timpospromo.com.br Open in urlscan Pro
54.230.228.48  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response timpospromo.com.br/	2 KB 1 KB	1044ms 98ms	Document text/html	54.230.228.48 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://timpospromo.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.228.48 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-228-48.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash de2d39a646acb36ae8e5b5f570e0d5a440c416733a615ae6b10fe5609db0ac22 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers age 1003102 cache-control max-age=31536000 content-encoding gzip content-type text/html date Sun, 06 Oct 2024 05:59:38 GMT etag W/"bc4a5a03f6b121d74588399dab61f279" last-modified Thu, 31 Mar 2022 17:51:16 GMT server AmazonS3 vary Accept-Encoding via 1.1 cd703a45a77324fb8797a25a15ba227e.cloudfront.net (CloudFront) x-amz-cf-id 6W-V-fN2rFESDjBCf7Jsd2UrG4u_WeD7ltXd0h0NPR1CNrSKjNcAZA== x-amz-cf-pop MUC50-P5 x-cache Hit from cloudfront
GET H2	200	eum.min.js Show response eum.instana.io/	35 KB 13 KB	532ms 45ms	Script application/javascript	2.20.142.91 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://eum.instana.io/eum.min.js Requested by Host: timpospromo.com.br URL: https://timpospromo.com.br/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.20.142.91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-20-142-91.deploy.static.akamaitechnologies.com Software / Resource Hash 0d337a4ff0c4d3b7492cb566976ca20f6a8a47bc4a145772584e838b8ae5d275 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://timpospromo.com.br Referer https://timpospromo.com.br/ Response headers cache-control public, max-age=457577 timing-allow-origin * content-encoding gzip etag -1384107364--gzip cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 13284 date Thu, 17 Oct 2024 20:38:00 GMT content-type application/javascript;charset=UTF-8 last-modified Thu, 1 Jan 1970 00:00:01 GMT vary Accept-Encoding
GET H2	200	styles.91bd327310f1052430f5.css timpospromo.com.br/	5 KB 2 KB	109ms 108ms	Stylesheet text/css	54.230.228.48 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://timpospromo.com.br/styles.91bd327310f1052430f5.css Requested by Host: timpospromo.com.br URL: https://timpospromo.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.228.48 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-228-48.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash c315e1f697235b9314707f0179128f50559a9a296f3d2bee9d9a2bc70dd07a78 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://timpospromo.com.br/ Response headers cache-control max-age=31536000 content-encoding br etag W/"9b70bd67c3989d54488faff23b646afc" age 465904 via 1.1 cd703a45a77324fb8797a25a15ba227e.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id tpn5RdBb0AMZGQihY2pBlTQ2SMiuFWer1CqFSMrPJunu9x6UOYkt4g== date Sat, 12 Oct 2024 11:12:56 GMT content-type text/css last-modified Thu, 31 Mar 2022 17:51:16 GMT server AmazonS3 x-amz-cf-pop MUC50-P5 vary Accept-Encoding
GET H2	200	runtime.c51bd5b1c616d9ffddc1.js Show response timpospromo.com.br/	1 KB 1 KB	107ms 105ms	Script text/plain	54.230.228.48 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://timpospromo.com.br/runtime.c51bd5b1c616d9ffddc1.js Requested by Host: timpospromo.com.br URL: https://timpospromo.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.228.48 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-228-48.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 6c5acbb82a46a4971660f65131241dffcc28828f4dbd76b8ec7bab0b468250f8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://timpospromo.com.br/ Response headers cache-control max-age=31536000 content-encoding br etag W/"1244d3f2f28ecc6619157927aca95200" age 465904 via 1.1 cd703a45a77324fb8797a25a15ba227e.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id mHZWWjcu_XN7VftDYaQE7evk2I93rnQ6h2riGNDhQHRlGSkGGlYBDA== date Sat, 12 Oct 2024 11:12:56 GMT content-type text/plain last-modified Thu, 31 Mar 2022 17:51:16 GMT server AmazonS3 x-amz-cf-pop MUC50-P5 vary Accept-Encoding
GET H2	200	polyfills.f16c55bbc1dc1a8055e0.js Show response timpospromo.com.br/	67 KB 22 KB	244ms 243ms	Script text/plain	54.230.228.48 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://timpospromo.com.br/polyfills.f16c55bbc1dc1a8055e0.js Requested by Host: timpospromo.com.br URL: https://timpospromo.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.228.48 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-228-48.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 20e91bf78e60c0810a11eee10f803c6c4664103eceb65cf788bac20d012d2ff8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://timpospromo.com.br/ Response headers cache-control max-age=31536000 content-encoding br etag W/"d235358fbab32c96266f9949e9cbd1e6" age 202019 via 1.1 cd703a45a77324fb8797a25a15ba227e.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id 9oLXXUtdtbLZlLNWcvl6NBJlQ_FiSCIDG2PX1AjYcLl3Tp7QINQ3Zw== date Tue, 15 Oct 2024 12:31:01 GMT content-type text/plain last-modified Thu, 31 Mar 2022 17:51:16 GMT server AmazonS3 x-amz-cf-pop MUC50-P5 vary Accept-Encoding
GET H2	200	main.aab150a000b9b4bba21f.js Show response timpospromo.com.br/	745 KB 153 KB	350ms 349ms	Script text/plain	54.230.228.48 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://timpospromo.com.br/main.aab150a000b9b4bba21f.js Requested by Host: timpospromo.com.br URL: https://timpospromo.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.228.48 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-228-48.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 93042d62e20ba2390af595fed7a14062aa24dfef9f0e1a2e7a02ffa1c5462f78 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://timpospromo.com.br/ Response headers cache-control max-age=31536000 content-encoding br etag W/"6c080073b2cc41ccd4e450ebcac9ee26" age 202019 via 1.1 cd703a45a77324fb8797a25a15ba227e.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id YVpz7Xe4GGk11rx6HutIk0M-UxVzZ6oPrmuHK8i0MS_jqnXentZIiw== date Tue, 15 Oct 2024 12:31:01 GMT content-type text/plain last-modified Thu, 31 Mar 2022 17:51:16 GMT server AmazonS3 x-amz-cf-pop MUC50-P5 vary Accept-Encoding
GET H2	200	gtm.js Show response www.googletagmanager.com/	240 KB 83 KB	1004ms 462ms	Script application/javascript	216.58.206.72 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WJG5FP2 Requested by Host: timpospromo.com.br URL: https://timpospromo.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.72 , United States, ASN15169 (GOOGLE, US), Reverse DNS tzfraa-aa-in-f8.1e100.net Software Google Tag Manager / Resource Hash 2ff290ae867c7151edfba4185d503251f8689f052d199c16dbad7a020632c2f8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://timpospromo.com.br/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],} expires Thu, 17 Oct 2024 20:38:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 17 Oct 2024 20:38:00 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Thu, 17 Oct 2024 18:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 85074 x-xss-protection 0 server Google Tag Manager
GET H2	200	gtm.js Show response www.googletagmanager.com/	305 KB 107 KB	625ms 84ms	Script application/javascript	216.58.206.72 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WHK4XQ Requested by Host: timpospromo.com.br URL: https://timpospromo.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.72 , United States, ASN15169 (GOOGLE, US), Reverse DNS tzfraa-aa-in-f8.1e100.net Software Google Tag Manager / Resource Hash 870705a94e4c905f2747cc9e086b90e9ee41f0bf7d384f404a3817310825b373 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://timpospromo.com.br/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],} expires Thu, 17 Oct 2024 20:38:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 17 Oct 2024 20:38:00 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Thu, 17 Oct 2024 18:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 108902 x-xss-protection 0 server Google Tag Manager
GET H2	200	css fonts.googleapis.com/	1 KB 545 B	498ms 52ms	Stylesheet text/css	142.250.74.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Barlow:500 Requested by Host: timpospromo.com.br URL: https://timpospromo.com.br/styles.91bd327310f1052430f5.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.74.202 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f10.1e100.net Software ESF / Resource Hash 000758ecf8b86cb1bd12effa59a8c4ab1136b818c195282dc5ac7c40fcdf7044 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://timpospromo.com.br/ Response headers content-encoding gzip x-content-type-options nosniff expires Thu, 17 Oct 2024 20:38:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 17 Oct 2024 20:38:00 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Thu, 17 Oct 2024 20:38:00 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	css fonts.googleapis.com/	5 KB 1 KB	487ms 42ms	Stylesheet text/css	142.250.74.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap Requested by Host: timpospromo.com.br URL: https://timpospromo.com.br/styles.91bd327310f1052430f5.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.74.202 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f10.1e100.net Software ESF / Resource Hash c3e3d7e0bce6022ae66381d04eb4742252d577ba15c5f9cceb49cb14c9eb90b1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://timpospromo.com.br/ Response headers content-encoding gzip x-content-type-options nosniff expires Thu, 17 Oct 2024 20:38:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 17 Oct 2024 20:38:00 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Thu, 17 Oct 2024 19:05:31 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	styles.91bd327310f1052430f5.css Show response timpospromo.com.br/	5 KB 0	1ms 1ms	XHR text/css	54.230.228.48 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://timpospromo.com.br/styles.91bd327310f1052430f5.css Requested by Host: eum.instana.io URL: https://eum.instana.io/eum.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.228.48 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-228-48.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash c315e1f697235b9314707f0179128f50559a9a296f3d2bee9d9a2bc70dd07a78 Request headers X-INSTANA-L 1,correlationType=web;correlationId=b53e3d55cb772ee2 X-INSTANA-S b53e3d55cb772ee2 Referer https://timpospromo.com.br/ X-INSTANA-T b53e3d55cb772ee2 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers cache-control max-age=31536000 content-encoding br etag W/"9b70bd67c3989d54488faff23b646afc" age 465904 via 1.1 cd703a45a77324fb8797a25a15ba227e.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id tpn5RdBb0AMZGQihY2pBlTQ2SMiuFWer1CqFSMrPJunu9x6UOYkt4g== date Sat, 12 Oct 2024 11:12:56 GMT content-type text/css last-modified Thu, 31 Mar 2022 17:51:16 GMT server AmazonS3 x-amz-cf-pop MUC50-P5 vary Accept-Encoding
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v32/	18 KB 19 KB	846ms 145ms	Font font/woff2	142.250.186.163 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f3.1e100.net Software sffe / Resource Hash 89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://timpospromo.com.br Referer https://fonts.googleapis.com/ Response headers age 147768 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Thu, 16 Oct 2025 03:35:13 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 16 Oct 2024 03:35:13 GMT last-modified Thu, 01 Aug 2024 20:41:24 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 18536 x-xss-protection 0 server sffe
GET H2	200	ns.html www.googletagmanager.com/ Frame 69D3	0 0	671ms 103ms	Document text/html	216.58.206.72 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/ns.html?id=GTM-K5FZD4W Requested by Host: timpospromo.com.br URL: https://timpospromo.com.br/main.aab150a000b9b4bba21f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.72 , United States, ASN15169 (GOOGLE, US), Reverse DNS tzfraa-aa-in-f8.1e100.net Software Google Tag Manager / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://timpospromo.com.br/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, must-revalidate content-encoding br content-length 92 content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1128:0 content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting cross-origin-resource-policy cross-origin date Thu, 17 Oct 2024 20:38:01 GMT expires Fri, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1128:0"}],} server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains vary * x-xss-protection 0
GET H2	200	logo.png timpospromo.com.br/assets/images/	364 B 715 B	117ms 116ms	Image image/png	54.230.228.48 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://timpospromo.com.br/assets/images/logo.png Requested by Host: timpospromo.com.br URL: https://timpospromo.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.228.48 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-228-48.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash ec0a6a8e690539eb1a584a7dea407c09ebe62d36e27985b52b294ebfc95309cb Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://timpospromo.com.br/ Response headers cache-control max-age=31536000 etag "f9cd31b8385c95372d4acc3c7e9e7352" age 465900 via 1.1 cd703a45a77324fb8797a25a15ba227e.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 364 x-amz-cf-id 5X5QjD5ExPxPwp_Q3GagW7ow_rs8T3AGdCt1sIhOwnnsw2fMkmxbQA== date Sat, 12 Oct 2024 11:13:01 GMT content-type image/png last-modified Thu, 31 Mar 2022 17:51:15 GMT server AmazonS3 x-amz-cf-pop MUC50-P5
GET H2	200	background.c2e311f2a0f7460c6e13.svg timpospromo.com.br/	348 KB 45 KB	604ms 603ms	Image image/svg+xml	54.230.228.48 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://timpospromo.com.br/background.c2e311f2a0f7460c6e13.svg Requested by Host: timpospromo.com.br URL: https://timpospromo.com.br/styles.91bd327310f1052430f5.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.228.48 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-228-48.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash f3d30f13dcdb426862cf6bb38b4bd1d1f50e3b4bf351e76beacffa11c2126c3b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://timpospromo.com.br/styles.91bd327310f1052430f5.css Response headers cache-control max-age=31536000 content-encoding br etag W/"5615f7173e83f577fb4a80d2d9228c41" via 1.1 cd703a45a77324fb8797a25a15ba227e.cloudfront.net (CloudFront) x-cache Miss from cloudfront x-amz-cf-id FzCZqXRm2RIV6G7I3eVghF0tgCbKu_Iic954xvn99zS40NgEYfWGGw== date Thu, 17 Oct 2024 20:38:02 GMT content-type image/svg+xml last-modified Thu, 31 Mar 2022 17:51:16 GMT server AmazonS3 x-amz-cf-pop MUC50-P5 vary Accept-Encoding
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v32/	18 KB 18 KB	596ms 251ms	Font font/woff2	142.250.186.163 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f3.1e100.net Software sffe / Resource Hash d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://timpospromo.com.br Referer https://fonts.googleapis.com/ Response headers age 221941 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 15 Oct 2025 06:59:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 15 Oct 2024 06:59:00 GMT last-modified Thu, 01 Aug 2024 20:41:21 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 18596 x-xss-protection 0 server sffe
GET		js www.googletagmanager.com/gtag/	0 0
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	793ms 122ms	Script text/javascript	216.239.38.178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHK4XQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.38.178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://timpospromo.com.br/ Response headers content-encoding gzip age 6412 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],} x-content-type-options nosniff expires Thu, 17 Oct 2024 20:51:09 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 17 Oct 2024 18:51:09 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT content-type text/javascript vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=7200 cross-origin-resource-policy cross-origin content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0 cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 20994 server Golfe2
POST H2	200	collect Show response www.google-analytics.com/j/	3 B 423 B	103ms 98ms	XHR text/plain	216.239.38.178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1614450883&t=pageview&_s=1&dl=https%3A%2F%2Ftimpospromo.com.br%2F&ul=it-it&de=UTF-8&dt=TIM&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABBAAAACAAIC~&jid=1877596874&gjid=806570396&cid=1843467985.1729197482&tid=UA-19358192-1&_gid=1819267754.1729197482&_slc=1&gtm=45He4ag0n71WHK4XQv72271226za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685&z=2009137944 Requested by Host: eum.instana.io URL: https://eum.instana.io/eum.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.38.178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type text/plain Referer https://timpospromo.com.br/ Response headers report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],} x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 17 Oct 2024 20:38:02 GMT last-modified Sun, 17 May 1998 03:00:00 GMT content-type text/plain cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0 access-control-allow-origin https://timpospromo.com.br cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 3 server Golfe2
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 648 B	1010ms 187ms	XHR text/plain	142.251.168.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-19358192-1&cid=1843467985.1729197482&jid=1877596874&gjid=806570396&_gid=1819267754.1729197482&_u=YGBAiEABBAAAAGAAIC~&z=412667791 Requested by Host: eum.instana.io URL: https://eum.instana.io/eum.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.168.154 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS wh-in-f154.1e100.net Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type text/plain Referer https://timpospromo.com.br/ Response headers report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:149:0"}],} x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 17 Oct 2024 20:38:02 GMT last-modified Sun, 17 May 1998 03:00:00 GMT content-type text/plain strict-transport-security max-age=31536000; includeSubDomains; preload cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:149:0 access-control-allow-origin https://timpospromo.com.br cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 1 server Golfe2
GET H2	200	favicon.ico timpospromo.com.br/assets/tim/images/	4 KB 5 KB	149ms 148ms	Other image/x-icon	54.230.228.48 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://timpospromo.com.br/assets/tim/images/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.228.48 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-228-48.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 98d9276873504cc4651656ba8898e1d20b46029bb6719fd4804e7b58b4c99227 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://timpospromo.com.br/ Response headers cache-control max-age=31536000 etag "76a1241c99c21ed8d87ea307298b301d" age 284593 via 1.1 cd703a45a77324fb8797a25a15ba227e.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 4286 x-amz-cf-id aRGY9vFmY15ZlX2P5DUMujq42PvCf6iFOHfWf2yqyzYUd6JKMqy7jQ== date Mon, 14 Oct 2024 13:34:50 GMT content-type image/x-icon last-modified Thu, 31 Mar 2022 17:51:15 GMT server AmazonS3 x-amz-cf-pop MUC50-P5
POST H2	200	/ eum-orange-saas.instana.io/	0 175 B	729ms 253ms	Ping text/plain	34.120.4.21 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://eum-orange-saas.instana.io/ Requested by Host: eum.instana.io URL: https://eum.instana.io/eum.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.4.21 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 21.4.120.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://timpospromo.com.br/ Response headers cache-control no-cache, no-store timing-allow-origin * cross-origin-resource-policy cross-origin via 1.1 google access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 date Thu, 17 Oct 2024 20:38:03 GMT vary Accept-Encoding
POST H2	200	/ eum-orange-saas.instana.io/	0 43 B	233ms 223ms	Ping text/plain	34.120.4.21 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://eum-orange-saas.instana.io/ Requested by Host: eum.instana.io URL: https://eum.instana.io/eum.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.4.21 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 21.4.120.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://timpospromo.com.br/ Response headers cache-control no-cache, no-store timing-allow-origin * cross-origin-resource-policy cross-origin via 1.1 google access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 date Thu, 17 Oct 2024 20:38:05 GMT vary Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.googletagmanager.com

URL

https://www.googletagmanager.com/gtag/js?id=G-ZH21843T10&l=dataLayer&cx=c

158 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer string| InstanaEumObject function| ineum object| webpackJsonp function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__fetch function| __zone_symbol__legacyPatch function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononmessageerrorpatched object| regeneratorRuntime object| __SENTRY__ object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| __zone_symbol__visibilitychangetrue object| __zone_symbol__pagehidetrue object| __zone_symbol__pageshowtrue object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| __zone_symbol__loadfalse string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| __zone_symbol__pagehidefalse object| __zone_symbol__beforeunloadfalse function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener function| eventListeners function| removeAllListeners

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.timpospromo.com.br/	1970-01-21 02:29:33	Name: _gcl_au Value: 1.1.377601977.1729197481
			.timpospromo.com.br/	1970-01-21 00:21:23	Name: _ga Value: GA1.3.1843467985.1729197482
			.timpospromo.com.br/	1970-01-21 00:21:23	Name: _gid Value: GA1.3.1819267754.1729197482
			.timpospromo.com.br/	1970-01-21 00:21:23	Name: _dc_gtm_UA-19358192-1 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

eum-orange-saas.instana.io
eum.instana.io
fonts.googleapis.com
fonts.gstatic.com
stats.g.doubleclick.net
timpospromo.com.br
www.google-analytics.com
www.googletagmanager.com
www.googletagmanager.com
142.250.186.163
142.250.74.202
142.251.168.154
2.20.142.91
216.239.38.178
216.58.206.72
34.120.4.21
54.230.228.48
000758ecf8b86cb1bd12effa59a8c4ab1136b818c195282dc5ac7c40fcdf7044
0d337a4ff0c4d3b7492cb566976ca20f6a8a47bc4a145772584e838b8ae5d275
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
20e91bf78e60c0810a11eee10f803c6c4664103eceb65cf788bac20d012d2ff8
2ff290ae867c7151edfba4185d503251f8689f052d199c16dbad7a020632c2f8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c5acbb82a46a4971660f65131241dffcc28828f4dbd76b8ec7bab0b468250f8
870705a94e4c905f2747cc9e086b90e9ee41f0bf7d384f404a3817310825b373
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
93042d62e20ba2390af595fed7a14062aa24dfef9f0e1a2e7a02ffa1c5462f78
98d9276873504cc4651656ba8898e1d20b46029bb6719fd4804e7b58b4c99227
c315e1f697235b9314707f0179128f50559a9a296f3d2bee9d9a2bc70dd07a78
c3e3d7e0bce6022ae66381d04eb4742252d577ba15c5f9cceb49cb14c9eb90b1
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
de2d39a646acb36ae8e5b5f570e0d5a440c416733a615ae6b10fe5609db0ac22
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec0a6a8e690539eb1a584a7dea407c09ebe62d36e27985b52b294ebfc95309cb
f3d30f13dcdb426862cf6bb38b4bd1d1f50e3b4bf351e76beacffa11c2126c3b