urlscan.io logo urlscan.io
SecurityTrails logo

www.covid19nasfavelas.meurio.org.br Open in urlscan Pro
50.19.148.209  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.covid19nasfavelas.meurio.org.br/
Submission: On March 25 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 10 domains to perform 30 HTTP transactions. The main IP is 50.19.148.209, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.covid19nasfavelas.meurio.org.br.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 23rd 2020. Valid for: 3 months.
This is the only time www.covid19nasfavelas.meurio.org.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

8    50.19.148.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-148-209.compute-1.amazonaws.com
www.covid19nasfavelas.meurio.org.br
1    2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    151.101.193.63 (United States)

ASN54113 (FASTLY, US)
assets.pagar.me
10    52.216.169.29 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    2a00:1450:4001:81b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    3.210.61.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-61-253.compute-1.amazonaws.com
api-v2.bonde.org
1    2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Domain Requested by
10 s3.amazonaws.com www.covid19nasfavelas.meurio.org.br
8 www.covid19nasfavelas.meurio.org.br www.covid19nasfavelas.meurio.org.br
3 www.google-analytics.com 1 redirects www.covid19nasfavelas.meurio.org.br
3 fonts.gstatic.com www.covid19nasfavelas.meurio.org.br
2 api-v2.bonde.org www.covid19nasfavelas.meurio.org.br
2 assets.pagar.me www.covid19nasfavelas.meurio.org.br
assets.pagar.me
1 www.google.de www.covid19nasfavelas.meurio.org.br
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 ajax.googleapis.com assets.pagar.me
1 fonts.googleapis.com www.covid19nasfavelas.meurio.org.br
30 11

This site contains links to these domains. Also see Links.

Domain
www.paypal.com
www.facebook.com
www.instagram.com
www.meurio.org.br
www.bonde.org
Subject Issuer Validity Valid
essacontanaoeminha.meurio.org.br
Let's Encrypt Authority X3		 2020-03-23 -
2020-06-21		 3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
r.ssl.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-03-10 -
2021-03-11		 a year crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2019-11-09 -
2020-12-02		 a year crt.sh
*.google.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
bonde.org
Amazon		 2019-11-05 -
2020-12-05		 a year crt.sh
www.google.de
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.covid19nasfavelas.meurio.org.br/
Frame ID: F3AAADC9C3C1891F6062CE96F29D88D1
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

30
Requests

100 %
HTTPS

64 %
IPv6

10
Domains

11
Subdomains

9
IPs

3
Countries

2172 kB
Transfer

4575 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=118602505&t=pageview&_s=1&dl=https%3A%2F%2Fwww.covid19nasfavelas.meurio.org.br%2F&dp=%2Fcovid19-nas-favelas&ul=en-us&de=UTF-8&dt=COVID19%20nas%20Favelas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=2069194118&gjid=495276227&cid=854040188.1585131947&tid=UA-26278513-30&_gid=829543642.1585131947&_r=1&z=423247806 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-26278513-30&cid=854040188.1585131947&jid=2069194118&_gid=829543642.1585131947&gjid=495276227&_v=j81&z=423247806 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-26278513-30&cid=854040188.1585131947&jid=2069194118&_v=j81&z=423247806 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-26278513-30&cid=854040188.1585131947&jid=2069194118&_v=j81&z=423247806&slf_rd=1&random=3602290921

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.covid19nasfavelas.meurio.org.br/ 		121 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.covid19nasfavelas.meurio.org.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.19.148.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-148-209.compute-1.amazonaws.com
Software
/ Next.js
Resource Hash
feede8c07ec746f3b669f0a3cbea7e64d8e6f2234053a980cc01910e9dc1fd9e

Request headers

:method
GET
:authority
www.covid19nasfavelas.meurio.org.br
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 25 Mar 2020 10:25:46 GMT
etag
"1e5b4-VDZlHFVbyA86usGrdSn6MC4WCCc"
vary
Accept-Encoding
x-powered-by
Next.js
index.js
www.covid19nasfavelas.meurio.org.br/_next/static/JMNICrAEZ0QhWwlN4yZOK/pages/ 		2 MB
458 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.covid19nasfavelas.meurio.org.br/_next/static/JMNICrAEZ0QhWwlN4yZOK/pages/index.js
Requested by
Host: www.covid19nasfavelas.meurio.org.br
URL: https://www.covid19nasfavelas.meurio.org.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.19.148.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-148-209.compute-1.amazonaws.com
Software
/
Resource Hash
88ed1d0af79277d6c4e096fd9b445bc342a4eccce2195ec3357dcb35d6a8f4ab

Request headers

Referer
https://www.covid19nasfavelas.meurio.org.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 25 Mar 2020 10:25:46 GMT
content-encoding
gzip
last-modified
Fri, 24 Jan 2020 13:46:31 GMT
etag
W/"1a1980-16fd7cdded8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
_app.js
www.covid19nasfavelas.meurio.org.br/_next/static/JMNICrAEZ0QhWwlN4yZOK/pages/ 		92 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.covid19nasfavelas.meurio.org.br/_next/static/JMNICrAEZ0QhWwlN4yZOK/pages/_app.js
Requested by
Host: www.covid19nasfavelas.meurio.org.br
URL: https://www.covid19nasfavelas.meurio.org.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.19.148.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-148-209.compute-1.amazonaws.com
Software
/
Resource Hash
b50f75eb25b9272d0b4a6c2db0650942e3cfaf425973dbc8b7f73b23c88e106c

Request headers

Referer
https://www.covid19nasfavelas.meurio.org.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 25 Mar 2020 10:25:46 GMT
content-encoding
gzip
last-modified
Fri, 24 Jan 2020 13:46:31 GMT
etag
W/"16edf-16fd7cdded8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
webpack-f5e50b6b501ccea2a79b.js
www.covid19nasfavelas.meurio.org.br/_next/static/runtime/ 		1 KB
795 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.covid19nasfavelas.meurio.org.br/_next/static/runtime/webpack-f5e50b6b501ccea2a79b.js
Requested by
Host: www.covid19nasfavelas.meurio.org.br
URL: https://www.covid19nasfavelas.meurio.org.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.19.148.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-148-209.compute-1.amazonaws.com
Software
/
Resource Hash
030c36a45bec95b2bdef69c1eaa95991f5fb77683ef764e5e6efd3d0826775c5

Request headers

Referer
https://www.covid19nasfavelas.meurio.org.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 25 Mar 2020 10:25:46 GMT
content-encoding
gzip
last-modified
Fri, 24 Jan 2020 13:46:31 GMT
etag
W/"5d0-16fd7cdded8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-length
747
commons.34a43df45c340528b5e4.js
www.covid19nasfavelas.meurio.org.br/_next/static/chunks/ 		635 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.covid19nasfavelas.meurio.org.br/_next/static/chunks/commons.34a43df45c340528b5e4.js
Requested by
Host: www.covid19nasfavelas.meurio.org.br
URL: https://www.covid19nasfavelas.meurio.org.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.19.148.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-148-209.compute-1.amazonaws.com
Software
/
Resource Hash
7ff1f0cdff51e99548d3e50122f49ccebcce28f4390b56d98f91941a1d2ea298

Request headers

Referer
https://www.covid19nasfavelas.meurio.org.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 25 Mar 2020 10:25:46 GMT
content-encoding
gzip
last-modified
Fri, 24 Jan 2020 13:46:31 GMT
etag
W/"9edac-16fd7cdded8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
styles.c0066989aa6318a05864.js
www.covid19nasfavelas.meurio.org.br/_next/static/chunks/ 		716 B
364 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.covid19nasfavelas.meurio.org.br/_next/static/chunks/styles.c0066989aa6318a05864.js
Requested by
Host: www.covid19nasfavelas.meurio.org.br
URL: https://www.covid19nasfavelas.meurio.org.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.19.148.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-148-209.compute-1.amazonaws.com
Software
/
Resource Hash
209462633e3a04bac8fdf2c1462ace4283a6b0394b531b726109ab927afe1c52

Request headers

Referer
https://www.covid19nasfavelas.meurio.org.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 25 Mar 2020 10:25:46 GMT
content-encoding
gzip
last-modified
Fri, 24 Jan 2020 13:46:31 GMT
etag
W/"2cc-16fd7cdded8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-length
233
main-4c63b4df9b79897ff921.js
www.covid19nasfavelas.meurio.org.br/_next/static/runtime/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.covid19nasfavelas.meurio.org.br/_next/static/runtime/main-4c63b4df9b79897ff921.js
Requested by
Host: www.covid19nasfavelas.meurio.org.br
URL: https://www.covid19nasfavelas.meurio.org.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.19.148.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-148-209.compute-1.amazonaws.com
Software
/
Resource Hash
982fda8cd56b3ce7324ec37784ab07e97e170e4d264ab8fc77977a40e153edac

Request headers

Referer
https://www.covid19nasfavelas.meurio.org.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 25 Mar 2020 10:25:46 GMT
content-encoding
gzip
last-modified
Fri, 24 Jan 2020 13:46:31 GMT
etag
W/"362c-16fd7cdded8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
css
fonts.googleapis.com/ 		227 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Abel|Anton|Archivo+Narrow:400,400i,700,700i|Arvo:400,400i,700,700i|Asap:400,400i,700,700i|Baloo+Bhai|Bitter:400,400i,700|Bree+Serif|Cabin:400,400i,700,700i|Catamaran:400,700|Crimson+Text:400,400i,700,700i|Cuprum:400,400i,700,700i|David+Libre:400,700|Dosis:400,700|Droid+Sans:400,700|Exo+2:400,400i,700,700i|Exo:400,400i,700,700i|Fira+Sans:400,400i,700,700i|Fjalla+One|Francois+One|Gidugu|Hind:400,700|Inconsolata:400,700|Indie+Flower|Josefin+Sans:400,400i,700,700i|Karla:400,400i,700,700i|Lalezar|Lato:400,400i,700,700i|Libre+Baskerville:400,400i,700|Lobster|Lora:400,400i,700,700i|Merriweather+Sans:400,400i,700,700i|Montserrat:400,700|Muli:400,400i|Noto+Serif:400,400i,700,700i|Nunito:400,700|Open+Sans+Condensed:300,300i,700|Open+Sans:400,400i,700,700i|Oswald:400,700|Oxygen:400,700|PT+Sans:400,400i,700,700i|PT+Serif:400,400i,700,700i|Pacifico|Playfair+Display:400,400i,700,700i|Poiret+One|Poppins:400,700|Quicksand:400,700|Raleway:400,400i,700,700i|Roboto+Condensed:400,400i,700,700i|Roboto+Mono:400,400i,700,700i|Roboto+Slab:400,700|Roboto:400,400i,700,700i|Ruslan+Display|Signika:400,700|Slabo+27px|Source+Sans+Pro:200,300,400,700|Titillium+Web:400,400i,700,700i|Ubuntu+Condensed|Ubuntu:400,400i,700,700i|Varela+Round|Yanone+Kaffeesatz:400,700
Requested by
Host: www.covid19nasfavelas.meurio.org.br
URL: https://www.covid19nasfavelas.meurio.org.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
52eb055bafcf269d5261aa72c0ef31499fe0f7e37091e8838f099a89027cb144
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.covid19nasfavelas.meurio.org.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 25 Mar 2020 10:25:46 GMT
server
ESF
date
Wed, 25 Mar 2020 10:25:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 25 Mar 2020 10:25:46 GMT
checkout.js
assets.pagar.me/checkout/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pagar.me/checkout/checkout.js
Requested by
Host: www.covid19nasfavelas.meurio.org.br
URL: https://www.covid19nasfavelas.meurio.org.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.63 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
abecd50753b1b10775c1d45c67450610ec285df00e1f20b88ab4c46ec9d63288

Request headers

Referer
https://www.covid19nasfavelas.meurio.org.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 25 Mar 2020 10:25:46 GMT
content-encoding
gzip
age
6187
x-cache
HIT, HIT
status
200
content-length
2870
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sea4425-SEA, cache-ams21069-AMS
last-modified
Wed, 16 Oct 2019 20:09:35 GMT
server
nginx
etag
"5da778ff-1b29"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
3, 1
styles.bc89bb7a.chunk.css
www.covid19nasfavelas.meurio.org.br/_next/static/css/ 		467 KB
228 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.covid19nasfavelas.meurio.org.br/_next/static/css/styles.bc89bb7a.chunk.css
Requested by
Host: www.covid19nasfavelas.meurio.org.br
URL: https://www.covid19nasfavelas.meurio.org.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.19.148.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-148-209.compute-1.amazonaws.com
Software
/
Resource Hash
bfa510518b850af79b4915dbd4018f16a6d871c6953606e7c37daf2a4d97bd87

Request headers

Referer
https://www.covid19nasfavelas.meurio.org.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 25 Mar 2020 10:25:46 GMT
content-encoding
gzip
last-modified
Fri, 24 Jan 2020 13:46:31 GMT
etag
W/"74ac5-16fd7cdded8"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
status
200
cache-control
public, max-age=0
accept-ranges
bytes
1584991735_logo1.png
s3.amazonaws.com/hub-central/uploads/ 		90 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/hub-central/uploads/1584991735_logo1.png
Requested by
Host: www.covid19nasfavelas.meurio.org.br
URL: https://www.covid19nasfavelas.meurio.org.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.169.29 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
359bfd04fd816a0ec7620b83a52e723ef6565fbe4ca0bf70d675ab3d52ae69f1

Request headers

Referer
https://www.covid19nasfavelas.meurio.org.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Wed, 25 Mar 2020 10:25:47 GMT
Last-Modified
Mon, 23 Mar 2020 19:28:59 GMT
Server
AmazonS3
x-amz-request-id
9780000962A8397F
ETag
"d937535cb62a44bfb4606b2861e72b21"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
92616
x-amz-id-2
pehjONrYtWZLRxH+L4CPjwdsj6O2dzws3/r8hfLtSe/jm5Iv+9Sp70dj/yy+ZpzZutpHrSWghX8=
1584992509_botao.png
s3.amazonaws.com/hub-central/uploads/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/hub-central/uploads/1584992509_botao.png
Requested by
Host: www.covid19nasfavelas.meurio.org.br
URL: https://www.covid19nasfavelas.meurio.org.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.169.29 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
5b0fe93237fe6d8a5b74286806edbe11968f87a12d25baf298de98219dbc3a34

Request headers

Referer
https://www.covid19nasfavelas.meurio.org.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Wed, 25 Mar 2020 10:25:47 GMT
Last-Modified
Mon, 23 Mar 2020 19:41:51 GMT
Server
AmazonS3
x-amz-request-id
E7864C9341ED7EB5
ETag
"0f6a3f5ba41b9e8270e13b69229e0804"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
8564
x-amz-id-2
f6biAiqM+yD8mFu8meidWXyBR+2hIL6z31evGyvhAXPs2ATwTUcpW2yPrrYlg6ujRC0gHK2fLb4=
1585005369_coletivofalaakari.png
s3.amazonaws.com/hub-central/uploads/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/hub-central/uploads/1585005369_coletivofalaakari.png
Requested by
Host: www.covid19nasfavelas.meurio.org.br
URL: https://www.covid19nasfavelas.meurio.org.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.169.29 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
25e02c62ea6a89f9d7ae42648016e9ed49eadb3565400c0a55e92a71f3794cfa

Request headers

Referer
https://www.covid19nasfavelas.meurio.org.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Wed, 25 Mar 2020 10:25:47 GMT
Last-Modified
Mon, 23 Mar 2020 23:16:11 GMT
Server
AmazonS3
x-amz-request-id
8F3E1AF7486AF02A
ETag
"8c98b3c6afe26e6a3b2e0ce564eacae4"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
4839
x-amz-id-2
CU5lQK1lUKVpkGMY7vOa0kKZaOynU63eVP1Ir+ZBobtO66VMSKAfgQnmCC+jI2xJbcMIyJXkziU=
1585005399_conexaofavelaearte.png
s3.amazonaws.com/hub-central/uploads/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/hub-central/uploads/1585005399_conexaofavelaearte.png
Requested by
Host: www.covid19nasfavelas.meurio.org.br
URL: https://www.covid19nasfavelas.meurio.org.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.169.29 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
233876efed7db82e2f8802cc62fcb9ba419524788a69b3aa07d01da434443c96

Request headers

Referer
https://www.covid19nasfavelas.meurio.org.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Wed, 25 Mar 2020 10:25:47 GMT
Last-Modified
Mon, 23 Mar 2020 23:16:42 GMT
Server
AmazonS3
x-amz-request-id
FF161755132ABDC3
ETag
"7abfd239246587d839850833e856c0e0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
27468
x-amz-id-2
brms0NFuEZk2CsqGKO7aN2hCJNILkTf90izeClbN2EeCEMeX1PdJCdesAQ0iIVZ37GQW77qxy4Q=
1585006955_base.png
s3.amazonaws.com/hub-central/uploads/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/hub-central/uploads/1585006955_base.png
Requested by
Host: www.covid19nasfavelas.meurio.org.br
URL: https://www.covid19nasfavelas.meurio.org.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.169.29 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
f64b237e412a681349a8dc5a8cf52eedefa3a9a542d869c288354d6d60d763d2

Request headers

Referer
https://www.covid19nasfavelas.meurio.org.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Wed, 25 Mar 2020 10:25:47 GMT
Last-Modified
Mon, 23 Mar 2020 23:42:37 GMT
Server
AmazonS3
x-amz-request-id
1D67B30368C2AC9A
ETag
"6e91271d4ba90a3fb127b0867a687e26"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
4529
x-amz-id-2
Qd8bFg2049hfxNAFDM/R0uQvH8JxK8sIQToxLNBo2+sqQjItE8LrTgxKUYf3EpmjM7t9YSha2Os=
1585006973_mare0800.png
s3.amazonaws.com/hub-central/uploads/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/hub-central/uploads/1585006973_mare0800.png
Requested by
Host: www.covid19nasfavelas.meurio.org.br
URL: https://www.covid19nasfavelas.meurio.org.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.169.29 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7c2d7c86bb4d0d3fe651beede43c7f76ca589ae9f69d1797b0d9a8a0f79fe20a

Request headers

Referer
https://www.covid19nasfavelas.meurio.org.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Wed, 25 Mar 2020 10:25:47 GMT
Last-Modified
Mon, 23 Mar 2020 23:42:56 GMT
Server
AmazonS3
x-amz-request-id
72E976259E6BDE8D
ETag
"e478eb4baae1cce2a710c743db19b422"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
12946
x-amz-id-2
nQqEN8VfvPBV/OctNLZC3+yzjqd0s5ScUVD3J3MZd5HKFJF7j2rjlJKiLfztGGMH50WtBOh9kzQ=
1585059760_paporeto.png
s3.amazonaws.com/hub-central/uploads/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/hub-central/uploads/1585059760_paporeto.png
Requested by
Host: www.covid19nasfavelas.meurio.org.br
URL: https://www.covid19nasfavelas.meurio.org.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.169.29 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e259a03ac5852e6369b018ec436b237a087cd40f92e24b9330b1d80b8f7a55c5

Request headers

Referer
https://www.covid19nasfavelas.meurio.org.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Wed, 25 Mar 2020 10:25:47 GMT
Last-Modified
Tue, 24 Mar 2020 14:22:45 GMT
Server
AmazonS3
x-amz-request-id
70A093BFD81A5D69
ETag
"04a9d0011a17846f9d4943b0ffe207de"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
7718
x-amz-id-2
bK+4jL5Fiq3XVLgxcigd6j7PYZ0VuXHuK9RAOR1V7HADfXgRTTgnXQnNRa/kak96i8Meg3UZyaw=
1585007158_movimentacaxias.png
s3.amazonaws.com/hub-central/uploads/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/hub-central/uploads/1585007158_movimentacaxias.png
Requested by
Host: www.covid19nasfavelas.meurio.org.br
URL: https://www.covid19nasfavelas.meurio.org.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.169.29 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
99bf5684af6540e62d1a7f14033b43f8c81a38a2d7207bf1fa1a08eefc5d396a

Request headers

Referer
https://www.covid19nasfavelas.meurio.org.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Wed, 25 Mar 2020 10:25:47 GMT
Last-Modified
Mon, 23 Mar 2020 23:46:00 GMT
Server
AmazonS3
x-amz-request-id
E0F903FDF3B11FFB
ETag
"d6431baa07575bb998f3dc6fd8395651"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
22340
x-amz-id-2
jJRLYVe3FpNPcPhaFpM6ly+ZSA+jOUYgEuUiO54kSGseiKw+M8gK+d3mq5TkvwX6DSuD1nNdLvY=
1585058620_meurio.png
s3.amazonaws.com/hub-central/uploads/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/hub-central/uploads/1585058620_meurio.png
Requested by
Host: www.covid19nasfavelas.meurio.org.br
URL: https://www.covid19nasfavelas.meurio.org.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.169.29 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
817004b2a92074bb25a05c1e7145de3b375ef68b1857ac21c26a2e387439ca23

Request headers

Referer
https://www.covid19nasfavelas.meurio.org.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Wed, 25 Mar 2020 10:25:47 GMT
Last-Modified
Tue, 24 Mar 2020 14:03:42 GMT
Server
AmazonS3
x-amz-request-id
A0D0DE913CAB1799
ETag
"fde4c6f1b720bea9b54f478e99aee4c0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
8023
x-amz-id-2
vyj0QnbXdbmTXOwveuSfRLHD1nPMuLtAYZY4/hiNLyijDoCGCiOUbTOcQhDBJrjpHnaQshlaL+s=
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: assets.pagar.me
URL: https://assets.pagar.me/checkout/checkout.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.covid19nasfavelas.meurio.org.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 10 Mar 2020 21:31:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1256078
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
33434
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Mar 2021 21:31:08 GMT
easyXDM.js
assets.pagar.me/checkout// 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pagar.me/checkout//easyXDM.js
Requested by
Host: assets.pagar.me
URL: https://assets.pagar.me/checkout/checkout.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.63 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f73596ad8cf45ce4a6c81cb489728d0673fb509eee7d71699d93a432e4c99af5

Request headers

Referer
https://www.covid19nasfavelas.meurio.org.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 25 Mar 2020 10:25:46 GMT
content-encoding
gzip
age
4385
x-cache
HIT, HIT
status
200
content-length
6379
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sea4445-SEA, cache-ams21069-AMS
last-modified
Wed, 16 Oct 2019 20:09:31 GMT
server
nginx
etag
"5da778fb-45ca"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
1, 1
1584991802_fundo.png
s3.amazonaws.com/hub-central/uploads/ 		960 KB
961 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/hub-central/uploads/1584991802_fundo.png
Requested by
Host: www.covid19nasfavelas.meurio.org.br
URL: https://www.covid19nasfavelas.meurio.org.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.169.29 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
cb1530ddbfe94a833f8d86b203261682cdf530a868e4b4ee0bb4ec4791e92dbd

Request headers

Referer
https://www.covid19nasfavelas.meurio.org.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Wed, 25 Mar 2020 10:25:47 GMT
Last-Modified
Mon, 23 Mar 2020 19:30:10 GMT
Server
AmazonS3
x-amz-request-id
6192362D6BD8DED3
ETag
"0cbae8c1fb7eb7517693f296621ba05c"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
983488
x-amz-id-2
3biGZmxXO8+RudpP9FosAUvVCgjw0UsL9Ona1kXdAzBgzGyE+GCq2EcvLV8g8ZN8urXesVfZoCw=
4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2
fonts.gstatic.com/s/ubuntu/v14/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v14/4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2
Requested by
Host: www.covid19nasfavelas.meurio.org.br
URL: https://www.covid19nasfavelas.meurio.org.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
251e8e864140d9a7ceacce3371ff692595dd0a455ad000de4041d8a313618bd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Abel|Anton|Archivo+Narrow:400,400i,700,700i|Arvo:400,400i,700,700i|Asap:400,400i,700,700i|Baloo+Bhai|Bitter:400,400i,700|Bree+Serif|Cabin:400,400i,700,700i|Catamaran:400,700|Crimson+Text:400,400i,700,700i|Cuprum:400,400i,700,700i|David+Libre:400,700|Dosis:400,700|Droid+Sans:400,700|Exo+2:400,400i,700,700i|Exo:400,400i,700,700i|Fira+Sans:400,400i,700,700i|Fjalla+One|Francois+One|Gidugu|Hind:400,700|Inconsolata:400,700|Indie+Flower|Josefin+Sans:400,400i,700,700i|Karla:400,400i,700,700i|Lalezar|Lato:400,400i,700,700i|Libre+Baskerville:400,400i,700|Lobster|Lora:400,400i,700,700i|Merriweather+Sans:400,400i,700,700i|Montserrat:400,700|Muli:400,400i|Noto+Serif:400,400i,700,700i|Nunito:400,700|Open+Sans+Condensed:300,300i,700|Open+Sans:400,400i,700,700i|Oswald:400,700|Oxygen:400,700|PT+Sans:400,400i,700,700i|PT+Serif:400,400i,700,700i|Pacifico|Playfair+Display:400,400i,700,700i|Poiret+One|Poppins:400,700|Quicksand:400,700|Raleway:400,400i,700,700i|Roboto+Condensed:400,400i,700,700i|Roboto+Mono:400,400i,700,700i|Roboto+Slab:400,700|Roboto:400,400i,700,700i|Ruslan+Display|Signika:400,700|Slabo+27px|Source+Sans+Pro:200,300,400,700|Titillium+Web:400,400i,700,700i|Ubuntu+Condensed|Ubuntu:400,400i,700,700i|Varela+Round|Yanone+Kaffeesatz:400,700
Origin
https://www.covid19nasfavelas.meurio.org.br
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Feb 2020 03:01:08 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:17:48 GMT
server
sffe
age
2532278
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14096
x-xss-protection
0
expires
Wed, 24 Feb 2021 03:01:08 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v13/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
Requested by
Host: www.covid19nasfavelas.meurio.org.br
URL: https://www.covid19nasfavelas.meurio.org.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
487f2e9da2ff0740755a5ef01dc15a2888b89537795895203a831b13b199d8bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Abel|Anton|Archivo+Narrow:400,400i,700,700i|Arvo:400,400i,700,700i|Asap:400,400i,700,700i|Baloo+Bhai|Bitter:400,400i,700|Bree+Serif|Cabin:400,400i,700,700i|Catamaran:400,700|Crimson+Text:400,400i,700,700i|Cuprum:400,400i,700,700i|David+Libre:400,700|Dosis:400,700|Droid+Sans:400,700|Exo+2:400,400i,700,700i|Exo:400,400i,700,700i|Fira+Sans:400,400i,700,700i|Fjalla+One|Francois+One|Gidugu|Hind:400,700|Inconsolata:400,700|Indie+Flower|Josefin+Sans:400,400i,700,700i|Karla:400,400i,700,700i|Lalezar|Lato:400,400i,700,700i|Libre+Baskerville:400,400i,700|Lobster|Lora:400,400i,700,700i|Merriweather+Sans:400,400i,700,700i|Montserrat:400,700|Muli:400,400i|Noto+Serif:400,400i,700,700i|Nunito:400,700|Open+Sans+Condensed:300,300i,700|Open+Sans:400,400i,700,700i|Oswald:400,700|Oxygen:400,700|PT+Sans:400,400i,700,700i|PT+Serif:400,400i,700,700i|Pacifico|Playfair+Display:400,400i,700,700i|Poiret+One|Poppins:400,700|Quicksand:400,700|Raleway:400,400i,700,700i|Roboto+Condensed:400,400i,700,700i|Roboto+Mono:400,400i,700,700i|Roboto+Slab:400,700|Roboto:400,400i,700,700i|Ruslan+Display|Signika:400,700|Slabo+27px|Source+Sans+Pro:200,300,400,700|Titillium+Web:400,400i,700,700i|Ubuntu+Condensed|Ubuntu:400,400i,700,700i|Varela+Round|Yanone+Kaffeesatz:400,700
Origin
https://www.covid19nasfavelas.meurio.org.br
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 10 Mar 2020 17:19:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:17 GMT
server
sffe
age
1271201
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
12976
x-xss-protection
0
expires
Wed, 10 Mar 2021 17:19:05 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v13/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
Requested by
Host: www.covid19nasfavelas.meurio.org.br
URL: https://www.covid19nasfavelas.meurio.org.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Abel|Anton|Archivo+Narrow:400,400i,700,700i|Arvo:400,400i,700,700i|Asap:400,400i,700,700i|Baloo+Bhai|Bitter:400,400i,700|Bree+Serif|Cabin:400,400i,700,700i|Catamaran:400,700|Crimson+Text:400,400i,700,700i|Cuprum:400,400i,700,700i|David+Libre:400,700|Dosis:400,700|Droid+Sans:400,700|Exo+2:400,400i,700,700i|Exo:400,400i,700,700i|Fira+Sans:400,400i,700,700i|Fjalla+One|Francois+One|Gidugu|Hind:400,700|Inconsolata:400,700|Indie+Flower|Josefin+Sans:400,400i,700,700i|Karla:400,400i,700,700i|Lalezar|Lato:400,400i,700,700i|Libre+Baskerville:400,400i,700|Lobster|Lora:400,400i,700,700i|Merriweather+Sans:400,400i,700,700i|Montserrat:400,700|Muli:400,400i|Noto+Serif:400,400i,700,700i|Nunito:400,700|Open+Sans+Condensed:300,300i,700|Open+Sans:400,400i,700,700i|Oswald:400,700|Oxygen:400,700|PT+Sans:400,400i,700,700i|PT+Serif:400,400i,700,700i|Pacifico|Playfair+Display:400,400i,700,700i|Poiret+One|Poppins:400,700|Quicksand:400,700|Raleway:400,400i,700,700i|Roboto+Condensed:400,400i,700,700i|Roboto+Mono:400,400i,700,700i|Roboto+Slab:400,700|Roboto:400,400i,700,700i|Ruslan+Display|Signika:400,700|Slabo+27px|Source+Sans+Pro:200,300,400,700|Titillium+Web:400,400i,700,700i|Ubuntu+Condensed|Ubuntu:400,400i,700,700i|Varela+Round|Yanone+Kaffeesatz:400,700
Origin
https://www.covid19nasfavelas.meurio.org.br
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 27 Feb 2020 11:27:08 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:19 GMT
server
sffe
age
2329118
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13324
x-xss-protection
0
expires
Fri, 26 Feb 2021 11:27:08 GMT
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.covid19nasfavelas.meurio.org.br
URL: https://www.covid19nasfavelas.meurio.org.br/_next/static/JMNICrAEZ0QhWwlN4yZOK/pages/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.covid19nasfavelas.meurio.org.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
6432
date
Wed, 25 Mar 2020 08:38:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Wed, 25 Mar 2020 10:38:35 GMT
graphql
api-v2.bonde.org/ 		0
308 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-v2.bonde.org/graphql
Requested by
Host: www.covid19nasfavelas.meurio.org.br
URL: https://www.covid19nasfavelas.meurio.org.br/_next/static/chunks/commons.34a43df45c340528b5e4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.61.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-61-253.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.covid19nasfavelas.meurio.org.br
Referer
https://www.covid19nasfavelas.meurio.org.br/
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type,x-hasura-admin-secret

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 25 Mar 2020 10:25:47 GMT
X-Powered-By
Express
Access-Control-Allow-Headers
content-type,x-hasura-admin-secret
Vary
Accept-Encoding, Access-Control-Request-Headers
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=118602505&t=pageview&_s=1&dl=https%3A%2F%2Fwww.covid19nasfavelas.meurio.org.br%2F&dp=%2Fcovid19-nas-favelas&ul=en-us&de=UTF-8&dt=COVID19%20na...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-26278513-30&cid=854040188.1585131947&jid=2069194118&_gid=829543642.1585131947&gjid=495276227&_v=j81&z=423247806
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-26278513-30&cid=854040188.1585131947&jid=2069194118&_v=j81&z=423247806
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-26278513-30&cid=854040188.1585131947&jid=2069194118&_v=j81&z=423247806&slf_rd=1&random=3602290921
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-26278513-30&cid=854040188.1585131947&jid=2069194118&_v=j81&z=423247806&slf_rd=1&random=3602290921
Requested by
Host: www.covid19nasfavelas.meurio.org.br
URL: https://www.covid19nasfavelas.meurio.org.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.covid19nasfavelas.meurio.org.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Mar 2020 10:25:47 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Mar 2020 10:25:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-26278513-30&cid=854040188.1585131947&jid=2069194118&_v=j81&z=423247806&slf_rd=1&random=3602290921
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=118602505&t=pageview&_s=2&dl=https%3A%2F%2Fwww.covid19nasfavelas.meurio.org.br%2F&dp=%2Fcovid19-nas-favelas&ul=en-us&de=UTF-8&dt=COVID19%20nas%20Favelas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=&gjid=&cid=854040188.1585131947&tid=UA-26278513-30&_gid=829543642.1585131947&z=213306257
Requested by
Host: www.covid19nasfavelas.meurio.org.br
URL: https://www.covid19nasfavelas.meurio.org.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.covid19nasfavelas.meurio.org.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Wed, 22 Jan 2020 06:17:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
5458095
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
graphql
api-v2.bonde.org/ 		140 B
605 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-v2.bonde.org/graphql
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.61.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-61-253.compute-1.amazonaws.com
Software
/
Resource Hash
2228878a4e87886c1d047343f3d95a978ff4e257df829d183d2879d093def0e6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept
*/*
x-hasura-admin-secret
segredo123
Origin
https://www.covid19nasfavelas.meurio.org.br
Referer
https://www.covid19nasfavelas.meurio.org.br/
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type
application/json

Response headers

Date
Wed, 25 Mar 2020 10:25:47 GMT
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Graphql-Event-Stream
/_postgraphile/stream
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Dns-Prefetch-Control
off
Vary
Accept-Encoding, Accept-Encoding
Content-Length
140
X-Xss-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| createTransport object| PagarMeCheckout boolean| PagarMeCheckoutLoadedRetail object| webpackJsonp undefined| easyXDM undefined| $ undefined| jQuery object| regeneratorRuntime object| __core-js_shared__ object| __NEXT_DATA__ object| __NEXT_P object| next function| _ object| __APOLLO_CLIENT__ function| setImmediate function| clearImmediate object| __NEXT_REDUX_STORE__ string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

3 Cookies

Domain/Path Name / Value
.meurio.org.br/ Name: _gat
Value: 1
.meurio.org.br/ Name: _gid
Value: GA1.3.829543642.1585131947
.meurio.org.br/ Name: _ga
Value: GA1.3.854040188.1585131947

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api-v2.bonde.org
assets.pagar.me
fonts.googleapis.com
fonts.gstatic.com
s3.amazonaws.com
stats.g.doubleclick.net
www.covid19nasfavelas.meurio.org.br
www.google-analytics.com
www.google.com
www.google.de
151.101.193.63
2a00:1450:4001:800::2003
2a00:1450:4001:800::200e
2a00:1450:4001:809::2004
2a00:1450:4001:814::2003
2a00:1450:4001:816::200a
2a00:1450:4001:81b::200a
2a00:1450:400c:c06::9a
3.210.61.253
50.19.148.209
52.216.169.29
030c36a45bec95b2bdef69c1eaa95991f5fb77683ef764e5e6efd3d0826775c5
209462633e3a04bac8fdf2c1462ace4283a6b0394b531b726109ab927afe1c52
2228878a4e87886c1d047343f3d95a978ff4e257df829d183d2879d093def0e6
233876efed7db82e2f8802cc62fcb9ba419524788a69b3aa07d01da434443c96
251e8e864140d9a7ceacce3371ff692595dd0a455ad000de4041d8a313618bd7
25e02c62ea6a89f9d7ae42648016e9ed49eadb3565400c0a55e92a71f3794cfa
359bfd04fd816a0ec7620b83a52e723ef6565fbe4ca0bf70d675ab3d52ae69f1
487f2e9da2ff0740755a5ef01dc15a2888b89537795895203a831b13b199d8bb
52eb055bafcf269d5261aa72c0ef31499fe0f7e37091e8838f099a89027cb144
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5b0fe93237fe6d8a5b74286806edbe11968f87a12d25baf298de98219dbc3a34
7c2d7c86bb4d0d3fe651beede43c7f76ca589ae9f69d1797b0d9a8a0f79fe20a
7ff1f0cdff51e99548d3e50122f49ccebcce28f4390b56d98f91941a1d2ea298
817004b2a92074bb25a05c1e7145de3b375ef68b1857ac21c26a2e387439ca23
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88ed1d0af79277d6c4e096fd9b445bc342a4eccce2195ec3357dcb35d6a8f4ab
982fda8cd56b3ce7324ec37784ab07e97e170e4d264ab8fc77977a40e153edac
99bf5684af6540e62d1a7f14033b43f8c81a38a2d7207bf1fa1a08eefc5d396a
abecd50753b1b10775c1d45c67450610ec285df00e1f20b88ab4c46ec9d63288
b50f75eb25b9272d0b4a6c2db0650942e3cfaf425973dbc8b7f73b23c88e106c
bfa510518b850af79b4915dbd4018f16a6d871c6953606e7c37daf2a4d97bd87
cb1530ddbfe94a833f8d86b203261682cdf530a868e4b4ee0bb4ec4791e92dbd
e259a03ac5852e6369b018ec436b237a087cd40f92e24b9330b1d80b8f7a55c5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f64b237e412a681349a8dc5a8cf52eedefa3a9a542d869c288354d6d60d763d2
f73596ad8cf45ce4a6c81cb489728d0673fb509eee7d71699d93a432e4c99af5
feede8c07ec746f3b669f0a3cbea7e64d8e6f2234053a980cc01910e9dc1fd9e