urlscan.io logo urlscan.io
SecurityTrails logo

estoque-daslu.xyz Open in urlscan Pro
18.231.218.193  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://estoque-daslu.xyz/
Effective URL: https://estoque-daslu.xyz/
Submission Tags: @phish_report
Submission: On October 31 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 8 domains to perform 20 HTTP transactions. The main IP is 18.231.218.193, located in São Paulo, Brazil and belongs to AMAZON-02, US. The main domain is estoque-daslu.xyz.
TLS certificate: Issued by E6 on October 25th 2024. Valid for: 3 months.
This is the only time estoque-daslu.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 18.231.218.193 16509 (AMAZON-02)
1 2a04:4e42::485 54113 (FASTLY)
2 68.183.105.160 14061 (DIGITALOC...)
3 2400:52e0:1e0... 60068 (CDN77 _)
5 2.21.20.12 20940 (AKAMAI-ASN1)
2 2600:9000:214... 16509 (AMAZON-02)
2 162.249.168.129 26548 (PUREVOLTA...)
1 104.26.13.205 13335 (CLOUDFLAR...)
1 2607:f2d8:1:3... 18450 (WEBNX)
1 177.71.243.3 16509 (AMAZON-02)
20 11
1    18.231.218.193 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-231-218-193.sa-east-1.compute.amazonaws.com
estoque-daslu.xyz
1    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    68.183.105.160 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
atendimento.walletsdigital.pro
3    2400:52e0:1e00::1076:1 (Germany)

ASN60068 (CDN77 _, GB)
fonts.bunny.net
5    2.21.20.12 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-12.deploy.static.akamaitechnologies.com
analytics.tiktok.com
2    2600:9000:214f:7200:1e:2dac:2040:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.utmify.com.br
2    162.249.168.129 (United States)

ASN26548 (PUREVOLTAGE-INC, US)
i.postimg.cc
1    104.26.13.205 (None, )

ASN13335 (CLOUDFLARENET, US)
api.ipify.org
1    2607:f2d8:1:3c::4 (United States)

ASN18450 (WEBNX, US)
api6.ipify.org
1    177.71.243.3 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-177-71-243-3.sa-east-1.compute.amazonaws.com
tracking.utmify.com.br
Apex Domain
Subdomains		 Transfer
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 817
139 KB
3 utmify.com.br
cdn.utmify.com.br — Cisco Umbrella Rank: 412306
tracking.utmify.com.br — Cisco Umbrella Rank: 521667
12 KB
3 bunny.net
fonts.bunny.net — Cisco Umbrella Rank: 10663
32 KB
2 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2041
api6.ipify.org — Cisco Umbrella Rank: 27985
377 B
2 postimg.cc
i.postimg.cc — Cisco Umbrella Rank: 17317
149 KB
2 walletsdigital.pro
atendimento.walletsdigital.pro
2 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 311
65 KB
1 estoque-daslu.xyz
estoque-daslu.xyz
253 KB
20 8
Domain Requested by
5 analytics.tiktok.com estoque-daslu.xyz
analytics.tiktok.com
3 fonts.bunny.net cdn.jsdelivr.net
fonts.bunny.net
2 i.postimg.cc
2 cdn.utmify.com.br cdn.jsdelivr.net
estoque-daslu.xyz
2 atendimento.walletsdigital.pro cdn.jsdelivr.net
1 tracking.utmify.com.br cdn.utmify.com.br
1 api6.ipify.org cdn.utmify.com.br
1 api.ipify.org cdn.utmify.com.br
1 cdn.jsdelivr.net estoque-daslu.xyz
1 estoque-daslu.xyz
20 10

This site contains no links.

Subject Issuer Validity Valid
recuperafacil.pro
E6		 2024-10-25 -
2025-01-23		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
atendimento.walletsdigital.pro
R11		 2024-10-18 -
2025-01-16		 3 months crt.sh
fonts.bunny.net
R10		 2024-10-02 -
2024-12-31		 3 months crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1		 2024-07-15 -
2025-07-15		 a year crt.sh
cdn.utmify.com.br
Amazon RSA 2048 M02		 2024-09-13 -
2025-10-12		 a year crt.sh
postimg.cc
E5		 2024-10-20 -
2025-01-18		 3 months crt.sh
ipify.org
WE1		 2024-09-15 -
2024-12-14		 3 months crt.sh
*.ipify.org
RapidSSL TLS RSA CA G1		 2024-02-08 -
2025-03-10		 a year crt.sh
tracking.utmify.com.br
Amazon RSA 2048 M02		 2024-08-31 -
2025-09-29		 a year crt.sh

This page contains 1 frames:

Primary Page: https://estoque-daslu.xyz/
Frame ID: 91DAA6D364FFBA4527F8D154E799A080
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Crefisa, Empréstimo para Negativado.

Page URL History Show full URLs

  1. http://estoque-daslu.xyz/ HTTP 307
    https://estoque-daslu.xyz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

20
Requests

90 %
HTTPS

40 %
IPv6

8
Domains

10
Subdomains

11
IPs

4
Countries

838 kB
Transfer

1685 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://estoque-daslu.xyz/ HTTP 307
    https://estoque-daslu.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
estoque-daslu.xyz/
Redirect Chain
  • http://estoque-daslu.xyz/
  • https://estoque-daslu.xyz/
540 KB
253 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://estoque-daslu.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.231.218.193 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-231-218-193.sa-east-1.compute.amazonaws.com
Software
Apache/2.4.58 (Ubuntu) /
Resource Hash
8059e9b9f9ab75863af69bccc0ab3310ce5089a9472a5f5d49b0113f83065a1a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 31 Oct 2024 18:20:08 GMT
ETag
"86eb0-624b91483de00-gzip"
Keep-Alive
timeout=5, max=100
Last-Modified
Fri, 18 Oct 2024 04:53:12 GMT
Server
Apache/2.4.58 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Location
https://estoque-daslu.xyz/
Non-Authoritative-Reason
HttpsUpgrades
truncated
/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin
https://estoque-daslu.xyz
Referer

Response headers

Content-Type
font/woff2
truncated
/ 		958 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca5dcdeef6fa03429a90fff903b1944879a1f3a6ed8b741fc975977f2ce78659

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
image/webp
web.js
cdn.jsdelivr.net/npm/@typebot.io/js@0.2.31/dist/ 		219 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@typebot.io/js@0.2.31/dist/web.js
Requested by
Host: estoque-daslu.xyz
URL: https://estoque-daslu.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7a6e11aa8d9d558ac507f690c40b4cefa55e640027173effd6576a0cec635172
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin
https://estoque-daslu.xyz
Referer

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"36a2f-WpEVfFeZtpQUH5hzXI745/Ngbk8"
age
112915
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, MISS
date
Thu, 31 Oct 2024 18:20:09 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230047-FRA, cache-hel1410022-HEL
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
66316
x-jsd-version
0.2.31
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ee710d8d01903401e9c4eae96562b6627ed3576b76d6b64b121f626197e28c1

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
image/webp
truncated
/ 		122 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
923cd5d5217e27fb2c1b2a393c2f2640c16015602af5e6ac9aa4b085d2e72c72

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
image/webp
truncated
/ 		117 KB
117 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ae714b63c2c8b940bdd211a0cc678f01168a34eea8aa13c0df25364f29238a7

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin
https://estoque-daslu.xyz
Referer

Response headers

Content-Type
application/font-sfnt
truncated
/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin
https://estoque-daslu.xyz
Referer

Response headers

Content-Type
font/woff2
truncated
/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin
https://estoque-daslu.xyz
Referer

Response headers

Content-Type
font/woff2
startChat
atendimento.walletsdigital.pro/api/v1/typebots/crefisa/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://atendimento.walletsdigital.pro/api/v1/typebots/crefisa/startChat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.160 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://estoque-daslu.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
content-length
0
date
Thu, 31 Oct 2024 18:20:09 GMT
vary
Access-Control-Request-Headers
startChat
atendimento.walletsdigital.pro/api/v1/typebots/crefisa/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://atendimento.walletsdigital.pro/api/v1/typebots/crefisa/startChat
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@typebot.io/js@0.2.31/dist/web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.160 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
5255b06874f3ff9122e66b20d3c9a8c817722a5cacf9e0715620f645dabc18cf

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept
application/json
content-type
application/json

Response headers

access-control-allow-origin
*
content-encoding
gzip
date
Thu, 31 Oct 2024 18:20:10 GMT
content-type
application/json
vary
Accept-Encoding
css2
fonts.bunny.net/ 		13 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.bunny.net/css2?family=Montserrat:ital,wght@0,300;0,400;0,600;1,300;1,400;1,600&display=swap%27);%27)
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@typebot.io/js@0.2.31/dist/web.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1076:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1076 /
Resource Hash
2e9a1086764e35f1edcb9f4529fcf5da607494be33207a5a5dfaf7f30fb4e831

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
alt-svc
h3=":443"
date
Thu, 31 Oct 2024 18:20:10 GMT
last-modified
Thu, 31 Oct 2024 18:20:10 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
MISS
cdn-requestpullcode
200
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
10/31/2024 18:20:10
cache-control
public, max-age=2592000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestid
8a0e41839b1b45541a95e65afefb09ea
cdn-pullzone
781720
cdn-proxyver
1.06
access-control-allow-origin
*
cdn-edgestorageid
1076
server
BunnyCDN-DE1-1076
cdn-requestcountrycode
FI
events.js
analytics.tiktok.com/i18n/pixel/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CSHCP63C77UCD01PQT20&lib=ttq
Requested by
Host: estoque-daslu.xyz
URL: https://estoque-daslu.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-12.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
da73433fa0ebf966184018dcde5711a3c293255cc477bb60caa2d3a41bc4d99f

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer

Response headers

content-encoding
gzip
expires
Thu, 31 Oct 2024 18:20:10 GMT
server-timing
inner; dur=17, cdn-cache; desc=MISS, edge; dur=0, origin; dur=121
x-cache
TCP_MISS from a23-51-23-76.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date
Thu, 31 Oct 2024 18:20:10 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
f8fa55f
x-tt-trace-host
010bf1c7d313b4c19406b050dbe963a0a89bece8f856f4c696f3b97b1d782a12a79f3ccd801bf6e0ad8e23f3a26f88192fed753f2bf11fb2aa6d170f733c624701eae707b2a9aae5b9bb154f36e8ab6d729269f48b591cdb0b6a3caebfec4afcd2
x-origin-response-time
121,23.51.23.76
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2410311820100C261B236C438EB0C0C1-4E419A7C852B2EE6-00
content-length
2067
x-tt-logid
202410311820100C261B236C438EB0C0C1
server
nginx
latest.js
cdn.utmify.com.br/scripts/utms/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.utmify.com.br/scripts/utms/latest.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@typebot.io/js@0.2.31/dist/web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:7200:1e:2dac:2040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c36cd4ffee08d0e9404a5635a4ffe680c244a5e94c0d8a8546eec0325ffda5e5

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer

Response headers

x-amz-cf-pop
FRA53-C1
content-encoding
gzip
etag
W/"ca561931b38391f22bec3d94cc30ceb3"
age
81470
via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
pKiVHqXpbetHS-VqjbFf_3_6CHLcQ53KUMLsZVvDcq6ei1eKrjg3oQ==
date
Wed, 30 Oct 2024 19:46:21 GMT
content-type
text/javascript
vary
Accept-Encoding
server
AmazonS3
last-modified
Tue, 29 Oct 2024 19:42:14 GMT
x-amz-server-side-encryption
AES256
pixel.js
cdn.utmify.com.br/scripts/pixel/ 		30 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.utmify.com.br/scripts/pixel/pixel.js
Requested by
Host: estoque-daslu.xyz
URL: https://estoque-daslu.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:7200:1e:2dac:2040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e5e8d38795fb8c5e2bbd7c3cfee1f94e07929b0317806684df3cd428c07bed9

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer

Response headers

x-amz-cf-pop
FRA53-C1
content-encoding
br
etag
W/"e37800d35343d9950b547b4c6130b21b"
age
81468
via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
22cJLkaDZ2VnZHOWuQAGY1Dk7EZot-Zi80gzhcqO7fGPhLonMwAmug==
date
Wed, 30 Oct 2024 19:42:23 GMT
content-type
text/javascript
vary
Accept-Encoding
server
AmazonS3
last-modified
Tue, 29 Oct 2024 19:42:14 GMT
x-amz-server-side-encryption
AES256
chat.jpg
i.postimg.cc/Y93LRFgr/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.postimg.cc/Y93LRFgr/chat.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.249.168.129 , United States, ASN26548 (PUREVOLTAGE-INC, US),
Reverse DNS
Software
nginx /
Resource Hash
63fb4e7fea8b67661ea00fee50874864220736e3236855d5552ad48d1eb20c19

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer

Response headers

cache-control
max-age=315360000, public
access-control-allow-methods
GET, OPTIONS
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
80832
date
Thu, 31 Oct 2024 18:20:10 GMT
content-type
image/jpeg
last-modified
Tue, 17 Sep 2024 20:20:56 GMT
server
nginx
crefisa1.jpg
i.postimg.cc/RhvPNw1w/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.postimg.cc/RhvPNw1w/crefisa1.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.249.168.129 , United States, ASN26548 (PUREVOLTAGE-INC, US),
Reverse DNS
Software
nginx /
Resource Hash
f6e17db176412f752a930aec8a0c964dca189d7cec692dccf4ce7c22a011402a

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer

Response headers

cache-control
max-age=315360000, public
access-control-allow-methods
GET, OPTIONS
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
71187
date
Thu, 31 Oct 2024 18:20:10 GMT
content-type
image/jpeg
last-modified
Tue, 17 Sep 2024 21:22:01 GMT
server
nginx
/
api.ipify.org/ 		22 B
155 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c60af50d7683909b4fb713ee5c2b85fa2dd63fbeb5e131c14454f9f1e10a0071

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer

Response headers

cf-cache-status
DYNAMIC
cf-ray
8db5a85649b4726d-HAM
access-control-allow-origin
*
content-length
22
date
Thu, 31 Oct 2024 18:20:10 GMT
content-type
application/json
vary
Origin
server
cloudflare
/
api6.ipify.org/ 		29 B
222 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api6.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:f2d8:1:3c::4 , United States, ASN18450 (WEBNX, US),
Reverse DNS
Software
nginx /
Resource Hash
4df70a93bb8780d846dff17fa6bfcb3e287a5ea7c70fb0974b178a99efa600bc

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer

Response headers

Access-Control-Allow-Origin
*
Content-Length
29
Date
Thu, 31 Oct 2024 18:20:10 GMT
Content-Type
application/json
Vary
Origin
Server
nginx
Connection
keep-alive
main.MTJhNGMzN2YwMw.js
analytics.tiktok.com/i18n/pixel/static/ 		343 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwMw.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CSHCP63C77UCD01PQT20&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-12.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
814adc328f626a4adc2fcf6b414590ca8fd56ad7cde2c356ffda951887db97c9

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer

Response headers

x-cache
TCP_MEM_HIT from a23-51-23-76.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=16
x-tt-trace-id
00-241024123504B57EAA9329EBDC95F80B-6582D5C67A29F009-00
content-length
97375
date
Thu, 31 Oct 2024 18:20:10 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
20241024123504B57EAA9329EBDC95F80B
server
nginx
x-akamai-request-id
f8fad0e
x-tt-trace-host
016b66eed34b97ce98f5b9bbc5a3ed0c96b2910bc0137c6e06e10b537ff76b13dbb79ff2f445bed28d82908205d0d9cae2f32a85c77d3e4f0c3e97ad19f60c765b7864e9769be9e344dce514fa0e1f1035996555bb84862d7c772a72b11affc371
identify_7bf75739.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_7bf75739.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwMw.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-12.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer

Response headers

x-cache
TCP_MEM_HIT from a23-51-23-76.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
x-tt-trace-id
00-240830022649CA440527416BD36013BC-5FB018182A83CFA2-00
content-length
39451
date
Thu, 31 Oct 2024 18:20:10 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
20240830022649CA440527416BD36013BC
server
nginx
x-akamai-request-id
f8fb48f
x-tt-trace-host
010b31067e876c712ee621d1117d24ca7842e88c0cd8303ef08f11fec37ae720cdf36686aa7f2448ee54ad225e1dcf82b79be1a4bc399c96f9c1b3065608284660cc15ae60ec1a38ecfb4eee7e532758235444c0e2f6e91171b119badf5ba56192
pixel
analytics.tiktok.com/api/v2/ 		0
874 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwMw.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-12.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type
text/plain;charset=UTF-8
Referer

Response headers

x-cache-remote
TCP_MISS from a23-48-200-78.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Thu, 31 Oct 2024 18:20:10 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=102, origin; dur=32, inner; dur=29
x-cache
TCP_MISS from a23-51-23-76.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date
Thu, 31 Oct 2024 18:20:10 GMT
x-akamai-request-id
5a7c03d1.f8fb572
access-control-allow-headers
Authorization,*
x-tt-trace-host
010bf1c7d313b4c19406b050dbe963a0a8ec0bdfa5125f81c7aea6d18f77ba7ec666696cffa9bc578debf6be22bbf6b41b2d74a3e817a434c0e569b3e1a284815d4cecaa602f3fb0e8959060f21a2e47b74e2c38519f246ae5373ee50c769724a7e221d8e78634fb857a8ba3f9abff60c9
x-origin-response-time
32,23.48.200.78
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-24103118201034BC4309BF44A7B40F93-1949B3995614A3FE-00
content-length
0
x-parent-response-time
125,23.51.23.76
x-tt-logid
2024103118201034BC4309BF44A7B40F93
server
nginx
events
tracking.utmify.com.br/tracking/v1/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tracking.utmify.com.br/tracking/v1/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
177.71.243.3 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-177-71-243-3.sa-east-1.compute.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://estoque-daslu.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Thu, 31 Oct 2024 18:20:11 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
events
tracking.utmify.com.br/tracking/v1/ 		0
0
act
analytics.tiktok.com/api/v2/pixel/ 		0
714 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwMw.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-12.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type
text/plain;charset=UTF-8
Referer

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Thu, 31 Oct 2024 18:20:11 GMT
server-timing
inner; dur=37, cdn-cache; desc=MISS, edge; dur=8, origin; dur=142
x-cache
TCP_MISS from a23-51-23-76.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date
Thu, 31 Oct 2024 18:20:11 GMT
x-akamai-request-id
f8fbe6c
access-control-allow-headers
Authorization,*
x-tt-trace-host
010bf1c7d313b4c19406b050dbe963a0a89bece8f856f4c696f3b97b1d782a12a7632d78cb37eb068bc7a45d633a9b0b6d44b27e0253f1a9e7c5c7c151f22ac22dc27d9422269d3ddbc38c0f4a5f4210b849bdf2be5db555cd0ccb0391e87b6841
x-origin-response-time
142,23.51.23.76
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241031182011E38C093C6A834DB3195A-345707E180B7DA2C-00
content-length
0
x-tt-logid
20241031182011E38C093C6A834DB3195A
server
nginx
montserrat-latin-400-normal.woff2
fonts.bunny.net/montserrat/files/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.bunny.net/montserrat/files/montserrat-latin-400-normal.woff2
Requested by
Host: fonts.bunny.net
URL: https://fonts.bunny.net/css2?family=Montserrat:ital,wght@0,300;0,400;0,600;1,300;1,400;1,600&display=swap%27);%27)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1076:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1076 /
Resource Hash
4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin
https://estoque-daslu.xyz
Referer
https://fonts.bunny.net/css2?family=Montserrat:ital,wght@0,300;0,400;0,600;1,300;1,400;1,600&display=swap%27);%27)

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag
"66f1afac-3a5c"
cdn-fileserver
660
date
Thu, 31 Oct 2024 18:20:11 GMT
cdn-storageserver
DE-588
content-type
font/woff2
last-modified
Mon, 23 Sep 2024 18:13:00 GMT
cdn-cachedat
10/19/2024 12:46:06
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cache-control
public, max-age=2592000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestid
3c683b81b108614dff7df42514357ee5
cdn-pullzone
781720
cdn-proxyver
1.04
accept-ranges
bytes
access-control-allow-origin
*
content-length
14940
cdn-edgestorageid
1076
server
BunnyCDN-DE1-1076
cdn-requestcountrycode
FI
montserrat-latin-600-normal.woff2
fonts.bunny.net/montserrat/files/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.bunny.net/montserrat/files/montserrat-latin-600-normal.woff2
Requested by
Host: fonts.bunny.net
URL: https://fonts.bunny.net/css2?family=Montserrat:ital,wght@0,300;0,400;0,600;1,300;1,400;1,600&display=swap%27);%27)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1076:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1076 /
Resource Hash
9f5f68f23573a4df9d5ce9fdd7c28154b326232e7dc31731a2a2deaa2ab6ca43

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin
https://estoque-daslu.xyz
Referer
https://fonts.bunny.net/css2?family=Montserrat:ital,wght@0,300;0,400;0,600;1,300;1,400;1,600&display=swap%27);%27)

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag
"66f1afb0-3ae0"
cdn-fileserver
638
date
Thu, 31 Oct 2024 18:20:11 GMT
cdn-storageserver
DE-638
content-type
font/woff2
last-modified
Mon, 23 Sep 2024 18:13:04 GMT
cdn-cachedat
10/19/2024 12:46:37
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cache-control
public, max-age=2592000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestid
29e29d5d5d731bba6badf2d385abc9fa
cdn-pullzone
781720
cdn-proxyver
1.04
accept-ranges
bytes
access-control-allow-origin
*
content-length
15072
cdn-edgestorageid
1076
server
BunnyCDN-DE1-1076
cdn-requestcountrycode
FI

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tracking.utmify.com.br
URL
https://tracking.utmify.com.br/tracking/v1/events

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| Typebot string| TiktokAnalyticsObject object| ttq object| a string| pixelId object| paramsList number| itemExpInDays object| utmParams object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks

3 Cookies

Domain/Path Name / Value
.tiktok.com/ Name: _ttp
Value: 2oDKfcv3lh55BYPMb4hgc8uiS1o
.estoque-daslu.xyz/ Name: _tt_enable_cookie
Value: 1
.estoque-daslu.xyz/ Name: _ttp
Value: -KPjPLPlKUB1WbRqeL48OA_aqYl

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
api.ipify.org
api6.ipify.org
atendimento.walletsdigital.pro
cdn.jsdelivr.net
cdn.utmify.com.br
estoque-daslu.xyz
fonts.bunny.net
i.postimg.cc
tracking.utmify.com.br
tracking.utmify.com.br
104.26.13.205
162.249.168.129
177.71.243.3
18.231.218.193
2.21.20.12
2400:52e0:1e00::1076:1
2600:9000:214f:7200:1e:2dac:2040:93a1
2607:f2d8:1:3c::4
2a04:4e42::485
68.183.105.160
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
2e9a1086764e35f1edcb9f4529fcf5da607494be33207a5a5dfaf7f30fb4e831
4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281
4df70a93bb8780d846dff17fa6bfcb3e287a5ea7c70fb0974b178a99efa600bc
4e5e8d38795fb8c5e2bbd7c3cfee1f94e07929b0317806684df3cd428c07bed9
5255b06874f3ff9122e66b20d3c9a8c817722a5cacf9e0715620f645dabc18cf
5ee710d8d01903401e9c4eae96562b6627ed3576b76d6b64b121f626197e28c1
63fb4e7fea8b67661ea00fee50874864220736e3236855d5552ad48d1eb20c19
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4
7a6e11aa8d9d558ac507f690c40b4cefa55e640027173effd6576a0cec635172
7ae714b63c2c8b940bdd211a0cc678f01168a34eea8aa13c0df25364f29238a7
8059e9b9f9ab75863af69bccc0ab3310ce5089a9472a5f5d49b0113f83065a1a
814adc328f626a4adc2fcf6b414590ca8fd56ad7cde2c356ffda951887db97c9
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
923cd5d5217e27fb2c1b2a393c2f2640c16015602af5e6ac9aa4b085d2e72c72
9f5f68f23573a4df9d5ce9fdd7c28154b326232e7dc31731a2a2deaa2ab6ca43
c36cd4ffee08d0e9404a5635a4ffe680c244a5e94c0d8a8546eec0325ffda5e5
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c60af50d7683909b4fb713ee5c2b85fa2dd63fbeb5e131c14454f9f1e10a0071
ca5dcdeef6fa03429a90fff903b1944879a1f3a6ed8b741fc975977f2ce78659
da73433fa0ebf966184018dcde5711a3c293255cc477bb60caa2d3a41bc4d99f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6e17db176412f752a930aec8a0c964dca189d7cec692dccf4ce7c22a011402a