177.70.116.108 Open in urlscan Pro
177.70.116.108 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://177.70.116.108/sindeprestem/wploginempresa.aspx
Submission: On July 10 via api (July 10th 2020, 1:49:02 am UTC) from TW

Summary HTTP 28 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 1 IPs in 1 countries across 0 domains to perform 28 HTTP transactions. The main IP is 177.70.116.108, located in Brazil and belongs to Mandic S.A., BR. The main domain is 177.70.116.108.

This is the only time 177.70.116.108 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
28	177.70.116.108 177.70.116.108		262545 (Mandic S.A.) (Mandic S.A.)
28	1

28 177.70.116.108 (Brazil)

ASN262545 (Mandic S.A., BR)

177.70.116.108	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	0

	Domain	Requested by
28	0

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://177.70.116.108/sindeprestem/wploginempresa.aspx
Frame ID: 19236B032DFD753C1691009DB0B211C7
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://177.70.116.108/sindeprestem/wploginempresa.aspx Page URL
http://177.70.116.108/sindeprestem/wploginempresa.aspx Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
url /\.aspx?(?:$|\?)/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

url /\.aspx?(?:$|\?)/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
url /\.aspx?(?:$|\?)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

28
Requests

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

1
IPs

1
Countries

1705 kB
Transfer

2644 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://177.70.116.108/sindeprestem/wploginempresa.aspx Page URL
http://177.70.116.108/sindeprestem/wploginempresa.aspx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Cookie set wploginempresa.aspx Show response 177.70.116.108/sindeprestem/	6 KB 2 KB	1983ms 1950ms	Document text/html	177.70.116.108 Mandic S.A.
General Check archive.org Show headers Download Go to Full URL http://177.70.116.108/sindeprestem/wploginempresa.aspx Protocol HTTP/1.1 Server 177.70.116.108 , Brazil, ASN262545 (Mandic S.A., BR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `1581606c2f3e6d0f5b72999287da8b25ea833ad206f172490ec8b861176d9b17` Request headers Host 177.70.116.108 Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Cache-Control private Pragma no-cache Content-Type text/html; charset=utf-8 Content-Encoding gzip Expires Fri, 10 Jul 2020 01:50:20 GMT Last-Modified Fri, 10 Jul 2020 01:50:20 GMT Server Microsoft-IIS/7.5 X-AspNet-Version 4.0.30319 Set-Cookie ASP.NET_SessionId=2j0cibukvsnew3s4c3trbkvo; path=/; HttpOnly; SameSite=Lax GX_SESSION_ID=KQWjTtnl6t9HzrvEpHLsjalEL2IvjdnJ7aU1z2OflvI%3d; HttpOnly X-Powered-By ASP.NET Date Fri, 10 Jul 2020 01:50:20 GMT Content-Length 1995
GET H/1.1	200 OK	bootstrap.css 177.70.116.108/sindeprestem/DVelop/Bootstrap/Shared/	110 KB 110 KB	279ms 277ms	Stylesheet text/css	177.70.116.108 Mandic S.A.
General Check archive.org Show headers Download Go to Full URL http://177.70.116.108/sindeprestem/DVelop/Bootstrap/Shared/bootstrap.css Requested by Host: 177.70.116.108 URL: http://177.70.116.108/sindeprestem/wploginempresa.aspx Protocol HTTP/1.1 Server 177.70.116.108 , Brazil, ASN262545 (Mandic S.A., BR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `308ff661a39bfac9170ef5611703ab9ab991e94eee793d7d9ccee1f58d9f3fd4` Request headers Referer http://177.70.116.108/sindeprestem/wploginempresa.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 10 Jul 2020 01:50:20 GMT Last-Modified Wed, 27 Nov 2019 13:19:41 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "8054775325a5d51:0" Content-Type text/css Cache-Control public, max-age=129600 Accept-Ranges bytes Content-Length 112500
GET H/1.1	200 OK	WorkWithPlusBootstrapTheme.css 177.70.116.108/sindeprestem/Resources/Portuguese/	100 KB 101 KB	539ms 506ms	Stylesheet text/css	177.70.116.108 Mandic S.A.
General Check archive.org Show headers Download Go to Full URL http://177.70.116.108/sindeprestem/Resources/Portuguese/WorkWithPlusBootstrapTheme.css?1165074 Requested by Host: 177.70.116.108 URL: http://177.70.116.108/sindeprestem/wploginempresa.aspx Protocol HTTP/1.1 Server 177.70.116.108 , Brazil, ASN262545 (Mandic S.A., BR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `b09dd620143bc85027e237821c95fcf8476d269484c95c4efb433ec6466df6c4` Request headers Referer http://177.70.116.108/sindeprestem/wploginempresa.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 10 Jul 2020 01:50:20 GMT Last-Modified Fri, 13 Mar 2020 14:06:50 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "62cf52a440f9d51:0" Content-Type text/css Cache-Control public, max-age=129600 Accept-Ranges bytes Content-Length 102743
GET H/1.1	200 OK	jquery.js Show response 177.70.116.108/sindeprestem/	91 KB 91 KB	511ms 477ms	Script application/x-javascript	177.70.116.108 Mandic S.A.
General Check archive.org Show headers Download Go to Full URL http://177.70.116.108/sindeprestem/jquery.js?115824 Requested by Host: 177.70.116.108 URL: http://177.70.116.108/sindeprestem/wploginempresa.aspx Protocol HTTP/1.1 Server 177.70.116.108 , Brazil, ASN262545 (Mandic S.A., BR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `d5d00ecb9c3653b408e8428d2b615f4894ba8feaaa6a54ee615da9206305af79` Request headers Referer http://177.70.116.108/sindeprestem/wploginempresa.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 10 Jul 2020 01:50:20 GMT Last-Modified Fri, 13 Mar 2020 18:09:55 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "6c5e9d9962f9d51:0" Content-Type application/x-javascript Cache-Control public, max-age=129600 Accept-Ranges bytes Content-Length 92698
GET H/1.1	200 OK	gxtimezone.js Show response 177.70.116.108/sindeprestem/	12 KB 12 KB	518ms 483ms	Script application/x-javascript	177.70.116.108 Mandic S.A.
General Check archive.org Show headers Download Go to Full URL http://177.70.116.108/sindeprestem/gxtimezone.js?115824 Requested by Host: 177.70.116.108 URL: http://177.70.116.108/sindeprestem/wploginempresa.aspx Protocol HTTP/1.1 Server 177.70.116.108 , Brazil, ASN262545 (Mandic S.A., BR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `1d434a70e375618f4c712e8852558eb33cb0d4697dfb129093dab31b0e0aa66e` Request headers Referer http://177.70.116.108/sindeprestem/wploginempresa.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 10 Jul 2020 01:50:20 GMT Last-Modified Fri, 13 Mar 2020 18:09:55 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "9ca3419962f9d51:0" Content-Type application/x-javascript Cache-Control public, max-age=129600 Accept-Ranges bytes Content-Length 12026
GET H/1.1	200 OK	gxgral.js Show response 177.70.116.108/sindeprestem/	468 KB 468 KB	555ms 521ms	Script application/x-javascript	177.70.116.108 Mandic S.A.
General Check archive.org Show headers Download Go to Full URL http://177.70.116.108/sindeprestem/gxgral.js?115824 Requested by Host: 177.70.116.108 URL: http://177.70.116.108/sindeprestem/wploginempresa.aspx Protocol HTTP/1.1 Server 177.70.116.108 , Brazil, ASN262545 (Mandic S.A., BR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `b92a9141537cdb0d72e2947777fb75d60a77107f85fed30e6ac77110e617907c` Request headers Referer http://177.70.116.108/sindeprestem/wploginempresa.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 10 Jul 2020 01:50:20 GMT Last-Modified Mon, 24 Jul 2017 16:00:16 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "0a8c5f0954d31:0" Content-Type application/x-javascript Cache-Control public, max-age=129600 Accept-Ranges bytes Content-Length 478870
GET H/1.1	200 OK	gxcfg.js Show response 177.70.116.108/sindeprestem/	957 B 1 KB	512ms 478ms	Script application/x-javascript	177.70.116.108 Mandic S.A.
General Check archive.org Show headers Download Go to Full URL http://177.70.116.108/sindeprestem/gxcfg.js?202031311303879 Requested by Host: 177.70.116.108 URL: http://177.70.116.108/sindeprestem/wploginempresa.aspx Protocol HTTP/1.1 Server 177.70.116.108 , Brazil, ASN262545 (Mandic S.A., BR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `148e6f0290d9630cb529d83ed12209637b4956abcd786ccd074b6d8b8f64c7ed` Request headers Referer http://177.70.116.108/sindeprestem/wploginempresa.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 10 Jul 2020 01:50:20 GMT Last-Modified Wed, 01 Apr 2020 18:47:15 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "6c4f38f6558d61:0" Content-Type application/x-javascript Cache-Control public, max-age=129600 Accept-Ranges bytes Content-Length 957
GET H/1.1	200 OK	jquery1.9.1.js Show response 177.70.116.108/sindeprestem/Shared/jquery/	271 KB 272 KB	782ms 269ms	Script application/x-javascript	177.70.116.108 Mandic S.A.
General Check archive.org Show headers Download Go to Full URL http://177.70.116.108/sindeprestem/Shared/jquery/jquery1.9.1.js Requested by Host: 177.70.116.108 URL: http://177.70.116.108/sindeprestem/wploginempresa.aspx Protocol HTTP/1.1 Server 177.70.116.108 , Brazil, ASN262545 (Mandic S.A., BR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `eb6c63da87c0cbe25a1ee49f9d501aa0b362d4aa5a73416925393e5a50c27b05` Request headers Referer http://177.70.116.108/sindeprestem/wploginempresa.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 10 Jul 2020 01:50:20 GMT Last-Modified Wed, 27 Nov 2019 13:19:41 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "8054775325a5d51:0" Content-Type application/x-javascript Cache-Control public, max-age=129600 Accept-Ranges bytes Content-Length 277978
GET H/1.1	200 OK	bootstrap.js Show response 177.70.116.108/sindeprestem/DVelop/Bootstrap/Shared/	59 KB 59 KB	1231ms 265ms	Script application/x-javascript	177.70.116.108 Mandic S.A.
General Check archive.org Show headers Download Go to Full URL http://177.70.116.108/sindeprestem/DVelop/Bootstrap/Shared/bootstrap.js Requested by Host: 177.70.116.108 URL: http://177.70.116.108/sindeprestem/wploginempresa.aspx Protocol HTTP/1.1 Server 177.70.116.108 , Brazil, ASN262545 (Mandic S.A., BR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `34a1a419bced6c9b69a1f597b884e94595c643d4183a3d11172900f7373f4438` Request headers Referer http://177.70.116.108/sindeprestem/wploginempresa.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 10 Jul 2020 01:50:21 GMT Last-Modified Wed, 27 Nov 2019 13:19:42 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "0ebf5425a5d51:0" Content-Type application/x-javascript Cache-Control public, max-age=129600 Accept-Ranges bytes Content-Length 60307
GET H/1.1	200 OK	DVelopBootstrap.js Show response 177.70.116.108/sindeprestem/DVelop/Bootstrap/Shared/	109 KB 110 KB	1576ms 377ms	Script application/x-javascript	177.70.116.108 Mandic S.A.
General Check archive.org Show headers Download Go to Full URL http://177.70.116.108/sindeprestem/DVelop/Bootstrap/Shared/DVelopBootstrap.js Requested by Host: 177.70.116.108 URL: http://177.70.116.108/sindeprestem/wploginempresa.aspx Protocol HTTP/1.1 Server 177.70.116.108 , Brazil, ASN262545 (Mandic S.A., BR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `6b46c52c9934784619562e59275ed550618ea8ca7ccd7d396906138195863ffa` Request headers Referer http://177.70.116.108/sindeprestem/wploginempresa.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 10 Jul 2020 01:50:21 GMT Last-Modified Wed, 27 Nov 2019 13:19:42 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "0ebf5425a5d51:0" Content-Type application/x-javascript Cache-Control public, max-age=129600 Accept-Ranges bytes Content-Length 112006
GET H/1.1	200 OK	BootstrapPanelRender.js Show response 177.70.116.108/sindeprestem/DVelop/Bootstrap/Panel/	1 KB 2 KB	1875ms 266ms	Script application/x-javascript	177.70.116.108 Mandic S.A.
General Check archive.org Show headers Download Go to Full URL http://177.70.116.108/sindeprestem/DVelop/Bootstrap/Panel/BootstrapPanelRender.js Requested by Host: 177.70.116.108 URL: http://177.70.116.108/sindeprestem/wploginempresa.aspx Protocol HTTP/1.1 Server 177.70.116.108 , Brazil, ASN262545 (Mandic S.A., BR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `4488272f28b2ebf540bc50c60f0a895fc60b84ff6d0f5c63ff1f5bcea6944da5` Request headers Referer http://177.70.116.108/sindeprestem/wploginempresa.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 10 Jul 2020 01:50:21 GMT Last-Modified Wed, 27 Nov 2019 13:19:41 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "8054775325a5d51:0" Content-Type application/x-javascript Cache-Control public, max-age=129600 Accept-Ranges bytes Content-Length 1529
GET H/1.1	200 OK	logosindeprestemsnow8308302.gif 177.70.116.108/sindeprestem/PublicTempStorage/	54 KB 55 KB	271ms 270ms	Image image/gif	177.70.116.108 Mandic S.A.
General Check archive.org Show headers Download Go to Show image Full URL http://177.70.116.108/sindeprestem/PublicTempStorage/logosindeprestemsnow8308302.gif Requested by Host: 177.70.116.108 URL: http://177.70.116.108/sindeprestem/wploginempresa.aspx Protocol HTTP/1.1 Server 177.70.116.108 , Brazil, ASN262545 (Mandic S.A., BR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash Request headers Referer http://177.70.116.108/sindeprestem/wploginempresa.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 10 Jul 2020 01:50:22 GMT Last-Modified Fri, 10 Jul 2020 01:50:20 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag W/"527db775c56d61:0" Content-Type image/gif Cache-Control public, max-age=129600 Accept-Ranges bytes Content-Length 55593
GET H/1.1	200 OK	messages.por.js Show response 177.70.116.108/sindeprestem/	35 KB 35 KB	260ms 259ms	Script application/x-javascript	177.70.116.108 Mandic S.A.
General Check archive.org Show headers Download Go to Full URL http://177.70.116.108/sindeprestem/messages.por.js?115824 Requested by Host: 177.70.116.108 URL: http://177.70.116.108/sindeprestem/wploginempresa.aspx Protocol HTTP/1.1 Server 177.70.116.108 , Brazil, ASN262545 (Mandic S.A., BR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `f075850c5488ed969b6443f9aa9d34064ca18858f5d3922ae6a03551f55fdf9c` Request headers Referer http://177.70.116.108/sindeprestem/wploginempresa.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 10 Jul 2020 01:50:22 GMT Last-Modified Mon, 23 Mar 2020 12:49:39 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "2db5ce83111d61:0" Content-Type application/x-javascript Cache-Control public, max-age=129600 Accept-Ranges bytes Content-Length 35401
GET H/1.1	200 OK	wploginempresa.js Show response 177.70.116.108/sindeprestem/	5 KB 6 KB	267ms 267ms	Script application/x-javascript	177.70.116.108 Mandic S.A.
General Check archive.org Show headers Download Go to Full URL http://177.70.116.108/sindeprestem/wploginempresa.js?20203131130406 Requested by Host: 177.70.116.108 URL: http://177.70.116.108/sindeprestem/wploginempresa.aspx Protocol HTTP/1.1 Server 177.70.116.108 , Brazil, ASN262545 (Mandic S.A., BR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `fa3809be55932055908ab3714b1a2ae7a4e4a8ee0db229e3478b51b57a57fc4b` Request headers Referer http://177.70.116.108/sindeprestem/wploginempresa.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 10 Jul 2020 01:50:22 GMT Last-Modified Fri, 13 Mar 2020 18:10:05 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "e8ff339f62f9d51:0" Content-Type application/x-javascript Cache-Control public, max-age=129600 Accept-Ranges bytes Content-Length 5392
GET H/1.1	200 OK	Primary Request Cookie set wploginempresa.aspx Show response 177.70.116.108/sindeprestem/	6 KB 3 KB	269ms 268ms	Document text/html	177.70.116.108 Mandic S.A.
General Check archive.org Show headers Download Go to Full URL http://177.70.116.108/sindeprestem/wploginempresa.aspx Requested by Host: 177.70.116.108 URL: http://177.70.116.108/sindeprestem/gxgral.js?115824 Protocol HTTP/1.1 Server 177.70.116.108 , Brazil, ASN262545 (Mandic S.A., BR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `adeba517b78a8ec8c9e4c6dd64d1bfeedbce3d4dedfb694e3478952bd0bd9bc1` Request headers Host 177.70.116.108 Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://177.70.116.108/sindeprestem/wploginempresa.aspx Accept-Encoding gzip, deflate Accept-Language en-US Cookie GxTZOffset=Europe/Berlin Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://177.70.116.108/sindeprestem/wploginempresa.aspx Response headers Cache-Control private Pragma no-cache Content-Type text/html; charset=utf-8 Content-Encoding gzip Expires Fri, 10 Jul 2020 01:50:23 GMT Last-Modified Fri, 10 Jul 2020 01:50:23 GMT Server Microsoft-IIS/7.5 Set-Cookie ASP.NET_SessionId=2jwkzpngjhexngrcucxoz0vy; path=/; HttpOnly; SameSite=Lax ASP.NET_SessionId=2jwkzpngjhexngrcucxoz0vy; path=/; HttpOnly; SameSite=Lax GX_SESSION_ID=AIc%2b%2fLkzfDLQBq433S96LamjpFW0GI4mQXSs2GBQQMs%3d; HttpOnly X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Date Fri, 10 Jul 2020 01:50:22 GMT Content-Length 1995
GET H/1.1	200 OK	bootstrap.css 177.70.116.108/sindeprestem/DVelop/Bootstrap/Shared/	110 KB 16 KB	284ms 277ms	Stylesheet text/css	177.70.116.108 Mandic S.A.
General Check archive.org Show headers Download Go to Full URL http://177.70.116.108/sindeprestem/DVelop/Bootstrap/Shared/bootstrap.css Requested by Host: 177.70.116.108 URL: http://177.70.116.108/sindeprestem/wploginempresa.aspx Protocol HTTP/1.1 Server 177.70.116.108 , Brazil, ASN262545 (Mandic S.A., BR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `308ff661a39bfac9170ef5611703ab9ab991e94eee793d7d9ccee1f58d9f3fd4` Request headers Referer http://177.70.116.108/sindeprestem/wploginempresa.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 10 Jul 2020 01:50:22 GMT Content-Encoding gzip ETag "8054775325a5d51:0" Last-Modified Wed, 27 Nov 2019 13:19:41 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=129600 Accept-Ranges bytes Content-Length 15739
GET H/1.1	200 OK	WorkWithPlusBootstrapTheme.css 177.70.116.108/sindeprestem/Resources/Portuguese/	100 KB 14 KB	279ms 272ms	Stylesheet text/css	177.70.116.108 Mandic S.A.
General Check archive.org Show headers Download Go to Full URL http://177.70.116.108/sindeprestem/Resources/Portuguese/WorkWithPlusBootstrapTheme.css?1165074 Requested by Host: 177.70.116.108 URL: http://177.70.116.108/sindeprestem/wploginempresa.aspx Protocol HTTP/1.1 Server 177.70.116.108 , Brazil, ASN262545 (Mandic S.A., BR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `b09dd620143bc85027e237821c95fcf8476d269484c95c4efb433ec6466df6c4` Request headers Referer http://177.70.116.108/sindeprestem/wploginempresa.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 10 Jul 2020 01:50:22 GMT Content-Encoding gzip ETag "0b9e1a340f9d51:0" Last-Modified Fri, 13 Mar 2020 14:06:50 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=129600 Accept-Ranges bytes Content-Length 14309
GET H/1.1	200 OK	jquery.js Show response 177.70.116.108/sindeprestem/	91 KB 33 KB	294ms 288ms	Script application/x-javascript	177.70.116.108 Mandic S.A.
General Check archive.org Show headers Download Go to Full URL http://177.70.116.108/sindeprestem/jquery.js?115824 Requested by Host: 177.70.116.108 URL: http://177.70.116.108/sindeprestem/wploginempresa.aspx Protocol HTTP/1.1 Server 177.70.116.108 , Brazil, ASN262545 (Mandic S.A., BR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `d5d00ecb9c3653b408e8428d2b615f4894ba8feaaa6a54ee615da9206305af79` Request headers Referer http://177.70.116.108/sindeprestem/wploginempresa.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 10 Jul 2020 01:50:22 GMT Content-Encoding gzip ETag "801b389962f9d51:0" Last-Modified Fri, 13 Mar 2020 18:09:55 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/x-javascript Cache-Control public, max-age=129600 Accept-Ranges bytes Content-Length 33478
GET H/1.1	200 OK	gxtimezone.js Show response 177.70.116.108/sindeprestem/	12 KB 4 KB	300ms 294ms	Script application/x-javascript	177.70.116.108 Mandic S.A.
General Check archive.org Show headers Download Go to Full URL http://177.70.116.108/sindeprestem/gxtimezone.js?115824 Requested by Host: 177.70.116.108 URL: http://177.70.116.108/sindeprestem/wploginempresa.aspx Protocol HTTP/1.1 Server 177.70.116.108 , Brazil, ASN262545 (Mandic S.A., BR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `1d434a70e375618f4c712e8852558eb33cb0d4697dfb129093dab31b0e0aa66e` Request headers Referer http://177.70.116.108/sindeprestem/wploginempresa.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 10 Jul 2020 01:50:22 GMT Content-Encoding gzip ETag "801b389962f9d51:0" Last-Modified Fri, 13 Mar 2020 18:09:55 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/x-javascript Cache-Control public, max-age=129600 Accept-Ranges bytes Content-Length 4056
GET H/1.1	200 OK	gxgral.js Show response 177.70.116.108/sindeprestem/	468 KB 135 KB	280ms 274ms	Script application/x-javascript	177.70.116.108 Mandic S.A.
General Check archive.org Show headers Download Go to Full URL http://177.70.116.108/sindeprestem/gxgral.js?115824 Requested by Host: 177.70.116.108 URL: http://177.70.116.108/sindeprestem/wploginempresa.aspx Protocol HTTP/1.1 Server 177.70.116.108 , Brazil, ASN262545 (Mandic S.A., BR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `b92a9141537cdb0d72e2947777fb75d60a77107f85fed30e6ac77110e617907c` Request headers Referer http://177.70.116.108/sindeprestem/wploginempresa.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 10 Jul 2020 01:50:22 GMT Content-Encoding gzip ETag "0a8c5f0954d31:0" Last-Modified Mon, 24 Jul 2017 16:00:16 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/x-javascript Cache-Control public, max-age=129600 Accept-Ranges bytes Content-Length 138022
GET H/1.1	200 OK	gxcfg.js Show response 177.70.116.108/sindeprestem/	957 B 1 KB	286ms 280ms	Script application/x-javascript	177.70.116.108 Mandic S.A.
General Check archive.org Show headers Download Go to Full URL http://177.70.116.108/sindeprestem/gxcfg.js?202031311303879 Requested by Host: 177.70.116.108 URL: http://177.70.116.108/sindeprestem/wploginempresa.aspx Protocol HTTP/1.1 Server 177.70.116.108 , Brazil, ASN262545 (Mandic S.A., BR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `148e6f0290d9630cb529d83ed12209637b4956abcd786ccd074b6d8b8f64c7ed` Request headers Referer http://177.70.116.108/sindeprestem/wploginempresa.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 10 Jul 2020 01:50:22 GMT Last-Modified Wed, 01 Apr 2020 18:47:15 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "6c4f38f6558d61:0" Content-Type application/x-javascript Cache-Control public, max-age=129600 Accept-Ranges bytes Content-Length 957
GET H/1.1	200 OK	jquery1.9.1.js Show response 177.70.116.108/sindeprestem/Shared/jquery/	271 KB 79 KB	548ms 267ms	Script application/x-javascript	177.70.116.108 Mandic S.A.
General Check archive.org Show headers Download Go to Full URL http://177.70.116.108/sindeprestem/Shared/jquery/jquery1.9.1.js Requested by Host: 177.70.116.108 URL: http://177.70.116.108/sindeprestem/wploginempresa.aspx Protocol HTTP/1.1 Server 177.70.116.108 , Brazil, ASN262545 (Mandic S.A., BR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `eb6c63da87c0cbe25a1ee49f9d501aa0b362d4aa5a73416925393e5a50c27b05` Request headers Referer http://177.70.116.108/sindeprestem/wploginempresa.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 10 Jul 2020 01:50:22 GMT Content-Encoding gzip ETag "8054775325a5d51:0" Last-Modified Wed, 27 Nov 2019 13:19:41 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/x-javascript Cache-Control public, max-age=129600 Accept-Ranges bytes Content-Length 80558
GET H/1.1	200 OK	bootstrap.js Show response 177.70.116.108/sindeprestem/DVelop/Bootstrap/Shared/	59 KB 11 KB	552ms 269ms	Script application/x-javascript	177.70.116.108 Mandic S.A.
General Check archive.org Show headers Download Go to Full URL http://177.70.116.108/sindeprestem/DVelop/Bootstrap/Shared/bootstrap.js Requested by Host: 177.70.116.108 URL: http://177.70.116.108/sindeprestem/wploginempresa.aspx Protocol HTTP/1.1 Server 177.70.116.108 , Brazil, ASN262545 (Mandic S.A., BR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `34a1a419bced6c9b69a1f597b884e94595c643d4183a3d11172900f7373f4438` Request headers Referer http://177.70.116.108/sindeprestem/wploginempresa.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 10 Jul 2020 01:50:22 GMT Content-Encoding gzip ETag "0ebf5425a5d51:0" Last-Modified Wed, 27 Nov 2019 13:19:42 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/x-javascript Cache-Control public, max-age=129600 Accept-Ranges bytes Content-Length 10894
GET H/1.1	200 OK	DVelopBootstrap.js Show response 177.70.116.108/sindeprestem/DVelop/Bootstrap/Shared/	109 KB 17 KB	612ms 326ms	Script application/x-javascript	177.70.116.108 Mandic S.A.
General Check archive.org Show headers Download Go to Full URL http://177.70.116.108/sindeprestem/DVelop/Bootstrap/Shared/DVelopBootstrap.js Requested by Host: 177.70.116.108 URL: http://177.70.116.108/sindeprestem/wploginempresa.aspx Protocol HTTP/1.1 Server 177.70.116.108 , Brazil, ASN262545 (Mandic S.A., BR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `6b46c52c9934784619562e59275ed550618ea8ca7ccd7d396906138195863ffa` Request headers Referer http://177.70.116.108/sindeprestem/wploginempresa.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 10 Jul 2020 01:50:22 GMT Content-Encoding gzip ETag "0ebf5425a5d51:0" Last-Modified Wed, 27 Nov 2019 13:19:42 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/x-javascript Cache-Control public, max-age=129600 Accept-Ranges bytes Content-Length 17412
GET H/1.1	200 OK	BootstrapPanelRender.js Show response 177.70.116.108/sindeprestem/DVelop/Bootstrap/Panel/	1 KB 2 KB	611ms 313ms	Script application/x-javascript	177.70.116.108 Mandic S.A.
General Check archive.org Show headers Download Go to Full URL http://177.70.116.108/sindeprestem/DVelop/Bootstrap/Panel/BootstrapPanelRender.js Requested by Host: 177.70.116.108 URL: http://177.70.116.108/sindeprestem/wploginempresa.aspx Protocol HTTP/1.1 Server 177.70.116.108 , Brazil, ASN262545 (Mandic S.A., BR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `4488272f28b2ebf540bc50c60f0a895fc60b84ff6d0f5c63ff1f5bcea6944da5` Request headers Referer http://177.70.116.108/sindeprestem/wploginempresa.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 10 Jul 2020 01:50:22 GMT Last-Modified Wed, 27 Nov 2019 13:19:41 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "8054775325a5d51:0" Content-Type application/x-javascript Cache-Control public, max-age=129600 Accept-Ranges bytes Content-Length 1529
GET H/1.1	200 OK	logosindeprestemsnow2191457.gif 177.70.116.108/sindeprestem/PublicTempStorage/	54 KB 55 KB	264ms 263ms	Image image/gif	177.70.116.108 Mandic S.A.
General Check archive.org Show headers Download Go to Show image Full URL http://177.70.116.108/sindeprestem/PublicTempStorage/logosindeprestemsnow2191457.gif Requested by Host: 177.70.116.108 URL: http://177.70.116.108/sindeprestem/wploginempresa.aspx Protocol HTTP/1.1 Server 177.70.116.108 , Brazil, ASN262545 (Mandic S.A., BR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `c37b64a198d9b2aa3bfe15c39ec73a9d091653fe05fd8663881c428c5e27f209` Request headers Referer http://177.70.116.108/sindeprestem/wploginempresa.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 10 Jul 2020 01:50:24 GMT Last-Modified Fri, 10 Jul 2020 01:50:23 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag W/"c4a39d795c56d61:0" Content-Type image/gif Cache-Control public, max-age=129600 Accept-Ranges bytes Content-Length 55593
GET H/1.1	200 OK	messages.por.js Show response 177.70.116.108/sindeprestem/	35 KB 10 KB	273ms 272ms	Script application/x-javascript	177.70.116.108 Mandic S.A.
General Check archive.org Show headers Download Go to Full URL http://177.70.116.108/sindeprestem/messages.por.js?115824 Requested by Host: 177.70.116.108 URL: http://177.70.116.108/sindeprestem/wploginempresa.aspx Protocol HTTP/1.1 Server 177.70.116.108 , Brazil, ASN262545 (Mandic S.A., BR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `f075850c5488ed969b6443f9aa9d34064ca18858f5d3922ae6a03551f55fdf9c` Request headers Referer http://177.70.116.108/sindeprestem/wploginempresa.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 10 Jul 2020 01:50:24 GMT Content-Encoding gzip ETag "80b3b883111d61:0" Last-Modified Mon, 23 Mar 2020 12:49:39 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/x-javascript Cache-Control public, max-age=129600 Accept-Ranges bytes Content-Length 10355
GET H/1.1	200 OK	wploginempresa.js Show response 177.70.116.108/sindeprestem/	5 KB 2 KB	272ms 271ms	Script application/x-javascript	177.70.116.108 Mandic S.A.
General Check archive.org Show headers Download Go to Full URL http://177.70.116.108/sindeprestem/wploginempresa.js?20203131130406 Requested by Host: 177.70.116.108 URL: http://177.70.116.108/sindeprestem/wploginempresa.aspx Protocol HTTP/1.1 Server 177.70.116.108 , Brazil, ASN262545 (Mandic S.A., BR), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `fa3809be55932055908ab3714b1a2ae7a4e4a8ee0db229e3478b51b57a57fc4b` Request headers Referer http://177.70.116.108/sindeprestem/wploginempresa.aspx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 10 Jul 2020 01:50:24 GMT Content-Encoding gzip ETag "80fc2d9f62f9d51:0" Last-Modified Fri, 13 Mar 2020 18:10:05 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/x-javascript Cache-Control public, max-age=129600 Accept-Ranges bytes Content-Length 1735

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| jstz object| gx object| Mustache undefined| retVal number| gxTestAvailable object| attachedCtrls object| Modernizr object| jQuery19107941143293629622 function| DVelopBootstrapPanel function| DVelopBootstrapTabs function| BootstrapTab function| DVelopBootstrapConfirmPanel function| DVelopBootstrapDropDownOptions function| escapeRegExp function| replaceAll function| encodeHtmlEntities function| isTitleControlAlignLeft function| dropdownAutoPosition function| cleanJsonString function| createCookie function| readCookie function| DDO_GetLocalURL function| eraseCookie function| removeClass function| hasClass function| addClass function| BootstrapPanel function| wploginempresa object| ControlList

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			177.70.116.108/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 2jwkzpngjhexngrcucxoz0vy
			177.70.116.108/sindeprestem	1969-12-31 23:59:59	Name: GX_SESSION_ID Value: AIc%2b%2fLkzfDLQBq433S96LamjpFW0GI4mQXSs2GBQQMs%3d
			177.70.116.108/sindeprestem	1970-01-19 11:35:37	Name: GxTZOffset Value: Europe/Berlin

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://177.70.116.108/sindeprestem/gxgral.js?115824(Line 171) Message: Using jquery from GX distr.
console-api	log	URL: http://177.70.116.108/sindeprestem/gxgral.js?115824(Line 171) Message: global $ is jquery1.9.1
console-api	log	URL: http://177.70.116.108/sindeprestem/gxgral.js?115824(Line 171) Message: Using jquery from GX distr.
console-api	log	URL: http://177.70.116.108/sindeprestem/gxgral.js?115824(Line 171) Message: global $ is jquery1.9.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

177.70.116.108
148e6f0290d9630cb529d83ed12209637b4956abcd786ccd074b6d8b8f64c7ed
1581606c2f3e6d0f5b72999287da8b25ea833ad206f172490ec8b861176d9b17
1d434a70e375618f4c712e8852558eb33cb0d4697dfb129093dab31b0e0aa66e
308ff661a39bfac9170ef5611703ab9ab991e94eee793d7d9ccee1f58d9f3fd4
34a1a419bced6c9b69a1f597b884e94595c643d4183a3d11172900f7373f4438
4488272f28b2ebf540bc50c60f0a895fc60b84ff6d0f5c63ff1f5bcea6944da5
6b46c52c9934784619562e59275ed550618ea8ca7ccd7d396906138195863ffa
adeba517b78a8ec8c9e4c6dd64d1bfeedbce3d4dedfb694e3478952bd0bd9bc1
b09dd620143bc85027e237821c95fcf8476d269484c95c4efb433ec6466df6c4
b92a9141537cdb0d72e2947777fb75d60a77107f85fed30e6ac77110e617907c
c37b64a198d9b2aa3bfe15c39ec73a9d091653fe05fd8663881c428c5e27f209
d5d00ecb9c3653b408e8428d2b615f4894ba8feaaa6a54ee615da9206305af79
eb6c63da87c0cbe25a1ee49f9d501aa0b362d4aa5a73416925393e5a50c27b05
f075850c5488ed969b6443f9aa9d34064ca18858f5d3922ae6a03551f55fdf9c
fa3809be55932055908ab3714b1a2ae7a4e4a8ee0db229e3478b51b57a57fc4b