0 0 lang="pt-BR"> #224 – David Snead on Building Trust and Collaboration in the Hosting Industry With the Secure Hosting Alliance - Games Latam Magazine
Games Latam Magazine

#224 – David Snead on Building Trust and Collaboration in the Hosting Industry With the Secure Hosting Alliance

Read Time:28 Minute, 59 Second
Transcript

[00:00:19] Nathan Wrigley: Welcome to the Jukebox Podcast from WP Tavern. My name is Nathan Wrigley.

Jukebox is a podcast which is dedicated to all things WordPress. The people, the events, the plugins, the blocks, the themes, and in this case, building trust and collaboration in the hosting industry with the Secure Hosting Alliance.

If you’d like to subscribe to the podcast, you can do that by searching for WP Tavern in your podcast player of choice, or by going to wptavern.com/feed/podcast, and you can copy that URL into most podcast players.

If you have a topic that you’d like us to feature on the podcast, I’m keen to hear from you, and hopefully get you, or your idea, featured on the show. Head to wptavern.com/contact/jukebox, and use the form there.

So on the podcast today, we have David Snead. David has been involved in the hosting industry since 1999, starting out as legal counsel for one of the earliest shared hosting companies, and going on to work with over 50 others. He helped found the i2Coalition, serve as in-house counsel for cPanel and WebPros, and now leads the Secure Hosting Alliance.

If you’re listening to this podcast, I’m sure that many of you will have worked closely with hosting companies. Perhaps you run an agency, or business, that depends on the reliability, ethics, and security of hosting providers. David is here to talk about cross-industry collaboration in the hosting world, specifically around improving security, professionalism, and communication between hosts.

The conversation focused on why, and how, the Internet Infrastructure Forum, or IIF, is building a framework for real-time intelligence sharing and abuse reporting, aiming to help the entire ecosystem detect and prevent attacks faster than adversaries can adapt.

David talks about the challenges hosting companies face, especially smaller ones, in keeping up with security, and how this evolving project hopes to ease this by sharing actionable, non-proprietary abuse information across registrars, hosting providers, DNS services, and more.

He discusses the growth of both the Secure Hosting Alliance and the IIF, the business case for collaboration, and the nuances of legal and technical information sharing across borders.

If you’re in hosting, run a web agency, or just want to know how the backbone of the web is working to stay more secure and connected, this episode is for you.

If you’re interested in finding out more, you can find all of the links in the show notes by heading to wptavern.com/podcast, where you’ll find all the other episodes as well.

And so, without further delay, I bring you David Snead.

I am joined on the podcast by David Snead. Hello David.

[00:03:20] David Snead: Hello.

[00:03:21] Nathan Wrigley: Very nice to have you with us. David’s got a really interesting background, and a really interesting, I’m going to use the word project. I don’t know if that’s the right word. It feels like it’s got more solidity and it’s got a lot more history than that. It’s something which is, I think going, but we’ll find out a little bit more about it. It’s all about the hosting industry and trying to get hosts to, I guess communicate with each other in ways going forwards.

[00:03:44] David Snead: That is a part of it. There are really two goals and one is to level up the ethics and professionalism in the hosting industry. And the second is to facilitate more comradery and interaction among hosts. Something that folks felt occurred in the early 2000s, and with all the consolidation that occurred went away. And so that’s something that we’re also trying to facilitate.

[00:04:16] Nathan Wrigley: Okay. So given that we’re going to be talking about hosting, I guess it’s a good idea to paint your credentials and find out a little bit more about you. So a short opportunity to just tell us a little about you and your background in WordPress and hosting specifically, I suppose.

[00:04:29] David Snead: Sure. So I have been working in the hosting industry since 1999. As I often say, I was working in the hosting industry when hosting was cool. It is not so cool anymore. In fact most people don’t really pay attention to it.

You know, and I started as a lawyer for a hosting company, and I was in-house counsel for a company that actually owned a hosting company and was one of the earliest hosting companies that specialised in shared hosting. And so I was their general counsel. And for some reason it stuck, and I’ve just kind of turned it into a career.

So after that I had a private practise as a lawyer and I worked with probably 50 different hosting companies, mostly writing policies that nobody ever reads, which makes me super fun at parties.

And then from there, my friend Christian Dawson and I formed the i2Coalition as a response to some legislation in the US that would’ve been kind of the death nail for internet providers. So we started the i2Coalition. I then went in-house for cPanel and worked at cPanel and WebPros for 10 years, and then started the Secure Hosting Alliance.

[00:05:52] Nathan Wrigley: Okay. So you’ve got all all the history. That’s pretty good. You know, if we’re going to talk about hosting.

[00:05:57] David Snead: All the hosting history in one person. That’s kind of a very scary idea, no?

[00:06:02] Nathan Wrigley: But that’s excellent. So do you still offer counsel? Is that still, so you haven’t sort of sidestepped and do half of the week on a sort of more technical basis? It’s still the legal side that you’re involved in.

[00:06:13] David Snead: I do. Right now I’m doing mostly M&A work for, it’s weird. So I don’t know if anybody has ever said this to you before, but web hosting is kind of like the Hotel California. It’s like, once you start in the web hosting industry, you never leave. And so I have all these clients from 15 years ago who are now running like little baby hosts, and they’re talking to bigger hosts and they want to get acquired. So I’m doing some of that now. I am not writing any of the policies that nobody ever reads because that was just, I did that for too long.

[00:06:51] Nathan Wrigley: There were too many moments parties.

[00:06:53] David Snead: Yes, exactly. Yeah.

[00:06:55] Nathan Wrigley: Okay, so I’m going to read into the record the title and the blurb that went with the presentation that you are doing or done.

[00:07:02] David Snead: I did it yesterday.

[00:07:03] Nathan Wrigley: Okay, we’ll get into that in a moment. So the title is coordinating the fight, cross industry collaboration, and the blurb goes as follows. WordPress hosting threats cross company lines. When one provider falls victim, the entire ecosystem suffers. This session explores how the Internet Infrastructure Forum, or IFF, enables hosting providers, registrars and registries to coordinate abuse response through real time intelligence sharing. Learn how operational collaboration helps responsible operators detect and stop attacks faster than adversaries can adapt. And why working together produces results no single provider could achieve alone.

When I read that, immediately was, yeah, that’s a really sensible idea. Why are we separately, as hosting companies, I say we, I mean the hosting companies. Why are they all trying to do the same work over and over again, separately? When presumably this aspect of the work, the security bit is something they all have in common.

[00:08:05] David Snead: Right? So that’s the fundamental question, right? So the IIF is a voluntary organisation that is made up of everyone in the infrastructure stack. So from registrars, registries, DNS providers, hosting providers, cloud providers, everyone in the stack. So it is facilitated by the Internet and Jurisdiction Foundation. They’re based in Paris, and they’re the actually the secretariat for it.

And what it’s designed to do is create a common way for everyone who’s in the infrastructure stack to share information about abuse and abuse issues. And it’s one of the fundamental problems that you referred to is everybody is operating in a silo, right? And that’s mostly because that’s the way the internet is architected, right?

So the internet is architected, so it’s distributed, right? Registrars and registries basically do their own thing with domain names. They might have a small hosting component or maybe a cloud component, but by and large, all they do is domain names.

Hosting providers probably resell domain names, but they’re not part of that industry. And so how do they all coordinate? And that’s what the IIF is trying to facilitate, is more information sharing among the participants.

[00:09:39] Nathan Wrigley: Well I imagine some of the hosting companies are probably fairly good. You know, they’ve got a giant customer base. Let’s imagine hosting company X over there, they’ve got millions of customers. They’ve got a huge budget that they can put over to, let’s say, security things. Well that’s all well and good, brilliant. But then there are other companies who are much scrappier. You know, they maybe have only a few thousand customers. And so their budget for the exact same work is going to be reduced.

How will this work? Is it going to be like a subscription service basically? Will you have a membership, which is in some way equal to the number of clients that you’ve got? Will there be some expectation that, okay, we’ll look at your revenue, your membership will be equivalent to a percentage of your revenue? How will that all work?

[00:10:20] David Snead: We don’t know. This is a very early stage project. Right now we are in a prototype phase where we have just figured out what information folks should submit to the secretariat.

So the way it works is, you submit the information that you collect for a particular abuse issue to the secretariat, who then enriches it with all the other information that’s been submitted and sends it to the right person.

So a great example is, let’s say a registrar reported a phishing domain. They turn off the phishing domain and they have maybe a timestamp, an IP address where it was submitted from. They submit that to the secretariat, who then finds the hosting company who is providing the services for the hosting and says, this came in about this particular site. Can you take action on that? So that’s the way it works.

Right now it’s very early stage. It’s in the first phase of a test, and we’re going to look at whether the way we’ve architected it, or the way the group has architected it, actually makes sense.

[00:11:39] Nathan Wrigley: Is this going to be then a sort of slow on ramp whereby you bring a few companies in at the beginning, hopefully. And then one or two more and iron out the wrinkles, and then some more and some more? Because I imagine, if you just threw the switch, everybody’s in, a lot could go wrong at that point. And I’m guessing there’s going to be more of a slow on ramp.

[00:12:00] David Snead: So you’ve pointed out my particular frustration with the IIF, and the reason that the secretariat is moving slowly, right? So fortunately, or unfortunately, based on my cultural background, I’m just sitting here going, this needs to move faster. We need to have everybody involved, we need to have all the hosts involved, we need to have all the registrars and registries. And other folks who are a little bit more skilled in this type of work say, no, we need to figure out what we’re doing and that requires a small number of people.

The phase that we’re in right now is looking for more folks who are interested in sitting at the table and being part of the discussion. Particularly in the hosting industry and in the web design and marketing industry. Those are folks who don’t generally participate in these kind of industry led collaboration exercises. And that’s the reason that I’m at WordCamp, is to talk to web designers, marketing agencies about why they should participate in something like this.

[00:13:13] Nathan Wrigley: So this really isn’t bound in any way to WordPress, is it? It just so happens that WordPress has a significant chunk of the internet, so this is a good place to start. But if you happen to be a, I don’t know, Drupal user, or you’re just into writing PHP code or whatever it may be, this is still applicable. There’s no real WordPress layer to this. This is just a good place for you to come because, well, there’s probably, what, 30 hosts, 100 yards away from us out there.

[00:13:37] David Snead: I know. And I haven’t seen all of them yet.

[00:13:39] Nathan Wrigley: Yeah, there’s work to do. But agnostic to any platform, basically.

[00:13:42] David Snead: It is completely platform agnostic, yeah.

[00:13:43] Nathan Wrigley: Okay. Okay, that’s interesting. But WordPress is a, is certainly a good place to start.

Now, I’m imagining, if I was a hosting company and I was the chief executive, I definitely have some questions for you in terms of, okay, we’re going to share our valuable intel with you, what are you going to do with that? How can we trust you? How do we know that the sharing is going to be done effectively and what have you?

So I guess really what I’m getting to is, what is the assurances or checks and balances that you, in the end, will hope to offer the host? That you can assure them that, look, if you hand us this body of work, you don’t need to think about it again. You can trust us to do it honourably, effectively, collaboratively. You get where going.

[00:14:26] David Snead: Yeah, yeah. And I suspect that you wanted to be a lawyer at some time, because that’s one of the issues that we’re facing. Information that can be shared freely, as an example, in the United States, might not be capable of being shared so freely in the European Union, or in Brazil, or in India or someplace like that.

So one of the things that’s being done, not by me, but by another group, another working group that’s part of this, is analysing the legal issues around information sharing.

The information that’s being shared, to answer the proprietary and confidentiality question, is not proprietary or confidential information. So it’s things like timestamps, domain names, IP addresses for the initial abuse submission. Things like that that really don’t indicate some sort of company confidential information. And it’s further abstracted into xarf, which is a language that’s used for abuse reporting, that we all can share. And so I think that the only thing that would be of concern is whether that information is personal information that’s subject to jurisdictional restrictions around the world.

[00:15:48] Nathan Wrigley: Would the idea be that this organisation would do the remedial work? So is there any notion that, let’s say for example, some sort of security problem was discovered by hosting company A over there, and they share that intel with you. Maybe the question is kind of asking, will you then appoint people to figure out what the patch is for that? Or is your idea just to, oh, red flag, we’ve got this problem, now you all know about it. Is it just information sharing as opposed to fixes?

[00:16:17] David Snead: Yeah, it’s the latter. So the thing that we’re solving for right now, so there’s just one issue that, one abuse issue, that we’re testing out and it’s issues related to fake shops. And so the fake shop issue is the test abuse issue for the project, and where folks are sharing information. It’s a particular problem right now with credentials harvesting. And so that’s what we’re trying to look at.

[00:16:43] Nathan Wrigley: And how has the conversations that you’ve had thus far, how have they gone? Has this been warmly received or are you facing a little bit of pushback?

[00:16:50] David Snead: So, look, I’ll be very direct with you. If something isn’t just an immediate threat to them, it’s very difficult to conceptualise why you should participate. And I am pretty used to answering that question simply based on the political work that I do with the i2Coalition. But once you talk about, so let’s use fake shops as an example. Fake shops, and you’re providing services to fake shops, actually has an impact on your bottom line.

So if you are providing, let’s say, payment processing to an entity that is running a fake shop, it very easily can make your credit card processing charges higher. It ends up eating bandwidth. It will tax your abuse resources.

One of the things that you referred to initially is, you know, larger hosts have a lot of money. I wouldn’t say they have a lot of money, but they have more bandwidth to handle a vast fire hose of abuse issues. Most smaller hosting companies might only get five or six abuse issues in a month. But if you have a fake shop, that’s going to generate a huge amount of abuse, and it’s taking away resources that you can use to actually grow your business. So that argument actually is relatively persuasive in getting folks to pay attention.

I find that the business argument around abuse is a much more compelling discussion than kind of moral persuasion. I don’t think moral persuasion works in the context of a community that is trying very hard just to keep their heads above water.

[00:18:42] Nathan Wrigley: It feels to me from what you’ve just said, and I could be reading too much between the lines, but it feels to me as if a good target audience would be smaller hosts to begin with, simply because they’re probably going to be more receptive because they have less bandwidth themselves. And so would welcome anything that can make the burden of sharing this information easier. So 10 of the small hosts combined is, well, it’s much bigger than each of them individually would be, whereas I suppose you’ll have to get a critical mass of them on board until maybe some of the bigger hosts start to look at you with favourable eyes, let’s say that.

[00:19:15] David Snead: Well, so we have some pretty large hosting companies who are participating. So as an example, both GoDaddy and Newfold are participating. But we also have smaller hosts. But I agree with you, the information that’s being provided, particularly since it is actionable, realistic information that can be adapted for bespoke systems, is invaluable, right?

So if you only get five or six abuse complaints and you get an abuse complaint, and you can go to the secretariat and say, we got a complaint about this domain, and the secretariat says, here’s what the registrar did. Here’s what Cloudflare did. Here’s the information they provided us. And you can use that to make a decision on how to address that problem. It saved you hours and hours and hours of research time.

[00:20:09] Nathan Wrigley: Technically speaking, what would the conduit of information both toward you and away from you look like? So if I’m hosting company X, how are you imagining that I will supply you with that information? But also, if I’m just looking for information from you on a daily, weekly basis, whatever it may be, how do I receive that? Is this like a, I don’t know, a website or an API or?

[00:20:33] David Snead: It’s an API. So it’s a file. It’s just a general file download.

[00:20:37] Nathan Wrigley: Right, okay. So it’s readily available 24/7?

[00:20:40] David Snead: Right. That’s the goal. Right now it’s not, but the goal is to kind of figure out a way to make something like that possible.

[00:20:47] Nathan Wrigley: Yeah, okay. I also suppose that the hosting companies, whilst this is good for their business if they can minimise costs and hand a lot of this work over to you, there’s a part of them which would also probably like to put some sort of badge on their website to say, this is what we’re doing. We’re part of this alliance, for want of a better word. Is that something that you are looking to develop as well, you know, some sort of credentialing system to demonstrate that you’re in this?

[00:21:12] David Snead: So that’s not something that the IIF is working on. It’s something that the Secure Hosting Alliance does. The Secure Hosting Alliance has a trust seal that we give to hosts who fulfil our Trust Seal Certification provisions. But that’s not something that the IIF does.

Talking about like why, other than business reasons, folks should participate in this, one of the things that is going on that I would suggest that most hosts know about, is there’s a little bit of a moral panic going on in the world about what contents you have. And regulation is actually a very real thing for the hosting industry, who has not ever been regulated. This is the time where you can say, hey, this is what we’re doing, right? We’re dealing with issues. This way a trust seal is the same thing, right? It’s something that you can say, we are actually taking steps to make the internet a better place.

[00:22:18] Nathan Wrigley: I think if you are a general agency owner or, I don’t know, just a freelancer, hosting is one of those things that you, once you’ve done it once, you’re in it for the long haul until something goes wrong. But you’re also browsing around for any tiny indication of why is this host slightly different? You know, what is it that they’re doing that, I don’t know, is faster? What is it that they’re doing that’s more secure? So it feels to me if you had a credentialing system and I began to hear about it and see it pop up again and again, it would be one of the metrics which I would weigh up when looking at hosting.

[00:22:51] David Snead: I would think so. One of the things that a trust seal does is it indicates that there’s been some vetting of the host. That someone has determined the things that are important to the hosting industry and are important to the web design industry. The agency industry are also important to the host.

Great example of that is one of the provisions of the Secure Hosting Alliances’ Trust Seal Certification is that a contract is presented to the customer before they sign up, which is super customer friendly.

One of the things as a lawyer that you hear about all the time when people are dissatisfied with their services is, yeah, well, I never saw that contract. Or it was just a hyperlink in an email that I got. That’s one of the differentiators for a Trust Seal certified host is that the contract is actually presented to them, to the customer beforehand.

[00:23:57] Nathan Wrigley: So in terms of the WordPress crowd, is this a thing that you are pitching only to hosts? Like when you step out of here, are you trying to have conversations only with hosts? Or is there some bit of the WordPress community, the freelance, the agency owners? Are you trying to communicate with them just to scope out what they need?

[00:24:15] David Snead: So for both the Secure Hosting Alliance and for the IIF, it is that. I really enjoy talking to agencies and developers about whether this is important to them, or why it might be important to them.

[00:24:31] Nathan Wrigley: In terms of how long this project’s been going, I’ve only heard of it because of your participation here, but I don’t know if you’ve been banging this gong for a decade or, I mean you’ve been in the industry for long enough to have been banging it for decades. Is this a new initiative or is this something which has a long and storied history?

[00:24:49] David Snead: So the Secure Hosting Alliance has only been active for a year, a little bit over a year. I’ve been talking about abuse for a long time, but the Secure Hosting Alliance has only been around for a year.

[00:25:01] Nathan Wrigley: And have you, in that year, got any intuitions that you’ll be here for another year? Is it basically going in the right direction?

[00:25:09] David Snead: It is going in the right direction. So we started out with two or three charter members. We now have 25 hosting members. We have three security vendors who are members as well. We have, I think, 17 Trust Seal Certified members, and we’re launching in 2027 a trust seal for security vendors who provide services to hosting companies.

[00:25:40] Nathan Wrigley: I know that several owners of hosting companies listen to this podcast. They may very well be the people that you’ve spoken to already, but if they are not, and they are people who would like to investigate this further, I suppose the thing that’s going to be in their head is, okay, Nathan and David, you’ve explained what I’ll get out of it, what do I need to put into it? So is this an annual financial commitment? How does it all work from that point of view?

[00:26:02] David Snead: Yeah, so you become a member of the i2Coalition. And so the Secure Hosting Alliance is a working group of the i2Coalition. So you would be a general member and you would participate in the Secure Hosting Alliances’ working groups. You also have the ability to participate in the i2Coalition as a whole, which is a much larger trade association that represents almost everyone in the internet infrastructure vertical. Mostly doing policy work, primarily in the US and the EU. Although there’s, we’re doing some work in India right now as well.

[00:26:40] Nathan Wrigley: And does membership allow you to steer the future of the project? I know that lots of chefs in the kitchen results in terrible food, but that, I fear, is something that could happen. You’ve got 87 members, 260 members. And then the 260 members all start to bicker and, you know, we want this, no. You see how it goes.

[00:26:59] David Snead: I do.

[00:26:59] Nathan Wrigley: What’s the position there? You know, is there sort of gated levels of membership? How are you organising all of that?

[00:27:04] David Snead: There are not. The membership is based on self-reported revenue. The membership is not horrifically expensive from my perspective. And I think that that, most of our members would say that it is, it’s actually relatively affordable, particularly for the small to medium sized hosts. And registrars or design agencies, anyone who’s participating.

The question about, who’s running the show, comes up quite a bit. We haven’t really faced that issue, particularly in the Secure Hosting Alliance. Folks seem to get along. But the organisation runs on the idea of rough consensus. And so decisions end up not being controlled by one member or not. Some of the i2Coalition has some very large companies who everybody knows about, who get along with startups, and folks against whom they compete directly. And policies still get made. The organisation still moves forward.

[00:28:11] Nathan Wrigley: Yeah, I guess you’re in a space where, obviously all of these hosting companies commercially are vying for everybody else’s business. But in this particular situation, that is not the case. Nobody’s vying for their websites to be less secure. They all want the same level of security. So at least in that sense, you would hope that consensus could be maintained even if, commercially, the two companies that are in the room, the 10 companies that are in the room might be commercially at loggerheads with each other. At least on this they could agree. That would be the hope, I suppose, anyway.

[00:28:47] David Snead: It seems to be, not only the hope, but the actual way that things work. You ask about how compromise is reached. What comes to mind is I have a much different concept of privacy than, particularly when I was at WebPros, than other folks in the i2Coalition had. And another company just called me up and we worked through our disagreements about how privacy should be handled within the i2Coalition and were able to move forward.

The industry I’ve found to be hugely collaborative, particularly the hosting industry. Everybody knows what their competitor is doing. But when it comes to addressing an issue like, how are we going to deal with abuse as a community? Folks come together. CEOs of hosting companies while they compete tend to be relatively good friends.

As I said at the very beginning, it really is like the Hotel California, right? You come in as a CEO of a hosting company, you grow it and you sell it to another company. All of a sudden you’re at the bottom again with a server in your grandma’s basement, you know, trying to start again.

[00:30:08] Nathan Wrigley: It’s a really curious effort. I suppose really at the bottom of this entire podcast is your endeavour to be heard and to reach out and get some conversations going. So with that in mind, where do people find the information about this? So maybe there’s a website that we could mention. But also, is there a specific place where you hang out? Is there a place where you would like to be contacted most?

[00:30:33] David Snead: Sure. So our website is hostingsecurity.net. I’m not too afraid of getting too much spam. So folks can email me at snead@i2coalition.com And the two is the numeral two. So it’s snead@i2coalition.com. And I’m happy to answer questions.

In terms of hanging out, I am at most industry conferences in the hosting industry. In the WordPress industry, I’ll be at WordCamp US. We also participate very heavily in ICANN. So there is an i2Coalition member at every single ICANN meeting.

[00:31:12] Nathan Wrigley: So if you go to wptavern.com and you search for the episode with David Snead, S-N-E-A-D, you’ll be able to find those details. I’ll put everything into the show notes. So anything that I missed? Was there a particular focus that we didn’t touch?

[00:31:26] David Snead: No, this is actually one of the most thorough podcasts I’ve been on recently.

[00:31:31] Nathan Wrigley: That’s love to hear it. Well, David Snead, thank you very much for joining me today.

[00:31:35] David Snead: Glad to be here. Thanks for having me.

On the podcast today we have David Snead.

David has been involved in the hosting industry since 1999, starting out as legal counsel for one of the earliest shared hosting companies and going on to work with over 50 others. He helped found the i2Coalition, serve as in-house counsel for cPanel and WebPros, and now leads the Secure Hosting Alliance.

If you’re listening to this podcast, I’m sure that many of you will have worked closely with hosting companies. Perhaps you run an agency or business that depends on the reliability, ethics, and security of hosting providers. David is here to talk about cross-industry collaboration in the hosting world, specifically around improving security, professionalism, and communication between hosts.

The conversation focused on why and how the Internet Infrastructure Forum (IIF) is building a framework for real-time intelligence sharing and abuse reporting, aiming to help the entire ecosystem detect and prevent attacks faster than adversaries can adapt.

David talks about the challenges hosting companies face, especially smaller ones, in keeping up with security, and how this evolving project hopes to ease this by sharing actionable, non-proprietary abuse information across registrars, hosting providers, DNS services, and more. He discusses the growth of both the Secure Hosting Alliance and the IIF, the business case for collaboration, and the nuances of legal and technical information sharing across borders.

If you’re in hosting, run a web agency, or just want to know how the backbone of the web is working to stay more secure and connected, this episode is for you.

Useful links

i2coalition website

Secure Hosting Alliance website

Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
0 %
Sair da versão mobile