urlscan.io logo urlscan.io
SecurityTrails logo

paschoalotto.enviodeboleto.com.br Open in urlscan Pro
20.195.230.98  Public Scan

Go To Rescan Add Verdict Report
URL: https://paschoalotto.enviodeboleto.com.br/
Submission: On August 15 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 18 HTTP transactions. The main IP is 20.195.230.98, located in Campinas, Brazil and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is paschoalotto.enviodeboleto.com.br.
TLS certificate: Issued by R10 on August 15th 2024. Valid for: 3 months.
This is the only time paschoalotto.enviodeboleto.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 20.195.230.98 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
18 5
Apex Domain
Subdomains		 Transfer
13 enviodeboleto.com.br
paschoalotto.enviodeboleto.com.br
344 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
21 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 10
987 B
1 gstatic.com
www.gstatic.com
212 KB
18 4
Domain Requested by
13 paschoalotto.enviodeboleto.com.br paschoalotto.enviodeboleto.com.br
2 www.google-analytics.com paschoalotto.enviodeboleto.com.br
www.google-analytics.com
2 www.google.com paschoalotto.enviodeboleto.com.br
www.gstatic.com
1 www.gstatic.com www.google.com
18 4

This site contains links to these domains. Also see Links.

Domain
www.paschoalotto.com.br
Subject Issuer Validity Valid
paschoalotto.enviodeboleto.com.br
R10		 2024-08-15 -
2024-11-13		 3 months crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://paschoalotto.enviodeboleto.com.br/
Frame ID: D3B000EB2755E095342FAFFD509A3487
Requests: 19 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfk3JUUAAAAAANxhGrcFJSawq03AKX7C0qyNO-i&co=aHR0cHM6Ly9wYXNjaG9hbG90dG8uZW52aW9kZWJvbGV0by5jb20uYnI6NDQz&hl=de&v=hfUfsXWZFeg83qqxrK27GB8P&size=invisible&cb=ldjpn6bhwiri
Frame ID: 69B562C659478CD466A9E147A54BEF63
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Paschoalotto

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

18
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

578 kB
Transfer

1163 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
paschoalotto.enviodeboleto.com.br/ 		22 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://paschoalotto.enviodeboleto.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.195.230.98 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7b248eaf55b904be223d5cf1da31a052c3df94b1329ff1b8f6fe8d7e7ab31dfd
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: www.google-analytics.com; img-src 'self' https://imagens.servicodecampanhas.com data:; script-src 'self'; style-src 'self'; font-src 'self' https://fonts.gstatic.com; script-src-elem 'self' https://www.google.com https://www.google-analytics.com https://www.gstatic.com; frame-src 'self' https://www.google.com;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
private
content-length
22573
content-security-policy
default-src 'self' data: www.google-analytics.com; img-src 'self' https://imagens.servicodecampanhas.com data:; script-src 'self'; style-src 'self'; font-src 'self' https://fonts.gstatic.com; script-src-elem 'self' https://www.google.com https://www.google-analytics.com https://www.gstatic.com; frame-src 'self' https://www.google.com;
content-type
text/html; charset=utf-8
date
Thu, 15 Aug 2024 17:18:41 GMT
permissions-policy
geolocation=(self)
referrer-policy
strict-origin-when-cross-origin
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000;includeSubdomains
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
x-content-type-options
nosniff
x-frame-options
DENY
jquery-3.3.1.min.js
paschoalotto.enviodeboleto.com.br/Scripts/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paschoalotto.enviodeboleto.com.br/Scripts/jquery-3.3.1.min.js
Requested by
Host: paschoalotto.enviodeboleto.com.br
URL: https://paschoalotto.enviodeboleto.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.195.230.98 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: www.google-analytics.com; img-src 'self' https://imagens.servicodecampanhas.com data:; script-src 'self'; style-src 'self'; font-src 'self' https://fonts.gstatic.com; script-src-elem 'self' https://www.google.com https://www.google-analytics.com https://www.gstatic.com; frame-src 'self' https://www.google.com;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://paschoalotto.enviodeboleto.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: www.google-analytics.com; img-src 'self' https://imagens.servicodecampanhas.com data:; script-src 'self'; style-src 'self'; font-src 'self' https://fonts.gstatic.com; script-src-elem 'self' https://www.google.com https://www.google-analytics.com https://www.gstatic.com; frame-src 'self' https://www.google.com;
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000;includeSubdomains
last-modified
Tue, 04 Jun 2024 15:42:23 GMT
server
Microsoft-IIS/10.0
date
Thu, 15 Aug 2024 17:18:42 GMT
x-content-type-options
nosniff
etag
"8019d2ca95b6da1:0"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
permissions-policy
geolocation=(self)
accept-ranges
bytes
content-length
30401
api.js
www.google.com/recaptcha/ 		1 KB
987 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Lfk3JUUAAAAAANxhGrcFJSawq03AKX7C0qyNO-i
Requested by
Host: paschoalotto.enviodeboleto.com.br
URL: https://paschoalotto.enviodeboleto.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4258f3d9c53aaf4de464cad59e354cd0f541b041f2743f7e6acfcd1c9b02b890
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paschoalotto.enviodeboleto.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 17:18:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 15 Aug 2024 17:18:42 GMT
Inicio.js
paschoalotto.enviodeboleto.com.br/Scripts/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paschoalotto.enviodeboleto.com.br/Scripts/Inicio.js?v=20230502
Requested by
Host: paschoalotto.enviodeboleto.com.br
URL: https://paschoalotto.enviodeboleto.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.195.230.98 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
1f43ad93e0098af07821155b025e24b99719d65ac24a83dfbe420f2dc2bb34b3
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: www.google-analytics.com; img-src 'self' https://imagens.servicodecampanhas.com data:; script-src 'self'; style-src 'self'; font-src 'self' https://fonts.gstatic.com; script-src-elem 'self' https://www.google.com https://www.google-analytics.com https://www.gstatic.com; frame-src 'self' https://www.google.com;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://paschoalotto.enviodeboleto.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: www.google-analytics.com; img-src 'self' https://imagens.servicodecampanhas.com data:; script-src 'self'; style-src 'self'; font-src 'self' https://fonts.gstatic.com; script-src-elem 'self' https://www.google.com https://www.google-analytics.com https://www.gstatic.com; frame-src 'self' https://www.google.com;
strict-transport-security
max-age=31536000;includeSubdomains
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Tue, 04 Jun 2024 15:42:22 GMT
server
Microsoft-IIS/10.0
date
Thu, 15 Aug 2024 17:18:42 GMT
etag
"7f9469ca95b6da1:0"
x-frame-options
DENY
content-type
application/javascript
permissions-policy
geolocation=(self)
accept-ranges
bytes
content-length
10094
Principal.css
paschoalotto.enviodeboleto.com.br/Content/ 		484 B
602 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paschoalotto.enviodeboleto.com.br/Content/Principal.css
Requested by
Host: paschoalotto.enviodeboleto.com.br
URL: https://paschoalotto.enviodeboleto.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.195.230.98 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a15724a61faa414f38963763616b5b160fcca30d43545762f57344b5d1753bce
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: www.google-analytics.com; img-src 'self' https://imagens.servicodecampanhas.com data:; script-src 'self'; style-src 'self'; font-src 'self' https://fonts.gstatic.com; script-src-elem 'self' https://www.google.com https://www.google-analytics.com https://www.gstatic.com; frame-src 'self' https://www.google.com;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://paschoalotto.enviodeboleto.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: www.google-analytics.com; img-src 'self' https://imagens.servicodecampanhas.com data:; script-src 'self'; style-src 'self'; font-src 'self' https://fonts.gstatic.com; script-src-elem 'self' https://www.google.com https://www.google-analytics.com https://www.gstatic.com; frame-src 'self' https://www.google.com;
strict-transport-security
max-age=31536000;includeSubdomains
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Tue, 04 Jun 2024 15:42:21 GMT
server
Microsoft-IIS/10.0
date
Thu, 15 Aug 2024 17:18:42 GMT
etag
"c6787ca95b6da1:0"
x-frame-options
DENY
content-type
text/css
permissions-policy
geolocation=(self)
accept-ranges
bytes
content-length
484
lato.css
paschoalotto.enviodeboleto.com.br/Content/ 		5 KB
593 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paschoalotto.enviodeboleto.com.br/Content/lato.css
Requested by
Host: paschoalotto.enviodeboleto.com.br
URL: https://paschoalotto.enviodeboleto.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.195.230.98 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
1ac34f77ebc77ab9adf613fe1d44cba558c7151f0513a882559c5a70b1552d17
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: www.google-analytics.com; img-src 'self' https://imagens.servicodecampanhas.com data:; script-src 'self'; style-src 'self'; font-src 'self' https://fonts.gstatic.com; script-src-elem 'self' https://www.google.com https://www.google-analytics.com https://www.gstatic.com; frame-src 'self' https://www.google.com;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://paschoalotto.enviodeboleto.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: www.google-analytics.com; img-src 'self' https://imagens.servicodecampanhas.com data:; script-src 'self'; style-src 'self'; font-src 'self' https://fonts.gstatic.com; script-src-elem 'self' https://www.google.com https://www.google-analytics.com https://www.gstatic.com; frame-src 'self' https://www.google.com;
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000;includeSubdomains
last-modified
Tue, 04 Jun 2024 15:42:22 GMT
server
Microsoft-IIS/10.0
date
Thu, 15 Aug 2024 17:18:42 GMT
x-content-type-options
nosniff
etag
"08339ca95b6da1:0"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css
permissions-policy
geolocation=(self)
accept-ranges
bytes
content-length
492
bootstrap.4.1.3.min.css
paschoalotto.enviodeboleto.com.br/Content/ 		138 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paschoalotto.enviodeboleto.com.br/Content/bootstrap.4.1.3.min.css
Requested by
Host: paschoalotto.enviodeboleto.com.br
URL: https://paschoalotto.enviodeboleto.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.195.230.98 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3beb48429a842d5c330b9b4cc0a518652e1eca16121f40bdc1d4c41e4ff1a08c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: www.google-analytics.com; img-src 'self' https://imagens.servicodecampanhas.com data:; script-src 'self'; style-src 'self'; font-src 'self' https://fonts.gstatic.com; script-src-elem 'self' https://www.google.com https://www.google-analytics.com https://www.gstatic.com; frame-src 'self' https://www.google.com;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://paschoalotto.enviodeboleto.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: www.google-analytics.com; img-src 'self' https://imagens.servicodecampanhas.com data:; script-src 'self'; style-src 'self'; font-src 'self' https://fonts.gstatic.com; script-src-elem 'self' https://www.google.com https://www.google-analytics.com https://www.gstatic.com; frame-src 'self' https://www.google.com;
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000;includeSubdomains
last-modified
Tue, 04 Jun 2024 15:42:21 GMT
server
Microsoft-IIS/10.0
date
Thu, 15 Aug 2024 17:18:42 GMT
x-content-type-options
nosniff
etag
"80eca0c995b6da1:0"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css
permissions-policy
geolocation=(self)
accept-ranges
bytes
content-length
21012
fundo.css
paschoalotto.enviodeboleto.com.br/Content/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paschoalotto.enviodeboleto.com.br/Content/fundo.css
Requested by
Host: paschoalotto.enviodeboleto.com.br
URL: https://paschoalotto.enviodeboleto.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.195.230.98 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
07bb9dc4e1768bb8fbbbbdf2c6d2470f7c35e0aa80f81073662a6153d4d3677e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: www.google-analytics.com; img-src 'self' https://imagens.servicodecampanhas.com data:; script-src 'self'; style-src 'self'; font-src 'self' https://fonts.gstatic.com; script-src-elem 'self' https://www.google.com https://www.google-analytics.com https://www.gstatic.com; frame-src 'self' https://www.google.com;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://paschoalotto.enviodeboleto.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: www.google-analytics.com; img-src 'self' https://imagens.servicodecampanhas.com data:; script-src 'self'; style-src 'self'; font-src 'self' https://fonts.gstatic.com; script-src-elem 'self' https://www.google.com https://www.google-analytics.com https://www.gstatic.com; frame-src 'self' https://www.google.com;
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000;includeSubdomains
last-modified
Tue, 04 Jun 2024 15:42:22 GMT
server
Microsoft-IIS/10.0
date
Thu, 15 Aug 2024 17:18:42 GMT
x-content-type-options
nosniff
etag
"08339ca95b6da1:0"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css
permissions-policy
geolocation=(self)
accept-ranges
bytes
content-length
3193
loader.gif
paschoalotto.enviodeboleto.com.br/Content/images/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paschoalotto.enviodeboleto.com.br/Content/images/loader.gif
Requested by
Host: paschoalotto.enviodeboleto.com.br
URL: https://paschoalotto.enviodeboleto.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.195.230.98 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
8f547d425909cee93d373b8bc8753d8318b98ed63db11f403ce348eea8ff4c78
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: www.google-analytics.com; img-src 'self' https://imagens.servicodecampanhas.com data:; script-src 'self'; style-src 'self'; font-src 'self' https://fonts.gstatic.com; script-src-elem 'self' https://www.google.com https://www.google-analytics.com https://www.gstatic.com; frame-src 'self' https://www.google.com;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://paschoalotto.enviodeboleto.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: www.google-analytics.com; img-src 'self' https://imagens.servicodecampanhas.com data:; script-src 'self'; style-src 'self'; font-src 'self' https://fonts.gstatic.com; script-src-elem 'self' https://www.google.com https://www.google-analytics.com https://www.gstatic.com; frame-src 'self' https://www.google.com;
strict-transport-security
max-age=31536000;includeSubdomains
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Tue, 04 Jun 2024 15:42:22 GMT
server
Microsoft-IIS/10.0
date
Thu, 15 Aug 2024 17:18:42 GMT
etag
"e25543ca95b6da1:0"
x-frame-options
DENY
content-type
image/gif
permissions-policy
geolocation=(self)
accept-ranges
bytes
content-length
35091
bootstrap.4.1.3.min.js
paschoalotto.enviodeboleto.com.br/Scripts/ 		50 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paschoalotto.enviodeboleto.com.br/Scripts/bootstrap.4.1.3.min.js
Requested by
Host: paschoalotto.enviodeboleto.com.br
URL: https://paschoalotto.enviodeboleto.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.195.230.98 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4f3faeec469294b610f6ca82aa1cc2b3368fd56611b31c551c2ee224feadb411
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: www.google-analytics.com; img-src 'self' https://imagens.servicodecampanhas.com data:; script-src 'self'; style-src 'self'; font-src 'self' https://fonts.gstatic.com; script-src-elem 'self' https://www.google.com https://www.google-analytics.com https://www.gstatic.com; frame-src 'self' https://www.google.com;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://paschoalotto.enviodeboleto.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: www.google-analytics.com; img-src 'self' https://imagens.servicodecampanhas.com data:; script-src 'self'; style-src 'self'; font-src 'self' https://fonts.gstatic.com; script-src-elem 'self' https://www.google.com https://www.google-analytics.com https://www.gstatic.com; frame-src 'self' https://www.google.com;
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000;includeSubdomains
last-modified
Tue, 04 Jun 2024 15:42:22 GMT
server
Microsoft-IIS/10.0
date
Thu, 15 Aug 2024 17:18:42 GMT
x-content-type-options
nosniff
etag
"08339ca95b6da1:0"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
permissions-policy
geolocation=(self)
accept-ranges
bytes
content-length
14104
scripts.js
paschoalotto.enviodeboleto.com.br/Scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paschoalotto.enviodeboleto.com.br/Scripts/scripts.js
Requested by
Host: paschoalotto.enviodeboleto.com.br
URL: https://paschoalotto.enviodeboleto.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.195.230.98 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d40f541ea13b8a8f20a9fe3709e1108e83176b79d91e9b444cc118f985b981db
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: www.google-analytics.com; img-src 'self' https://imagens.servicodecampanhas.com data:; script-src 'self'; style-src 'self'; font-src 'self' https://fonts.gstatic.com; script-src-elem 'self' https://www.google.com https://www.google-analytics.com https://www.gstatic.com; frame-src 'self' https://www.google.com;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://paschoalotto.enviodeboleto.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: www.google-analytics.com; img-src 'self' https://imagens.servicodecampanhas.com data:; script-src 'self'; style-src 'self'; font-src 'self' https://fonts.gstatic.com; script-src-elem 'self' https://www.google.com https://www.google-analytics.com https://www.gstatic.com; frame-src 'self' https://www.google.com;
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000;includeSubdomains
last-modified
Tue, 04 Jun 2024 15:42:26 GMT
server
Microsoft-IIS/10.0
date
Thu, 15 Aug 2024 17:18:42 GMT
x-content-type-options
nosniff
etag
"0dd9bcc95b6da1:0"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
permissions-policy
geolocation=(self)
accept-ranges
bytes
content-length
1501
recaptcha__de.js
www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/ 		533 KB
212 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lfk3JUUAAAAAANxhGrcFJSawq03AKX7C0qyNO-i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab42d7c37f7928197cf2fb60407d97ebf6b8316f5bd3007d33b49d4ca0559e03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paschoalotto.enviodeboleto.com.br/
Origin
https://paschoalotto.enviodeboleto.com.br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 08:57:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30065
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
216180
x-xss-protection
0
last-modified
Mon, 29 Jul 2024 04:00:39 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Aug 2025 08:57:38 GMT
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8efa21712c5f4ab148631bae1ec8eb7670e1764aaf68eff61cabc5df3255d794

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpg;charset=utf-8
bg-home.jpg
paschoalotto.enviodeboleto.com.br/Content/images/ 		172 KB
172 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paschoalotto.enviodeboleto.com.br/Content/images/bg-home.jpg
Requested by
Host: paschoalotto.enviodeboleto.com.br
URL: https://paschoalotto.enviodeboleto.com.br/Content/fundo.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.195.230.98 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a7a394a47063949357c069784ec57eaa85332297cb16deafe920ee014a2b5894
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: www.google-analytics.com; img-src 'self' https://imagens.servicodecampanhas.com data:; script-src 'self'; style-src 'self'; font-src 'self' https://fonts.gstatic.com; script-src-elem 'self' https://www.google.com https://www.google-analytics.com https://www.gstatic.com; frame-src 'self' https://www.google.com;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://paschoalotto.enviodeboleto.com.br/Content/fundo.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: www.google-analytics.com; img-src 'self' https://imagens.servicodecampanhas.com data:; script-src 'self'; style-src 'self'; font-src 'self' https://fonts.gstatic.com; script-src-elem 'self' https://www.google.com https://www.google-analytics.com https://www.gstatic.com; frame-src 'self' https://www.google.com;
strict-transport-security
max-age=31536000;includeSubdomains
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Tue, 04 Jun 2024 15:42:22 GMT
server
Microsoft-IIS/10.0
date
Thu, 15 Aug 2024 17:18:42 GMT
etag
"e25543ca95b6da1:0"
x-frame-options
DENY
content-type
image/jpeg
permissions-policy
geolocation=(self)
accept-ranges
bytes
content-length
175783
truncated
/ 		266 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
mcenter.woff
paschoalotto.enviodeboleto.com.br/Content/fonts/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://paschoalotto.enviodeboleto.com.br/Content/fonts/mcenter.woff
Requested by
Host: paschoalotto.enviodeboleto.com.br
URL: https://paschoalotto.enviodeboleto.com.br/Content/fundo.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.195.230.98 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f0a60f93829cdf1f2fde657b720bd2873aff5af69e2e977a7b555ab5427e139e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: www.google-analytics.com; img-src 'self' https://imagens.servicodecampanhas.com data:; script-src 'self'; style-src 'self'; font-src 'self' https://fonts.gstatic.com; script-src-elem 'self' https://www.google.com https://www.google-analytics.com https://www.gstatic.com; frame-src 'self' https://www.google.com;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://paschoalotto.enviodeboleto.com.br/Content/fundo.css
Origin
https://paschoalotto.enviodeboleto.com.br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: www.google-analytics.com; img-src 'self' https://imagens.servicodecampanhas.com data:; script-src 'self'; style-src 'self'; font-src 'self' https://fonts.gstatic.com; script-src-elem 'self' https://www.google.com https://www.google-analytics.com https://www.gstatic.com; frame-src 'self' https://www.google.com;
strict-transport-security
max-age=31536000;includeSubdomains
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Tue, 04 Jun 2024 15:42:22 GMT
server
Microsoft-IIS/10.0
date
Thu, 15 Aug 2024 17:18:42 GMT
etag
"5fcb39ca95b6da1:0"
x-frame-options
DENY
content-type
font/x-woff
permissions-policy
geolocation=(self)
accept-ranges
bytes
content-length
4212
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: paschoalotto.enviodeboleto.com.br
URL: https://paschoalotto.enviodeboleto.com.br/Scripts/scripts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://paschoalotto.enviodeboleto.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Aug 2024 17:15:05 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
218
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 15 Aug 2024 19:15:05 GMT
collect
www.google-analytics.com/j/ 		3 B
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1900170626&t=pageview&_s=1&dl=https%3A%2F%2Fpaschoalotto.enviodeboleto.com.br%2F&ul=de-de&de=UTF-8&dt=Paschoalotto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=745931676&gjid=500134018&cid=588614817.1723742323&tid=UA-24996081-3&_gid=335002208.1723742323&_r=1&_slc=1&z=2128617792
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://paschoalotto.enviodeboleto.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Aug 2024 17:18:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://paschoalotto.enviodeboleto.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame 69B5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfk3JUUAAAAAANxhGrcFJSawq03AKX7C0qyNO-i&co=aHR0cHM6Ly9wYXNjaG9hbG90dG8uZW52aW9kZWJvbGV0by5jb20uYnI6NDQz&hl=de&v=hfUfsXWZFeg83qqxrK27GB8P&size=invisible&cb=ldjpn6bhwiri
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nfglGlSdXg-oKnPaijgntQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paschoalotto.enviodeboleto.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-nfglGlSdXg-oKnPaijgntQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 15 Aug 2024 17:18:43 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
favicon.ico
paschoalotto.enviodeboleto.com.br/ 		31 KB
31 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://paschoalotto.enviodeboleto.com.br/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.195.230.98 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a94f8a8553caea8430dd4ca3cc01d4e318d19828f74cb65453ffb7f5d9e2f44d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: www.google-analytics.com; img-src 'self' https://imagens.servicodecampanhas.com data:; script-src 'self'; style-src 'self'; font-src 'self' https://fonts.gstatic.com; script-src-elem 'self' https://www.google.com https://www.google-analytics.com https://www.gstatic.com; frame-src 'self' https://www.google.com;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://paschoalotto.enviodeboleto.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: www.google-analytics.com; img-src 'self' https://imagens.servicodecampanhas.com data:; script-src 'self'; style-src 'self'; font-src 'self' https://fonts.gstatic.com; script-src-elem 'self' https://www.google.com https://www.google-analytics.com https://www.gstatic.com; frame-src 'self' https://www.google.com;
strict-transport-security
max-age=31536000;includeSubdomains
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Tue, 04 Jun 2024 15:42:26 GMT
server
Microsoft-IIS/10.0
date
Thu, 15 Aug 2024 17:18:43 GMT
etag
"26125cd95b6da1:0"
x-frame-options
DENY
content-type
image/x-icon
permissions-policy
geolocation=(self)
accept-ranges
bytes
content-length
32038

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| $ function| jQuery object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| inserirNotificacao function| limparNotificacao function| acesso function| fCodigoAcesso function| capAndSubmit function| validarCaptcha function| acessoAutenticacaoToken function| selecionandoTipoDeEnvioMFA function| acessoToken object| bootstrap function| acessar function| geraAgenda string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| recaptcha object| closure_lm_307959

4 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09ADLqW1ZwrzCNB4ieHvJPRATUudaL_Ht-0cKEqj1nohA4lGxUIWbCyAt01E0EO6cll5G4q8oF5d98yhWCwuIkCis
.enviodeboleto.com.br/ Name: _ga
Value: GA1.3.588614817.1723742323
.enviodeboleto.com.br/ Name: _gid
Value: GA1.3.335002208.1723742323
.enviodeboleto.com.br/ Name: _gat
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' data: www.google-analytics.com; img-src 'self' https://imagens.servicodecampanhas.com data:; script-src 'self'; style-src 'self'; font-src 'self' https://fonts.gstatic.com; script-src-elem 'self' https://www.google.com https://www.google-analytics.com https://www.gstatic.com; frame-src 'self' https://www.google.com;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

paschoalotto.enviodeboleto.com.br
www.google-analytics.com
www.google.com
www.gstatic.com
20.195.230.98
2a00:1450:4001:813::200e
2a00:1450:4001:831::2003
2a00:1450:4001:831::2004
07bb9dc4e1768bb8fbbbbdf2c6d2470f7c35e0aa80f81073662a6153d4d3677e
1ac34f77ebc77ab9adf613fe1d44cba558c7151f0513a882559c5a70b1552d17
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f43ad93e0098af07821155b025e24b99719d65ac24a83dfbe420f2dc2bb34b3
3beb48429a842d5c330b9b4cc0a518652e1eca16121f40bdc1d4c41e4ff1a08c
4258f3d9c53aaf4de464cad59e354cd0f541b041f2743f7e6acfcd1c9b02b890
4f3faeec469294b610f6ca82aa1cc2b3368fd56611b31c551c2ee224feadb411
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
7b248eaf55b904be223d5cf1da31a052c3df94b1329ff1b8f6fe8d7e7ab31dfd
8efa21712c5f4ab148631bae1ec8eb7670e1764aaf68eff61cabc5df3255d794
8f547d425909cee93d373b8bc8753d8318b98ed63db11f403ce348eea8ff4c78
a15724a61faa414f38963763616b5b160fcca30d43545762f57344b5d1753bce
a7a394a47063949357c069784ec57eaa85332297cb16deafe920ee014a2b5894
a94f8a8553caea8430dd4ca3cc01d4e318d19828f74cb65453ffb7f5d9e2f44d
ab42d7c37f7928197cf2fb60407d97ebf6b8316f5bd3007d33b49d4ca0559e03
d40f541ea13b8a8f20a9fe3709e1108e83176b79d91e9b444cc118f985b981db
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
f0a60f93829cdf1f2fde657b720bd2873aff5af69e2e977a7b555ab5427e139e