urlscan.io logo urlscan.io
SecurityTrails logo

clubdoinfo.belassaude.com.br Open in urlscan Pro
162.241.203.56  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://storage.googleapis.com/onlineupdate/VENDORS/to2.htm
Effective URL: https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7...
Submission: On June 21 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 37 HTTP transactions. The main IP is 162.241.203.56, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is clubdoinfo.belassaude.com.br.
TLS certificate: Issued by R3 on June 3rd 2022. Valid for: 3 months.
This is the only time clubdoinfo.belassaude.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: US Government (Government)

Domain & IP information

1    2404:6800:4004:820::2010 (Australia)

ASN15169 (GOOGLE, US)
storage.googleapis.com
4    162.241.203.56 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: mail.sabbatini.com.br
clubdoinfo.belassaude.com.br
3    2404:6800:4004:80a::2003 (Australia)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2404:6800:4004:823::200e (Australia)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2404:6800:4004:821::2008 (Australia)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
24    2600:140b:400::172d:332a (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
portal.edd.ca.gov
1    2600:140b:1:4a5::11a6 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
1    2404:6800:4004:820::2004 (Australia)

ASN15169 (GOOGLE, US)
www.google.com
1    2600:140b:1:48c::11a6 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
Apex Domain
Subdomains		 Transfer
24 ca.gov
portal.edd.ca.gov — Cisco Umbrella Rank: 186207
451 KB
4 belassaude.com.br
clubdoinfo.belassaude.com.br
10 KB
3 gstatic.com
www.gstatic.com
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1246
c.go-mpulse.net — Cisco Umbrella Rank: 523
50 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60
20 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 9
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 96
39 KB
1 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 467
687 B
37 8
Domain Requested by
24 portal.edd.ca.gov clubdoinfo.belassaude.com.br
portal.edd.ca.gov
4 clubdoinfo.belassaude.com.br 1 redirects clubdoinfo.belassaude.com.br
3 www.gstatic.com clubdoinfo.belassaude.com.br
www.google.com
2 www.google-analytics.com clubdoinfo.belassaude.com.br
www.google-analytics.com
1 c.go-mpulse.net s.go-mpulse.net
1 www.google.com clubdoinfo.belassaude.com.br
1 s.go-mpulse.net clubdoinfo.belassaude.com.br
1 www.googletagmanager.com clubdoinfo.belassaude.com.br
1 storage.googleapis.com
37 9

This site contains links to these domains. Also see Links.

Domain
www.ca.gov
www.edd.ca.gov
portal.edd.ca.gov
edd.ca.gov
Subject Issuer Validity Valid
storage.googleapis.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
belassaude.com.br
R3		 2022-06-03 -
2022-09-01		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
portal.edd.ca.gov
GlobalSign RSA OV SSL CA 2018		 2021-09-21 -
2022-10-23		 a year crt.sh
akstat.io
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-15 -
2023-04-19		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6
Frame ID: FA587CA13C95A5D62DFDAACD7DC79E28
Requests: 34 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=vzAt61JclNZYHl6fEWIBqLbe&k=6LfBF4UbAAAAANPQcwAxUN_ssLyq8XgcFfs8GXEe&cb=djm12x4pu2g
Frame ID: 118C828AD5DAE78B24B5319098F46B4C
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Employment Development Department

Page URL History Show full URLs

  1. https://storage.googleapis.com/onlineupdate/VENDORS/to2.htm Page URL
  2. https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/ HTTP 302
    https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DN... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <!--[^>]*(?:InstanceBeginEditable|Dreamweaver([^>]+)target|DWLayoutDefaultTable)
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

37
Requests

100 %
HTTPS

89 %
IPv6

8
Domains

9
Subdomains

9
IPs

3
Countries

573 kB
Transfer

1314 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://storage.googleapis.com/onlineupdate/VENDORS/to2.htm Page URL
  2. https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/ HTTP 302
    https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
to2.htm
storage.googleapis.com/onlineupdate/VENDORS/ 		112 B
687 B 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/onlineupdate/VENDORS/to2.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2010 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-length
112
content-type
text/html
date
Tue, 21 Jun 2022 14:08:05 GMT
etag
"10fe0ced092f38185e01c33b05921b87"
expires
Tue, 21 Jun 2022 15:08:05 GMT
last-modified
Thu, 16 Jun 2022 21:18:08 GMT
server
UploadServer
x-goog-generation
1655414288392344
x-goog-hash
crc32c=+Y1QDw== md5=EP4M7QkvOBheAcM7BZIbhw==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
112
x-guploader-uploadid
ADPycdtAyv9rdlDhS3p-mWDSz90XWQcwQeAwETaO3MdjNL1ftsg_cdECfxnVMdwVFrGeUDfQFQ5982A60C65NJDP6kQ81w
Primary Request logon.php
clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/
Redirect Chain
  • https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/
  • https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6X...
23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.203.56 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
mail.sabbatini.com.br
Software
Apache /
Resource Hash
e3561962d2128a43856ea17705c7b6299441760ecb6b4c17bfe4444c56ac5fa3

Request headers

Referer
https://storage.googleapis.com/onlineupdate/VENDORS/to2.htm
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
none
content-encoding
gzip
content-length
8443
content-type
text/html; charset=UTF-8
date
Tue, 21 Jun 2022 14:08:07 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 21 Jun 2022 14:08:07 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6
pragma
no-cache
server
Apache
recaptcha__en.js
www.gstatic.com/recaptcha/releases/vzAt61JclNZYHl6fEWIBqLbe/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vzAt61JclNZYHl6fEWIBqLbe/recaptcha__en.js
Requested by
Host: clubdoinfo.belassaude.com.br
URL: https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80a::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://clubdoinfo.belassaude.com.br/
Origin
https://clubdoinfo.belassaude.com.br
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 14:08:07 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1621
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: clubdoinfo.belassaude.com.br
URL: https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://clubdoinfo.belassaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
186
date
Tue, 21 Jun 2022 14:05:01 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 21 Jun 2022 16:05:01 GMT
js
www.googletagmanager.com/gtag/ 		101 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-3419582-31
Requested by
Host: clubdoinfo.belassaude.com.br
URL: https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4e0c81225857ded4e88d9745e3e46d719bd74f6809393e0cbf882e5625f17bf2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://clubdoinfo.belassaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 14:08:07 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39850
x-xss-protection
0
last-modified
Tue, 21 Jun 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 21 Jun 2022 14:08:07 GMT
jquery
portal.edd.ca.gov/WebApp/ 		95 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.edd.ca.gov/WebApp/jquery?v=dVOJyKZDSwYZJHVzwqHTeUz8ziYxD7MAcXzHtE27yS01
Requested by
Host: clubdoinfo.belassaude.com.br
URL: https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:400::172d:332a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
a32d93c3f23567760cc4a0f9f8e156b687769ede3e47a928fac1c2f2c386c96f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://clubdoinfo.belassaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 14:08:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Aug 2021 03:49:58 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=31536001
server-timing
cdn-cache; desc=HIT, edge; dur=18
strict-transport-security
max-age=31536000
vary
Accept-Encoding
content-length
43737
x-xss-protection
1; mode=block
expires
Wed, 21 Jun 2023 14:08:08 GMT
modernizr
portal.edd.ca.gov/WebApp/ 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.edd.ca.gov/WebApp/modernizr?v=wBEWDufH_8Md-Pbioxomt90vm6tJN2Pyy9u9zHtWsPo1
Requested by
Host: clubdoinfo.belassaude.com.br
URL: https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:400::172d:332a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
0ec4e0295f86b2142b8996e03d4195888843b50d1954d7e248341da032b7ebba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://clubdoinfo.belassaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 14:08:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 08 Jun 2022 14:05:02 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=31536001
server-timing
cdn-cache; desc=HIT, edge; dur=13
strict-transport-security
max-age=31536000
vary
Accept-Encoding
content-length
5229
x-xss-protection
1; mode=block
expires
Wed, 21 Jun 2023 14:08:08 GMT
eGov_style.css
portal.edd.ca.gov/Resources2015/css/ 		32 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.edd.ca.gov/Resources2015/css/eGov_style.css
Requested by
Host: clubdoinfo.belassaude.com.br
URL: https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:400::172d:332a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
d07ee203eb35125b3d11eb0c8dcbc93b649b0b7fd43ccdee91ad2e2037892283
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://clubdoinfo.belassaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 14:08:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 17 Dec 2021 19:41:36 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2226
server-timing
cdn-cache; desc=HIT, edge; dur=1
strict-transport-security
max-age=31536000
accept-ranges
bytes
vary
Accept-Encoding
content-length
7543
x-xss-protection
1; mode=block
expires
Tue, 21 Jun 2022 14:45:13 GMT
edd_style.css
portal.edd.ca.gov/Resources2015/css/ 		13 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.edd.ca.gov/Resources2015/css/edd_style.css
Requested by
Host: clubdoinfo.belassaude.com.br
URL: https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:400::172d:332a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
8df2022041809c1948f5b0b82b6637df8fdb9e29b9245dd2ac561de0c0414228
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://clubdoinfo.belassaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 14:08:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 17 Dec 2021 19:41:36 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2273
server-timing
cdn-cache; desc=HIT, edge; dur=1
strict-transport-security
max-age=31536000
accept-ranges
bytes
vary
Accept-Encoding
content-length
4604
x-xss-protection
1; mode=block
expires
Tue, 21 Jun 2022 14:46:00 GMT
colorscheme_oceanside.css
portal.edd.ca.gov/Resources2015/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.edd.ca.gov/Resources2015/css/colorscheme_oceanside.css
Requested by
Host: clubdoinfo.belassaude.com.br
URL: https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:400::172d:332a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
f5af418c3c6e41b2d56038f6ce270e36959fd2454a10da28fca4e7b2bf5c3332
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://clubdoinfo.belassaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 14:08:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 17 Dec 2021 19:41:36 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2223
server-timing
cdn-cache; desc=HIT, edge; dur=1
strict-transport-security
max-age=31536000
accept-ranges
bytes
vary
Accept-Encoding
content-length
1783
x-xss-protection
1; mode=block
expires
Tue, 21 Jun 2022 14:45:10 GMT
edd_colorscheme_oceanside.css
portal.edd.ca.gov/Resources2015/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.edd.ca.gov/Resources2015/css/edd_colorscheme_oceanside.css
Requested by
Host: clubdoinfo.belassaude.com.br
URL: https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:400::172d:332a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
bd0e935bdb4b4a82cae92697683b158dd571672549fe1c182d84758789392c94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://clubdoinfo.belassaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 14:08:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 17 Dec 2021 19:41:36 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2223
server-timing
cdn-cache; desc=HIT, edge; dur=1
strict-transport-security
max-age=31536000
accept-ranges
bytes
vary
Accept-Encoding
content-length
748
x-xss-protection
1; mode=block
expires
Tue, 21 Jun 2022 14:45:10 GMT
768.css
portal.edd.ca.gov/Resources2015/css/ 		398 B
666 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.edd.ca.gov/Resources2015/css/768.css
Requested by
Host: clubdoinfo.belassaude.com.br
URL: https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:400::172d:332a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
bba60cc6402a9bef7a2d9ee025b081aee03da3438ab3709d7f6ecd59434da228
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://clubdoinfo.belassaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 14:08:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 17 Dec 2021 19:41:36 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2226
server-timing
cdn-cache; desc=HIT, edge; dur=1
strict-transport-security
max-age=31536000
accept-ranges
bytes
vary
Accept-Encoding
content-length
362
x-xss-protection
1; mode=block
expires
Tue, 21 Jun 2022 14:45:13 GMT
edd_768.css
portal.edd.ca.gov/Resources2015/css/ 		12 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.edd.ca.gov/Resources2015/css/edd_768.css
Requested by
Host: clubdoinfo.belassaude.com.br
URL: https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:400::172d:332a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
02180ad6d7511879b968b438e1c377bd4ecd2c6710d54435b02164811c09ce92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://clubdoinfo.belassaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 14:08:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 17 Dec 2021 19:41:36 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2224
server-timing
cdn-cache; desc=HIT, edge; dur=1
strict-transport-security
max-age=31536000
accept-ranges
bytes
vary
Accept-Encoding
content-length
3989
x-xss-protection
1; mode=block
expires
Tue, 21 Jun 2022 14:45:11 GMT
1280.css
portal.edd.ca.gov/Resources2015/css/ 		1 KB
842 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.edd.ca.gov/Resources2015/css/1280.css
Requested by
Host: clubdoinfo.belassaude.com.br
URL: https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:400::172d:332a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
a23545e1d96a5d1ca83094e26826e2a1ade422170014bcb1ff306795f68bfff4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://clubdoinfo.belassaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 14:08:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 17 Dec 2021 19:41:36 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2226
server-timing
cdn-cache; desc=HIT, edge; dur=1
strict-transport-security
max-age=31536000
accept-ranges
bytes
vary
Accept-Encoding
content-length
538
x-xss-protection
1; mode=block
expires
Tue, 21 Jun 2022 14:45:13 GMT
jquery-ui.min.css
portal.edd.ca.gov/Resources2015/css/ 		29 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.edd.ca.gov/Resources2015/css/jquery-ui.min.css
Requested by
Host: clubdoinfo.belassaude.com.br
URL: https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:400::172d:332a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
95e5df0ff93203ce1d112dea4d63e02bdf4ebee4e28306b6f8e0c05974e23825
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://clubdoinfo.belassaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 14:08:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 17 Dec 2021 19:41:36 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2224
server-timing
cdn-cache; desc=HIT, edge; dur=1
strict-transport-security
max-age=31536000
accept-ranges
bytes
vary
Accept-Encoding
content-length
9364
x-xss-protection
1; mode=block
expires
Tue, 21 Jun 2022 14:45:11 GMT
eGov_scripts.js
portal.edd.ca.gov/Resources2015/javascript/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.edd.ca.gov/Resources2015/javascript/eGov_scripts.js
Requested by
Host: clubdoinfo.belassaude.com.br
URL: https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:400::172d:332a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
920059afc6597d221b270f0ab75e9606878f5233cfc0dc1c226167e2ac62b580
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://clubdoinfo.belassaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 14:08:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 17 Dec 2021 19:41:39 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2224
server-timing
cdn-cache; desc=HIT, edge; dur=1
strict-transport-security
max-age=31536000
accept-ranges
bytes
vary
Accept-Encoding
content-length
6713
x-xss-protection
1; mode=block
expires
Tue, 21 Jun 2022 14:45:11 GMT
jquery-ui.min.js
portal.edd.ca.gov/Resources2015/javascript/ 		234 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.edd.ca.gov/Resources2015/javascript/jquery-ui.min.js
Requested by
Host: clubdoinfo.belassaude.com.br
URL: https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:400::172d:332a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
94b20059b1569a74855fe451c0e9d8c657071c9a3178213abe1323a228cf900a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://clubdoinfo.belassaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 14:08:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 17 Dec 2021 19:41:39 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2478
server-timing
cdn-cache; desc=HIT, edge; dur=1
strict-transport-security
max-age=31536000
accept-ranges
bytes
vary
Accept-Encoding
content-length
63727
x-xss-protection
1; mode=block
expires
Tue, 21 Jun 2022 14:49:25 GMT
amp-common.js
portal.edd.ca.gov/WebApp/Scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.edd.ca.gov/WebApp/Scripts/amp-common.js
Requested by
Host: clubdoinfo.belassaude.com.br
URL: https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:400::172d:332a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
0ab1201017d028508a7875aeb35065d6c487c57fb0fffeda292eda6121fe01db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://clubdoinfo.belassaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 14:08:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 17 Dec 2021 19:41:40 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2240
server-timing
cdn-cache; desc=HIT, edge; dur=1
strict-transport-security
max-age=31536000
accept-ranges
bytes
vary
Accept-Encoding
content-length
970
x-xss-protection
1; mode=block
expires
Tue, 21 Jun 2022 14:45:27 GMT
jqueryval
portal.edd.ca.gov/WebApp/ 		28 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.edd.ca.gov/WebApp/jqueryval?v=UKspXbtZaG2yflMHWVDGgUK_cbuL9yUgDEB-og0yNu01
Requested by
Host: clubdoinfo.belassaude.com.br
URL: https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:400::172d:332a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
f8504a7d5fbd9ada9d5d402a90b6f682850fa35e37f58ae100258b3c3f7ede4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://clubdoinfo.belassaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 14:08:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 28 Feb 2022 13:48:52 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=31536001
server-timing
cdn-cache; desc=HIT, edge; dur=43
strict-transport-security
max-age=31536000
vary
Accept-Encoding
content-length
11361
x-xss-protection
1; mode=block
expires
Wed, 21 Jun 2023 14:08:08 GMT
bootstrap
portal.edd.ca.gov/WebApp/ 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.edd.ca.gov/WebApp/bootstrap?v=sYTqL02CTePfDH6DfPFYr6m2FRldScVKev789LRk33E1
Requested by
Host: clubdoinfo.belassaude.com.br
URL: https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:400::172d:332a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
864da5a32712777d5b08ed1a74b05345907c0d3febe685a47e829ea331260bbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://clubdoinfo.belassaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 14:08:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Aug 2021 03:49:58 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=49
strict-transport-security
max-age=31536000
vary
Accept-Encoding
content-length
15177
x-xss-protection
1; mode=block
expires
Wed, 21 Jun 2023 14:08:07 GMT
common
portal.edd.ca.gov/WebApp/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.edd.ca.gov/WebApp/common?v=j-3fPg7X293G2MHkCbXXhmFoaQHaWzuZpMYkVxozats1
Requested by
Host: clubdoinfo.belassaude.com.br
URL: https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:400::172d:332a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
58f9361b16f85777deafafdd3c142295972bacead6e2179fe202ce005033af1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://clubdoinfo.belassaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 14:08:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Aug 2021 03:49:58 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=53
strict-transport-security
max-age=31536000
vary
Accept-Encoding
content-length
1738
x-xss-protection
1; mode=block
expires
Wed, 21 Jun 2023 14:08:07 GMT
en
portal.edd.ca.gov/WebApp/Content/css/ 		169 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.edd.ca.gov/WebApp/Content/css/en?v=6QLGxvxWqJ7kgYH0gjgGpp3UiVCC34vImysaQOBck-s1
Requested by
Host: clubdoinfo.belassaude.com.br
URL: https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:400::172d:332a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
15818e9081cc2d153b1b36f14394573561db99a6a4d3943c36798ff7ce36a83c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://clubdoinfo.belassaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 14:08:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 28 Feb 2022 13:48:53 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=63
strict-transport-security
max-age=31536000
vary
Accept-Encoding
content-length
38126
x-xss-protection
1; mode=block
expires
Wed, 21 Jun 2023 14:08:07 GMT
GS7SH-P6789-5U7SC-YPZXM-A77ED
s.go-mpulse.net/boomerang/ 		205 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/GS7SH-P6789-5U7SC-YPZXM-A77ED
Requested by
Host: clubdoinfo.belassaude.com.br
URL: https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:140b:1:4a5::11a6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://clubdoinfo.belassaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 14:08:07 GMT
content-encoding
br
last-modified
Tue, 05 Apr 2022 12:20:44 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
7a7a584b
portal.edd.ca.gov/akam/11/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.edd.ca.gov/akam/11/7a7a584b
Requested by
Host: clubdoinfo.belassaude.com.br
URL: https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:400::172d:332a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://clubdoinfo.belassaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Jun 2022 14:08:07 GMT
strict-transport-security
max-age=31536000
content-type
text/html
cache-control
max-age=0, no-cache, no-store
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
9
expires
Tue, 21 Jun 2022 14:08:07 GMT
header_ca.gov.png
portal.edd.ca.gov/Resources2015/images/template2013/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.edd.ca.gov/Resources2015/images/template2013/header_ca.gov.png
Requested by
Host: clubdoinfo.belassaude.com.br
URL: https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:400::172d:332a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
f2af66415bb61e8f4f27140240d8f350728296bd4047b4aa712551beceb6253c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://clubdoinfo.belassaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 14:08:07 GMT
x-content-type-options
nosniff
last-modified
Fri, 17 Dec 2021 19:41:39 GMT
server
Apache
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=2226
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
9750
x-xss-protection
1; mode=block
expires
Tue, 21 Jun 2022 14:45:13 GMT
header_organization.png
portal.edd.ca.gov/Resources2015/images/template2013/ 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.edd.ca.gov/Resources2015/images/template2013/header_organization.png
Requested by
Host: clubdoinfo.belassaude.com.br
URL: https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:400::172d:332a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
ef49d3c21cb1e7763f7998d60314694cab35f0de2790445d84830dd19aaa2c54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://clubdoinfo.belassaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 14:08:07 GMT
x-content-type-options
nosniff
last-modified
Fri, 17 Dec 2021 19:41:39 GMT
server
Apache
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=2478
server-timing
cdn-cache; desc=HIT, edge; dur=14
accept-ranges
bytes
content-length
98151
x-xss-protection
1; mode=block
expires
Tue, 21 Jun 2022 14:49:25 GMT
header_organization_phone.png
portal.edd.ca.gov/Resources2015/images/template2013/ 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.edd.ca.gov/Resources2015/images/template2013/header_organization_phone.png
Requested by
Host: clubdoinfo.belassaude.com.br
URL: https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:400::172d:332a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
78119ccd5e004bd01f083b55d5a4dad007b0c05457e0a85e8c86fc806f88aaa8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://clubdoinfo.belassaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 14:08:07 GMT
x-content-type-options
nosniff
last-modified
Fri, 17 Dec 2021 19:41:39 GMT
server
Apache
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=2478
server-timing
cdn-cache; desc=HIT, edge; dur=8
accept-ranges
bytes
content-length
91788
x-xss-protection
1; mode=block
expires
Tue, 21 Jun 2022 14:49:25 GMT
h.png
clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/ 		684 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/h.png
Requested by
Host: clubdoinfo.belassaude.com.br
URL: https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.203.56 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
mail.sabbatini.com.br
Software
Apache /
Resource Hash
8dbe4974d8ff34c6dc1185382f937f2cd3b92c931520f4c90f86861d86a40888

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 14:08:07 GMT
last-modified
Thu, 16 Jun 2022 01:16:18 GMT
server
Apache
accept-ranges
bytes
content-length
684
content-type
image/png
pl.png
clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/ 		806 B
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/pl.png
Requested by
Host: clubdoinfo.belassaude.com.br
URL: https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.203.56 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
mail.sabbatini.com.br
Software
Apache /
Resource Hash
c9a6d5d8e773c8afd61901f04cce1ea21569ac89a9c3ed405eb2aa96efd1ba74

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 14:08:07 GMT
last-modified
Fri, 16 Jul 2021 07:25:10 GMT
server
Apache
accept-ranges
bytes
content-length
806
content-type
image/png
print.css
portal.edd.ca.gov/Resources2015/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.edd.ca.gov/Resources2015/css/print.css
Requested by
Host: clubdoinfo.belassaude.com.br
URL: https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:400::172d:332a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
240c7551367ed9d2fe12066b64e1b7d474b95e47a4cecee729941aac875156fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://clubdoinfo.belassaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 14:08:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 17 Dec 2021 19:41:36 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2221
server-timing
cdn-cache; desc=HIT, edge; dur=1
strict-transport-security
max-age=31536000
accept-ranges
bytes
vary
Accept-Encoding
content-length
988
x-xss-protection
1; mode=block
expires
Tue, 21 Jun 2022 14:45:08 GMT
header_background.jpg
portal.edd.ca.gov/Resources2015/images/template2013/oceanside/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.edd.ca.gov/Resources2015/images/template2013/oceanside/header_background.jpg
Requested by
Host: portal.edd.ca.gov
URL: https://portal.edd.ca.gov/Resources2015/css/colorscheme_oceanside.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:400::172d:332a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
a2a17f403c22316d5816a0c8987f0718cd69132814f9478ca91cf78b783c00eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://portal.edd.ca.gov/Resources2015/css/colorscheme_oceanside.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 14:08:08 GMT
x-content-type-options
nosniff
last-modified
Fri, 17 Dec 2021 19:41:39 GMT
server
Apache
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-type
image/jpeg
cache-control
max-age=3541
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=99, origin; dur=471
accept-ranges
bytes
content-length
32947
x-xss-protection
1; mode=block
expires
Tue, 21 Jun 2022 15:07:09 GMT
nav_shadow.png
portal.edd.ca.gov/Resources2015/images/template2013/ 		175 B
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.edd.ca.gov/Resources2015/images/template2013/nav_shadow.png
Requested by
Host: portal.edd.ca.gov
URL: https://portal.edd.ca.gov/Resources2015/css/eGov_style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:400::172d:332a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
a92184baa395e33c593a16331c988f622695fe2c39a9c0baeea9ae25e1ac115d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://portal.edd.ca.gov/Resources2015/css/eGov_style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 14:08:07 GMT
x-content-type-options
nosniff
last-modified
Fri, 17 Dec 2021 19:41:39 GMT
server
Apache
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=2226
server-timing
cdn-cache; desc=HIT, edge; dur=2
accept-ranges
bytes
content-length
175
x-xss-protection
1; mode=block
expires
Tue, 21 Jun 2022 14:45:13 GMT
bframe
www.google.com/recaptcha/enterprise/ Frame 118C 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=vzAt61JclNZYHl6fEWIBqLbe&k=6LfBF4UbAAAAANPQcwAxUN_ssLyq8XgcFfs8GXEe&cb=djm12x4pu2g
Requested by
Host: clubdoinfo.belassaude.com.br
URL: https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
101f938c9596e6f5d56d682175a3a29c55aeaa5b97ea3ffcc960da198725d4b1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-b77onYDtUYRjfa_Rru7VkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://clubdoinfo.belassaude.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1119
content-security-policy
script-src 'report-sample' 'nonce-b77onYDtUYRjfa_Rru7VkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 21 Jun 2022 14:08:07 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
config.json
c.go-mpulse.net/api/ 		51 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=GS7SH-P6789-5U7SC-YPZXM-A77ED&d=clubdoinfo.belassaude.com.br&t=5519402&v=1.720.0&sl=0&si=8e3ea5e5-8b1d-4c9c-ad74-754a603d2a8e-rdtz9i&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=706278
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/GS7SH-P6789-5U7SC-YPZXM-A77ED
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:140b:1:48c::11a6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ba531802349d847f29e65e1ad2c726b6670b4c3977cf68ef1d4faf03f8ab905d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://clubdoinfo.belassaude.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 21 Jun 2022 14:08:08 GMT
Cache-Control
private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
51
Content-Type
application/json
collect
www.google-analytics.com/j/ 		1 B
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=59661240&t=pageview&_s=1&dl=https%3A%2F%2Fclubdoinfo.belassaude.com.br%2Fwp-admin%2FUnclaimedEDD%2Fedd%2Flogon.php%3F%26tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6&dr=https%3A%2F%2Fstorage.googleapis.com%2F&ul=en-us&de=UTF-8&dt=Employment%20Development%20Department&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAUABEAAAAC~&jid=1939541651&gjid=465494999&cid=1654284945.1655820488&tid=UA-3419582-31&_gid=1024028817.1655820488&_r=1&gtm=2ou6f0&z=1761366120
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://clubdoinfo.belassaude.com.br/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 21 Jun 2022 14:08:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://clubdoinfo.belassaude.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/vzAt61JclNZYHl6fEWIBqLbe/ Frame 118C 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vzAt61JclNZYHl6fEWIBqLbe/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=vzAt61JclNZYHl6fEWIBqLbe&k=6LfBF4UbAAAAANPQcwAxUN_ssLyq8XgcFfs8GXEe&cb=djm12x4pu2g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80a::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers
recaptcha__en.js
www.gstatic.com/recaptcha/releases/vzAt61JclNZYHl6fEWIBqLbe/ Frame 118C 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vzAt61JclNZYHl6fEWIBqLbe/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=vzAt61JclNZYHl6fEWIBqLbe&k=6LfBF4UbAAAAANPQcwAxUN_ssLyq8XgcFfs8GXEe&cb=djm12x4pu2g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80a::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: US Government (Government)

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| gtag object| dataLayer function| setUpClientDetails object| google_tag_data function| ga object| gaplugins function| $ function| jQuery object| html5 object| Modernizr string| serpLocation function| addLoadEvent function| getElementsByClass number| counterC object| navRoot function| closeAllPanels function| removeDisplay function| toggle_menu function| toggle_search object| prepareSearchForm function| addGAToDownloadLinks function| startListening function| trackMailto function| trackTelto function| trackExternalLinks function| initPage object| CAGOVTabpanel function| initNavigation function| fluidDialog function| simulateClick object| jQuery1111047336168901811293 function| doAjaxJson function| doAjaxTwo function| getUrlVars function| doAjax function| doAjaxWait function| getAjax function| getVerificationToken function| showSystemError function| hasInStorage function| validate function| checkStorage function| showBrowserSettingsView function| showSearchView function| enableControl number| waitingWaitTime object| Const object| GlobalVals string| ROOT function| setGlobalValues string| BOOMR_API_key object| BOOMR string| bazadebezolkohpepadr function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression object| BOOMR_mq object| google_tag_manager string| GoogleAnalyticsObject object| gaGlobal object| gaData number| BOOMR_configt number| BOOMR_onload

5 Cookies

Domain/Path Name / Value
clubdoinfo.belassaude.com.br/ Name: PHPSESSID
Value: 37e9cc61d689d9dbff74ac9a072659e9
.belassaude.com.br/ Name: _ga
Value: GA1.3.1654284945.1655820488
.belassaude.com.br/ Name: _gid
Value: GA1.3.1024028817.1655820488
.belassaude.com.br/ Name: _gat_gtag_UA_3419582_31
Value: 1
.clubdoinfo.belassaude.com.br/ Name: RT
Value: "z=1&dm=clubdoinfo.belassaude.com.br&si=8e3ea5e5-8b1d-4c9c-ad74-754a603d2a8e&ss=l4o8rjt2&sl=1&tt=2l0&rl=1&ld=2l2"

9 Console Messages

Source Level URL
Text
rendering warning URL: https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6(Line 47)
Message:
The value "160dpi" for key "target-densitydpi" was truncated to its numeric prefix.
rendering warning URL: https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6(Line 47)
Message:
The key "target-densitydpi" is not supported.
network error URL: https://www.gstatic.com/recaptcha/releases/vzAt61JclNZYHl6fEWIBqLbe/recaptcha__en.js
Message:
Failed to load resource: the server responded with a status of 404 ()
rendering warning URL: https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6(Line 68)
Message:
The value "160dpi" for key "target-densitydpi" was truncated to its numeric prefix.
rendering warning URL: https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6(Line 68)
Message:
The key "target-densitydpi" is not supported.
network error URL: https://portal.edd.ca.gov/akam/11/7a7a584b
Message:
Failed to load resource: the server responded with a status of 404 ()
other error URL: https://clubdoinfo.belassaude.com.br/wp-admin/UnclaimedEDD/edd/logon.php?&tz8i0OncAgCHxy5DWvJJYOIHHuulxIGSnqFm8DNfpwrecvUcs9l1AMgzqg7IPPWDegHvgL9mCituqrLROu8DOKpc2j2LQF0mi0znNcf9Hy709f9zPi339BJQP6XEBpvJ7E1VDSJyyj9UlcejkZuxkG865wplMV2a7U8WR48aqly9XltUwPIb5Fl13JA3pSMiRNfBKlS6(Line 324)
Message:
Error while parsing the 'sandbox' attribute: 'allow-storage-access-by-user-activation' is an invalid sandbox flag.
network error URL: https://www.gstatic.com/recaptcha/releases/vzAt61JclNZYHl6fEWIBqLbe/styles__ltr.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.gstatic.com/recaptcha/releases/vzAt61JclNZYHl6fEWIBqLbe/recaptcha__en.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.go-mpulse.net
clubdoinfo.belassaude.com.br
portal.edd.ca.gov
s.go-mpulse.net
storage.googleapis.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
162.241.203.56
2404:6800:4004:80a::2003
2404:6800:4004:820::2004
2404:6800:4004:820::2010
2404:6800:4004:821::2008
2404:6800:4004:823::200e
2600:140b:1:48c::11a6
2600:140b:1:4a5::11a6
2600:140b:400::172d:332a
02180ad6d7511879b968b438e1c377bd4ecd2c6710d54435b02164811c09ce92
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0ab1201017d028508a7875aeb35065d6c487c57fb0fffeda292eda6121fe01db
0ec4e0295f86b2142b8996e03d4195888843b50d1954d7e248341da032b7ebba
101f938c9596e6f5d56d682175a3a29c55aeaa5b97ea3ffcc960da198725d4b1
15818e9081cc2d153b1b36f14394573561db99a6a4d3943c36798ff7ce36a83c
240c7551367ed9d2fe12066b64e1b7d474b95e47a4cecee729941aac875156fb
4e0c81225857ded4e88d9745e3e46d719bd74f6809393e0cbf882e5625f17bf2
58f9361b16f85777deafafdd3c142295972bacead6e2179fe202ce005033af1b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
78119ccd5e004bd01f083b55d5a4dad007b0c05457e0a85e8c86fc806f88aaa8
864da5a32712777d5b08ed1a74b05345907c0d3febe685a47e829ea331260bbc
8dbe4974d8ff34c6dc1185382f937f2cd3b92c931520f4c90f86861d86a40888
8df2022041809c1948f5b0b82b6637df8fdb9e29b9245dd2ac561de0c0414228
920059afc6597d221b270f0ab75e9606878f5233cfc0dc1c226167e2ac62b580
94b20059b1569a74855fe451c0e9d8c657071c9a3178213abe1323a228cf900a
95e5df0ff93203ce1d112dea4d63e02bdf4ebee4e28306b6f8e0c05974e23825
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23545e1d96a5d1ca83094e26826e2a1ade422170014bcb1ff306795f68bfff4
a2a17f403c22316d5816a0c8987f0718cd69132814f9478ca91cf78b783c00eb
a32d93c3f23567760cc4a0f9f8e156b687769ede3e47a928fac1c2f2c386c96f
a92184baa395e33c593a16331c988f622695fe2c39a9c0baeea9ae25e1ac115d
ba531802349d847f29e65e1ad2c726b6670b4c3977cf68ef1d4faf03f8ab905d
bba60cc6402a9bef7a2d9ee025b081aee03da3438ab3709d7f6ecd59434da228
bd0e935bdb4b4a82cae92697683b158dd571672549fe1c182d84758789392c94
c9a6d5d8e773c8afd61901f04cce1ea21569ac89a9c3ed405eb2aa96efd1ba74
d07ee203eb35125b3d11eb0c8dcbc93b649b0b7fd43ccdee91ad2e2037892283
e3561962d2128a43856ea17705c7b6299441760ecb6b4c17bfe4444c56ac5fa3
ef49d3c21cb1e7763f7998d60314694cab35f0de2790445d84830dd19aaa2c54
f2af66415bb61e8f4f27140240d8f350728296bd4047b4aa712551beceb6253c
f5af418c3c6e41b2d56038f6ce270e36959fd2454a10da28fca4e7b2bf5c3332
f8504a7d5fbd9ada9d5d402a90b6f682850fa35e37f58ae100258b3c3f7ede4e