urlscan.io logo urlscan.io
SecurityTrails logo

emprestimo.crefisa.com.br Open in urlscan Pro
179.191.182.65  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://emprestimo.crefisa.com.br/
Effective URL: https://emprestimo.crefisa.com.br/
Submission: On December 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 19 HTTP transactions. The main IP is 179.191.182.65, located in Offenbach, Germany and belongs to Azion Technologies Ltda., BR. The main domain is emprestimo.crefisa.com.br.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on April 14th 2023. Valid for: a year.
This is the only time emprestimo.crefisa.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 179.191.182.65 52580 (Azion Tec...)
3 13.227.219.2 16509 (AMAZON-02)
1 130.211.29.114 396982 (GOOGLE-CL...)
2 35.241.15.240 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
19 6
11    179.191.182.65 (Offenbach, Germany)

ASN52580 (Azion Technologies Ltda., BR)
emprestimo.crefisa.com.br
emprestimo-api.crefisa.com.br
3    13.227.219.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-2.ams54.r.cloudfront.net
cdn.appdynamics.com
1    130.211.29.114 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 114.29.211.130.bc.googleusercontent.com
cdn.perfdrive.com
2    35.241.15.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.15.241.35.bc.googleusercontent.com
cas.avalon.perfdrive.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
Apex Domain
Subdomains		 Transfer
11 crefisa.com.br
emprestimo.crefisa.com.br
emprestimo-api.crefisa.com.br
apd-eum.crefisa.com.br Failed
2 MB
3 perfdrive.com
cdn.perfdrive.com — Cisco Umbrella Rank: 19120
cas.avalon.perfdrive.com — Cisco Umbrella Rank: 8629
9 KB
3 appdynamics.com
cdn.appdynamics.com — Cisco Umbrella Rank: 4227
54 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
44 KB
19 4
Domain Requested by
10 emprestimo.crefisa.com.br 1 redirects emprestimo.crefisa.com.br
3 cdn.appdynamics.com emprestimo.crefisa.com.br
cdn.appdynamics.com
2 cas.avalon.perfdrive.com cdn.appdynamics.com
1 www.googletagmanager.com emprestimo.crefisa.com.br
1 emprestimo-api.crefisa.com.br cdn.appdynamics.com
1 cdn.perfdrive.com emprestimo.crefisa.com.br
0 apd-eum.crefisa.com.br Failed cdn.appdynamics.com
19 7

This site contains no links.

Subject Issuer Validity Valid
*.crefisa.com.br
GlobalSign RSA OV SSL CA 2018		 2023-04-14 -
2024-05-15		 a year crt.sh
*.appdynamics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-21 -
2024-07-21		 a year crt.sh
*.perfdrive.com
Go Daddy Secure Certificate Authority - G2		 2023-09-21 -
2024-09-26		 a year crt.sh
cas.avalon.perfdrive.com
Go Daddy Secure Certificate Authority - G2		 2023-07-24 -
2024-08-05		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://emprestimo.crefisa.com.br/
Frame ID: 0E8BE500CF6371E279351F0169B8AC5F
Requests: 17 HTTP requests in this frame

Frame: https://cdn.appdynamics.com/adrum-xd.f32b12c185c1346642bece6f64473435.html
Frame ID: C25D26770098A72E8FB11302A5B4AB6E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Crefisa

Page URL History Show full URLs

  1. http://emprestimo.crefisa.com.br/ HTTP 301
    https://emprestimo.crefisa.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adrum
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js

Page Statistics

19
Requests

89 %
HTTPS

20 %
IPv6

4
Domains

7
Subdomains

6
IPs

2
Countries

2066 kB
Transfer

6407 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://emprestimo.crefisa.com.br/ HTTP 301
    https://emprestimo.crefisa.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
emprestimo.crefisa.com.br/
Redirect Chain
  • http://emprestimo.crefisa.com.br/
  • https://emprestimo.crefisa.com.br/
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://emprestimo.crefisa.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
e90adb75cb65a212183bb8fc052746bf2762d31026f3b5addd7e68abd90f68f1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none';
Strict-Transport-Security max-age=31536000 ; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
private
content-encoding
gzip
content-length
920
content-security-policy
upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none';
content-type
text/html
cteonnt-length
2074
date
Thu, 21 Dec 2023 20:20:38 GMT
etag
"65835b63-81a"
last-modified
Wed, 20 Dec 2023 21:23:47 GMT
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self), clipboard-read=(self), clipboard-write=(self), gamepad=(self), speaker-selection=(self)
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000 ; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Thu, 21 Dec 2023 20:20:37 GMT
Location
https://emprestimo.crefisa.com.br/
Server
azion webserver
adrum-4.5.11.2466.js
cdn.appdynamics.com/adrum/ 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum/adrum-4.5.11.2466.js
Requested by
Host: emprestimo.crefisa.com.br
URL: https://emprestimo.crefisa.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-2.ams54.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash
244a843dd1389b89da3c4e4d2c79f9a0dc1b8713950b91dbb540174c230a6908

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://emprestimo.crefisa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 22:45:06 GMT
content-encoding
gzip
via
1.1 4445c4223f8c2460ef5d29a08d1cc6ac.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
age
1719332
x-cache
Hit from cloudfront
last-modified
Tue, 25 Jun 2019 23:56:53 GMT
server
nginx/1.16.1
etag
W/"5d12b4c5-168c9"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2678400, s-max-age=14400
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
ld02z0T3zEeVxbBk6R4nAJ5UpEm5ngYAOAVMkMMXBJWup_GRzSH_dA==
runtime.6543d17236e21e5cf79c.js
emprestimo.crefisa.com.br/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://emprestimo.crefisa.com.br/runtime.6543d17236e21e5cf79c.js?ca5b75029b4819e596ca
Requested by
Host: emprestimo.crefisa.com.br
URL: https://emprestimo.crefisa.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
0938d5503cf14d3f9a5e612a52ebcda33e889f4e166a58eb2e59a445b8189bfc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none';
Strict-Transport-Security max-age=31536000 ; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://emprestimo.crefisa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 20:20:38 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 20 Dec 2023 21:24:18 GMT
content-security-policy
upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none';
content-encoding
gzip
etag
W/"65835b82-5d5"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self), clipboard-read=(self), clipboard-write=(self), gamepad=(self), speaker-selection=(self)
x-xss-protection
1; mode=block
vendors.ca7e6d17c28743ed195c.js
emprestimo.crefisa.com.br/ 		4 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://emprestimo.crefisa.com.br/vendors.ca7e6d17c28743ed195c.js?ca5b75029b4819e596ca
Requested by
Host: emprestimo.crefisa.com.br
URL: https://emprestimo.crefisa.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
3f70620770def87b395d81d4960018d8865f15b4310c523f4ac39fc7346e5335
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none';
Strict-Transport-Security max-age=31536000 ; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://emprestimo.crefisa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 20:20:38 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 20 Dec 2023 21:24:18 GMT
content-security-policy
upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none';
content-encoding
gzip
etag
W/"65835b82-3c24d4"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self), clipboard-read=(self), clipboard-write=(self), gamepad=(self), speaker-selection=(self)
x-xss-protection
1; mode=block
main.e7b32503b9f2df607322.js
emprestimo.crefisa.com.br/ 		2 MB
536 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://emprestimo.crefisa.com.br/main.e7b32503b9f2df607322.js?ca5b75029b4819e596ca
Requested by
Host: emprestimo.crefisa.com.br
URL: https://emprestimo.crefisa.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
122305e158569fe3baebb1fc3c2189468b791158da686d658b8c43c6cd0ff010
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none';
Strict-Transport-Security max-age=31536000 ; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://emprestimo.crefisa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 20:20:38 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 20 Dec 2023 21:24:18 GMT
content-security-policy
upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none';
content-encoding
gzip
etag
W/"65835b82-207264"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self), clipboard-read=(self), clipboard-write=(self), gamepad=(self), speaker-selection=(self)
x-xss-protection
1; mode=block
aperture.js
cdn.perfdrive.com/aperture/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.perfdrive.com/aperture/aperture.js
Requested by
Host: emprestimo.crefisa.com.br
URL: https://emprestimo.crefisa.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.29.114 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
114.29.211.130.bc.googleusercontent.com
Software
nginx/1.24.0 /
Resource Hash
9fb91ff0e8c179aea40dbe6842b36fd201654f5647c21dcec41fd18be535d506

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://emprestimo.crefisa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 20:02:53 GMT
content-encoding
gzip
via
1.1 google
last-modified
Wed, 25 Oct 2023 04:29:09 GMT
server
nginx/1.24.0
age
1065
etag
W/"65389995-6844"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7938
jsdata
cas.avalon.perfdrive.com/ 		316 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.11.2466.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash
f332fb7ab2ba5278ad90decf473d32baefe48d8d9625f3f09e9f2d20a3eb122b

Request headers

Referer
https://emprestimo.crefisa.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
x-response-time
1ms
date
Thu, 21 Dec 2023 20:20:38 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
316
content-type
text/plain; charset=UTF-8
jsdata
cas.avalon.perfdrive.com/ 		211 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.11.2466.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash
428cbac293259fc1ff96da289e70d6c9d6882971d2a6c8c29d0e05e59e986ac5

Request headers

Referer
https://emprestimo.crefisa.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
x-response-time
1ms
date
Thu, 21 Dec 2023 20:20:38 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
211
content-type
text/plain; charset=UTF-8
cache
emprestimo-api.crefisa.com.br/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://emprestimo-api.crefisa.com.br:9442/cache
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
apiversion,appversion,authorization,cache-control,front,platform,pragma
Access-Control-Request-Method
GET
Origin
https://emprestimo.crefisa.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
text/html
date
Thu, 21 Dec 2023 20:20:40 GMT
server
nginx
gtm.js
www.googletagmanager.com/ 		113 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5GH7CWH&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: emprestimo.crefisa.com.br
URL: https://emprestimo.crefisa.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ccf9478e0d119a556ffa1205642adbd2107910120081165cc30b2a73a4c06cf2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://emprestimo.crefisa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 20:20:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44453
x-xss-protection
0
last-modified
Thu, 21 Dec 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 21 Dec 2023 20:20:39 GMT
3e86daab68464f10caeecf57cb8f733a.png
emprestimo.crefisa.com.br/assets/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://emprestimo.crefisa.com.br/assets/3e86daab68464f10caeecf57cb8f733a.png
Requested by
Host: emprestimo.crefisa.com.br
URL: https://emprestimo.crefisa.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
6ab2fa1b9301f8960775be9f6ecd080f253a39aeb9da4ed396653fc622122da7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none';
Strict-Transport-Security max-age=31536000 ; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://emprestimo.crefisa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 20:20:39 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains; preload
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none';
x-ims
Enabled
x-original-image-size
38025
etag
"84913f879ac22108ad529b88cc522a68610fc6fb"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self), clipboard-read=(self), clipboard-write=(self), gamepad=(self), speaker-selection=(self)
content-length
32512
x-xss-protection
1; mode=block
expires
Tue, 19 Dec 2023 19:17:00 GMT
cache
emprestimo-api.crefisa.com.br/ 		0
0
e77bcf0639acc0567739bdf766a14eeb.jpg
emprestimo.crefisa.com.br/assets/ 		97 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://emprestimo.crefisa.com.br/assets/e77bcf0639acc0567739bdf766a14eeb.jpg
Requested by
Host: emprestimo.crefisa.com.br
URL: https://emprestimo.crefisa.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
43c2c3efec7893b7b42b1ad2875abe182f726182d18da9cca9583c75c4ce8ba3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none';
Strict-Transport-Security max-age=31536000 ; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://emprestimo.crefisa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 20:20:39 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains; preload
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none';
x-ims
Enabled
x-original-image-size
123668
etag
"5be09ae92928c5caf7cb2615e577464458c1701f"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self), clipboard-read=(self), clipboard-write=(self), gamepad=(self), speaker-selection=(self)
content-length
99694
x-xss-protection
1; mode=block
expires
Tue, 19 Dec 2023 19:17:00 GMT
947e87c53b5765bfc8982613ccd789e9.woff2
emprestimo.crefisa.com.br/assets/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://emprestimo.crefisa.com.br/assets/947e87c53b5765bfc8982613ccd789e9.woff2
Requested by
Host: emprestimo.crefisa.com.br
URL: https://emprestimo.crefisa.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none';
Strict-Transport-Security max-age=31536000 ; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://emprestimo.crefisa.com.br/
Origin
https://emprestimo.crefisa.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 20:20:39 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 Oct 2023 22:03:37 GMT
content-security-policy
upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none';
etag
"651f32b9-582c"
x-frame-options
SAMEORIGIN
content-type
font/woff2
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self), clipboard-read=(self), clipboard-write=(self), gamepad=(self), speaker-selection=(self)
accept-ranges
bytes
content-length
22572
x-xss-protection
1; mode=block
b4d2c4c39853ee244272c04999b230ba.woff2
emprestimo.crefisa.com.br/assets/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://emprestimo.crefisa.com.br/assets/b4d2c4c39853ee244272c04999b230ba.woff2
Requested by
Host: emprestimo.crefisa.com.br
URL: https://emprestimo.crefisa.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none';
Strict-Transport-Security max-age=31536000 ; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://emprestimo.crefisa.com.br/
Origin
https://emprestimo.crefisa.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 20:20:39 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 Oct 2023 22:04:03 GMT
content-security-policy
upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none';
etag
"651f32d3-5bbc"
x-frame-options
SAMEORIGIN
content-type
font/woff2
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self), clipboard-read=(self), clipboard-write=(self), gamepad=(self), speaker-selection=(self)
accept-ranges
bytes
content-length
23484
x-xss-protection
1; mode=block
1efbd38aa76ddae2580fedf378276333.woff2
emprestimo.crefisa.com.br/assets/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://emprestimo.crefisa.com.br/assets/1efbd38aa76ddae2580fedf378276333.woff2
Requested by
Host: emprestimo.crefisa.com.br
URL: https://emprestimo.crefisa.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none';
Strict-Transport-Security max-age=31536000 ; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://emprestimo.crefisa.com.br/
Origin
https://emprestimo.crefisa.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 20:20:39 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 Oct 2023 22:03:36 GMT
content-security-policy
upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none';
etag
"651f32b8-59d0"
x-frame-options
SAMEORIGIN
content-type
font/woff2
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self), clipboard-read=(self), clipboard-write=(self), gamepad=(self), speaker-selection=(self)
accept-ranges
bytes
content-length
22992
x-xss-protection
1; mode=block
adrum-ext.f32b12c185c1346642bece6f64473435.js
cdn.appdynamics.com/ 		50 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum-ext.f32b12c185c1346642bece6f64473435.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.11.2466.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-2.ams54.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash
b5a2fbcbc334e5bf7791dfc16abef0a9cbbd18131069cbc30cdfcc63054d4b1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://emprestimo.crefisa.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:42:47 GMT
content-encoding
gzip
via
1.1 4445c4223f8c2460ef5d29a08d1cc6ac.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
age
2504272
x-cache
Hit from cloudfront
last-modified
Tue, 25 Jun 2019 23:57:12 GMT
server
nginx/1.16.1
etag
W/"5d12b4d8-c7d7"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2678400, s-max-age=14400
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
oM7QNEllVdhDicUOhYUXTsbYuGe4y_l6oUwngwVj00XdyaJRImUaTA==
adrum-xd.f32b12c185c1346642bece6f64473435.html
cdn.appdynamics.com/ Frame C25D 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum-xd.f32b12c185c1346642bece6f64473435.html
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum-ext.f32b12c185c1346642bece6f64473435.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-2.ams54.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash
11870bd4a2165b5e88527700e65b1881332bea863cfdaeb866d412205f3668be

Request headers

Referer
https://emprestimo.crefisa.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
age
1685923
cache-control
public, max-age=2678400, s-max-age=14400
content-encoding
gzip
content-type
text/html
date
Sat, 02 Dec 2023 08:01:56 GMT
etag
W/"649ef3f9-77c"
last-modified
Fri, 30 Jun 2023 15:25:45 GMT
server
nginx/1.16.1
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 4445c4223f8c2460ef5d29a08d1cc6ac.cloudfront.net (CloudFront)
x-amz-cf-id
fgJSdDHnglQdLv4Hi3IU9wenS6K_te_2yosWubGFdmQ07ITIFdrCZg==
x-amz-cf-pop
AMS54-C1
x-cache
Hit from cloudfront
adrum
apd-eum.crefisa.com.br/eumcollector/beacons/browser/v1/EUM-AAB-AUM/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
emprestimo-api.crefisa.com.br
URL
https://emprestimo-api.crefisa.com.br:9442/cache
Domain
apd-eum.crefisa.com.br
URL
https://apd-eum.crefisa.com.br/eumcollector/beacons/browser/v1/EUM-AAB-AUM/adrum

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture number| adrum-start-time object| adrum-config object| ADRUM object| SSJSConnectorObj function| ssConf object| webpackJsonp object| ssTimeLogs object| BrowserStyle string| j function| ssJSActionTaker function| ssJSConnWriteCookies object| scCGSHMRCache object| regeneratorRuntime function| _ object| _scriptMap object| __core-js_shared__ function| setImmediate function| clearImmediate function| R6dd object| _tfengine object| platform object| dataLayer object| google_tag_manager object| google_tag_data

11 Cookies

Domain/Path Name / Value
emprestimo.crefisa.com.br/ Name: __uzma
Value: 5fa5f97f-1908-48e1-8595-81a66e09dde2
emprestimo.crefisa.com.br/ Name: __uzmb
Value: 1703190037
emprestimo.crefisa.com.br/ Name: __uzme
Value: 3983
emprestimo.crefisa.com.br/ Name: __uzmd
Value: 1703190037
emprestimo.crefisa.com.br/ Name: __uzmc
Value: 804871319883
.crefisa.com.br/ Name: __ssds
Value: 3
.crefisa.com.br/ Name: __ssuzjsr3
Value: a9be0cd8e
.crefisa.com.br/ Name: __uzmaj3
Value: 695c1bc6-f281-4a10-b670-9d1c1f2fef56
.crefisa.com.br/ Name: __uzmbj3
Value: 1703190038
.crefisa.com.br/ Name: __uzmcj3
Value: 573171087714
.crefisa.com.br/ Name: __uzmdj3
Value: 1703190038

12 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'execution-while-not-rendered'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'execution-while-out-of-viewport'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'navigation-override'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'speaker-selection'.
javascript error URL: https://emprestimo.crefisa.com.br/
Message:
Access to XMLHttpRequest at 'https://emprestimo-api.crefisa.com.br:9442/cache' from origin 'https://emprestimo.crefisa.com.br' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://emprestimo-api.crefisa.com.br:9442/cache
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://emprestimo.crefisa.com.br/
Message:
Access to XMLHttpRequest at 'https://apd-eum.crefisa.com.br/eumcollector/beacons/browser/v1/EUM-AAB-AUM/adrum' from origin 'https://emprestimo.crefisa.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://apd-eum.crefisa.com.br/eumcollector/beacons/browser/v1/EUM-AAB-AUM/adrum
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none';
Strict-Transport-Security max-age=31536000 ; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apd-eum.crefisa.com.br
cas.avalon.perfdrive.com
cdn.appdynamics.com
cdn.perfdrive.com
emprestimo-api.crefisa.com.br
emprestimo.crefisa.com.br
www.googletagmanager.com
apd-eum.crefisa.com.br
emprestimo-api.crefisa.com.br
13.227.219.2
130.211.29.114
179.191.182.65
2a00:1450:4001:80f::2008
35.241.15.240
0938d5503cf14d3f9a5e612a52ebcda33e889f4e166a58eb2e59a445b8189bfc
11870bd4a2165b5e88527700e65b1881332bea863cfdaeb866d412205f3668be
122305e158569fe3baebb1fc3c2189468b791158da686d658b8c43c6cd0ff010
244a843dd1389b89da3c4e4d2c79f9a0dc1b8713950b91dbb540174c230a6908
3f70620770def87b395d81d4960018d8865f15b4310c523f4ac39fc7346e5335
428cbac293259fc1ff96da289e70d6c9d6882971d2a6c8c29d0e05e59e986ac5
43c2c3efec7893b7b42b1ad2875abe182f726182d18da9cca9583c75c4ce8ba3
6ab2fa1b9301f8960775be9f6ecd080f253a39aeb9da4ed396653fc622122da7
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
9fb91ff0e8c179aea40dbe6842b36fd201654f5647c21dcec41fd18be535d506
b5a2fbcbc334e5bf7791dfc16abef0a9cbbd18131069cbc30cdfcc63054d4b1b
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
ccf9478e0d119a556ffa1205642adbd2107910120081165cc30b2a73a4c06cf2
e90adb75cb65a212183bb8fc052746bf2762d31026f3b5addd7e68abd90f68f1
f332fb7ab2ba5278ad90decf473d32baefe48d8d9625f3f09e9f2d20a3eb122b