urlscan.io logo urlscan.io
SecurityTrails logo

d2x3p3sltswtph.cloudfront.net Open in urlscan Pro
65.9.95.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://d2x3p3sltswtph.cloudfront.net/financas-pessoais/artigos/pagar-boleto
Submission: On August 06 via manual from BR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 30 HTTP transactions. The main IP is 65.9.95.44, located in United States and belongs to AMAZON-02, US. The main domain is d2x3p3sltswtph.cloudfront.net.
TLS certificate: Issued by Amazon RSA 2048 M01 on October 10th 2023. Valid for: a year.
This is the only time d2x3p3sltswtph.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

12    65.9.95.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-44.prg50.r.cloudfront.net
d2x3p3sltswtph.cloudfront.net
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    65.9.95.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-111.prg50.r.cloudfront.net
sb.scorecardresearch.com
1    2600:9000:2127:3000:11:870e:3ac0:93a1 (United States)

ASN16509 (AMAZON-02, US)
confia-assets.iq.com.br
1    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
3    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2400:52e0:1e00::1082:1 (Germany)

ASN60068 (CDN77 _, GB)
a.omappapi.com
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
12 cloudfront.net
d2x3p3sltswtph.cloudfront.net
251 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
region1.google-analytics.com — Cisco Umbrella Rank: 3123
21 KB
4 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 641
fonts.googleapis.com — Cisco Umbrella Rank: 110
10 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
268 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 278
3 KB
2 omappapi.com
a.omappapi.com — Cisco Umbrella Rank: 9699
21 KB
2 gstatic.com
fonts.gstatic.com
48 KB
1 youtube.com
www.youtube.com — Cisco Umbrella Rank: 84
1 iq.com.br
confia-assets.iq.com.br
34 KB
30 9
Domain Requested by
12 d2x3p3sltswtph.cloudfront.net 1 redirects d2x3p3sltswtph.cloudfront.net
3 www.googletagmanager.com d2x3p3sltswtph.cloudfront.net
www.googletagmanager.com
www.google-analytics.com
3 fonts.googleapis.com ajax.googleapis.com
confia-assets.iq.com.br
3 sb.scorecardresearch.com 1 redirects d2x3p3sltswtph.cloudfront.net
2 region1.google-analytics.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 a.omappapi.com d2x3p3sltswtph.cloudfront.net
a.omappapi.com
2 fonts.gstatic.com fonts.googleapis.com
1 www.youtube.com d2x3p3sltswtph.cloudfront.net
1 confia-assets.iq.com.br d2x3p3sltswtph.cloudfront.net
1 ajax.googleapis.com d2x3p3sltswtph.cloudfront.net
30 11

This site contains links to these domains. Also see Links.

Domain
www.iq.com.br
www.facebook.com
www.instagram.com
www.youtube.com
www.linkedin.com
www.tiktok.com
Subject Issuer Validity Valid
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
confia-assets.iq.com.br
Amazon RSA 2048 M03		 2023-12-17 -
2025-01-15		 a year crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
a.omappapi.com
R11		 2024-06-25 -
2024-09-23		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://d2x3p3sltswtph.cloudfront.net/financas-pessoais/artigos/pagar-boleto
Frame ID: 615B5A589CBBDBEEA9A7FBEEBBC49FE0
Requests: 29 HTTP requests in this frame

Frame: https://www.youtube.com/embed/IYhvbWStVoY
Frame ID: 77958AB6566C4579A426ECAE097AAEC7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Pagar boleto: confira aqui a forma de automatizar e facilitar os pagamentos

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

30
Requests

93 %
HTTPS

82 %
IPv6

9
Domains

11
Subdomains

11
IPs

2
Countries

654 kB
Transfer

1701 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://sb.scorecardresearch.com/cs/31824268/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 27
  • https://d2x3p3sltswtph.cloudfront.net/favicon.ico HTTP 302
  • https://d2x3p3sltswtph.cloudfront.net/wp-content/uploads/2019/07/Logo-IQ-2019-150x150.png

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request pagar-boleto
d2x3p3sltswtph.cloudfront.net/financas-pessoais/artigos/ 		70 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d2x3p3sltswtph.cloudfront.net/financas-pessoais/artigos/pagar-boleto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-44.prg50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1n / PHP/7.4.25
Resource Hash
da00615952d39e535e3ec6435c90ceaa04d9612adccbafef269b6b2fe802e1a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
24037
content-type
text/html; charset=UTF-8
date
Tue, 06 Aug 2024 04:36:53 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://d2x3p3sltswtph.cloudfront.net/wp-json/>; rel="https://api.w.org/", <https://d2x3p3sltswtph.cloudfront.net/wp-json/wp/v2/posts/44111>; rel="alternate"; type="application/json", <https://d2x3p3sltswtph.cloudfront.net/?p=44111>; rel=shortlink
pragma
no-cache
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1n
vary
Accept-Encoding
via
1.1 aa90ed38e679f04bd48e055cce602e20.cloudfront.net (CloudFront)
x-amz-cf-id
76-hvqP1Y9dZXHzOjQMI58zwt6__I1EAirieUMJJbVwYG35OljyIiw==
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
x-pingback
https://d2x3p3sltswtph.cloudfront.net/xmlrpc.php
x-powered-by
PHP/7.4.25
single.css
d2x3p3sltswtph.cloudfront.net/wp-content/themes/iq/build/css/ 		105 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2x3p3sltswtph.cloudfront.net/wp-content/themes/iq/build/css/single.css?ver=494290000
Requested by
Host: d2x3p3sltswtph.cloudfront.net
URL: https://d2x3p3sltswtph.cloudfront.net/financas-pessoais/artigos/pagar-boleto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-44.prg50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1n /
Resource Hash
c64b76d02cb662b2188db8ec3c610efde8dcb4b83b90d3395b28ed1a10f9ba97

Request headers

Referer
https://d2x3p3sltswtph.cloudfront.net/financas-pessoais/artigos/pagar-boleto
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 20:47:59 GMT
content-encoding
gzip
via
1.1 aa90ed38e679f04bd48e055cce602e20.cloudfront.net (CloudFront)
last-modified
Tue, 04 Jul 2023 21:03:53 GMT
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop
PRG50-C1
age
28134
etag
"1a57c-5ffaf9eda7ec5-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
15115
x-amz-cf-id
0rBY5qqLZ5RnVkF8zwfuLhXovBqcuNpQiRaHhMs4ZNndFKH_deeuQw==
main.js
d2x3p3sltswtph.cloudfront.net/wp-content/themes/iq/build/js/ 		88 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2x3p3sltswtph.cloudfront.net/wp-content/themes/iq/build/js/main.js?ver=494290000
Requested by
Host: d2x3p3sltswtph.cloudfront.net
URL: https://d2x3p3sltswtph.cloudfront.net/financas-pessoais/artigos/pagar-boleto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-44.prg50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1n /
Resource Hash
7246cfa52b252e17cc517f92823968d8f25d586665752216216921f338c0cc83

Request headers

Referer
https://d2x3p3sltswtph.cloudfront.net/financas-pessoais/artigos/pagar-boleto
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 20:47:58 GMT
content-encoding
gzip
via
1.1 aa90ed38e679f04bd48e055cce602e20.cloudfront.net (CloudFront)
last-modified
Tue, 04 Jul 2023 21:03:53 GMT
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop
PRG50-C1
age
28135
etag
"15ff8-5ffaf9edc0568-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
24646
x-amz-cf-id
Zqy3UdUCAlLioZOU88gz8mrs28wrxrXPIRVdfC4T26MqlzIS8T-4FA==
style.min.css
d2x3p3sltswtph.cloudfront.net/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2x3p3sltswtph.cloudfront.net/wp-includes/css/dist/block-library/style.min.css?ver=5.8.10
Requested by
Host: d2x3p3sltswtph.cloudfront.net
URL: https://d2x3p3sltswtph.cloudfront.net/financas-pessoais/artigos/pagar-boleto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-44.prg50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1n /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Referer
https://d2x3p3sltswtph.cloudfront.net/financas-pessoais/artigos/pagar-boleto
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 04:36:53 GMT
content-encoding
gzip
via
1.1 aa90ed38e679f04bd48e055cce602e20.cloudfront.net (CloudFront)
last-modified
Tue, 04 Jul 2023 21:03:56 GMT
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop
PRG50-C1
etag
"13abe-5ffaf9f148a77-gzip"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
10523
x-amz-cf-id
5WKN53mUhYjWO7QZSXEAbyzqn3wePxbApPjFNARd6jKeHTdS00M0vw==
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: d2x3p3sltswtph.cloudfront.net
URL: https://d2x3p3sltswtph.cloudfront.net/financas-pessoais/artigos/pagar-boleto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d2x3p3sltswtph.cloudfront.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 12:52:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56658
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Aug 2025 12:52:35 GMT
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/31824268/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: d2x3p3sltswtph.cloudfront.net
URL: https://d2x3p3sltswtph.cloudfront.net/financas-pessoais/artigos/pagar-boleto
Protocol
H2
Server
65.9.95.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-111.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

Referer
https://d2x3p3sltswtph.cloudfront.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 04:35:21 GMT
content-encoding
gzip
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:02:23 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
93
x-amz-server-side-encryption
AES256
etag
W/"77ff4ede4693897337a38594321529a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
couWDEngM1JkJtXGPIzXTHohj3PHxHSjCYq3q4K46tnJy3GkLbRnTw==

Redirect headers

date
Tue, 06 Aug 2024 04:36:53 GMT
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
location
/internal-cs/default/beacon.js
content-length
0
x-amz-cf-id
TKf9FiA_5pYEVOnEsAepFICfIeUKZF2VyGn9BA0Q1p9ifiqYeRM5ag==
sprite.svg
d2x3p3sltswtph.cloudfront.net/wp-content/themes/iq/build/img/ 		17 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2x3p3sltswtph.cloudfront.net/wp-content/themes/iq/build/img/sprite.svg?ver=494290000
Requested by
Host: d2x3p3sltswtph.cloudfront.net
URL: https://d2x3p3sltswtph.cloudfront.net/financas-pessoais/artigos/pagar-boleto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-44.prg50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1n /
Resource Hash
e29c58303cb2701d33758964ebcddf3cf69bda61324e4def68b289bafe291efc

Request headers

Referer
https://d2x3p3sltswtph.cloudfront.net/financas-pessoais/artigos/pagar-boleto
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 04:36:53 GMT
content-encoding
br
via
1.1 aa90ed38e679f04bd48e055cce602e20.cloudfront.net (CloudFront)
last-modified
Tue, 04 Jul 2023 21:03:53 GMT
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop
PRG50-C1
etag
W/"453e-5ffaf9edb9807"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
x-amz-cf-id
zpbAgHyMn4jX65KWPBp4y8qcC_jbufcbUSCzVM2trBX2-FvLnoEF3Q==
relyscript.js
confia-assets.iq.com.br/ 		33 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confia-assets.iq.com.br/relyscript.js
Requested by
Host: d2x3p3sltswtph.cloudfront.net
URL: https://d2x3p3sltswtph.cloudfront.net/financas-pessoais/artigos/pagar-boleto
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:3000:11:870e:3ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
058ab9166c7e767944148a79b733c99490cadce24fdde2e9419cb4efacc89802

Request headers

Referer
https://d2x3p3sltswtph.cloudfront.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 05 Aug 2024 08:57:04 GMT
Via
1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
Last-Modified
Tue, 19 Mar 2024 15:27:45 GMT
Server
AmazonS3
X-Amz-Cf-Pop
PRG50-C1
Age
70790
x-amz-server-side-encryption
AES256
ETag
"17f191d68a52e0ac81305fa83d1b7d22"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33965
X-Amz-Cf-Id
nqyGlVQVznnYAbbR7OhUchXuYC1M2j92ToT9zR8CB2ydjybCeiWtXA==
IYhvbWStVoY
www.youtube.com/embed/ Frame 7795 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/IYhvbWStVoY
Requested by
Host: d2x3p3sltswtph.cloudfront.net
URL: https://d2x3p3sltswtph.cloudfront.net/financas-pessoais/artigos/pagar-boleto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d2x3p3sltswtph.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Aug 2024 04:36:53 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3ff27e82d78a471905edf58f54d412011e0f3b07cb596b50d425151e7df84404
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://d2x3p3sltswtph.cloudfront.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Aug 2024 04:36:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 06 Aug 2024 03:19:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Aug 2024 04:36:53 GMT
b
sb.scorecardresearch.com/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=31824268&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1722919013517&ns_c=UTF-8&cs_ucfr=1&c7=https%3A%2F%2Fd2x3p3sltswtph.cloudfront.net%2Ffinancas-pessoais%2Fartigos%2Fpagar-boleto&c8=Pagar%20boleto%3A%20confira%20aqui%20a%20forma%20de%20automatizar%20e%20facilitar%20os%20pagamentos&c9=
Requested by
Host: d2x3p3sltswtph.cloudfront.net
URL: https://d2x3p3sltswtph.cloudfront.net/financas-pessoais/artigos/pagar-boleto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-111.prg50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d2x3p3sltswtph.cloudfront.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 04:36:53 GMT
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
PRG50-C1
x-amz-cf-id
dgAcJVHmXDdHrQLs5pQWLJ3R6NqWHqfNcMefcs3U3zUldcm-j3az0A==
x-cache
Miss from cloudfront
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://d2x3p3sltswtph.cloudfront.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 14:56:39 GMT
x-content-type-options
nosniff
age
567614
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Jul 2025 14:56:39 GMT
gtm.js
www.googletagmanager.com/ 		222 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5RJHW4C
Requested by
Host: d2x3p3sltswtph.cloudfront.net
URL: https://d2x3p3sltswtph.cloudfront.net/financas-pessoais/artigos/pagar-boleto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f205c24874e22f3fc0ae0abc5eb643a0c044d7711b424179b03b29284a7e6844
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://d2x3p3sltswtph.cloudfront.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 04:36:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80665
x-xss-protection
0
last-modified
Tue, 06 Aug 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 06 Aug 2024 04:36:53 GMT
api.min.js
a.omappapi.com/app/js/ 		51 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/api.min.js
Requested by
Host: d2x3p3sltswtph.cloudfront.net
URL: https://d2x3p3sltswtph.cloudfront.net/financas-pessoais/artigos/pagar-boleto
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
13c309d0ebac3484b78106413ee31f46abfc690429c64ddf6ceb1b1838424ada

Request headers

Referer
https://d2x3p3sltswtph.cloudfront.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 04:36:53 GMT
content-encoding
br
cdn-edgestorageid
1080
perma-cache
MISS
x-amz-request-id
WVY5207DBBQC12HJ
x-amz-server-side-encryption
AES256
cdn-cachedat
08/05/2024 20:43:38
cdn-pullzone
293267
x-amz-id-2
V3ayHKTNT9Y1+de+RkjGeTSaXuVl1AtXRKIIOWVnoF2tnHSzH7TlV66D7QM54SKjU2jU4EpBgQM=
last-modified
Wed, 10 Jul 2024 18:34:03 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"4609ac165f33a0df887becc0f8f609d8"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
2a3f40f313e5246ee348399b91ce18ea
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
single.js
d2x3p3sltswtph.cloudfront.net/wp-content/themes/iq/build/js/ 		104 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2x3p3sltswtph.cloudfront.net/wp-content/themes/iq/build/js/single.js?ver=494290000
Requested by
Host: d2x3p3sltswtph.cloudfront.net
URL: https://d2x3p3sltswtph.cloudfront.net/wp-content/themes/iq/build/js/main.js?ver=494290000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-44.prg50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1n /
Resource Hash
4d1a79171609c1a1f7bae61be234ed986f4ab033cf7c81a8dba7ff368a19ed43

Request headers

Referer
https://d2x3p3sltswtph.cloudfront.net/financas-pessoais/artigos/pagar-boleto
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 04:36:54 GMT
content-encoding
gzip
via
1.1 aa90ed38e679f04bd48e055cce602e20.cloudfront.net (CloudFront)
last-modified
Tue, 04 Jul 2023 21:03:53 GMT
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop
PRG50-C1
etag
"19e72-5ffaf9edc72c8-gzip"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
24380
x-amz-cf-id
YephXoqdBCdf7gUqfjdzq7giTmO6js5jhkUJCiahv0y-r93mlvDtMQ==
shutterstock_153544520-770x478.jpg
d2x3p3sltswtph.cloudfront.net/wp-content/uploads/2019/09/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2x3p3sltswtph.cloudfront.net/wp-content/uploads/2019/09/shutterstock_153544520-770x478.jpg
Requested by
Host: d2x3p3sltswtph.cloudfront.net
URL: https://d2x3p3sltswtph.cloudfront.net/financas-pessoais/artigos/pagar-boleto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-44.prg50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1n /
Resource Hash
bb810cc712bf5c824e242445a288bdb800d9051474de837293dd78f32d11d3aa

Request headers

Referer
https://d2x3p3sltswtph.cloudfront.net/financas-pessoais/artigos/pagar-boleto
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 04:36:53 GMT
via
1.1 aa90ed38e679f04bd48e055cce602e20.cloudfront.net (CloudFront)
last-modified
Thu, 13 Jan 2022 18:17:46 GMT
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop
PRG50-C1
etag
"a44e-5d57ab3fd4680"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
42062
x-amz-cf-id
8cl_l4SCKlBEVLNkLMHBVVUNaPl1RTLbr769FjQpv-1HX6vrXIZpuA==
iq1.jpg
d2x3p3sltswtph.cloudfront.net/wp-content/uploads/2019/09/ 		94 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2x3p3sltswtph.cloudfront.net/wp-content/uploads/2019/09/iq1.jpg
Requested by
Host: d2x3p3sltswtph.cloudfront.net
URL: https://d2x3p3sltswtph.cloudfront.net/financas-pessoais/artigos/pagar-boleto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-44.prg50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1n /
Resource Hash
e5a88b425767b03944c4d2215a6e36bb7ee1de28d5f6d93d17815c6a3d44ea0e

Request headers

Referer
https://d2x3p3sltswtph.cloudfront.net/financas-pessoais/artigos/pagar-boleto
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 04:36:54 GMT
via
1.1 aa90ed38e679f04bd48e055cce602e20.cloudfront.net (CloudFront)
last-modified
Thu, 13 Jan 2022 18:17:46 GMT
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop
PRG50-C1
etag
"178c2-5d57ab3fd4680"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
96450
x-amz-cf-id
ogfyUhUTKzIaFc-lFliuPY3Dih-cwN7wxNj95frQw4IXw2Oc65NILQ==
api.min.css
a.omappapi.com/app/js/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/api.min.css
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
d97ea24841d9881b6b38caf9174e468db2c6a133cc325320d5720b0783a37d06

Request headers

Referer
https://d2x3p3sltswtph.cloudfront.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 04:36:53 GMT
content-encoding
br
cdn-edgestorageid
1081
perma-cache
HIT
cdn-storageserver
DE-664
cdn-cachedat
08/05/2024 20:43:38
cdn-pullzone
293267
last-modified
Mon, 05 Aug 2024 16:05:07 GMT
server
BunnyCDN-DE1-1082
cdn-fileserver
728
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"66b0f833-2644"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
7b1fcfe3f4a4264942deb9b88b410fd7
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
css2
fonts.googleapis.com/ 		23 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700&display=swap
Requested by
Host: confia-assets.iq.com.br
URL: https://confia-assets.iq.com.br/relyscript.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6ca843c8152080da9858beb844feafe1264162fa3285d61286251ef9be1537e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://d2x3p3sltswtph.cloudfront.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Aug 2024 04:36:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 06 Aug 2024 03:07:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Aug 2024 04:36:53 GMT
js
www.googletagmanager.com/gtag/ 		276 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-E1CYMJL0GW&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RJHW4C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
30a09cb234ed6bd3a07809350cbb8947e0aa6628e26fcce008650c5f85ded445
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://d2x3p3sltswtph.cloudfront.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 04:36:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96861
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 06 Aug 2024 04:36:53 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RJHW4C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://d2x3p3sltswtph.cloudfront.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 06 Aug 2024 02:40:39 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6974
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 06 Aug 2024 04:40:39 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-E1CYMJL0GW&gtm=45je47v0v886741622z8811370536za200zb811370536&_p=1722919013700&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=1696861842.1722919014&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722919013&sct=1&seg=0&dl=https%3A%2F%2Fd2x3p3sltswtph.cloudfront.net%2Ffinancas-pessoais%2Fartigos%2Fpagar-boleto&dt=Pagar%20boleto%3A%20confira%20aqui%20a%20forma%20de%20automatizar%20e%20facilitar%20os%20pagamentos&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1379
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E1CYMJL0GW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://d2x3p3sltswtph.cloudfront.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 04:36:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://d2x3p3sltswtph.cloudfront.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		15 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=722733748&t=pageview&_s=1&dl=https%3A%2F%2Fd2x3p3sltswtph.cloudfront.net%2Ffinancas-pessoais%2Fartigos%2Fpagar-boleto&ul=de-de&de=UTF-8&dt=Pagar%20boleto%3A%20confira%20aqui%20a%20forma%20de%20automatizar%20e%20facilitar%20os%20pagamentos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=282717536&gjid=566231348&cid=1696861842.1722919014&tid=UA-103398414-6&_gid=475596235.1722919014&_r=1&_slc=1&gtm=45He47v0n815RJHW4Cv811370536za200&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=95250753&npa=1&z=641864488
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
845c5f9cbe459aa94103c4d0f1c333a452a76ee19ee28597a81a14c40f013057
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://d2x3p3sltswtph.cloudfront.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 04:36:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://d2x3p3sltswtph.cloudfront.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		271 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XTTNPLH3B2&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
829dc5cace145baa63afa959f206521231e6548306961e3ddd0a20f584ad3e65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://d2x3p3sltswtph.cloudfront.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 04:36:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96322
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 06 Aug 2024 04:36:54 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-XTTNPLH3B2&gtm=45je47v0v9123294970za200&_p=1722919013700&gcd=13l3l3l2l3&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&ul=de-de&sr=1600x1200&cid=1696861842.1722919014&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fd2x3p3sltswtph.cloudfront.net%2Ffinancas-pessoais%2Fartigos%2Fpagar-boleto&dt=Pagar%20boleto%3A%20confira%20aqui%20a%20forma%20de%20automatizar%20e%20facilitar%20os%20pagamentos&sid=1722919014&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1553
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XTTNPLH3B2&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://d2x3p3sltswtph.cloudfront.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 04:36:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://d2x3p3sltswtph.cloudfront.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logger.js
d2x3p3sltswtph.cloudfront.net/wp-content/themes/iq/build/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2x3p3sltswtph.cloudfront.net/wp-content/themes/iq/build/js/logger.js
Requested by
Host: d2x3p3sltswtph.cloudfront.net
URL: https://d2x3p3sltswtph.cloudfront.net/wp-content/themes/iq/build/js/main.js?ver=494290000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-44.prg50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1n /
Resource Hash
5fcf81f2be775da8b1e2dcd1291d07632b45e27a900866be44b7e7db0fc7f8c7

Request headers

Referer
https://d2x3p3sltswtph.cloudfront.net/financas-pessoais/artigos/pagar-boleto
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 04:36:54 GMT
content-encoding
gzip
via
1.1 aa90ed38e679f04bd48e055cce602e20.cloudfront.net (CloudFront)
last-modified
Tue, 04 Jul 2023 21:03:53 GMT
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop
PRG50-C1
etag
"918-5ffaf9edbf5c7-gzip"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
1054
x-amz-cf-id
S7Ozczkd0N9gFLPxQ7DrYN3vvEk2_TMwjJQl7FjqP9tsacUPa3KAsQ==
css2
fonts.googleapis.com/ 		23 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700&display=swap
Requested by
Host: confia-assets.iq.com.br
URL: https://confia-assets.iq.com.br/relyscript.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6ca843c8152080da9858beb844feafe1264162fa3285d61286251ef9be1537e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://d2x3p3sltswtph.cloudfront.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 04:36:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 06 Aug 2024 03:07:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Aug 2024 04:36:53 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://d2x3p3sltswtph.cloudfront.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 14:56:39 GMT
x-content-type-options
nosniff
age
567614
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Jul 2025 14:56:39 GMT
Logo-IQ-2019-150x150.png
d2x3p3sltswtph.cloudfront.net/wp-content/uploads/2019/07/
Redirect Chain
  • https://d2x3p3sltswtph.cloudfront.net/favicon.ico
  • https://d2x3p3sltswtph.cloudfront.net/wp-content/uploads/2019/07/Logo-IQ-2019-150x150.png
6 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d2x3p3sltswtph.cloudfront.net/wp-content/uploads/2019/07/Logo-IQ-2019-150x150.png
Protocol
H2
Server
65.9.95.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-44.prg50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1n /
Resource Hash
f2e1bc91b71fb8145e778375afb755a3ca7a60fdbcd3b9482ec4879d1b115691

Request headers

Referer
https://d2x3p3sltswtph.cloudfront.net/financas-pessoais/artigos/pagar-boleto
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 04:36:55 GMT
via
1.1 aa90ed38e679f04bd48e055cce602e20.cloudfront.net (CloudFront)
last-modified
Thu, 13 Jan 2022 18:17:45 GMT
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop
PRG50-C1
etag
"19ff-5d57ab3ee0440"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
6655
x-amz-cf-id
UbMMIfvoT_DgWoaJuNf2GyzG_r7l5dz8nkwAeqzjTMcsT-nYdibQew==

Redirect headers

pragma
no-cache
date
Tue, 06 Aug 2024 04:36:55 GMT
via
1.1 aa90ed38e679f04bd48e055cce602e20.cloudfront.net (CloudFront)
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop
PRG50-C1
x-powered-by
PHP/7.4.25
x-redirect-by
WordPress
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
location
https://d2x3p3sltswtph.cloudfront.net/wp-content/uploads/2019/07/Logo-IQ-2019-150x150.png
cache-control
no-store, no-cache, must-revalidate
link
<https://d2x3p3sltswtph.cloudfront.net/wp-json/>; rel="https://api.w.org/"
content-length
0
x-amz-cf-id
M6D40oBUsPnhuFRWpVJtsF9uabmAohNwLtMr2hsskz_CNDNmg00APQ==
expires
Thu, 19 Nov 1981 08:52:00 GMT
Logo-IQ-2019-150x150.png
d2x3p3sltswtph.cloudfront.net/wp-content/uploads/2019/07/ 		6 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d2x3p3sltswtph.cloudfront.net/wp-content/uploads/2019/07/Logo-IQ-2019-150x150.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-44.prg50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1n /
Resource Hash
f2e1bc91b71fb8145e778375afb755a3ca7a60fdbcd3b9482ec4879d1b115691

Request headers

Referer
https://d2x3p3sltswtph.cloudfront.net/financas-pessoais/artigos/pagar-boleto
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 04:36:55 GMT
via
1.1 aa90ed38e679f04bd48e055cce602e20.cloudfront.net (CloudFront)
last-modified
Thu, 13 Jan 2022 18:17:45 GMT
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop
PRG50-C1
etag
"19ff-5d57ab3ee0440"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
6655
x-amz-cf-id
UbMMIfvoT_DgWoaJuNf2GyzG_r7l5dz8nkwAeqzjTMcsT-nYdibQew==

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| IQ object| WebFontConfig object| _comscore object| thirdParty object| ajax object| relyconfig object| WebFont object| COMSCORE object| ns_p object| dataLayer object| omapi_data function| webpackJsonp object| regeneratorRuntime object| webpackChunkom_api_js object| _omapp function| OptinMonsterApp boolean| om_loaded object| reactiveElementVersions object| litHtmlVersions object| litElementVersions object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData

11 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: mpxhARBvbOc
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: w8sl0kxyZns
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgFA%3D%3D
.d2x3p3sltswtph.cloudfront.net/ Name: _ga_E1CYMJL0GW
Value: GS1.1.1722919013.1.0.1722919013.0.0.0
.d2x3p3sltswtph.cloudfront.net/ Name: _ga
Value: GA1.3.1696861842.1722919014
.d2x3p3sltswtph.cloudfront.net/ Name: _gid
Value: GA1.3.475596235.1722919014
.d2x3p3sltswtph.cloudfront.net/ Name: _gat_UA-103398414-6
Value: 1
.d2x3p3sltswtph.cloudfront.net/ Name: _ga_XTTNPLH3B2
Value: GS1.3.1722919014.1.0.1722919014.0.0.0
d2x3p3sltswtph.cloudfront.net/ Name: AWSALB
Value: 94fGlChrrWvYiI24CLl68iHIybnh4H2buEEhbAP7mlNNx271Nzxb37ECRSd1s3jy0A5AOJHQQ1a8yu6fuYOeiE6iaRVudnFUUrNWUh6P3CriAQ2r5Fkarw7HvBw4
d2x3p3sltswtph.cloudfront.net/ Name: AWSALBCORS
Value: 94fGlChrrWvYiI24CLl68iHIybnh4H2buEEhbAP7mlNNx271Nzxb37ECRSd1s3jy0A5AOJHQQ1a8yu6fuYOeiE6iaRVudnFUUrNWUh6P3CriAQ2r5Fkarw7HvBw4
d2x3p3sltswtph.cloudfront.net/ Name: PHPSESSID
Value: aecjjipom823gtepmn9a3qfvd7

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.omappapi.com
ajax.googleapis.com
confia-assets.iq.com.br
d2x3p3sltswtph.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
region1.google-analytics.com
sb.scorecardresearch.com
www.google-analytics.com
www.googletagmanager.com
www.youtube.com
2001:4860:4802:32::36
2400:52e0:1e00::1082:1
2600:9000:2127:3000:11:870e:3ac0:93a1
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::200a
2a00:1450:4001:830::200a
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
65.9.95.111
65.9.95.44
058ab9166c7e767944148a79b733c99490cadce24fdde2e9419cb4efacc89802
13c309d0ebac3484b78106413ee31f46abfc690429c64ddf6ceb1b1838424ada
30a09cb234ed6bd3a07809350cbb8947e0aa6628e26fcce008650c5f85ded445
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3ff27e82d78a471905edf58f54d412011e0f3b07cb596b50d425151e7df84404
4d1a79171609c1a1f7bae61be234ed986f4ab033cf7c81a8dba7ff368a19ed43
5fcf81f2be775da8b1e2dcd1291d07632b45e27a900866be44b7e7db0fc7f8c7
6ca843c8152080da9858beb844feafe1264162fa3285d61286251ef9be1537e6
7246cfa52b252e17cc517f92823968d8f25d586665752216216921f338c0cc83
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
829dc5cace145baa63afa959f206521231e6548306961e3ddd0a20f584ad3e65
845c5f9cbe459aa94103c4d0f1c333a452a76ee19ee28597a81a14c40f013057
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
bb810cc712bf5c824e242445a288bdb800d9051474de837293dd78f32d11d3aa
c64b76d02cb662b2188db8ec3c610efde8dcb4b83b90d3395b28ed1a10f9ba97
d97ea24841d9881b6b38caf9174e468db2c6a133cc325320d5720b0783a37d06
da00615952d39e535e3ec6435c90ceaa04d9612adccbafef269b6b2fe802e1a4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e29c58303cb2701d33758964ebcddf3cf69bda61324e4def68b289bafe291efc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a88b425767b03944c4d2215a6e36bb7ee1de28d5f6d93d17815c6a3d44ea0e
f205c24874e22f3fc0ae0abc5eb643a0c044d7711b424179b03b29284a7e6844
f2e1bc91b71fb8145e778375afb755a3ca7a60fdbcd3b9482ec4879d1b115691