Submitted URL: https://www.cliente.sistef.net/
Effective URL: https://cliente.multipluscard.com.br/multipluscard
Submission: On August 17 via automatic, source certstream-suspicious — Scanned from US

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 27 HTTP transactions. The main IP is 189.50.133.172, located in Presidente Prudente, Brazil and belongs to IFTNET Telecomunicacoes Ltda, BR. The main domain is cliente.multipluscard.com.br.
TLS certificate: Issued by R11 on July 20th 2024. Valid for: 3 months.
This is the only time cliente.multipluscard.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 162.241.62.70 19871 (NETWORK-S...)
1 17 189.50.133.172 28330 (IFTNET Te...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2a04:4e42:600... 54113 (FASTLY)
2 2620:1ec:29:1... 8075 (MICROSOFT...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 20.110.205.119 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 23.96.124.156 8075 (MICROSOFT...)
27 8
Apex Domain
Subdomains
Transfer
17 multipluscard.com.br
cliente.multipluscard.com.br
962 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1114
c.clarity.ms — Cisco Umbrella Rank: 1838
w.clarity.ms — Cisco Umbrella Rank: 8686
29 KB
2 gstatic.com
fonts.gstatic.com
37 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 341
772 B
1 hostip.info
api.hostip.info — Cisco Umbrella Rank: 210843
653 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1211
29 KB
1 sistef.net
www.cliente.sistef.net
358 B
27 8
Domain Requested by
17 cliente.multipluscard.com.br 1 redirects cliente.multipluscard.com.br
2 w.clarity.ms www.clarity.ms
2 c.clarity.ms 1 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 www.clarity.ms cliente.multipluscard.com.br
www.clarity.ms
2 fonts.googleapis.com cliente.multipluscard.com.br
1 c.bing.com 1 redirects
1 api.hostip.info code.jquery.com
1 code.jquery.com cliente.multipluscard.com.br
1 www.cliente.sistef.net 1 redirects
27 10

This site contains no links.

Subject Issuer Validity Valid
cliente.multipluscard.com.br
R11
2024-07-20 -
2024-10-18
3 months crt.sh
upload.video.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA
2024-06-25 -
2025-06-25
a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2023-12-07 -
2024-12-07
a year crt.sh
*.gstatic.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
hostip.info
WE1
2024-07-02 -
2024-09-30
3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08
2024-06-23 -
2025-06-18
a year crt.sh

This page contains 1 frames:

Primary Page: https://cliente.multipluscard.com.br/multipluscard
Frame ID: 55311FF8EB425D157F02F9757254BD05
Requests: 27 HTTP requests in this frame

Screenshot

Page Title

Bem-Vindo | Portal do Cliente

Page URL History Show full URLs

  1. https://www.cliente.sistef.net/ HTTP 301
    http://cliente.multipluscard.com.br/ HTTP 307
    https://cliente.multipluscard.com.br/ HTTP 302
    https://cliente.multipluscard.com.br/multipluscard Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

96 %
HTTPS

60 %
IPv6

8
Domains

10
Subdomains

8
IPs

2
Countries

1058 kB
Transfer

1146 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.cliente.sistef.net/ HTTP 301
    http://cliente.multipluscard.com.br/ HTTP 307
    https://cliente.multipluscard.com.br/ HTTP 302
    https://cliente.multipluscard.com.br/multipluscard Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=5234441AA8C7462F9565009F6259597F&RedC=c.clarity.ms&MXFR=2F39ABD7880362A73B26BF098C036C12 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5234441AA8C7462F9565009F6259597F&MUID=0079BCE1DD226CF00C71A83FDC9C6DC7

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request multipluscard
cliente.multipluscard.com.br/
Redirect Chain
  • https://www.cliente.sistef.net/
  • http://cliente.multipluscard.com.br/
  • https://cliente.multipluscard.com.br/
  • https://cliente.multipluscard.com.br/multipluscard
7 KB
7 KB
Document
General
Full URL
https://cliente.multipluscard.com.br/multipluscard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
189.50.133.172 Presidente Prudente, Brazil, ASN28330 (IFTNET Telecomunicacoes Ltda, BR),
Reverse DNS
189.50.133.172.iftnet.com.br
Software
Microsoft-IIS/10.0 /
Resource Hash
99f8e38531ef0f60a6454d426fdf6310941fab2b3334f8d16838833d64e11e68

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
private
content-length
7171
content-type
text/html; charset=utf-8
date
Sat, 17 Aug 2024 03:31:59 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2

Redirect headers

cache-control
private
content-length
131
content-type
text/html; charset=utf-8
date
Sat, 17 Aug 2024 03:31:59 GMT
location
/multipluscard
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
css
fonts.googleapis.com/
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700&subset=latin,cyrillic-ext
Requested by
Host: cliente.multipluscard.com.br
URL: https://cliente.multipluscard.com.br/multipluscard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
93d1697ee9f1a843a40e09ef85127252bbd95ff577a44eb06990949cb6ad365b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cliente.multipluscard.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 17 Aug 2024 03:32:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 17 Aug 2024 03:32:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 17 Aug 2024 03:32:00 GMT
icon
fonts.googleapis.com/
569 B
416 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: cliente.multipluscard.com.br
URL: https://cliente.multipluscard.com.br/multipluscard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cliente.multipluscard.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 17 Aug 2024 03:32:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 17 Aug 2024 03:32:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 17 Aug 2024 03:32:00 GMT
bootstrap.css
cliente.multipluscard.com.br/Content/plugins/bootstrap/css/
170 KB
170 KB
Stylesheet
General
Full URL
https://cliente.multipluscard.com.br/Content/plugins/bootstrap/css/bootstrap.css
Requested by
Host: cliente.multipluscard.com.br
URL: https://cliente.multipluscard.com.br/multipluscard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
189.50.133.172 Presidente Prudente, Brazil, ASN28330 (IFTNET Telecomunicacoes Ltda, BR),
Reverse DNS
189.50.133.172.iftnet.com.br
Software
Microsoft-IIS/10.0 /
Resource Hash
e058438bef54ec8f81fc86d4edb07fcf7da32531d3d52b2cd1ce94624329eb36

Request headers

Referer
https://cliente.multipluscard.com.br/multipluscard
Origin
https://cliente.multipluscard.com.br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 03:31:59 GMT
last-modified
Fri, 30 Dec 2022 14:42:16 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"fbe8cbe95c1cd91:0"
content-length
174240
content-type
text/css
waves.css
cliente.multipluscard.com.br/Content/plugins/node-waves/
5 KB
5 KB
Stylesheet
General
Full URL
https://cliente.multipluscard.com.br/Content/plugins/node-waves/waves.css
Requested by
Host: cliente.multipluscard.com.br
URL: https://cliente.multipluscard.com.br/multipluscard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
189.50.133.172 Presidente Prudente, Brazil, ASN28330 (IFTNET Telecomunicacoes Ltda, BR),
Reverse DNS
189.50.133.172.iftnet.com.br
Software
Microsoft-IIS/10.0 /
Resource Hash
9ddde1c63360e83864b85233e486f12caf17c3669cd1b96c0d0a45e29909c547

Request headers

Referer
https://cliente.multipluscard.com.br/multipluscard
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 03:31:59 GMT
last-modified
Fri, 30 Dec 2022 14:42:17 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"3f59fde95c1cd91:0"
content-length
4699
content-type
text/css
animate.css
cliente.multipluscard.com.br/Content/plugins/animate-css/
74 KB
74 KB
Stylesheet
General
Full URL
https://cliente.multipluscard.com.br/Content/plugins/animate-css/animate.css
Requested by
Host: cliente.multipluscard.com.br
URL: https://cliente.multipluscard.com.br/multipluscard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
189.50.133.172 Presidente Prudente, Brazil, ASN28330 (IFTNET Telecomunicacoes Ltda, BR),
Reverse DNS
189.50.133.172.iftnet.com.br
Software
Microsoft-IIS/10.0 /
Resource Hash
28357c5095201638397d80cb5a6f2b524172c6cb3de3c7ea24ae16a0ac3e1666

Request headers

Referer
https://cliente.multipluscard.com.br/multipluscard
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 03:31:59 GMT
last-modified
Fri, 30 Dec 2022 14:42:16 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"57e8c2e95c1cd91:0"
content-length
75599
content-type
text/css
style.css
cliente.multipluscard.com.br/Content/css/
262 KB
262 KB
Stylesheet
General
Full URL
https://cliente.multipluscard.com.br/Content/css/style.css
Requested by
Host: cliente.multipluscard.com.br
URL: https://cliente.multipluscard.com.br/multipluscard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
189.50.133.172 Presidente Prudente, Brazil, ASN28330 (IFTNET Telecomunicacoes Ltda, BR),
Reverse DNS
189.50.133.172.iftnet.com.br
Software
Microsoft-IIS/10.0 /
Resource Hash
5512674a07827e30f3655512642e26f0097921168b0ee3a6c192b19a480701fb

Request headers

Referer
https://cliente.multipluscard.com.br/multipluscard
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 03:31:59 GMT
last-modified
Fri, 30 Dec 2022 14:42:16 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"8fd99be95c1cd91:0"
content-length
267822
content-type
text/css
login.png
cliente.multipluscard.com.br/Content/perfil/multipluscard/
30 KB
30 KB
Image
General
Full URL
https://cliente.multipluscard.com.br/Content/perfil/multipluscard/login.png
Requested by
Host: cliente.multipluscard.com.br
URL: https://cliente.multipluscard.com.br/multipluscard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
189.50.133.172 Presidente Prudente, Brazil, ASN28330 (IFTNET Telecomunicacoes Ltda, BR),
Reverse DNS
189.50.133.172.iftnet.com.br
Software
Microsoft-IIS/10.0 /
Resource Hash
93a350a65afd577d3c05d60aecd5798871a28e14088933d291dff77ffb3bb456

Request headers

Referer
https://cliente.multipluscard.com.br/multipluscard
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 03:31:59 GMT
last-modified
Fri, 04 May 2018 12:31:00 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"01a21c2a3e3d31:0"
content-length
30255
content-type
image/png
jquery-2.2.4.min.js
code.jquery.com/
84 KB
29 KB
Script
General
Full URL
https://code.jquery.com/jquery-2.2.4.min.js
Requested by
Host: cliente.multipluscard.com.br
URL: https://cliente.multipluscard.com.br/multipluscard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Referer
https://cliente.multipluscard.com.br/
Origin
https://cliente.multipluscard.com.br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 03:32:00 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
2739238
x-cache
HIT, HIT
content-length
29811
x-served-by
cache-lga21935-LGA, cache-mia-kmia1760071-MIA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1723865520.160860,VS0,VE0
etag
W/"28feccc0-14e4a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
4, 131404
bootstrap.min.js
cliente.multipluscard.com.br/Content/js/
36 KB
36 KB
Script
General
Full URL
https://cliente.multipluscard.com.br/Content/js/bootstrap.min.js
Requested by
Host: cliente.multipluscard.com.br
URL: https://cliente.multipluscard.com.br/multipluscard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
189.50.133.172 Presidente Prudente, Brazil, ASN28330 (IFTNET Telecomunicacoes Ltda, BR),
Reverse DNS
189.50.133.172.iftnet.com.br
Software
Microsoft-IIS/10.0 /
Resource Hash
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64

Request headers

Referer
https://cliente.multipluscard.com.br/multipluscard
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 03:32:00 GMT
last-modified
Fri, 30 Dec 2022 14:42:16 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"f860b8e95c1cd91:0"
content-length
37051
content-type
application/javascript
waves.js
cliente.multipluscard.com.br/Content/plugins/node-waves/
18 KB
18 KB
Script
General
Full URL
https://cliente.multipluscard.com.br/Content/plugins/node-waves/waves.js
Requested by
Host: cliente.multipluscard.com.br
URL: https://cliente.multipluscard.com.br/multipluscard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
189.50.133.172 Presidente Prudente, Brazil, ASN28330 (IFTNET Telecomunicacoes Ltda, BR),
Reverse DNS
189.50.133.172.iftnet.com.br
Software
Microsoft-IIS/10.0 /
Resource Hash
64e32fd6fc2aa53fdeccd64686fafd8c94ebfe3aaede560707bbe6a710fb1e60

Request headers

Referer
https://cliente.multipluscard.com.br/multipluscard
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 03:32:00 GMT
last-modified
Fri, 30 Dec 2022 14:42:17 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"4c80fde95c1cd91:0"
content-length
18717
content-type
application/javascript
jquery.validate.js
cliente.multipluscard.com.br/Content/plugins/jquery-validation/
48 KB
48 KB
Script
General
Full URL
https://cliente.multipluscard.com.br/Content/plugins/jquery-validation/jquery.validate.js
Requested by
Host: cliente.multipluscard.com.br
URL: https://cliente.multipluscard.com.br/multipluscard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
189.50.133.172 Presidente Prudente, Brazil, ASN28330 (IFTNET Telecomunicacoes Ltda, BR),
Reverse DNS
189.50.133.172.iftnet.com.br
Software
Microsoft-IIS/10.0 /
Resource Hash
37dfa28d3283387fe89e66763f143b439c2ad43dea883663316b49e583c70695

Request headers

Referer
https://cliente.multipluscard.com.br/multipluscard
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 03:32:00 GMT
last-modified
Fri, 30 Dec 2022 14:42:17 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"c871e8e95c1cd91:0"
content-length
49097
content-type
application/javascript
messages_pt_BR.js
cliente.multipluscard.com.br/Content/plugins/jquery-validation/localization/
6 KB
6 KB
Script
General
Full URL
https://cliente.multipluscard.com.br/Content/plugins/jquery-validation/localization/messages_pt_BR.js
Requested by
Host: cliente.multipluscard.com.br
URL: https://cliente.multipluscard.com.br/multipluscard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
189.50.133.172 Presidente Prudente, Brazil, ASN28330 (IFTNET Telecomunicacoes Ltda, BR),
Reverse DNS
189.50.133.172.iftnet.com.br
Software
Microsoft-IIS/10.0 /
Resource Hash
a8f39781fc1d5e0dbe1dc2d74e46662f994673fc6adb2b2a3b1abecf776caa38

Request headers

Referer
https://cliente.multipluscard.com.br/multipluscard
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 03:32:00 GMT
last-modified
Fri, 30 Dec 2022 14:42:17 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"b0e2eae95c1cd91:0"
content-length
5768
content-type
application/javascript
Util.js
cliente.multipluscard.com.br/Scripts/
4 KB
4 KB
Script
General
Full URL
https://cliente.multipluscard.com.br/Scripts/Util.js
Requested by
Host: cliente.multipluscard.com.br
URL: https://cliente.multipluscard.com.br/multipluscard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
189.50.133.172 Presidente Prudente, Brazil, ASN28330 (IFTNET Telecomunicacoes Ltda, BR),
Reverse DNS
189.50.133.172.iftnet.com.br
Software
Microsoft-IIS/10.0 /
Resource Hash
aa76065529959092c8aecba1d6d9b66cccb8663ad23f80784f7125162057f8b1

Request headers

Referer
https://cliente.multipluscard.com.br/multipluscard
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 03:32:01 GMT
last-modified
Fri, 30 Dec 2022 14:42:17 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"24853cea5c1cd91:0"
content-length
3821
content-type
application/javascript
OtimizationJquery.js
cliente.multipluscard.com.br/Content/scripts/js/
1 KB
1 KB
Script
General
Full URL
https://cliente.multipluscard.com.br/Content/scripts/js/OtimizationJquery.js
Requested by
Host: cliente.multipluscard.com.br
URL: https://cliente.multipluscard.com.br/multipluscard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
189.50.133.172 Presidente Prudente, Brazil, ASN28330 (IFTNET Telecomunicacoes Ltda, BR),
Reverse DNS
189.50.133.172.iftnet.com.br
Software
Microsoft-IIS/10.0 /
Resource Hash
b8b1147b1557d4212d158d3153c9c3c41b49703bf2141244357913052dc4115b

Request headers

Referer
https://cliente.multipluscard.com.br/multipluscard
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 03:32:01 GMT
last-modified
Tue, 18 Jul 2023 11:47:44 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"c12aa6aa6db9d91:0"
content-length
1187
content-type
application/javascript
loading_apple.gif
cliente.multipluscard.com.br/Content/images/
80 KB
80 KB
Image
General
Full URL
https://cliente.multipluscard.com.br/Content/images/loading_apple.gif
Requested by
Host: cliente.multipluscard.com.br
URL: https://cliente.multipluscard.com.br/multipluscard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
189.50.133.172 Presidente Prudente, Brazil, ASN28330 (IFTNET Telecomunicacoes Ltda, BR),
Reverse DNS
189.50.133.172.iftnet.com.br
Software
Microsoft-IIS/10.0 /
Resource Hash
05eb745176d79ec27d52d544582483fc4d0f6378c7ed2060be24dfc4e8990668

Request headers

Referer
https://cliente.multipluscard.com.br/multipluscard
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 03:32:01 GMT
last-modified
Fri, 30 Dec 2022 14:42:16 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"8429b7e95c1cd91:0"
content-length
81572
content-type
image/gif
materialize.css
cliente.multipluscard.com.br/Content/css/
10 KB
10 KB
Stylesheet
General
Full URL
https://cliente.multipluscard.com.br/Content/css/materialize.css
Requested by
Host: cliente.multipluscard.com.br
URL: https://cliente.multipluscard.com.br/Content/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
189.50.133.172 Presidente Prudente, Brazil, ASN28330 (IFTNET Telecomunicacoes Ltda, BR),
Reverse DNS
189.50.133.172.iftnet.com.br
Software
Microsoft-IIS/10.0 /
Resource Hash
7b2f89df16a192a7e270e6141d55f78dec66cef445ae07bd6e6bb1e0242bd434

Request headers

Referer
https://cliente.multipluscard.com.br/Content/css/style.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 03:32:00 GMT
last-modified
Fri, 30 Dec 2022 14:42:16 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"ac8b9be95c1cd91:0"
content-length
10217
content-type
text/css
mpxkkk01ej
www.clarity.ms/tag/
637 B
1002 B
Script
General
Full URL
https://www.clarity.ms/tag/mpxkkk01ej
Requested by
Host: cliente.multipluscard.com.br
URL: https://cliente.multipluscard.com.br/multipluscard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cb8e1250f641febd54da19d9b9cd9d7a0bc79f299273e389712d89f61c4fdaf2

Request headers

Referer
https://cliente.multipluscard.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
date
Sat, 17 Aug 2024 03:32:01 GMT
x-azure-ref
20240817T033201Z-r197bfdf7f7bkv9cerbt0405640000000mv0000000008848
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
637
expires
-1
backgroud.jpg
cliente.multipluscard.com.br/Content/perfil/multipluscard/
208 KB
208 KB
Image
General
Full URL
https://cliente.multipluscard.com.br/Content/perfil/multipluscard/backgroud.jpg
Requested by
Host: cliente.multipluscard.com.br
URL: https://cliente.multipluscard.com.br/multipluscard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
189.50.133.172 Presidente Prudente, Brazil, ASN28330 (IFTNET Telecomunicacoes Ltda, BR),
Reverse DNS
189.50.133.172.iftnet.com.br
Software
Microsoft-IIS/10.0 /
Resource Hash
79f33cacf801195e297bb4928f150c91996ebb1251a280cf2850acd394df13e4

Request headers

Referer
https://cliente.multipluscard.com.br/multipluscard
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 03:32:01 GMT
last-modified
Thu, 18 Apr 2019 14:44:36 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"062343ef5f5d41:0"
content-length
212859
content-type
image/jpeg
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&subset=latin,cyrillic-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cliente.multipluscard.com.br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 20:52:51 GMT
x-content-type-options
nosniff
age
110350
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18596
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Aug 2025 20:52:51 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&subset=latin,cyrillic-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cliente.multipluscard.com.br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 20:52:51 GMT
x-content-type-options
nosniff
age
110350
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18536
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Aug 2025 20:52:51 GMT
get_json.php
api.hostip.info/
103 B
653 B
XHR
General
Full URL
https://api.hostip.info/get_json.php
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.4.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:812d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54b50b69a0cf6420a2f7ea86edae817f545026510b3ecad56d6b356f887cf1fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://cliente.multipluscard.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
!invalid
date
Sat, 17 Aug 2024 03:32:01 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sat, 17 Aug 2024 03:32:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oV%2BLphVM%2FxokNrds2Yb4K42m%2FydjARg42sSkuukUYLUY%2FCQ9do6nCUg3ru5B%2FiZVv%2FH5DJUsTqk3pUeS%2FvuqB935B9NOlwx9WISlZEKb9duWEGTN0%2FfQSHtQ6F2no%2FXl6raNqrjAiel%2Bj865a8M%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=iso-8859-1
access-control-allow-origin
*
cache-control
public, max-age=86400
cf-ray
8b4698362e04a68d-MIA
alt-svc
h3=":443"; ma=86400
expires
Sun, 18 Aug 2024 03:32:01 GMT
clarity.js
www.clarity.ms/s/0.7.43/
62 KB
26 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.43/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/mpxkkk01ej
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1a2546c249d862b309b908069c73f6099c81362b9a5e5b4ba5f3c750471b0a76

Request headers

Referer
https://cliente.multipluscard.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 03:32:01 GMT
content-encoding
br
last-modified
Tue, 13 Aug 2024 20:00:47 GMT
etag
W/"0x8DCBBD29FD28C29"
vary
Accept-Encoding
x-azure-ref
20240817T033201Z-r197bfdf7f7bkv9cerbt0405640000000mv000000000884f
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
8c901dab-101e-0038-78ed-ed8a1b000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=5234441AA8C7462F9565009F6259597F&RedC=c.clarity.ms&MXFR=2F39ABD7880362A73B26BF098C036C12
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5234441AA8C7462F9565009F6259597F&MUID=0079BCE1DD226CF00C71A83FDC9C6DC7
42 B
442 B
Image
General
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5234441AA8C7462F9565009F6259597F&MUID=0079BCE1DD226CF00C71A83FDC9C6DC7
Protocol
H2
Server
20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://cliente.multipluscard.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Aug 2024 03:32:01 GMT
last-modified
Wed, 14 Aug 2024 17:35:32 GMT
server
Microsoft-IIS/10.0
etag
"bb391b5d70eeda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Sat, 17 Aug 2024 03:32:01 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 06830A5F2F734BD096676A5A1FD7E1C7 Ref B: MIAEDGE1718 Ref C: 2024-08-17T03:32:01Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5234441AA8C7462F9565009F6259597F&MUID=0079BCE1DD226CF00C71A83FDC9C6DC7
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
favicon.ico
cliente.multipluscard.com.br/Content/
1 KB
1 KB
Other
General
Full URL
https://cliente.multipluscard.com.br/Content/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
189.50.133.172 Presidente Prudente, Brazil, ASN28330 (IFTNET Telecomunicacoes Ltda, BR),
Reverse DNS
189.50.133.172.iftnet.com.br
Software
Microsoft-IIS/10.0 /
Resource Hash
401d6841fe0eda6d1518fd04be13bfe1d8abf44d8b0311986f8df4cb58e46818

Request headers

Referer
https://cliente.multipluscard.com.br/multipluscard
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 03:32:01 GMT
server
Microsoft-IIS/10.0
content-length
1279
content-type
text/html
collect
w.clarity.ms/
0
292 B
XHR
General
Full URL
https://w.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.43/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.124.156 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://cliente.multipluscard.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://cliente.multipluscard.com.br
Date
Sat, 17 Aug 2024 03:32:01 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
collect
w.clarity.ms/
0
292 B
XHR
General
Full URL
https://w.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.43/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.124.156 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://cliente.multipluscard.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://cliente.multipluscard.com.br
Date
Sat, 17 Aug 2024 03:32:02 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| imgError function| imageExists function| redirectHttpToHttps function| clarity function| $ function| jQuery object| Waves function| Util function| Otimization function| createCookie function| consultar

11 Cookies

Domain/Path Name / Value
cliente.multipluscard.com.br/ Name: ASP.NET_SessionId
Value: tm0jprllvboowtpey41l0xdw
www.clarity.ms/ Name: CLID
Value: dd46c6140191467885af96fb0682d2d6.20240817.20250817
.multipluscard.com.br/ Name: _clck
Value: 1dfsgyb%7C2%7Cfoe%7C0%7C1690
.multipluscard.com.br/ Name: _clsk
Value: p4svas%7C1723865521907%7C1%7C1%7Cw.clarity.ms%2Fcollect
.bing.com/ Name: MUID
Value: 0079BCE1DD226CF00C71A83FDC9C6DC7
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 0079BCE1DD226CF00C71A83FDC9C6DC7
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 0079BCE1DD226CF00C71A83FDC9C6DC7
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

1 Console Messages

Source Level URL
Text
network error URL: https://cliente.multipluscard.com.br/Content/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hostip.info
c.bing.com
c.clarity.ms
cliente.multipluscard.com.br
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
w.clarity.ms
www.clarity.ms
www.cliente.sistef.net
162.241.62.70
189.50.133.172
20.110.205.119
23.96.124.156
2606:4700:3034::ac43:812d
2607:f8b0:4006:80a::200a
2607:f8b0:4006:81f::2003
2620:1ec:29:1::40
2620:1ec:c11::237
2a04:4e42:600::649
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
05eb745176d79ec27d52d544582483fc4d0f6378c7ed2060be24dfc4e8990668
1a2546c249d862b309b908069c73f6099c81362b9a5e5b4ba5f3c750471b0a76
28357c5095201638397d80cb5a6f2b524172c6cb3de3c7ea24ae16a0ac3e1666
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
37dfa28d3283387fe89e66763f143b439c2ad43dea883663316b49e583c70695
401d6841fe0eda6d1518fd04be13bfe1d8abf44d8b0311986f8df4cb58e46818
54b50b69a0cf6420a2f7ea86edae817f545026510b3ecad56d6b356f887cf1fa
5512674a07827e30f3655512642e26f0097921168b0ee3a6c192b19a480701fb
64e32fd6fc2aa53fdeccd64686fafd8c94ebfe3aaede560707bbe6a710fb1e60
79f33cacf801195e297bb4928f150c91996ebb1251a280cf2850acd394df13e4
7b2f89df16a192a7e270e6141d55f78dec66cef445ae07bd6e6bb1e0242bd434
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
93a350a65afd577d3c05d60aecd5798871a28e14088933d291dff77ffb3bb456
93d1697ee9f1a843a40e09ef85127252bbd95ff577a44eb06990949cb6ad365b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99f8e38531ef0f60a6454d426fdf6310941fab2b3334f8d16838833d64e11e68
9ddde1c63360e83864b85233e486f12caf17c3669cd1b96c0d0a45e29909c547
a8f39781fc1d5e0dbe1dc2d74e46662f994673fc6adb2b2a3b1abecf776caa38
aa76065529959092c8aecba1d6d9b66cccb8663ad23f80784f7125162057f8b1
b8b1147b1557d4212d158d3153c9c3c41b49703bf2141244357913052dc4115b
cb8e1250f641febd54da19d9b9cd9d7a0bc79f299273e389712d89f61c4fdaf2
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
e058438bef54ec8f81fc86d4edb07fcf7da32531d3d52b2cd1ce94624329eb36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855