www.citi.consultorfinancas.com.br
Open in
urlscan Pro
108.167.132.147
Public Scan
URL:
https://www.citi.consultorfinancas.com.br/
Submission: On June 17 via automatic, source certstream-suspicious
Submission: On June 17 via automatic, source certstream-suspicious
Summary
This website contacted 7 IPs
in 3 countries
across 7 domains to perform 29 HTTP transactions.
The main IP is 108.167.132.147, located in
Houston, United States and
belongs to UNIFIEDLAYER-AS-1, US.
The main domain is www.citi.consultorfinancas.com.br.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 17th 2020. Valid for: 3 months.
This is the only time www.citi.consultorfinancas.com.br was scanned on urlscan.io!
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 17th 2020. Valid for: 3 months.
This is the only time www.citi.consultorfinancas.com.br was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 21 | 108.167.132.147 108.167.132.147 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:802::200a | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:80b::2004 | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:809::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 1 1 | 148.251.235.172 148.251.235.172 | 24940 (HETZNER-AS) (HETZNER-AS) | |
| 1 | 95.216.228.15 95.216.228.15 | 24940 (HETZNER-AS) (HETZNER-AS) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:820::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 78.46.57.120 78.46.57.120 | 24940 (HETZNER-AS) (HETZNER-AS) | |
| 29 | 7 |
21
108.167.132.147
(Houston, United States)
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 108-167-132-147.unifiedlayer.com
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 108-167-132-147.unifiedlayer.com
| www.citi.consultorfinancas.com.br | |
| www.saopaulohost.com.br |
1
148.251.235.172
(Germany)
ASN24940 (HETZNER-AS, DE)
PTR: static.172.235.251.148.clients.your-server.de
ASN24940 (HETZNER-AS, DE)
PTR: static.172.235.251.148.clients.your-server.de
| static.whatshelp.io |
1
95.216.228.15
(Finland)
ASN24940 (HETZNER-AS, DE)
PTR: static.15.228.216.95.clients.your-server.de
ASN24940 (HETZNER-AS, DE)
PTR: static.15.228.216.95.clients.your-server.de
| static.getbutton.io |
1
78.46.57.120
(Nuremberg, Germany)
ASN24940 (HETZNER-AS, DE)
PTR: static.120.57.46.78.clients.your-server.de
ASN24940 (HETZNER-AS, DE)
PTR: static.120.57.46.78.clients.your-server.de
| widget.getbutton.io |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 20 |
consultorfinancas.com.br
www.citi.consultorfinancas.com.br |
220 KB |
| 3 |
gstatic.com
fonts.gstatic.com www.gstatic.com |
142 KB |
| 2 |
getbutton.io
static.getbutton.io widget.getbutton.io |
7 KB |
| 2 |
googleapis.com
fonts.googleapis.com |
2 KB |
| 1 |
saopaulohost.com.br
www.saopaulohost.com.br |
46 KB |
| 1 |
whatshelp.io
1 redirects
static.whatshelp.io |
231 B |
| 1 |
google.com
www.google.com |
532 B |
| 29 | 7 |
| Domain | Requested by | |
|---|---|---|
| 20 | www.citi.consultorfinancas.com.br |
www.citi.consultorfinancas.com.br
|
| 2 | fonts.gstatic.com |
www.citi.consultorfinancas.com.br
|
| 2 | fonts.googleapis.com |
www.citi.consultorfinancas.com.br
|
| 1 | widget.getbutton.io |
static.getbutton.io
|
| 1 | www.gstatic.com |
www.google.com
|
| 1 | www.saopaulohost.com.br |
www.citi.consultorfinancas.com.br
|
| 1 | static.getbutton.io |
www.citi.consultorfinancas.com.br
|
| 1 | static.whatshelp.io | 1 redirects |
| 1 | www.google.com |
www.citi.consultorfinancas.com.br
|
| 29 | 9 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| citi.consultorfinancas.com.br Sectigo RSA Domain Validation Secure Server CA |
2020-06-17 - 2020-09-15 |
3 months | crt.sh |
| upload.video.google.com GTS CA 1O1 |
2020-05-26 - 2020-08-18 |
3 months | crt.sh |
| www.google.com GTS CA 1O1 |
2020-05-26 - 2020-08-18 |
3 months | crt.sh |
| *.gstatic.com GTS CA 1O1 |
2020-05-26 - 2020-08-18 |
3 months | crt.sh |
| *.getbutton.io Sectigo RSA Domain Validation Secure Server CA |
2019-09-26 - 2021-09-23 |
2 years | crt.sh |
| webdisk.saopaulohost.com.br Let's Encrypt Authority X3 |
2020-05-23 - 2020-08-21 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.citi.consultorfinancas.com.br/
Frame ID: 6600D48A859646D347D3ED79B41A5AA4
Requests: 28 HTTP requests in this frame
Frame:
https://widget.getbutton.io/widget/wSendButton?whatsapp=%2B5511985669585&company_logo_url=%2F%2Fstatic.whatshelp.io%2Fimg%2Fflag.png&greeting_message=Ol%C3%A1%2C%20como%20podemos%20te%20ajudar%3F&call_to_action=Entre%20em%20contato&position=right&ga=false&branding=true&mobile=true&desktop=true&shift_vertical=0&shift_horizontal=0&domain=null&key=null&button_color=%23ff6550&parentWrapperId=wh-widget-send-button&clientHostname=www.citi.consultorfinancas.com.br&showHelloPopup=1&isMobile=0
Frame ID: A8522C18C4E9CE31463F2491CE94A400
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Joomla
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- meta generator /Joomla!(?: ([\d.]+))?/i
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- meta generator /Joomla!(?: ([\d.]+))?/i
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
- script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Apache
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
- script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
jQuery Migrate
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
reCAPTCHA
(Captchas)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/recaptcha\/api\.js/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 24- https://static.whatshelp.io/widget-send-button/js/init.js HTTP 301
- https://static.getbutton.io/widget-send-button/js/init.js
29 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
www.citi.consultorfinancas.com.br/ |
17 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
10 KB 893 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.css
www.citi.consultorfinancas.com.br/templates/cibrastec/local/css/themes/cibrastec/ |
115 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
system.css
www.citi.consultorfinancas.com.br/templates/system/css/ |
894 B 476 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
template.css
www.citi.consultorfinancas.com.br/templates/cibrastec/local/css/themes/cibrastec/ |
52 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
megamenu.css
www.citi.consultorfinancas.com.br/templates/cibrastec/local/css/themes/cibrastec/ |
14 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font-awesome.min.css
www.citi.consultorfinancas.com.br/templates/cibrastec/fonts/font-awesome/css/ |
26 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
2 KB 647 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
custom.css
www.citi.consultorfinancas.com.br/templates/cibrastec/local/css/themes/cibrastec/ |
13 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
www.citi.consultorfinancas.com.br/media/jui/js/ |
95 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-noconflict.js
www.citi.consultorfinancas.com.br/media/jui/js/ |
21 B 67 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-migrate.min.js
www.citi.consultorfinancas.com.br/media/jui/js/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
caption.js
www.citi.consultorfinancas.com.br/media/system/js/ |
491 B 368 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.js
www.citi.consultorfinancas.com.br/plugins/system/t3/base-bs3/bootstrap/js/ |
70 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
core.js
www.citi.consultorfinancas.com.br/media/system/js/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.tap.min.js
www.citi.consultorfinancas.com.br/plugins/system/t3/base-bs3/js/ |
2 KB 931 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
script.js
www.citi.consultorfinancas.com.br/plugins/system/t3/base-bs3/js/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
menu.js
www.citi.consultorfinancas.com.br/plugins/system/t3/base-bs3/js/ |
17 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
nav-collapse.js
www.citi.consultorfinancas.com.br/plugins/system/t3/base-bs3/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo.png
www.citi.consultorfinancas.com.br/images/tema/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
api.js
www.google.com/recaptcha/ |
674 B 532 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
system.css
www.citi.consultorfinancas.com.br/media/system/css/ |
1 KB 604 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fontawesome-webfont.woff2
www.citi.consultorfinancas.com.br/templates/cibrastec/fonts/font-awesome/fonts/ |
65 KB 66 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
init.js
static.getbutton.io/widget-send-button/js/ Redirect Chain
|
23 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
casal-consultor-financeiro.jpg
www.saopaulohost.com.br/emprestimo/images/tema/ |
46 KB 46 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/oqtdXEs9TE9ZUAIhXNz5JBt_/ |
316 KB 124 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wSendButton
widget.getbutton.io/widget/ Frame A852 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
36 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate undefined| $ function| jQuery function| JCaption object| jQuery1124042505882705930076 object| Joomla function| writeDynaList function| changeDynaList function| radioGetCheckedValue function| getSelectedValue function| listItemTask function| submitbutton function| submitform function| saveorder function| checkAll_button object| match undefined| msViewportStyle object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| recaptcha function| Cookie function| WidgetDetect function| WidgetDOM function| WidgetHelper function| WidgetElement function| WhWidgetSendButton function| WidgetInitializer function| WidgetSendButtonBase function| ParentWindowHelper function| WidgetSize function| Animates function| AnimationControl function| StateMashine function| WidgetSendButtonContainer2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| www.citi.consultorfinancas.com.br/ | Name: wh-widget-cookie Value: 1 |
|
| www.citi.consultorfinancas.com.br/ | Name: bdae3b5192563a65fe3f28fc1cd2702c Value: 600bbb0284cef312e87a2115ac8e6284 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
static.getbutton.io
static.whatshelp.io
widget.getbutton.io
www.citi.consultorfinancas.com.br
www.google.com
www.gstatic.com
www.saopaulohost.com.br
108.167.132.147
148.251.235.172
2a00:1450:4001:802::200a
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:820::2003
78.46.57.120
95.216.228.15
00d669bd29568afa1fc74f1f35a9f8074121c8ac51787fd14f59127c319d3158
05d31c760df3e6f0c64e3da1cd299e5f73df51c974c6528a60d0685859bbc1ba
1262f412b65c8556101d256ab8b47e8e3d958826d190b3d2613b5bc3ebf8c2e2
20f7c83ab9dfdc1e88f4c3fafc0712492200ab738fb30660526bad9dcb7282dc
2bc4ac76f796d779cc0c9ab437db38e3f5345058365832d0b05e36b1e912184d
3f492ef8c75e516e37d280720bb37973f7130e11ddb8797213bf9d0745f293a2
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6
5c06b6329970d1560039f39c4935a041d96fcf0f877b47951d8ece559a1b4dc6
62cc99e7050753970bee86efdab0cb3218189883c26dbc8c5b8e979eecc5f64a
6ba0b9e7dbad738fb12d927140c7277d502876479e43db3738458c4809ab0ae7
74d9d3186b20220e67fce1ebc76462264e4ab42d1c341e730759cc13a4a9818e
8445d7b877f3e2592d59e30a185e6551d513350aac95d38773285f4444a1600e
8bb67a2fa34f9ad3f034eff9554d68f3c3ad97fce572d0d7c7894799d258ec11
932d52e75ebfeb39b93dc591a8308fec9c80c2b5b58dd1741837d4e3c0e53283
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a78e30adc0f491eb7917ed7a04c472151c7064c3fa7230009cf2abc19468b9e7
a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405
d4e7e7d75eab969ed73fc79795f8ded03429e77627f1d13c99cbc2bc70648ff0
d4e9c904a21de1accf33b0b98b58c9ce48973b9783a8a96accd79dc5eeaeb4a5
d63bcc4ca350ed82640df1e956817f9c6c8654745364a25fd7dfb208e3d01e4e
dd611894faf7f4affaf5d1428d8156d2804bd866ab122f1ad2bb11515112d9a8
ea318ad328660ec1cab7ecc69d7490d68cf8374355ab74a3188e5105d42079ce
edc51565bcc1c2d1a6939935cd20dba24328f9f4c2dc305b4009367393c1b99a
ee43222bc3a3d6c1cab5dc4115bd2a3c2b348f4b4e448283e0eaca84de6763d6
fd0d58e6f57b2a789f6ae1ab3251935a5e61ce010894f6db285bdf93a2037568
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995