FVqzaHipjQMeUoKxvEu55EIWSiKsdQmvWkcEJpxM2qJvT%2BbDiKYnNkl42vLveTomjFrYPdSww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=10368000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
88965127cb3b9737-FRA
expires
Sun, 22 Sep 2024 14:46:48 GMT
WhatsApp-Image-2023-07-24-at-12.52.30.jpeg
clarasiqueira.com/wp-content/uploads/2023/07/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clarasiqueira.com/wp-content/uploads/2023/07/WhatsApp-Image-2023-07-24-at-12.52.30.jpeg
Requested by
Host: infovenda.store
URL: https://infovenda.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:34e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d8d9b67a0700948f22abe9cfed80d02ea3da9e117cc62a8e445394f8188cf71
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sat, 25 May 2024 14:46:48 GMT
content-security-policy
upgrade-insecure-requests
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
28448
last-modified
Mon, 24 Jul 2023 18:05:45 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bJMv7X0HSTmwlb3VTu40kJ31QZlN748WfCCoIRE8rvWhzRXUUi3sCKHriA%2BnAeazPY1mSkGOTgrILtkeawNMOyUWIUBi8402tNYfmv8wWFPsphcbUYTUDFlJBRYQSXEKDLLve6VSgzQ53mmCIKHFUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=10368000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
88965127cb3d9737-FRA
expires
Sun, 22 Sep 2024 14:46:48 GMT
WhatsApp-Image-2023-07-24-at-12.50.39.jpeg
clarasiqueira.com/wp-content/uploads/2023/07/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clarasiqueira.com/wp-content/uploads/2023/07/WhatsApp-Image-2023-07-24-at-12.50.39.jpeg
Requested by
Host: infovenda.store
URL: https://infovenda.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:34e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7430f6df13fd86cccbf0ebfed11e2e0a339a796c41916e258688abf06fc4f60
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sat, 25 May 2024 14:46:48 GMT
content-security-policy
upgrade-insecure-requests
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
56255
last-modified
Mon, 24 Jul 2023 18:05:43 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YcfGPA6h%2FW%2B4FUe3uu%2Bu7au3EwC6SP8%2Bf0MXVx7%2Fi2vzpYm9EoMw%2BWhl%2FuLT83cFYC9Y3nGSKfH5zieb30%2Bj9y1NXlgn6ZapYy%2BSM3YQvJXO34N5c2S6iYEmcwJAxm0XBgLJ4k1ZKggv48Nxu6H4hA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=10368000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
88965127cb399737-FRA
expires
Sun, 22 Sep 2024 14:46:48 GMT
Mockup-1-1-857x1024.png
clarasiqueira.com/wp-content/uploads/2023/02/ 		772 KB
773 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clarasiqueira.com/wp-content/uploads/2023/02/Mockup-1-1-857x1024.png
Requested by
Host: infovenda.store
URL: https://infovenda.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:34e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76be6260120910b2ebe0cb7a75bcd92aaa9f069bc97a05f4bac0ced0bd6e2b0f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sat, 25 May 2024 14:46:48 GMT
content-security-policy
upgrade-insecure-requests
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
790455
last-modified
Wed, 08 Feb 2023 11:04:24 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aHMqO7yZFWPSjmCgUx73TagicUZ5jNE5Y8HyYWxpXb4Ap088EGZ44%2BmhezffK5s%2F7bBAS%2FKIyHQN36h1ByY%2FiYRYhlpL1LHM1AHQJNFFFb1vhg0q%2BeYnO0BIVMCADbTHX8VxvwsYYuHtwqCUAdoNtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=10368000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
88965127cb309737-FRA
expires
Sun, 22 Sep 2024 14:46:48 GMT
json
ipv4.wtfismyip.com/ 		325 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipv4.wtfismyip.com/json
Requested by
Host: c1.cdn1tp.net
URL: https://c1.cdn1tp.net/ghelper/googletagmanager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.108.75.112 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
wtfismyip.com
Software
/
Resource Hash
a396e0a1385abfd546b49f3423b84c5e21232f6d948f09fe08872741a4efbfb0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

pragma
no-cache
date
Sat, 25 May 2024 14:46:48 GMT
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-fortune
It's going to be a fucking glorious day
content-length
325
expires
0
access
analytics.123tapronto.com/ 		0
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.123tapronto.com/access
Requested by
Host: c1.cdn1tp.net
URL: https://c1.cdn1tp.net/ghelper/googletagmanager.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type
application/json;charset=UTF-8

Response headers

date
Sat, 25 May 2024 14:46:49 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
no-referrer
server
cloudflare
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rt0Lbgz4h%2Bf9k0909u2%2Fv5208CXkEJXrr52yLdmZfDTwL59molJTDAbK4202AquduvsJ2cU8n%2FLi%2BFAUiQm%2F9hQfEl2KjLrIx%2FH5XaghiKpmJS%2F5kBrTMW%2B1jfcFdzcJBxwizNOhUtiRbv4%3D"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
access-control-allow-origin
*
cf-ray
8896512e3eb35d94-FRA
access
analytics.123tapronto.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://analytics.123tapronto.com/access
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://infovenda.store
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8896512cdd3f5d94-FRA
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Sat, 25 May 2024 14:46:49 GMT
expect-ct
max-age=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WHZnxujrlfBoFhEBjGKjvsgFHb02uQxriYHV3NFLfOCS7nDoBwVVV175gqJ8YUf4UTBNSM2O%2F6xD8QIebYDPO2PvSOIM2BwZ4ELs4qGQ2xDACf1UUJYmww7xJYqAJ3GX1%2FrHRGofckwH6gI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
vary
Access-Control-Request-Headers
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
favicon.ico
infovenda.store/ 		63 KB
23 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://infovenda.store/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.244.203.79 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9f660aa52e264c987793b4ed5c368b6381c5a5cb5890579222452a7c70dd6bea

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sat, 25 May 2024 14:46:49 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
etag
W/"63b44bb3-fbe1"
content-type
text/html

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| href object| element_pack_ajax_login_config object| ElementPackConfig object| lazyLoadOptions function| lazyLoadThumb function| lazyLoadYoutubeIframe function| LazyLoad object| _0xe339 function| _0x5796 function| _0x44d1 function| _0x2f4e function| v_123_getRndInteger object| v_123_date number| v_123_randomVisitors function| v_123_updateVisitors function| v_123_replace_tag_hoje function| v_123_replace_tag_dia function| v_123_replace_tag_mes function| v_123_replace_tag_ano function| v_123_replace_tag_hoje_extenso function| v_123_replace_tag_numero function| v_123_replace_tag_visitantes function| v_123_replace_tag function| v_123_request_analytics function| v_123_request_visitor_info number| width number| height object| v123_browserInfo function| findAndReplaceDOMText

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://infovenda.store/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.123tapronto.com
c1.cdn1tp.net
cdn2.123tp.net
clarasiqueira.com
infovenda.store
ipv4.wtfismyip.com
138.197.230.28
143.244.203.79
172.67.71.12
24.199.82.24
2606:4700:3034::6815:34e0
65.108.75.112
1446ef09c3479451e94feaa8f2732307e6b1c419f6517804e987e3faf1c0043d
2239451a127ff206cf62b2948678d1f05aebf4e77971e7fbc5c33eb0a8a800ff
2e1c6fb1e0bb994b4e716fd3276b857becd0ca58d4bbeadea027ddd3c530d84b
2ea32745038fb86ac45a5012d079cbc2a88e56ce9217f1072207ca74713ef3ac
3fef7599b17dd80338933304183608eeea6e97bc547ab88f7ce3632bf76ac694
5c33473cf5260931a06b24561bda87c3a4881122590d9eb52ae43a9108e5bca8
6341e6327fdc0566a1bf5c1a1f2206653d46f2f430c74b3a13f5119b37fd470f
76be6260120910b2ebe0cb7a75bcd92aaa9f069bc97a05f4bac0ced0bd6e2b0f
81065f23f7a0e6b4aeb8a8ac11148df4f2dfcadfb581fda89c16818064f04721
856a957d63865475b574773cb15276174e3cabe2e7953c001f48f5cf9f603040
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
8d8d9b67a0700948f22abe9cfed80d02ea3da9e117cc62a8e445394f8188cf71
915d1c26e09c77b86be215d59a55cfa9f8b6a2920cbb0b0ef43bc5da4cf79edd
9c4b814bcfb9e815d328db3fe1b902c17d2bbd14a5bcbb256842f3ade3e456de
9f660aa52e264c987793b4ed5c368b6381c5a5cb5890579222452a7c70dd6bea
a0291780bc976526a321916401397223b7fe6c2f354730f4e0fb5c89cddaff1d
a396e0a1385abfd546b49f3423b84c5e21232f6d948f09fe08872741a4efbfb0
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c415829a090aeae942f4c1bfff3503cc155e24cc98d22c0bea770c3ade92ee01
c7430f6df13fd86cccbf0ebfed11e2e0a339a796c41916e258688abf06fc4f60
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef97593a5f8c40170ca830b0a50491cd23f236a52a64171b7386a2955a12f80b
f011c12ccf17544328140977445649490510ffe2202937c21453bb771c226be3
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615