inscricao.premiocm.com.br Open in urlscan Pro
34.236.218.29  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://inscricao.premiocm.com.br/config/auth.php Page URL
2. https://inscricao.premiocm.com.br/login.php Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Cookie set auth.php Show response inscricao.premiocm.com.br/config/	104 B 506 B	612ms 152ms	Document text/html	34.236.218.29 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://inscricao.premiocm.com.br/config/auth.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.236.218.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-34-236-218-29.compute-1.amazonaws.com Software Apache / Resource Hash f6205b5e5f2a5a50815f7267cb2070fdf5b0ba05f053da38d87da95a7863c7c4 Request headers Host inscricao.premiocm.com.br Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-User ?1 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site none Sec-Fetch-Mode navigate Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-User ?1 Response headers Date Mon, 18 Nov 2019 16:46:51 GMT Server Apache Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Set-Cookie PHPSESSID=rgetmh5pavnis18de0jpvf67t6; path=/ Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	Primary Request login.php Show response inscricao.premiocm.com.br/	16 KB 17 KB	154ms 153ms	Document text/html	34.236.218.29 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://inscricao.premiocm.com.br/login.php Requested by Host: inscricao.premiocm.com.br URL: https://inscricao.premiocm.com.br/config/auth.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.236.218.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-34-236-218-29.compute-1.amazonaws.com Software Apache / Resource Hash 813fd3f829d141c64fb0cf6a7539d897b720d1eefe3c1885686740048ca03640 Request headers Host inscricao.premiocm.com.br Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site same-origin Sec-Fetch-Mode navigate Referer https://inscricao.premiocm.com.br/config/auth.php Accept-Encoding gzip, deflate, br Cookie PHPSESSID=rgetmh5pavnis18de0jpvf67t6 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://inscricao.premiocm.com.br/config/auth.php Response headers Date Mon, 18 Nov 2019 16:46:51 GMT Server Apache Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Keep-Alive timeout=5, max=99 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	jquery-confirm.min.css cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.0/	22 KB 3 KB	21ms 19ms	Stylesheet text/css	2606:4700::6811:4004 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.0/jquery-confirm.min.css Requested by Host: inscricao.premiocm.com.br URL: https://inscricao.premiocm.com.br/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash e7d1a79249f1b6df583f1f062d4382b9ae9aceda2181d9b3d71beb8c89591188 Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains Request headers Referer https://inscricao.premiocm.com.br/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 18 Nov 2019 16:46:51 GMT content-encoding br cf-cache-status HIT age 18729539 cf-ray 537b6c43e9ab8c86-VIE status 200 strict-transport-security max-age=15780000; includeSubDomains alt-svc h3-23=":443"; ma=86400 last-modified Thu, 17 May 2018 09:20:58 GMT server cloudflare etag W/"5afd497a-580a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css access-control-allow-origin * expires Sat, 07 Nov 2020 16:46:51 GMT cache-control public, max-age=30672000 timing-allow-origin * served-in-seconds 0.016
GET H/1.1	200 OK	jquery-ui.css code.jquery.com/ui/1.12.1/themes/base/	35 KB 9 KB	29ms 6ms	Stylesheet text/css	2001:4de0:ac19::1:b:3b Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css Requested by Host: inscricao.premiocm.com.br URL: https://inscricao.premiocm.com.br/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US), Reverse DNS Software nginx / Resource Hash 44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0 Request headers Referer https://inscricao.premiocm.com.br/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 18 Nov 2019 16:46:51 GMT Content-Encoding gzip Last-Modified Wed, 14 Sep 2016 16:34:16 GMT Server nginx ETag W/"57d97c08-8c85" Vary Accept-Encoding X-HW 1574095611.dop098.fr8.t,1574095611.cds016.fr8.shn,1574095611.cds016.fr8.c Content-Type text/css Access-Control-Allow-Origin * Cache-Control max-age=315360000, public Connection Keep-Alive Accept-Ranges bytes Content-Length 8323
GET H2	200	pure-min.css unpkg.com/purecss@1.0.0/build/	16 KB 4 KB	56ms 21ms	Stylesheet text/css	2606:4700::6810:7aaf Cloudflare
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/purecss@1.0.0/build/pure-min.css Requested by Host: inscricao.premiocm.com.br URL: https://inscricao.premiocm.com.br/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 434cc2ad4b3621f5d6631d2e30a25f1bddc2bc5ea8548236d70698b00578ffc4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://inscricao.premiocm.com.br/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 18 Nov 2019 16:46:51 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 9108823 status 200 strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Mon, 05 Jun 2017 15:02:40 GMT server cloudflare etag W/"4041-Bsbicbly0ELj8EtyGzLkx6K5qmk" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * x-cloud-trace-context ff4605388793ee42c36486e0aa15df9a cache-control public, max-age=31536000 cf-ray 537b6c442938cbb0-VIE
GET H/1.1	200 OK	grid.css inscricao.premiocm.com.br/css/	4 KB 4 KB	245ms 133ms	Stylesheet text/css	34.236.218.29 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://inscricao.premiocm.com.br/css/grid.css Requested by Host: inscricao.premiocm.com.br URL: https://inscricao.premiocm.com.br/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.236.218.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-34-236-218-29.compute-1.amazonaws.com Software Apache / Resource Hash 81a271f29875e4c0458bcb8eaa2ab108963fa7c3c0344f3ffac270d29e00322a Security Headers Name Value X-Frame-Options SAMEORIGIN, allow-from https://www.google.com.br/ Request headers Referer https://inscricao.premiocm.com.br/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 18 Nov 2019 16:46:51 GMT Last-Modified Thu, 12 Sep 2019 17:04:53 GMT Server Apache X-Frame-Options SAMEORIGIN, allow-from https://www.google.com.br/ Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 3962
GET H/1.1	200 OK	style.css inscricao.premiocm.com.br/css/	14 KB 14 KB	378ms 132ms	Stylesheet text/css	34.236.218.29 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://inscricao.premiocm.com.br/css/style.css Requested by Host: inscricao.premiocm.com.br URL: https://inscricao.premiocm.com.br/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.236.218.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-34-236-218-29.compute-1.amazonaws.com Software Apache / Resource Hash 1865cfeba5cba0f2dd581d15792e28f4c583cd6230a0ff173079c4583cbe918d Security Headers Name Value X-Frame-Options SAMEORIGIN, allow-from https://www.google.com.br/ Request headers Referer https://inscricao.premiocm.com.br/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 18 Nov 2019 16:46:51 GMT Last-Modified Thu, 12 Sep 2019 17:04:54 GMT Server Apache X-Frame-Options SAMEORIGIN, allow-from https://www.google.com.br/ Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 14141
GET H/1.1	200 OK	obelisco-premiocm-1.png inscricao.premiocm.com.br/images/	53 KB 53 KB	399ms 133ms	Image image/png	34.236.218.29 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://inscricao.premiocm.com.br/images/obelisco-premiocm-1.png Requested by Host: inscricao.premiocm.com.br URL: https://inscricao.premiocm.com.br/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.236.218.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-34-236-218-29.compute-1.amazonaws.com Software Apache / Resource Hash fb3b42f8e90b3b43fba3ae79a1722d851b09f7b6e6fbe711e243da4a0b303ada Security Headers Name Value X-Frame-Options SAMEORIGIN, allow-from https://www.google.com.br/ Request headers Referer https://inscricao.premiocm.com.br/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 18 Nov 2019 16:46:51 GMT Last-Modified Thu, 12 Sep 2019 17:11:41 GMT Server Apache X-Frame-Options SAMEORIGIN, allow-from https://www.google.com.br/ Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 54091
GET H/1.1	200 OK	footer_branco.png inscricao.premiocm.com.br/images/	1 MB 1 MB	287ms 133ms	Image image/png	34.236.218.29 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://inscricao.premiocm.com.br/images/footer_branco.png Requested by Host: inscricao.premiocm.com.br URL: https://inscricao.premiocm.com.br/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.236.218.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-34-236-218-29.compute-1.amazonaws.com Software Apache / Resource Hash 7be9c5baccc771aecb58e9b47672f5322ea8024e38a64372a15a4732788b0795 Security Headers Name Value X-Frame-Options SAMEORIGIN, allow-from https://www.google.com.br/ Request headers Referer https://inscricao.premiocm.com.br/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 18 Nov 2019 16:46:51 GMT Last-Modified Thu, 12 Sep 2019 17:05:02 GMT Server Apache X-Frame-Options SAMEORIGIN, allow-from https://www.google.com.br/ Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1113056
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.2.4/	84 KB 29 KB	12ms 6ms	Script text/javascript	2a00:1450:4001:809::200a Google LLC
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js Requested by Host: inscricao.premiocm.com.br URL: https://inscricao.premiocm.com.br/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://inscricao.premiocm.com.br/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 12 Nov 2019 11:08:53 GMT content-encoding gzip x-content-type-options nosniff age 538678 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 30028 x-xss-protection 0 last-modified Tue, 20 Dec 2016 18:17:03 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Wed, 11 Nov 2020 11:08:53 GMT
GET H/1.1	200 OK	jquery-ui.js Show response code.jquery.com/ui/1.12.1/	509 KB 122 KB	14ms 9ms	Script application/javascript	2001:4de0:ac19::1:b:3b Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/ui/1.12.1/jquery-ui.js Requested by Host: inscricao.premiocm.com.br URL: https://inscricao.premiocm.com.br/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US), Reverse DNS Software nginx / Resource Hash 4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d Request headers Referer https://inscricao.premiocm.com.br/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 18 Nov 2019 16:46:51 GMT Content-Encoding gzip Last-Modified Wed, 14 Sep 2016 16:34:16 GMT Server nginx ETag W/"57d97c08-7f20a" Vary Accept-Encoding X-HW 1574095611.dop098.fr8.t,1574095611.cds016.fr8.shn,1574095611.cds016.fr8.c Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=315360000, public Connection Keep-Alive Accept-Ranges bytes Content-Length 124434
GET H2	200	jquery-confirm.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.0/	27 KB 7 KB	25ms 20ms	Script application/javascript	2606:4700::6811:4004 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.0/jquery-confirm.min.js Requested by Host: inscricao.premiocm.com.br URL: https://inscricao.premiocm.com.br/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 4cf4fe06b5c06b10d9128f3e60eafd53411611ce0eead2a6afde140c5b2442f9 Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains Request headers Referer https://inscricao.premiocm.com.br/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 18 Nov 2019 16:46:51 GMT content-encoding br cf-cache-status HIT age 18729539 cf-ray 537b6c44aa2c8c86-VIE status 200 strict-transport-security max-age=15780000; includeSubDomains alt-svc h3-23=":443"; ma=86400 last-modified Thu, 17 May 2018 09:20:12 GMT server cloudflare etag W/"5afd494c-6c56" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * expires Sat, 07 Nov 2020 16:46:51 GMT cache-control public, max-age=30672000 timing-allow-origin * served-in-seconds 0.034
GET H2	200	jquery.maskedinput.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery.maskedinput/1.4.1/	4 KB 2 KB	22ms 17ms	Script application/javascript	2606:4700::6811:4004 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery.maskedinput/1.4.1/jquery.maskedinput.min.js Requested by Host: inscricao.premiocm.com.br URL: https://inscricao.premiocm.com.br/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash fb82877818fa23c8c028053cc5744c5d7947faca82bd50a82b918016499bfb62 Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains Request headers Referer https://inscricao.premiocm.com.br/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 18 Nov 2019 16:46:51 GMT content-encoding br cf-cache-status HIT age 107999 cf-ray 537b6c44aa2d8c86-VIE status 200 strict-transport-security max-age=15780000; includeSubDomains alt-svc h3-23=":443"; ma=86400 last-modified Thu, 17 May 2018 09:20:13 GMT server cloudflare etag W/"5afd494d-10e4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * expires Sat, 07 Nov 2020 16:46:51 GMT cache-control public, max-age=30672000 timing-allow-origin * served-in-seconds 0.034
GET H2	200	b33739e6-5113-4601-99fa-0c9632c5ac05-loader.js Show response d335luupugsy2.cloudfront.net/js/loader-scripts/	3 KB 1 KB	129ms 38ms	Script application/javascript	13.224.197.139 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://d335luupugsy2.cloudfront.net/js/loader-scripts/b33739e6-5113-4601-99fa-0c9632c5ac05-loader.js Requested by Host: inscricao.premiocm.com.br URL: https://inscricao.premiocm.com.br/login.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.197.139 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-224-197-139.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash efa20c50fc7cff77a3d7bcd1fbe399e6e1aa136512b2c052179e69e939c53db5 Request headers Referer https://inscricao.premiocm.com.br/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 17 Nov 2019 14:04:55 GMT content-encoding gzip last-modified Fri, 25 Oct 2019 09:09:39 GMT server AmazonS3 age 96117 vary Accept-Encoding x-cache Hit from cloudfront x-amz-version-id 7j9urI7vSO2kq_SaPUKI24QTlPu5LTg4 status 200 cache-control max-age=2592000 x-amz-cf-pop FRA2-C1 content-type application/javascript x-amz-cf-id gOAe0m6-GEsjlov2Eq8dAGy46gvnw4GebFzTSpffeNPjmHTrVUgDhg== via 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
GET H/1.1	200 OK	app.js Show response inscricao.premiocm.com.br/js/	8 KB 8 KB	268ms 128ms	Script application/javascript	34.236.218.29 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://inscricao.premiocm.com.br/js/app.js Requested by Host: inscricao.premiocm.com.br URL: https://inscricao.premiocm.com.br/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.236.218.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-34-236-218-29.compute-1.amazonaws.com Software Apache / Resource Hash 1b25a40b7ffc40b0ad71e2e034cb9645762fb3606e80d55eb31e71ba027f59ae Security Headers Name Value X-Frame-Options SAMEORIGIN, allow-from https://www.google.com.br/ Request headers Referer https://inscricao.premiocm.com.br/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 18 Nov 2019 16:46:51 GMT Last-Modified Thu, 12 Sep 2019 17:05:04 GMT Server Apache X-Frame-Options SAMEORIGIN, allow-from https://www.google.com.br/ Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 8122
GET H/1.1	200 OK	bg-top-premiocm.jpg inscricao.premiocm.com.br/images/	211 KB 212 KB	129ms 128ms	Image image/jpeg	34.236.218.29 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://inscricao.premiocm.com.br/images/bg-top-premiocm.jpg Requested by Host: inscricao.premiocm.com.br URL: https://inscricao.premiocm.com.br/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.236.218.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-34-236-218-29.compute-1.amazonaws.com Software Apache / Resource Hash a6aa8a62ad4b4f6066650b2f5aac315f11d4264b697632283316974a728fb639 Security Headers Name Value X-Frame-Options SAMEORIGIN, allow-from https://www.google.com.br/ Request headers Referer https://inscricao.premiocm.com.br/css/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 18 Nov 2019 16:46:51 GMT Last-Modified Thu, 12 Sep 2019 17:12:31 GMT Server Apache X-Frame-Options SAMEORIGIN, allow-from https://www.google.com.br/ Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 216306
GET H/1.1	200 OK	barra-colorida.png inscricao.premiocm.com.br/images/	1 KB 1 KB	133ms 133ms	Image image/png	34.236.218.29 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://inscricao.premiocm.com.br/images/barra-colorida.png Requested by Host: inscricao.premiocm.com.br URL: https://inscricao.premiocm.com.br/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.236.218.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-34-236-218-29.compute-1.amazonaws.com Software Apache / Resource Hash 59cf7ed3ab3c42b0803598dfc63397ffb676d574e00e150bcc6ce24114e9e9e9 Security Headers Name Value X-Frame-Options SAMEORIGIN, allow-from https://www.google.com.br/ Request headers Referer https://inscricao.premiocm.com.br/css/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 18 Nov 2019 16:46:51 GMT Last-Modified Thu, 12 Sep 2019 17:04:58 GMT Server Apache X-Frame-Options SAMEORIGIN, allow-from https://www.google.com.br/ Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 1048
GET H/1.1	200 OK	midias-sociais.png inscricao.premiocm.com.br/images/	11 KB 11 KB	127ms 126ms	Image image/png	34.236.218.29 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://inscricao.premiocm.com.br/images/midias-sociais.png Requested by Host: inscricao.premiocm.com.br URL: https://inscricao.premiocm.com.br/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.236.218.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-34-236-218-29.compute-1.amazonaws.com Software Apache / Resource Hash 9bbd5e7414634cbfbb31053e44bd0bff49be7cacbdd93298be617a9884bc8d1d Security Headers Name Value X-Frame-Options SAMEORIGIN, allow-from https://www.google.com.br/ Request headers Referer https://inscricao.premiocm.com.br/css/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 18 Nov 2019 16:46:51 GMT Last-Modified Thu, 12 Sep 2019 17:04:59 GMT Server Apache X-Frame-Options SAMEORIGIN, allow-from https://www.google.com.br/ Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 11103
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc9.ttf fonts.gstatic.com/s/roboto/v20/	35 KB 20 KB	6ms 6ms	Font font/ttf	2a00:1450:4001:81f::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc9.ttf Requested by Host: inscricao.premiocm.com.br URL: https://inscricao.premiocm.com.br/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash a637d3ff767789f9b113bbfa208bdb6a76efed7c4c111da2a130f6a38a51d353 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://inscricao.premiocm.com.br/css/style.css Origin https://inscricao.premiocm.com.br Response headers date Mon, 28 Oct 2019 23:34:39 GMT content-encoding gzip x-content-type-options nosniff age 1789932 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 20796 x-xss-protection 0 last-modified Wed, 24 Jul 2019 01:18:59 GMT server sffe vary Accept-Encoding content-type font/ttf access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 27 Oct 2020 23:34:39 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxP.ttf fonts.gstatic.com/s/roboto/v20/	35 KB 20 KB	8ms 8ms	Font font/ttf	2a00:1450:4001:81f::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxP.ttf Requested by Host: inscricao.premiocm.com.br URL: https://inscricao.premiocm.com.br/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 0b1d7f87f3ca4c8b4bd749b02b6ad71c930b7e306c752a2e2293d7b250b02e27 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://inscricao.premiocm.com.br/css/style.css Origin https://inscricao.premiocm.com.br Response headers date Thu, 31 Oct 2019 21:59:52 GMT content-encoding gzip x-content-type-options nosniff age 1536419 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 20742 x-xss-protection 0 last-modified Wed, 24 Jul 2019 01:18:36 GMT server sffe vary Accept-Encoding content-type font/ttf access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 30 Oct 2020 21:59:52 GMT
GET H2	200	KFOlCnqEu92Fr1MmYUtfBBc9.ttf fonts.gstatic.com/s/roboto/v20/	35 KB 20 KB	7ms 7ms	Font font/ttf	2a00:1450:4001:81f::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmYUtfBBc9.ttf Requested by Host: inscricao.premiocm.com.br URL: https://inscricao.premiocm.com.br/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 899feb1ef8bdf5717f945468ed29df0f8b2fa5762aef19f040239a649c2d7004 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://inscricao.premiocm.com.br/css/style.css Origin https://inscricao.premiocm.com.br Response headers date Tue, 12 Nov 2019 15:22:55 GMT content-encoding gzip x-content-type-options nosniff age 523436 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 20826 x-xss-protection 0 last-modified Wed, 24 Jul 2019 01:19:16 GMT server sffe vary Accept-Encoding content-type font/ttf access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 11 Nov 2020 15:22:55 GMT
GET H2	200	traffic-source-cookie.min.js Show response d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/	2 KB 1 KB	37ms 37ms	Script application/javascript	13.224.197.139 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/traffic-source-cookie.min.js Requested by Host: d335luupugsy2.cloudfront.net URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/b33739e6-5113-4601-99fa-0c9632c5ac05-loader.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.197.139 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-224-197-139.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 23c49eb1402fa6afe843b8dade085148af4d890f11d09d572ce970585e42f17c Request headers Referer https://inscricao.premiocm.com.br/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 24 Oct 2019 21:46:08 GMT content-encoding gzip age 2142044 x-cache Hit from cloudfront status 200 content-length 912 last-modified Mon, 06 Feb 2017 16:35:04 GMT server AmazonS3 etag "57ab0bbd7fce16f93e97fc33ff6ec7dc" x-amz-version-id inXXjDFoqD4i5dbZCPHdHZe2iZD88xAn via 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront) cache-control max-age=2592000 x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type application/javascript x-amz-cf-id BmG7jUrU1KsNKPoG6w4DIpMBlIZZbcw-AXwchJs8Q9kGPWoz7OqL7w==
GET H2	200	rdstation-popup.min.js Show response d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/	187 KB 53 KB	43ms 42ms	Script application/javascript	13.224.197.139 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1 Requested by Host: d335luupugsy2.cloudfront.net URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/b33739e6-5113-4601-99fa-0c9632c5ac05-loader.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.197.139 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-224-197-139.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 1b9deffcb6abc9a2d2dca91b0fc7882345148c57cb0bb4c036d4ced6f091f56f Request headers Referer https://inscricao.premiocm.com.br/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-amz-version-id tmVbq2fpDWzgoKhVLI7A2Q_t3HQ95psI content-encoding gzip age 13188 x-cache Hit from cloudfront status 200 date Mon, 18 Nov 2019 13:07:05 GMT content-length 54059 last-modified Thu, 31 Oct 2019 13:04:36 GMT server AmazonS3 etag "524cc1c4ef21c5a23443f1f5a5e66421" content-type application/javascript; charset=utf-8 via 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront) cache-control max-age=86400, must-revalidate x-amz-cf-pop FRA2-C1 accept-ranges bytes x-amz-cf-id JLC3Bv3WAAGX4eV2OapDVjbmctm723bRXzcAfgskp1GldjH9OHufVQ==
GET H2	200	rd-js-integration.min.js Show response d335luupugsy2.cloudfront.net/js/integration/stable/	8 KB 4 KB	69ms 69ms	Script application/javascript	13.224.197.139 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://d335luupugsy2.cloudfront.net/js/integration/stable/rd-js-integration.min.js?v=1 Requested by Host: d335luupugsy2.cloudfront.net URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/b33739e6-5113-4601-99fa-0c9632c5ac05-loader.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.197.139 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-224-197-139.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 719e041a7309a18d7038a356664f0fe96054d879ad6009277fcdfd5489402768 Request headers Referer https://inscricao.premiocm.com.br/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-amz-version-id Ct5pRk0iGs7oJaBC5h1pY6mayReHXkIR content-encoding gzip age 67246 x-cache Hit from cloudfront status 200 date Sun, 17 Nov 2019 22:06:07 GMT content-length 3270 last-modified Wed, 21 Nov 2018 11:44:19 GMT server AmazonS3 etag "b0aec5eeb2956da5ea014d2b9bc7da31" content-type application/javascript; charset=utf-8 via 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront) cache-control max-age=86400, must-revalidate x-amz-cf-pop FRA2-C1 accept-ranges bytes x-amz-cf-id YF2T0kgxbx2d5QgNEaQD2-mWMR5qkwyoh8ck2nNf5v2SCxTS2qbjtg==
GET H2	200	show.json Show response pages.rdstation.com.br/popup/	13 B 80 B	438ms 152ms	XHR application/json	184.73.184.60 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://pages.rdstation.com.br/popup/show.json?account_id=80279&uniq=_4064ak6ll Requested by Host: d335luupugsy2.cloudfront.net URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 184.73.184.60 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-184-73-184-60.compute-1.amazonaws.com Software / Resource Hash 96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://inscricao.premiocm.com.br/login.php Origin https://inscricao.premiocm.com.br Response headers status 200 date Mon, 18 Nov 2019 16:46:53 GMT access-control-allow-origin * content-length 13 content-type application/json

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| jconfirm function| Jconfirm object| RDStation boolean| RDStationTrackingCodeChecker object| $nome object| $email object| $telefone object| $cnpj object| $razao object| $tipo object| $segmento object| TrafficSourceCookie object| RdstationPopup function| _classCallCheck function| RDStationFormIntegration object| FormFields function| _createClass function| RDErrorNotifier object| RDIntegrationCreditCard function| _typeof object| FieldMapping object| RdIntegrationIdentifier object| RdIntegration

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			inscricao.premiocm.com.br/	1969-12-31 23:59:59	Name: PHPSESSID Value: rgetmh5pavnis18de0jpvf67t6

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/b33739e6-5113-4601-99fa-0c9632c5ac05-loader.js(Line 1) Message: TrafficSourceCookie initialized

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
code.jquery.com
d335luupugsy2.cloudfront.net
fonts.gstatic.com
inscricao.premiocm.com.br
pages.rdstation.com.br
unpkg.com
13.224.197.139
184.73.184.60
2001:4de0:ac19::1:b:3b
2606:4700::6810:7aaf
2606:4700::6811:4004
2a00:1450:4001:809::200a
2a00:1450:4001:81f::2003
34.236.218.29
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0b1d7f87f3ca4c8b4bd749b02b6ad71c930b7e306c752a2e2293d7b250b02e27
1865cfeba5cba0f2dd581d15792e28f4c583cd6230a0ff173079c4583cbe918d
1b25a40b7ffc40b0ad71e2e034cb9645762fb3606e80d55eb31e71ba027f59ae
1b9deffcb6abc9a2d2dca91b0fc7882345148c57cb0bb4c036d4ced6f091f56f
23c49eb1402fa6afe843b8dade085148af4d890f11d09d572ce970585e42f17c
434cc2ad4b3621f5d6631d2e30a25f1bddc2bc5ea8548236d70698b00578ffc4
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
4cf4fe06b5c06b10d9128f3e60eafd53411611ce0eead2a6afde140c5b2442f9
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d
59cf7ed3ab3c42b0803598dfc63397ffb676d574e00e150bcc6ce24114e9e9e9
719e041a7309a18d7038a356664f0fe96054d879ad6009277fcdfd5489402768
7be9c5baccc771aecb58e9b47672f5322ea8024e38a64372a15a4732788b0795
813fd3f829d141c64fb0cf6a7539d897b720d1eefe3c1885686740048ca03640
81a271f29875e4c0458bcb8eaa2ab108963fa7c3c0344f3ffac270d29e00322a
899feb1ef8bdf5717f945468ed29df0f8b2fa5762aef19f040239a649c2d7004
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
9bbd5e7414634cbfbb31053e44bd0bff49be7cacbdd93298be617a9884bc8d1d
a637d3ff767789f9b113bbfa208bdb6a76efed7c4c111da2a130f6a38a51d353
a6aa8a62ad4b4f6066650b2f5aac315f11d4264b697632283316974a728fb639
e7d1a79249f1b6df583f1f062d4382b9ae9aceda2181d9b3d71beb8c89591188
efa20c50fc7cff77a3d7bcd1fbe399e6e1aa136512b2c052179e69e939c53db5
f6205b5e5f2a5a50815f7267cb2070fdf5b0ba05f053da38d87da95a7863c7c4
fb3b42f8e90b3b43fba3ae79a1722d851b09f7b6e6fbe711e243da4a0b303ada
fb82877818fa23c8c028053cc5744c5d7947faca82bd50a82b918016499bfb62