urlscan.io logo urlscan.io
SecurityTrails logo

getshell.pimball.com Open in urlscan Pro
52.67.104.40  Public Scan

Go To Rescan Add Verdict Report
URL: https://getshell.pimball.com/
Submission: On March 23 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 27 HTTP transactions. The main IP is 52.67.104.40, located in São Paulo, Brazil and belongs to AMAZON-02, US. The main domain is getshell.pimball.com.
TLS certificate: Issued by R3 on March 22nd 2024. Valid for: 3 months.
This is the only time getshell.pimball.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 52.67.104.40 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
10 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
9 162.243.216.84 14061 (DIGITALOC...)
4 2600:9000:251... 16509 (AMAZON-02)
27 7
1    52.67.104.40 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-67-104-40.sa-east-1.compute.amazonaws.com
getshell.pimball.com
2    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
10    2607:f8b0:4006:823::2001 (United States)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2606:4700:3035::6815:4aa4 (United States)

ASN13335 (CLOUDFLARENET, US)
img.mobius.studio
9    162.243.216.84 (New York, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
liberdadenews.com.br
4    2600:9000:2512:aa00:5:4346:8fc0:21 (United States)

ASN16509 (AMAZON-02, US)
d3kkhet5y435fj.cloudfront.net
Apex Domain
Subdomains		 Transfer
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 328
137 KB
9 liberdadenews.com.br
liberdadenews.com.br
1 MB
4 cloudfront.net
d3kkhet5y435fj.cloudfront.net
944 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1828
78 KB
1 mobius.studio
img.mobius.studio
3 KB
1 pimball.com
getshell.pimball.com
10 KB
27 6
Domain Requested by
10 cdn.ampproject.org getshell.pimball.com
cdn.ampproject.org
9 liberdadenews.com.br getshell.pimball.com
4 d3kkhet5y435fj.cloudfront.net getshell.pimball.com
2 maxcdn.bootstrapcdn.com getshell.pimball.com
maxcdn.bootstrapcdn.com
1 img.mobius.studio getshell.pimball.com
1 getshell.pimball.com
27 6

This site contains no links.

Subject Issuer Validity Valid
ceshi.rankc.top
R3		 2024-03-22 -
2024-06-20		 3 months crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-01-28 -
2024-04-27		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
mobius.studio
GTS CA 1P5		 2024-01-29 -
2024-04-28		 3 months crt.sh
liberdadenews.com.br
R3		 2024-03-11 -
2024-06-09		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://getshell.pimball.com/
Frame ID: 26EA3C7DBC36690F88F32798DEC3BBDE
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Betmaster

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Page Statistics

27
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

7
IPs

2
Countries

2438 kB
Transfer

2824 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
getshell.pimball.com/ 		37 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://getshell.pimball.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.67.104.40 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-67-104-40.sa-east-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7b403f9d0155c7e8e2b8f31fab01d5eb13470c2b294e6d7e8f5cdfeea520cefc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Sat, 23 Mar 2024 05:12:49 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/ 		28 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css
Requested by
Host: getshell.pimball.com
URL: https://getshell.pimball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://getshell.pimball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 05:12:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
632, 617, 617
age
826796
cdn-cachedat
2021-06-08 21:31:13
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
5bb5196854d77b3b0bd1d55200ac7249
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
868bedbc99474408-EWR
cdn-requestpullsuccess
True
amp-install-serviceworker-0.1.js
cdn.ampproject.org/v0/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-install-serviceworker-0.1.js
Requested by
Host: getshell.pimball.com
URL: https://getshell.pimball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9187a6773096d0deb231e992b87970d22a0960863449db385c0e68780f19c15
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://getshell.pimball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 23 Mar 2024 05:12:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3254
x-xss-protection
0
server
sffe
etag
"d41bab0d2c0e5996"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 23 Mar 2024 05:12:49 GMT
amp-form-0.1.js
cdn.ampproject.org/v0/ 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-form-0.1.js
Requested by
Host: getshell.pimball.com
URL: https://getshell.pimball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
433219ba3f0fd0a108d31d3aa55a19554f2a49039faef96b2cdbbabee49b0fbd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://getshell.pimball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 23 Mar 2024 05:12:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14957
x-xss-protection
0
server
sffe
etag
"32ba755698788aec"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 23 Mar 2024 05:12:49 GMT
amp-social-share-0.1.js
cdn.ampproject.org/v0/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-social-share-0.1.js
Requested by
Host: getshell.pimball.com
URL: https://getshell.pimball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4309898bcf855fbbb8ce3fb1f0f96cf126f33f4e3638efed3b664e964364ab1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://getshell.pimball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 23 Mar 2024 05:12:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4720
x-xss-protection
0
server
sffe
etag
"2f897753123f732c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 23 Mar 2024 05:12:49 GMT
amp-iframe-0.1.js
cdn.ampproject.org/v0/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-iframe-0.1.js
Requested by
Host: getshell.pimball.com
URL: https://getshell.pimball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6b4d0056ab61e5498d5c6ea10bfded637a0260002a272734c33af32224eb63b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://getshell.pimball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 23 Mar 2024 05:12:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8927
x-xss-protection
0
server
sffe
etag
"40a1cdba80311334"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 23 Mar 2024 05:12:49 GMT
amp-carousel-0.1.js
cdn.ampproject.org/v0/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-carousel-0.1.js
Requested by
Host: getshell.pimball.com
URL: https://getshell.pimball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cad784183ffbc4215c7b6c8239d6303a66ac344ab25eb044e139a896364495f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://getshell.pimball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 23 Mar 2024 05:12:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11511
x-xss-protection
0
server
sffe
etag
"d4b8f7b666bcc877"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 23 Mar 2024 05:12:49 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: getshell.pimball.com
URL: https://getshell.pimball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec5598dd600d41a35783eac5c25ee6908c7424b1a5d3946862ee055d1c53620e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://getshell.pimball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 23 Mar 2024 05:12:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9632
x-xss-protection
0
server
sffe
etag
"e3fe4603b19c0046"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 23 Mar 2024 05:12:49 GMT
amp-accordion-0.1.js
cdn.ampproject.org/v0/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-accordion-0.1.js
Requested by
Host: getshell.pimball.com
URL: https://getshell.pimball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
123ea0c797c92a2d08cf20efca6e7e2795a66c631917036074c38fefbabce521
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://getshell.pimball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 23 Mar 2024 05:12:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5820
x-xss-protection
0
server
sffe
etag
"1b0b0a588693641b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 23 Mar 2024 05:12:49 GMT
v0.js
cdn.ampproject.org/ 		278 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: getshell.pimball.com
URL: https://getshell.pimball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
608a054296d5b65564c1bf619dabdb282eaecd4a093d66557869fe13d4ecc37d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://getshell.pimball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 23 Mar 2024 05:12:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73180
x-xss-protection
0
server
sffe
etag
"5ce262c065278a93"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 23 Mar 2024 05:12:49 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/fonts/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css
Origin
https://getshell.pimball.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 05:12:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
718
cdn-cachedat
01/03/2024 13:34:05
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
71896
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
"e6cf7c6ec7c2d6f670ae9d762604cb0b"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
47558679b7b8269bc09128972c681e36
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
868bedbcdee5435d-EWR
cdn-requestpullsuccess
True
logo@2x.png
img.mobius.studio/themes/MobNews/LTR/assets/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mobius.studio/themes/MobNews/LTR/assets/img/logo@2x.png
Requested by
Host: getshell.pimball.com
URL: https://getshell.pimball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:4aa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
133811704deae304335db3068414716043e2ab2c2987dd2bad09032e394ac932

Request headers

accept-language
en-US,en;q=0.9
Referer
https://getshell.pimball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 05:12:49 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 07 Nov 2016 06:46:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"58202338-a02"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VRTckK3XK2s0%2FSo0%2BysaR6TDyfZON%2Btzw7sx%2FfF41XtaqyaEk4HZ55zdlL85qjRc%2BQucRh5ZyQIrhJR4am1Uny%2FkJub7FdDHrw0ARh4RFzJk03kkIZ0SCPHMboyWdYRetZ66%2FepOhwa%2BvaEcTSg5Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
868bedbdeef98c99-EWR
alt-svc
h3=":443"; ma=86400
content-length
2562
bbiia.jpg
liberdadenews.com.br/images/stories/2022/abril/esporte/ 		128 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://liberdadenews.com.br/images/stories/2022/abril/esporte/bbiia.jpg
Requested by
Host: getshell.pimball.com
URL: https://getshell.pimball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.243.216.84 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
gws /
Resource Hash
69617cfe37aca09dcba4bb4857d4c11ddb65820676fcefe96afd6982216c3d62

Request headers

accept-language
en-US,en;q=0.9
Referer
https://getshell.pimball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sat, 23 Mar 2024 05:06:17 GMT
Last-Modified
Tue, 27 Jun 2023 13:49:00 GMT
Server
gws
ETag
"649ae8cc-20099"
Content-Type
image/jpeg
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
131225
Expires
Sat, 06 Apr 2024 05:06:17 GMT
ccaaa.jpg
liberdadenews.com.br/images/stories/2021/Dezembro/Saude/ 		236 KB
236 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://liberdadenews.com.br/images/stories/2021/Dezembro/Saude/ccaaa.jpg
Requested by
Host: getshell.pimball.com
URL: https://getshell.pimball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.243.216.84 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
gws /
Resource Hash
528f3a92197fdbeb3d71c664f4c84940f199af3760dd3d001ce4e223b88b68f8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://getshell.pimball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sat, 23 Mar 2024 05:06:17 GMT
Last-Modified
Wed, 20 Sep 2023 14:10:37 GMT
Server
gws
ETag
"650afd5d-3b010"
Content-Type
image/jpeg
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
241680
Expires
Sat, 06 Apr 2024 05:06:17 GMT
tteq.jpg
liberdadenews.com.br/images/stories/2022/marco/esporte/ 		165 KB
165 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://liberdadenews.com.br/images/stories/2022/marco/esporte/tteq.jpg
Requested by
Host: getshell.pimball.com
URL: https://getshell.pimball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.243.216.84 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
gws /
Resource Hash
5a075e3ab26cf4f351c26283f0eabb278cd68c284bb31f2933872c6d5ca44285

Request headers

accept-language
en-US,en;q=0.9
Referer
https://getshell.pimball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sat, 23 Mar 2024 05:06:17 GMT
Last-Modified
Fri, 30 Jun 2023 23:16:29 GMT
Server
gws
ETag
"649f624d-293c2"
Content-Type
image/jpeg
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
168898
Expires
Sat, 06 Apr 2024 05:06:17 GMT
ttre.jpeg
liberdadenews.com.br/images/stories/2023/abril/educacao/01/ 		133 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://liberdadenews.com.br/images/stories/2023/abril/educacao/01/ttre.jpeg
Requested by
Host: getshell.pimball.com
URL: https://getshell.pimball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.243.216.84 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
gws /
Resource Hash
325402c61b37e4a2622e936c5b0cbfd6dab1eef3edebc54e0f9436453b9ba79f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://getshell.pimball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sat, 23 Mar 2024 05:06:17 GMT
Last-Modified
Fri, 05 Jan 2024 20:20:27 GMT
Server
gws
ETag
"6598648b-21422"
Content-Type
image/jpeg
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
136226
Expires
Sat, 06 Apr 2024 05:06:17 GMT
jho1.jpg
liberdadenews.com.br/images/stories/2022/marco/saude/ 		137 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://liberdadenews.com.br/images/stories/2022/marco/saude/jho1.jpg
Requested by
Host: getshell.pimball.com
URL: https://getshell.pimball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.243.216.84 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
gws /
Resource Hash
0ad5ff5c09a25332de0ec87648f434ddcfb54ef99be7f234e0eec773ff14bfc0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://getshell.pimball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sat, 23 Mar 2024 05:06:17 GMT
Last-Modified
Wed, 23 Aug 2023 22:06:38 GMT
Server
gws
ETag
"64e682ee-225b4"
Content-Type
image/jpeg
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
140724
Expires
Sat, 06 Apr 2024 05:06:17 GMT
boma.jpg
liberdadenews.com.br/images/stories/2022/fevereiro/eventos/ 		142 KB
142 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://liberdadenews.com.br/images/stories/2022/fevereiro/eventos/boma.jpg
Requested by
Host: getshell.pimball.com
URL: https://getshell.pimball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.243.216.84 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
gws /
Resource Hash
fe042fa65b1d2199b6b38d2c90b77266da1c77f4791d74d48600f3fdfcab72d9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://getshell.pimball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sat, 23 Mar 2024 05:06:17 GMT
Last-Modified
Thu, 20 Jul 2023 22:26:49 GMT
Server
gws
ETag
"64b9b4a9-23871"
Content-Type
image/jpeg
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
145521
Expires
Sat, 06 Apr 2024 05:06:17 GMT
comin.jpg
liberdadenews.com.br/images/stories/2021/Fevereiro/Outras/ 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://liberdadenews.com.br/images/stories/2021/Fevereiro/Outras/comin.jpg
Requested by
Host: getshell.pimball.com
URL: https://getshell.pimball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.243.216.84 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
gws /
Resource Hash
25e42e2f4a35c62237ed898b9f6bb856af07743be318619d0bd34b7c4b722468

Request headers

accept-language
en-US,en;q=0.9
Referer
https://getshell.pimball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sat, 23 Mar 2024 05:06:17 GMT
Last-Modified
Wed, 06 Sep 2023 13:47:44 GMT
Server
gws
ETag
"64f88300-16708"
Content-Type
image/jpeg
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
91912
Expires
Sat, 06 Apr 2024 05:06:17 GMT
badeol.jpeg
liberdadenews.com.br/images/stories/2022/marco/policia/ 		140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://liberdadenews.com.br/images/stories/2022/marco/policia/badeol.jpeg
Requested by
Host: getshell.pimball.com
URL: https://getshell.pimball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.243.216.84 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
gws /
Resource Hash
476d9037f1266c8dca0ed262614a0815d5e47703d3bed63b27cf10b313abeab4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://getshell.pimball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sat, 23 Mar 2024 05:06:17 GMT
Last-Modified
Sun, 23 Oct 2022 20:42:56 GMT
Server
gws
ETag
"6355a750-22f57"
Content-Type
image/jpeg
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
143191
Expires
Sat, 06 Apr 2024 05:06:17 GMT
rraaaa.jpg
liberdadenews.com.br/images/stories/2021/Fevereiro/Outras/ 		91 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://liberdadenews.com.br/images/stories/2021/Fevereiro/Outras/rraaaa.jpg
Requested by
Host: getshell.pimball.com
URL: https://getshell.pimball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.243.216.84 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
gws /
Resource Hash
ecc037bf4e59ba0ec1634f7f77cd7227166400f55ba35a55f5863a27aab941c1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://getshell.pimball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sat, 23 Mar 2024 05:06:17 GMT
Last-Modified
Mon, 04 Dec 2023 14:13:27 GMT
Server
gws
ETag
"656dde87-16df4"
Content-Type
image/jpeg
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
93684
Expires
Sat, 06 Apr 2024 05:06:17 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012403072016000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012403072016000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa5d5cea8d918ddf4906b553372c494cd387e2327e48e4e8e4317058547b33c6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://getshell.pimball.com/
Origin
https://getshell.pimball.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 19 Mar 2024 19:49:18 GMT
age
293011
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2973
x-xss-protection
0
server
sffe
etag
"093d1f1f102fcfff"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 19 Mar 2025 19:49:18 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012403072016000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012403072016000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6214849477eee932045133c0afe2a7e5b751dab8c0ecdd7660a625777146ad86
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://getshell.pimball.com/
Origin
https://getshell.pimball.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 20 Mar 2024 07:56:13 GMT
age
249396
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3939
x-xss-protection
0
server
sffe
etag
"585713f30340c00f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 20 Mar 2025 07:56:13 GMT
truncated
/ 		152 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		149 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		932 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1268e1508eb82eafb39988cdf0cf9c290b3ae72a4b2ad66089866f562ba845b6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
20113.png
d3kkhet5y435fj.cloudfront.net/slots/imgs/ 		140 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3kkhet5y435fj.cloudfront.net/slots/imgs/20113.png
Requested by
Host: getshell.pimball.com
URL: https://getshell.pimball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:aa00:5:4346:8fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5338355f241daa840919d6ad518412d38e5b338b51896f12d9a40757aea03a9b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://getshell.pimball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 04:51:44 GMT
x-amz-version-id
0OBENdxevB1exiD43vpfcJopA2DBHUgN
via
1.1 62c27224785ce0e5201a4eab3d49262e.cloudfront.net (CloudFront)
last-modified
Tue, 02 Jan 2024 10:45:25 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
age
174066
etag
"eee5c79989f7dbe1a0becae85e9bca91"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
143711
x-amz-cf-id
7CZ778oOCculkgg0PBHIZz75R8K04gyv5ZrQgZhXW6vJ9mVdOZ-6wQ==
20243.png
d3kkhet5y435fj.cloudfront.net/slots/imgs/ 		434 KB
435 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3kkhet5y435fj.cloudfront.net/slots/imgs/20243.png
Requested by
Host: getshell.pimball.com
URL: https://getshell.pimball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:aa00:5:4346:8fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac6d478ec9bf0e3dccb871d5db0c653005464675e58c287bee928c730edf2cdc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://getshell.pimball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 16:59:22 GMT
x-amz-version-id
XQOCWgwySrxg9miZdUQs4aGCi9FwwQf7
via
1.1 62c27224785ce0e5201a4eab3d49262e.cloudfront.net (CloudFront)
last-modified
Tue, 02 Jan 2024 10:48:43 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
age
44007
etag
"264ba10dcc5604edff1c0835d4ed51b5"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
444191
x-amz-cf-id
On2hE-7CoQ56lxYSMPsEKJVeZPGBNswQkB7-HPYii5g9X9IWBzqxeQ==
20080.png
d3kkhet5y435fj.cloudfront.net/slots/imgs/ 		194 KB
195 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3kkhet5y435fj.cloudfront.net/slots/imgs/20080.png
Requested by
Host: getshell.pimball.com
URL: https://getshell.pimball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:aa00:5:4346:8fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b5335d987494c77ec1d497e9c563754afc212db37445b8bc566e789c9df23921

Request headers

accept-language
en-US,en;q=0.9
Referer
https://getshell.pimball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 16:59:23 GMT
x-amz-version-id
p4oc0ajwywzI7TR6o92hs4UGnwwcRN6h
via
1.1 62c27224785ce0e5201a4eab3d49262e.cloudfront.net (CloudFront)
last-modified
Tue, 02 Jan 2024 10:44:31 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
age
44007
etag
"58e35d16c32027927024b3318a48c94e"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
199017
x-amz-cf-id
dsG7M1MnbbNm8BgjzwlkY5-Xojm2FrMyX-cY8g8T_XeH5rh-_SR-Ag==
20155.png
d3kkhet5y435fj.cloudfront.net/slots/imgs/ 		173 KB
173 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3kkhet5y435fj.cloudfront.net/slots/imgs/20155.png
Requested by
Host: getshell.pimball.com
URL: https://getshell.pimball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:aa00:5:4346:8fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4986b64acafce5f78c0711bf2accfd2844b5ae5303529c18816cfe4fcec98088

Request headers

accept-language
en-US,en;q=0.9
Referer
https://getshell.pimball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 02:58:35 GMT
x-amz-version-id
KuSqpJfLrOAoeFNCXvmzEUcyai8v1MEr
via
1.1 62c27224785ce0e5201a4eab3d49262e.cloudfront.net (CloudFront)
last-modified
Tue, 02 Jan 2024 10:46:31 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
age
440055
etag
"4476af8cf77ca28e4d518bde19c56c30"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
177055
x-amz-cf-id
PSDHOv5GVwstRdH0iAKK0XbAxZxjme7py4Ky4NwQUsFxlDJzM_EJPA==

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| FormProxy

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
d3kkhet5y435fj.cloudfront.net
getshell.pimball.com
img.mobius.studio
liberdadenews.com.br
maxcdn.bootstrapcdn.com
162.243.216.84
2600:9000:2512:aa00:5:4346:8fc0:21
2606:4700:3035::6815:4aa4
2606:4700::6812:acf
2607:f8b0:4006:823::2001
52.67.104.40
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
0ad5ff5c09a25332de0ec87648f434ddcfb54ef99be7f234e0eec773ff14bfc0
123ea0c797c92a2d08cf20efca6e7e2795a66c631917036074c38fefbabce521
1268e1508eb82eafb39988cdf0cf9c290b3ae72a4b2ad66089866f562ba845b6
133811704deae304335db3068414716043e2ab2c2987dd2bad09032e394ac932
25e42e2f4a35c62237ed898b9f6bb856af07743be318619d0bd34b7c4b722468
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce
325402c61b37e4a2622e936c5b0cbfd6dab1eef3edebc54e0f9436453b9ba79f
433219ba3f0fd0a108d31d3aa55a19554f2a49039faef96b2cdbbabee49b0fbd
476d9037f1266c8dca0ed262614a0815d5e47703d3bed63b27cf10b313abeab4
4986b64acafce5f78c0711bf2accfd2844b5ae5303529c18816cfe4fcec98088
528f3a92197fdbeb3d71c664f4c84940f199af3760dd3d001ce4e223b88b68f8
5338355f241daa840919d6ad518412d38e5b338b51896f12d9a40757aea03a9b
5a075e3ab26cf4f351c26283f0eabb278cd68c284bb31f2933872c6d5ca44285
608a054296d5b65564c1bf619dabdb282eaecd4a093d66557869fe13d4ecc37d
6214849477eee932045133c0afe2a7e5b751dab8c0ecdd7660a625777146ad86
69617cfe37aca09dcba4bb4857d4c11ddb65820676fcefe96afd6982216c3d62
7b403f9d0155c7e8e2b8f31fab01d5eb13470c2b294e6d7e8f5cdfeea520cefc
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
aa5d5cea8d918ddf4906b553372c494cd387e2327e48e4e8e4317058547b33c6
ac6d478ec9bf0e3dccb871d5db0c653005464675e58c287bee928c730edf2cdc
b5335d987494c77ec1d497e9c563754afc212db37445b8bc566e789c9df23921
cad784183ffbc4215c7b6c8239d6303a66ac344ab25eb044e139a896364495f0
e9187a6773096d0deb231e992b87970d22a0960863449db385c0e68780f19c15
ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e
ec5598dd600d41a35783eac5c25ee6908c7424b1a5d3946862ee055d1c53620e
ecc037bf4e59ba0ec1634f7f77cd7227166400f55ba35a55f5863a27aab941c1
f4309898bcf855fbbb8ce3fb1f0f96cf126f33f4e3638efed3b664e964364ab1
f6b4d0056ab61e5498d5c6ea10bfded637a0260002a272734c33af32224eb63b
fe042fa65b1d2199b6b38d2c90b77266da1c77f4791d74d48600f3fdfcab72d9