urlscan.io logo urlscan.io
SecurityTrails logo

pdv-amazontuor.guichepass.com.br Open in urlscan Pro
35.198.51.13  Public Scan

Go To Rescan Add Verdict Report
URL: https://pdv-amazontuor.guichepass.com.br/
Submission Tags: @phishunt_io
Submission: On December 20 via api from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 8 domains to perform 22 HTTP transactions. The main IP is 35.198.51.13, located in Mountain View, United States and belongs to GOOGLE, US. The main domain is pdv-amazontuor.guichepass.com.br.
TLS certificate: Issued by R3 on December 20th 2020. Valid for: 3 months.
This is the only time pdv-amazontuor.guichepass.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 35.198.51.13 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.84.50.127 16509 (AMAZON-02)
1 54.230.206.101 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.84.50.90 16509 (AMAZON-02)
1 52.208.57.208 16509 (AMAZON-02)
1 54.230.206.79 16509 (AMAZON-02)
1 1 13.32.240.46 16509 (AMAZON-02)
3 13.32.240.110 16509 (AMAZON-02)
22 11
9    35.198.51.13 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 13.51.198.35.bc.googleusercontent.com
pdv-amazontuor.guichepass.com.br
2    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:818::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    52.84.50.127 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-50-127.ham50.r.cloudfront.net
static.hotjar.com
1    54.230.206.101 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-206-101.ham50.r.cloudfront.net
script.hotjar.com
1    2606:4700:3032::681b:8edf (United States)

ASN13335 (CLOUDFLARENET, US)
fast.conpass.io
1    2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    52.84.50.90 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-50-90.ham50.r.cloudfront.net
vars.hotjar.com
1    52.208.57.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-57-208.eu-west-1.compute.amazonaws.com
in.hotjar.com
1    54.230.206.79 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-206-79.ham50.r.cloudfront.net
vc.hotjar.io
1    13.32.240.46 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-240-46.ams50.r.cloudfront.net
widget.intercom.io
3    13.32.240.110 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-240-110.ams50.r.cloudfront.net
js.intercomcdn.com
Domain Requested by
9 pdv-amazontuor.guichepass.com.br pdv-amazontuor.guichepass.com.br
3 js.intercomcdn.com widget.intercom.io
2 fonts.googleapis.com pdv-amazontuor.guichepass.com.br
1 widget.intercom.io 1 redirects
1 vc.hotjar.io script.hotjar.com
1 in.hotjar.com script.hotjar.com
1 vars.hotjar.com static.hotjar.com
1 fonts.gstatic.com fonts.googleapis.com
1 fast.conpass.io pdv-amazontuor.guichepass.com.br
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com pdv-amazontuor.guichepass.com.br
1 ajax.googleapis.com pdv-amazontuor.guichepass.com.br
22 12

This site contains no links.

Subject Issuer Validity Valid
admin-amazontuor.guichepass.com.br
R3		 2020-12-20 -
2021-03-20		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.hotjar.com
Amazon		 2020-01-22 -
2021-02-22		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-18 -
2021-08-18		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.hotjar.io
Amazon		 2020-09-15 -
2021-10-15		 a year crt.sh
*.intercomcdn.com
Amazon		 2020-03-29 -
2021-04-29		 a year crt.sh

This page contains 3 frames:

Primary Page: https://pdv-amazontuor.guichepass.com.br/
Frame ID: 30EC0EF968AAADE0A9C34DC4BEA3B584
Requests: 19 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: C63F3F23A3CCA0BDBB4B9A517A18AFF9
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.3651b008.js
Frame ID: C1C347AD05149E236FEFC8C17F8DD447
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

22
Requests

100 %
HTTPS

33 %
IPv6

8
Domains

12
Subdomains

11
IPs

3
Countries

1361 kB
Transfer

4387 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://widget.intercom.io/widget/ayfuqagn HTTP 302
  • https://js.intercomcdn.com/shim.latest.js

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pdv-amazontuor.guichepass.com.br/ 		1 KB
820 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pdv-amazontuor.guichepass.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.198.51.13 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
13.51.198.35.bc.googleusercontent.com
Software
nginx/1.15.8 /
Resource Hash
83a9cdd138044b5d283a79fe0ca1b6a7b9dbe2009973a1ebe575492c8d1e8716
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
pdv-amazontuor.guichepass.com.br
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx/1.15.8
date
Sun, 20 Dec 2020 21:38:38 GMT
content-type
text/html
last-modified
Mon, 14 Dec 2020 14:56:36 GMT
vary
Accept-Encoding
etag
W/"5fd77d24-4c6"
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
icon
fonts.googleapis.com/ 		574 B
466 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: pdv-amazontuor.guichepass.com.br
URL: https://pdv-amazontuor.guichepass.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2f7d25275cf9ccb802154e572bc808e3c4533bc2004ccb65f4ccf35fc22b0a58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pdv-amazontuor.guichepass.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 20 Dec 2020 21:38:38 GMT
server
ESF
date
Sun, 20 Dec 2020 21:38:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 20 Dec 2020 21:38:38 GMT
css
fonts.googleapis.com/ 		2 KB
623 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: pdv-amazontuor.guichepass.com.br
URL: https://pdv-amazontuor.guichepass.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cf7a2b3976c3af63dc2bca70cc5625a26341f19b1ccd484feddf076df895ed58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pdv-amazontuor.guichepass.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 20 Dec 2020 20:47:56 GMT
server
ESF
date
Sun, 20 Dec 2020 21:38:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 20 Dec 2020 21:38:38 GMT
chunk-vendors.7f89301a.css
pdv-amazontuor.guichepass.com.br/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pdv-amazontuor.guichepass.com.br/css/chunk-vendors.7f89301a.css
Requested by
Host: pdv-amazontuor.guichepass.com.br
URL: https://pdv-amazontuor.guichepass.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.198.51.13 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
13.51.198.35.bc.googleusercontent.com
Software
nginx/1.15.8 /
Resource Hash
9c7e9269ed5cf1d033dac20feb2aef434996fb8f025691a0ed4b5df5100028cb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://pdv-amazontuor.guichepass.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 21:38:38 GMT
content-encoding
gzip
last-modified
Mon, 14 Dec 2020 14:56:36 GMT
server
nginx/1.15.8
etag
W/"5fd77d24-191d"
vary
Accept-Encoding
content-type
text/css
strict-transport-security
max-age=15724800; includeSubDomains
app.198a07d3.css
pdv-amazontuor.guichepass.com.br/css/ 		728 KB
99 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pdv-amazontuor.guichepass.com.br/css/app.198a07d3.css
Requested by
Host: pdv-amazontuor.guichepass.com.br
URL: https://pdv-amazontuor.guichepass.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.198.51.13 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
13.51.198.35.bc.googleusercontent.com
Software
nginx/1.15.8 /
Resource Hash
f1325e26a892db793d60e262c0c5521ecb285d823ec7ba69aa4631dc0bfef3cc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://pdv-amazontuor.guichepass.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 21:38:38 GMT
content-encoding
gzip
last-modified
Mon, 14 Dec 2020 14:56:36 GMT
server
nginx/1.15.8
etag
W/"5fd77d24-b5f58"
vary
Accept-Encoding
content-type
text/css
strict-transport-security
max-age=15724800; includeSubDomains
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.0/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.0/jquery.min.js
Requested by
Host: pdv-amazontuor.guichepass.com.br
URL: https://pdv-amazontuor.guichepass.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pdv-amazontuor.guichepass.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Dec 2020 21:44:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
518064
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30768
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Dec 2021 21:44:14 GMT
config.js
pdv-amazontuor.guichepass.com.br/assets/config/ 		639 B
658 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pdv-amazontuor.guichepass.com.br/assets/config/config.js
Requested by
Host: pdv-amazontuor.guichepass.com.br
URL: https://pdv-amazontuor.guichepass.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.198.51.13 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
13.51.198.35.bc.googleusercontent.com
Software
nginx/1.15.8 /
Resource Hash
b9eb5c1665cc666d27850025346e748a1142e31344304ee68ba75070652ab654
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://pdv-amazontuor.guichepass.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 21:38:38 GMT
content-encoding
gzip
last-modified
Tue, 15 Dec 2020 14:40:28 GMT
server
nginx/1.15.8
etag
W/"5fd8cadc-27f"
vary
Accept-Encoding
content-type
application/javascript
strict-transport-security
max-age=15724800; includeSubDomains
chunk-vendors.6f5c7050.js
pdv-amazontuor.guichepass.com.br/js/ 		951 KB
322 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pdv-amazontuor.guichepass.com.br/js/chunk-vendors.6f5c7050.js
Requested by
Host: pdv-amazontuor.guichepass.com.br
URL: https://pdv-amazontuor.guichepass.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.198.51.13 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
13.51.198.35.bc.googleusercontent.com
Software
nginx/1.15.8 /
Resource Hash
1f9c2bb827336efcc97e380718d9cc03ef00a6b2d328774c4951417ac68c791d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://pdv-amazontuor.guichepass.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 21:38:38 GMT
content-encoding
gzip
last-modified
Mon, 14 Dec 2020 14:56:36 GMT
server
nginx/1.15.8
etag
W/"5fd77d24-edbc6"
vary
Accept-Encoding
content-type
application/javascript
strict-transport-security
max-age=15724800; includeSubDomains
app.6c32653970ce74706b41.js
pdv-amazontuor.guichepass.com.br/ 		539 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pdv-amazontuor.guichepass.com.br/app.6c32653970ce74706b41.js
Requested by
Host: pdv-amazontuor.guichepass.com.br
URL: https://pdv-amazontuor.guichepass.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.198.51.13 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
13.51.198.35.bc.googleusercontent.com
Software
nginx/1.15.8 /
Resource Hash
dea377c8d5b88edba6462000c38b6da11a08f2c63dbf5dec84534de125e30143
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://pdv-amazontuor.guichepass.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 21:38:38 GMT
content-encoding
gzip
last-modified
Mon, 14 Dec 2020 14:56:36 GMT
server
nginx/1.15.8
etag
W/"5fd77d24-86ce2"
vary
Accept-Encoding
content-type
application/javascript
strict-transport-security
max-age=15724800; includeSubDomains
hotjar-1161357.js
static.hotjar.com/c/ 		33 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1161357.js?sv=6
Requested by
Host: pdv-amazontuor.guichepass.com.br
URL: https://pdv-amazontuor.guichepass.com.br/assets/config/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.50.127 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-50-127.ham50.r.cloudfront.net
Software
/
Resource Hash
f85a8e56aecb9039eaf97deb22981a35bab9e16f3b3675c63108a4dafc9cc41f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pdv-amazontuor.guichepass.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 21:38:33 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
6
etag
W/7be030f9169b067be99041baa34bc8a4
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
HAM50-C2
x-amz-cf-id
19fAyw1Gd5UCUpeKb0T3qe8wuybjDejmpNV4uQ3w_bwgbiKCXRT79g==
via
1.1 4f5d7e3a87b60a05ec95a5a0e7f4b9d6.cloudfront.net (CloudFront)
modules.5d1cad31427a09b055ed.js
script.hotjar.com/ 		223 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.5d1cad31427a09b055ed.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1161357.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.206.101 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-206-101.ham50.r.cloudfront.net
Software
/
Resource Hash
3bab90335837b0878fc05a0cb4605e78f1479d61cefb0653f7b448eac171ebbe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pdv-amazontuor.guichepass.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Dec 2020 15:55:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
366163
x-cache
Hit from cloudfront
content-length
59800
access-control-allow-origin
*
last-modified
Wed, 16 Dec 2020 15:53:26 GMT
etag
"e84a105a276cfecf4b45f77c9e4a6030"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 dea2813e25126efeee924db05c094a40.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
1AH40SQFt3LDljcBVdL2f-TVF7d4bcMIzYFSyyBkD_uri9xCCeU9YQ==
OITBo2uSvya.js
fast.conpass.io/ 		1 MB
275 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.conpass.io/OITBo2uSvya.js
Requested by
Host: pdv-amazontuor.guichepass.com.br
URL: https://pdv-amazontuor.guichepass.com.br/app.6c32653970ce74706b41.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:8edf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b7db36a6cdbf64cb99d23d700b0713ceb2bf4a84d33282aea4a205887a5bcfe2

Request headers

Referer
https://pdv-amazontuor.guichepass.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 21:38:43 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XEX%2F63LrW4f4Uy%2Favqqjh524I1N3Q4oPE2YSxd3eDQVrFsU7OPPhzh5xclrDcndXsKVeg2BxSKf1zzBkze2iOoo7TOyYvJF6RYfF8Ka3BWQ5UuZksOCn8Hq0c%2Bg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cf-ray
604c830a4ae3bee2-FRA
cf-request-id
0723b03a6b0000bee2363fd000000001
loading_v2.gif
pdv-amazontuor.guichepass.com.br/assets/img/ 		115 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pdv-amazontuor.guichepass.com.br/assets/img/loading_v2.gif
Requested by
Host: pdv-amazontuor.guichepass.com.br
URL: https://pdv-amazontuor.guichepass.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.198.51.13 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
13.51.198.35.bc.googleusercontent.com
Software
nginx/1.15.8 /
Resource Hash
9baf05e7de7a1738f93791752129cefbc4913764766a9700296b67dd29f4f53e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://pdv-amazontuor.guichepass.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 21:38:42 GMT
last-modified
Mon, 14 Dec 2020 14:56:36 GMT
server
nginx/1.15.8
etag
"5fd77d24-1cd6f"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/gif
accept-ranges
bytes
content-length
118127
flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v70/ 		96 KB
97 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v70/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47663194d7d38716a59e702f42a8494d099a24a8f84ad940e0db38938c8a4956
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://pdv-amazontuor.guichepass.com.br
Referer
https://fonts.googleapis.com/icon?family=Material+Icons
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Dec 2020 04:05:39 GMT
x-content-type-options
nosniff
last-modified
Thu, 17 Dec 2020 02:35:37 GMT
server
sffe
age
235983
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98812
x-xss-protection
0
expires
Sat, 18 Dec 2021 04:05:39 GMT
chunk-0bdce9d3.126898ce.js
pdv-amazontuor.guichepass.com.br/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pdv-amazontuor.guichepass.com.br/js/chunk-0bdce9d3.126898ce.js
Requested by
Host: pdv-amazontuor.guichepass.com.br
URL: https://pdv-amazontuor.guichepass.com.br/app.6c32653970ce74706b41.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.198.51.13 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
13.51.198.35.bc.googleusercontent.com
Software
nginx/1.15.8 /
Resource Hash
1a638aabd20953a4d8e1ac63aaf6c994521c9f11046f76aa03d7542a547c3240
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://pdv-amazontuor.guichepass.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 21:38:43 GMT
content-encoding
gzip
last-modified
Mon, 14 Dec 2020 14:56:36 GMT
server
nginx/1.15.8
etag
W/"5fd77d24-1473"
vary
Accept-Encoding
content-type
application/javascript
strict-transport-security
max-age=15724800; includeSubDomains
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame C63F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1161357.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.50.90 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-50-90.ham50.r.cloudfront.net
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pdv-amazontuor.guichepass.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://pdv-amazontuor.guichepass.com.br/

Response headers

content-type
text/html
content-length
851
date
Mon, 23 Nov 2020 17:01:03 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified
Mon, 23 Nov 2020 15:41:01 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 91f22b7bc376e5af9531f3690bd2d5d3.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C2
x-amz-cf-id
TuP-zfeZ8TlENdpcmfJwEOrSvssYFmB42viaOqMvAkQfp7wW6-EjyA==
age
2349460
visit-data
in.hotjar.com/api/v2/client/sites/1161357/ 		178 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/1161357/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.5d1cad31427a09b055ed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.57.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-57-208.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd

Request headers

Referer
https://pdv-amazontuor.guichepass.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 20 Dec 2020 21:38:43 GMT
content-encoding
br
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
1161357
vc.hotjar.io/sessions/ 		0
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/1161357?s=0.25&r=0.002294496335777829
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.5d1cad31427a09b055ed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.206.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-206-79.ham50.r.cloudfront.net
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pdv-amazontuor.guichepass.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 21:38:43 GMT
via
1.1 c25a7e7126dfc9a3b0a377e34949f435.cloudfront.net (CloudFront)
server
Python/3.7 aiohttp/3.5.4
x-amz-cf-pop
HAM50-C3
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
NrS2KmIWHg4c3njR0iwrvHuuUdzIKNOeSi2HWw5nkbz0uJL2vranlw==
logo-gpass.png
pdv-amazontuor.guichepass.com.br/assets/img/ 		130 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pdv-amazontuor.guichepass.com.br/assets/img/logo-gpass.png
Requested by
Host: pdv-amazontuor.guichepass.com.br
URL: https://pdv-amazontuor.guichepass.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.198.51.13 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
13.51.198.35.bc.googleusercontent.com
Software
nginx/1.15.8 /
Resource Hash
5d6a68027c5c6c30671e263ebd5ae0ab3bfcc54e52a31131af7ea2c0bf638718
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://pdv-amazontuor.guichepass.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 21:38:43 GMT
last-modified
Mon, 14 Dec 2020 14:56:36 GMT
server
nginx/1.15.8
etag
"5fd77d24-208e2"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/png
accept-ranges
bytes
content-length
133346
shim.latest.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/ayfuqagn
  • https://js.intercomcdn.com/shim.latest.js
12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.240.110 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-240-110.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0acecc6a554176c11fe821dfa5ebbe234cc229c5e372c1d5d5d7365ab9f9a11d

Request headers

Referer
https://pdv-amazontuor.guichepass.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sun, 20 Dec 2020 21:34:51 GMT
content-encoding
gzip
last-modified
Thu, 17 Dec 2020 16:21:26 GMT
server
AmazonS3
age
234
etag
"bad442725154dc11de51f32818aaf7c2"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 ecaa40073bdefd3aeab35205d96e7782.cloudfront.net (CloudFront)
cache-control
max-age=300, s-maxage=300, public
x-amz-cf-pop
AMS50-C1
accept-ranges
bytes
content-length
4396
x-amz-cf-id
SKmlcGfMRQwJYPuRSwCT_a3Dx2YaBnzUtq40OwnJwQqjPdgcSxe3gQ==

Redirect headers

date
Sat, 28 Nov 2020 10:37:34 GMT
via
1.1 fc8f1559bec15e56ec52376ce42c7d90.cloudfront.net (CloudFront)
server
AmazonS3
age
1940471
x-cache
Hit from cloudfront
location
https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop
AMS50-C1
content-length
0
x-amz-cf-id
yZ5KyUKqTcucW33FO3vzKLCOdY7pJIJtixcWFtLG5lkWOt937A0gtg==
frame-modern.3651b008.js
js.intercomcdn.com/ Frame C1C3 		243 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.3651b008.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/ayfuqagn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.240.110 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-240-110.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89aa4a1f3078b5ac8ca91b5cc2b7f1b95e30c2f2a7e2157bc5913bb19070d484

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sun, 20 Dec 2020 20:21:29 GMT
content-encoding
gzip
last-modified
Thu, 17 Dec 2020 16:13:07 GMT
server
AmazonS3
age
4636
etag
"b4bd446918faa405c37c694252d1dc33"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 ecaa40073bdefd3aeab35205d96e7782.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
AMS50-C1
accept-ranges
bytes
content-length
67105
x-amz-cf-id
uc6DkNSV52JeYNVrNJbCgDgw38RQPmY1TIM6x9CHEbxqbqbt1uIEIQ==
vendor-modern.9d1078c3.js
js.intercomcdn.com/ Frame C1C3 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.9d1078c3.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/ayfuqagn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.240.110 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-240-110.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
848c5de83cc5769619fb12455772acca45887021ab6fdc7b5c88f36a31ff0946

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sun, 20 Dec 2020 20:09:10 GMT
content-encoding
gzip
last-modified
Fri, 18 Dec 2020 14:22:27 GMT
server
AmazonS3
age
5375
etag
"9b5b470a28e38dff426854ef00fb72e0"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 ecaa40073bdefd3aeab35205d96e7782.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
AMS50-C1
accept-ranges
bytes
content-length
38314
x-amz-cf-id
X-1pRJE1b-aepYx8pcswTPP-3sk5LLqqiUbWFGT5C2TBOBYq_2SmbA==

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| hj object| _hjSettings object| CONFIG object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| webpackJsonp object| __core-js_shared__ object| core function| Hammer function| setImmediate function| clearImmediate object| regeneratorRuntime function| Intercom string| cpt string| cppt object| cpdata object| IntlPolyfill object| device object| scCGSHMRCache number| 2f1acc6c3a606b082e5eef5e54414ffb object| Conpass function| parcelRequire function| __intercomAssignLocation

7 Cookies

Domain/Path Name / Value
pdv-amazontuor.guichepass.com.br/ Name: _hjIncludedInSessionSample
Value: 1
.guichepass.com.br/ Name: _hjAbsoluteSessionInProgress
Value: 1
.guichepass.com.br/ Name: _hjTLDTest
Value: 1
pdv-amazontuor.guichepass.com.br/ Name: amplitude_idundefined
Value: eyJkZXZpY2VJZCI6IjdjODBhZWI4LWJmZTUtNGY5Ny1hYmIwLWQwZWJkMTJjODIxYlIiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6bnVsbCwibGFzdEV2ZW50VGltZSI6bnVsbCwiZXZlbnRJZCI6MCwiaWRlbnRpZnlJZCI6MCwic2VxdWVuY2VOdW1iZXIiOjB9
.guichepass.com.br/ Name: _hjFirstSeen
Value: 1
pdv-amazontuor.guichepass.com.br/ Name: _hjIncludedInPageviewSample
Value: 1
.guichepass.com.br/ Name: _hjid
Value: c42a6b26-be76-4931-ad00-dda5e802b8db

1 Console Messages

Source Level URL
Text
console-api log URL: https://pdv-amazontuor.guichepass.com.br/js/chunk-vendors.6f5c7050.js(Line 459)
Message:
[Amplitude] Invalid apiKey. Please set a valid apiKey with init() before calling logEvent()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fast.conpass.io
fonts.googleapis.com
fonts.gstatic.com
in.hotjar.com
js.intercomcdn.com
pdv-amazontuor.guichepass.com.br
script.hotjar.com
static.hotjar.com
vars.hotjar.com
vc.hotjar.io
widget.intercom.io
13.32.240.110
13.32.240.46
2606:4700:3032::681b:8edf
2a00:1450:4001:802::200a
2a00:1450:4001:818::200a
2a00:1450:4001:81e::2003
35.198.51.13
52.208.57.208
52.84.50.127
52.84.50.90
54.230.206.101
54.230.206.79
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
0acecc6a554176c11fe821dfa5ebbe234cc229c5e372c1d5d5d7365ab9f9a11d
1a638aabd20953a4d8e1ac63aaf6c994521c9f11046f76aa03d7542a547c3240
1f9c2bb827336efcc97e380718d9cc03ef00a6b2d328774c4951417ac68c791d
2f7d25275cf9ccb802154e572bc808e3c4533bc2004ccb65f4ccf35fc22b0a58
3bab90335837b0878fc05a0cb4605e78f1479d61cefb0653f7b448eac171ebbe
47663194d7d38716a59e702f42a8494d099a24a8f84ad940e0db38938c8a4956
5d6a68027c5c6c30671e263ebd5ae0ab3bfcc54e52a31131af7ea2c0bf638718
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd
83a9cdd138044b5d283a79fe0ca1b6a7b9dbe2009973a1ebe575492c8d1e8716
848c5de83cc5769619fb12455772acca45887021ab6fdc7b5c88f36a31ff0946
89aa4a1f3078b5ac8ca91b5cc2b7f1b95e30c2f2a7e2157bc5913bb19070d484
9baf05e7de7a1738f93791752129cefbc4913764766a9700296b67dd29f4f53e
9c7e9269ed5cf1d033dac20feb2aef434996fb8f025691a0ed4b5df5100028cb
b7db36a6cdbf64cb99d23d700b0713ceb2bf4a84d33282aea4a205887a5bcfe2
b9eb5c1665cc666d27850025346e748a1142e31344304ee68ba75070652ab654
cf7a2b3976c3af63dc2bca70cc5625a26341f19b1ccd484feddf076df895ed58
dea377c8d5b88edba6462000c38b6da11a08f2c63dbf5dec84534de125e30143
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1325e26a892db793d60e262c0c5521ecb285d823ec7ba69aa4631dc0bfef3cc
f85a8e56aecb9039eaf97deb22981a35bab9e16f3b3675c63108a4dafc9cc41f