urlscan.io logo urlscan.io
SecurityTrails logo

pra-mi.com Open in urlscan Pro
192.124.249.112  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://michiganltc.com/
Effective URL: https://pra-mi.com/
Submission: On July 17 via api from US — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 20 HTTP transactions. The main IP is 192.124.249.112, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is pra-mi.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 9th 2024. Valid for: a year.
This is the only time pra-mi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 15.197.225.128 16509 (AMAZON-02)
16 192.124.249.112 30148 (SUCURI-SEC)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2a03:2880:f17... 32934 (FACEBOOK)
20 3
Apex Domain
Subdomains		 Transfer
16 pra-mi.com
pra-mi.com
102 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
89 KB
1 michiganltc.com
michiganltc.com
306 B
20 4
Domain Requested by
16 pra-mi.com pra-mi.com
2 www.facebook.com connect.facebook.net
2 connect.facebook.net pra-mi.com
connect.facebook.net
1 michiganltc.com 1 redirects
20 4

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.caprxprogram.com
Subject Issuer Validity Valid
pra-mi.com
Go Daddy Secure Certificate Authority - G2		 2024-04-09 -
2025-04-09		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-26 -
2024-07-25		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://pra-mi.com/
Frame ID: 8EAEB32FA135F98C0BF6D632DC1FF21D
Requests: 19 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like_box.php?app_id=176927945718375&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9f41f60ba6cd68e8%26domain%3Dpra-mi.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpra-mi.com%252Ff976fc963d44237ee%26relation%3Dparent.parent&container_width=380&header=false&height=80&href=http%3A%2F%2Fwww.facebook.com%2Fpramichigan&locale=en_US&sdk=joey&show_faces=false&stream=false&width=292
Frame ID: 1A79687F768D6D50F49C04B930046DFD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Professional Resource Alliance of Greater Michigan ~ Resources You Can Trust

Page URL History Show full URLs

  1. https://michiganltc.com/ HTTP 301
    http://pra-mi.com/ HTTP 307
    https://pra-mi.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

20
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

191 kB
Transfer

404 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://michiganltc.com/ HTTP 301
    http://pra-mi.com/ HTTP 307
    https://pra-mi.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pra-mi.com/
Redirect Chain
  • https://michiganltc.com/
  • http://pra-mi.com/
  • https://pra-mi.com/
8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pra-mi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.112 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10112.sucuri.net
Software
nginx /
Resource Hash
6ed89d1097293c624209eca7ebe24570dff738de4a0c34bf969909c5f3c52244

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
8336
content-type
text/html
date
Wed, 17 Jul 2024 18:34:37 GMT
etag
"43ebbd18d7d61:0"
last-modified
Tue, 31 Mar 2020 18:54:33 GMT
server
nginx
x-powered-by-plesk
PleskWin
x-sucuri-cache
REVALIDATED
x-sucuri-id
13012

Redirect headers

Location
https://pra-mi.com/
Non-Authoritative-Reason
HttpsUpgrades
pra-style.css
pra-mi.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pra-mi.com/pra-style.css
Requested by
Host: pra-mi.com
URL: https://pra-mi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.112 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10112.sucuri.net
Software
nginx /
Resource Hash
dc166b5264c902792afb06b5ba31fd0d98826c7b2853dfd293d3f6e20885de8d

Request headers

Referer
https://pra-mi.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Wed, 17 Jul 2024 18:34:37 GMT
content-encoding
br
last-modified
Tue, 31 Mar 2020 18:54:33 GMT
server
nginx
etag
"74391ad18d7d61:0"
vary
Accept-Encoding
content-type
text/css
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
13012
accept-ranges
bytes
content-length
908
expires
Thu, 31 Dec 2037 23:55:55 GMT
free-drug-relief.gif
pra-mi.com/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pra-mi.com/images/free-drug-relief.gif
Requested by
Host: pra-mi.com
URL: https://pra-mi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.112 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10112.sucuri.net
Software
nginx /
Resource Hash
05a487b2d6cb7e2ef087bef0cce8dcd84e107f396292c56c487b796e66e09407

Request headers

Referer
https://pra-mi.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Wed, 17 Jul 2024 18:34:37 GMT
last-modified
Tue, 31 Mar 2020 18:54:34 GMT
server
nginx
etag
"4617aed18d7d61:0"
content-type
image/gif
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
13012
accept-ranges
bytes
content-length
4228
expires
Thu, 31 Dec 2037 23:55:55 GMT
pralogomain.gif
pra-mi.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pra-mi.com/pralogomain.gif
Requested by
Host: pra-mi.com
URL: https://pra-mi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.112 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10112.sucuri.net
Software
nginx /
Resource Hash
357f234e96efb5d2ddc999dadf30cc4434d7df6e56202d3454eb5c86add17f39

Request headers

Referer
https://pra-mi.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Wed, 17 Jul 2024 18:34:37 GMT
last-modified
Tue, 31 Mar 2020 18:54:33 GMT
server
nginx
etag
"74391ad18d7d61:0"
content-type
image/gif
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
13012
accept-ranges
bytes
content-length
5827
expires
Thu, 31 Dec 2037 23:55:55 GMT
mainpic2.jpg
pra-mi.com/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pra-mi.com/mainpic2.jpg
Requested by
Host: pra-mi.com
URL: https://pra-mi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.112 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10112.sucuri.net
Software
nginx /
Resource Hash
22ab69bcc394f7432ef84b88402789600b48ca60a33db3c98c3a235cac16b6ca

Request headers

Referer
https://pra-mi.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Wed, 17 Jul 2024 18:34:37 GMT
last-modified
Tue, 31 Mar 2020 18:54:33 GMT
server
nginx
etag
"bd7415d18d7d61:0"
content-type
image/jpeg
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
13012
accept-ranges
bytes
content-length
5028
expires
Thu, 31 Dec 2037 23:55:55 GMT
mainpic3.jpg
pra-mi.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pra-mi.com/mainpic3.jpg
Requested by
Host: pra-mi.com
URL: https://pra-mi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.112 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10112.sucuri.net
Software
nginx /
Resource Hash
d3cb1d2bb15a60225d11cb8ab03c080b9007d9f9c421d8780cae5fdce4b09ffc

Request headers

Referer
https://pra-mi.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Wed, 17 Jul 2024 18:34:38 GMT
last-modified
Tue, 31 Mar 2020 18:54:33 GMT
server
nginx
etag
"bd7415d18d7d61:0"
content-type
image/jpeg
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
13012
accept-ranges
bytes
content-length
6367
expires
Thu, 31 Dec 2037 23:55:55 GMT
mainpic4.jpg
pra-mi.com/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pra-mi.com/mainpic4.jpg
Requested by
Host: pra-mi.com
URL: https://pra-mi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.112 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10112.sucuri.net
Software
nginx /
Resource Hash
afd4238e78d68a32c22a8b6d62a8cf7d0980f00a870156c3adea92cf7a58b4fc

Request headers

Referer
https://pra-mi.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Wed, 17 Jul 2024 18:34:38 GMT
last-modified
Tue, 31 Mar 2020 18:54:33 GMT
server
nginx
etag
"bd7415d18d7d61:0"
content-type
image/jpeg
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
13012
accept-ranges
bytes
content-length
7969
expires
Thu, 31 Dec 2037 23:55:55 GMT
mainpic5.jpg
pra-mi.com/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pra-mi.com/mainpic5.jpg
Requested by
Host: pra-mi.com
URL: https://pra-mi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.112 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10112.sucuri.net
Software
nginx /
Resource Hash
6eaf4a7a350004e656e6101d58aa1dc8cdfb77cef916c34c4cd1aaa62a94a75f

Request headers

Referer
https://pra-mi.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Wed, 17 Jul 2024 18:34:38 GMT
last-modified
Tue, 31 Mar 2020 18:54:33 GMT
server
nginx
etag
"24d717d18d7d61:0"
content-type
image/jpeg
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
13012
accept-ranges
bytes
content-length
5549
expires
Thu, 31 Dec 2037 23:55:55 GMT
mainpic6.jpg
pra-mi.com/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pra-mi.com/mainpic6.jpg
Requested by
Host: pra-mi.com
URL: https://pra-mi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.112 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10112.sucuri.net
Software
nginx /
Resource Hash
b03610b348245d20f1fcb7658a7c18b0cc5d94109e04e05048deb3fc0cac3914

Request headers

Referer
https://pra-mi.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Wed, 17 Jul 2024 18:34:38 GMT
last-modified
Tue, 31 Mar 2020 18:54:33 GMT
server
nginx
etag
"24d717d18d7d61:0"
content-type
image/jpeg
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
13012
accept-ranges
bytes
content-length
8213
expires
Thu, 31 Dec 2037 23:55:55 GMT
mainpic7.jpg
pra-mi.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pra-mi.com/mainpic7.jpg
Requested by
Host: pra-mi.com
URL: https://pra-mi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.112 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10112.sucuri.net
Software
nginx /
Resource Hash
3f209f17d2c9fbeef47ec88dcc5b4a418669cfe51dda0d0b681f2f410f7fab30

Request headers

Referer
https://pra-mi.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Wed, 17 Jul 2024 18:34:38 GMT
last-modified
Tue, 31 Mar 2020 18:54:33 GMT
server
nginx
etag
"74391ad18d7d61:0"
content-type
image/jpeg
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
13012
accept-ranges
bytes
content-length
6263
expires
Thu, 31 Dec 2037 23:55:55 GMT
cap-drug-card-big.gif
pra-mi.com/images/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pra-mi.com/images/cap-drug-card-big.gif
Requested by
Host: pra-mi.com
URL: https://pra-mi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.112 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10112.sucuri.net
Software
nginx /
Resource Hash
e763f25506cf20cea152851c7b1ff4bb2bbb8b79adfde74568b08c8f4c8fced2

Request headers

Referer
https://pra-mi.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Wed, 17 Jul 2024 18:34:38 GMT
last-modified
Tue, 31 Mar 2020 18:54:34 GMT
server
nginx
etag
"e76f91d18d7d61:0"
content-type
image/gif
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
13012
accept-ranges
bytes
content-length
23688
expires
Thu, 31 Dec 2037 23:55:55 GMT
facebook_square.jpg
pra-mi.com/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pra-mi.com/images/facebook_square.jpg
Requested by
Host: pra-mi.com
URL: https://pra-mi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.112 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10112.sucuri.net
Software
nginx /
Resource Hash
41c66c695906d723d8d19ac695759cab21e50d1d604e74330e68ba9f08d1101a

Request headers

Referer
https://pra-mi.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Wed, 17 Jul 2024 18:34:38 GMT
last-modified
Tue, 31 Mar 2020 18:54:34 GMT
server
nginx
etag
"2fe5a6d18d7d61:0"
content-type
image/jpeg
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
13012
accept-ranges
bytes
content-length
3558
expires
Thu, 31 Dec 2037 23:55:55 GMT
linkedin.gif
pra-mi.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pra-mi.com/images/linkedin.gif
Requested by
Host: pra-mi.com
URL: https://pra-mi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.112 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10112.sucuri.net
Software
nginx /
Resource Hash
68a4a30adf9f2664b6094aa9b445b31ae616540f550e23e0010cfdd2734650e1

Request headers

Referer
https://pra-mi.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Wed, 17 Jul 2024 18:34:38 GMT
last-modified
Tue, 31 Mar 2020 18:54:34 GMT
server
nginx
etag
"9e6eb0d18d7d61:0"
content-type
image/gif
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
13012
accept-ranges
bytes
content-length
2754
expires
Thu, 31 Dec 2037 23:55:55 GMT
twitter.jpg
pra-mi.com/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pra-mi.com/images/twitter.jpg
Requested by
Host: pra-mi.com
URL: https://pra-mi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.112 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10112.sucuri.net
Software
nginx /
Resource Hash
01d2a608cc4d95862348f1fd0a86539787c2b0605686e4bd05b4af5c7c5ff172

Request headers

Referer
https://pra-mi.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Wed, 17 Jul 2024 18:34:38 GMT
last-modified
Tue, 31 Mar 2020 18:54:34 GMT
server
nginx
etag
"ad95b7d18d7d61:0"
content-type
image/jpeg
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
13012
accept-ranges
bytes
content-length
3583
expires
Thu, 31 Dec 2037 23:55:55 GMT
blog.png
pra-mi.com/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pra-mi.com/images/blog.png
Requested by
Host: pra-mi.com
URL: https://pra-mi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.112 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10112.sucuri.net
Software
nginx /
Resource Hash
7f92c0f51d6173ac78f8032b4342763e655a1f53c9d59d9def1658103b090c7d

Request headers

Referer
https://pra-mi.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Wed, 17 Jul 2024 18:34:38 GMT
last-modified
Tue, 31 Mar 2020 18:54:34 GMT
server
nginx
etag
"1b8485d18d7d61:0"
content-type
image/png
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
13012
accept-ranges
bytes
content-length
6827
expires
Thu, 31 Dec 2037 23:55:55 GMT
all.js
connect.facebook.net/en_US/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: pra-mi.com
URL: https://pra-mi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
063ca91efb489b7cda6437474e75b794cd2d4d1dd8123dd1fb13cca125c92060
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://pra-mi.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 17 Jul 2024 18:34:38 GMT
content-md5
YmLSWLkdUNR9rq61UANi9g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1689
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=15, rtx=0, c=13, mss=1392, tbw=2780, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
PvJecVnzBw7GVkrg91KVN5iqHp6JnfMqI9QOO7dV8kMl9PyGBr8cb3gL77PdGQ5Yhg9N5JJORpIVSBW+9nxxng==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
417607453451c14b57fd6199f45b8f72
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"c44e92a3402aab5a94f15974f63390af"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Wed, 17 Jul 2024 18:46:50 GMT
all.js
connect.facebook.net/en_US/ 		301 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=b62da1529bdcb0fbd081fe89790848c3
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d458301206da546389e9785c7e88ad06115a5e0809a2e1306eb591210e98a3f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://pra-mi.com/
Origin
https://pra-mi.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 17 Jul 2024 18:34:38 GMT
content-md5
MPGWCDoUFW1C4h8BIktmUQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87066
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=66, rtx=0, c=23, mss=1232, tbw=5560, tp=10, tpl=0, uplat=0, ullat=-1
x-fb-debug
qQSGStTuzVuKHP1lsyZSppwtU68b+osD9VEoXmzJGm52Z/zXGjaIxp1Erb6PkjNrmnHNypzMOjKJDR+pNWTPgQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
4ac2acff458ca30e420703020c919832
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"e3ccd558faf227c1865a122edd9d768b"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Thu, 17 Jul 2025 17:48:06 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=176927945718375&input_token&origin=1&redirect_uri=https%3A%2F%2Fpra-mi.com%2F&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=b62da1529bdcb0fbd081fe89790848c3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pra-mi.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Wed, 17 Jul 2024 18:34:38 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
reporting-endpoints
coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7392674998983132916", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=1, c=1, mss=1392, tbw=2771, tp=-1, tpl=-1, uplat=32, ullat=0
pragma
no-cache
x-fb-debug
/wQI8zZVte3FHV+OaPDJdZz1xBk3Z+ivXpAf0j3y1AtGzb5FFDVPkBSHecxiImgvc2qLZKzp4hhG3B5az9yUdQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7392674998983132916"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pra-mi.com
origin-agent-cluster
?0
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
like_box.php
www.facebook.com/plugins/ Frame 1A79 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like_box.php?app_id=176927945718375&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9f41f60ba6cd68e8%26domain%3Dpra-mi.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpra-mi.com%252Ff976fc963d44237ee%26relation%3Dparent.parent&container_width=380&header=false&height=80&href=http%3A%2F%2Fwww.facebook.com%2Fpramichigan&locale=en_US&sdk=joey&show_faces=false&stream=false&width=292
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=b62da1529bdcb0fbd081fe89790848c3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pra-mi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
unsafe-none;report-to="coop_report"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jul 2024 18:34:38 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7392674999159840179"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7392674999159840179", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1392, tbw=2772, tp=-1, tpl=-1, uplat=108, ullat=0
x-fb-debug
Zcr7aLVmHoWEg9yhVJsV4q8HambYTrjQTuaNausn72XnxO3m7+oRYFtTK5vk4IxD6na1/NM/aRcGKtKQ/XQdwA==
x-xss-protection
0
favicon.ico
pra-mi.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pra-mi.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.112 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10112.sucuri.net
Software
nginx /
Resource Hash
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

Referer
https://pra-mi.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Wed, 17 Jul 2024 18:34:39 GMT
x-sucuri-cache
MISS
x-sucuri-id
13012
server
nginx
content-length
1245
content-type
text/html

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| showMessage object| FB object| __buffer

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://pra-mi.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
michiganltc.com
pra-mi.com
www.facebook.com
15.197.225.128
192.124.249.112
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
01d2a608cc4d95862348f1fd0a86539787c2b0605686e4bd05b4af5c7c5ff172
05a487b2d6cb7e2ef087bef0cce8dcd84e107f396292c56c487b796e66e09407
063ca91efb489b7cda6437474e75b794cd2d4d1dd8123dd1fb13cca125c92060
22ab69bcc394f7432ef84b88402789600b48ca60a33db3c98c3a235cac16b6ca
357f234e96efb5d2ddc999dadf30cc4434d7df6e56202d3454eb5c86add17f39
3f209f17d2c9fbeef47ec88dcc5b4a418669cfe51dda0d0b681f2f410f7fab30
41c66c695906d723d8d19ac695759cab21e50d1d604e74330e68ba9f08d1101a
68a4a30adf9f2664b6094aa9b445b31ae616540f550e23e0010cfdd2734650e1
6eaf4a7a350004e656e6101d58aa1dc8cdfb77cef916c34c4cd1aaa62a94a75f
6ed89d1097293c624209eca7ebe24570dff738de4a0c34bf969909c5f3c52244
7f92c0f51d6173ac78f8032b4342763e655a1f53c9d59d9def1658103b090c7d
afd4238e78d68a32c22a8b6d62a8cf7d0980f00a870156c3adea92cf7a58b4fc
b03610b348245d20f1fcb7658a7c18b0cc5d94109e04e05048deb3fc0cac3914
d3cb1d2bb15a60225d11cb8ab03c080b9007d9f9c421d8780cae5fdce4b09ffc
d458301206da546389e9785c7e88ad06115a5e0809a2e1306eb591210e98a3f9
dc166b5264c902792afb06b5ba31fd0d98826c7b2853dfd293d3f6e20885de8d
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
e763f25506cf20cea152851c7b1ff4bb2bbb8b79adfde74568b08c8f4c8fced2