urlscan.io logo urlscan.io
SecurityTrails logo

dominiospremium.pt Open in urlscan Pro
136.243.152.135  Public Scan

Go To Rescan Add Verdict Report
URL: https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
Submission Tags: @phishunt_io
Submission: On November 29 via api from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 7 domains to perform 36 HTTP transactions. The main IP is 136.243.152.135, located in Strullendorf, Germany and belongs to HETZNER-AS, DE. The main domain is dominiospremium.pt.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 11th 2020. Valid for: 3 months.
This is the only time dominiospremium.pt was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

17    136.243.152.135 (Strullendorf, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: cloud65.serverpax.com
dominiospremium.pt
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:817::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2606:4700:10::6816:1983 (United States)

ASN13335 (CLOUDFLARENET, US)
embed.tawk.to
static-v.tawk.to
va.tawk.to
1    2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    2606:4700:10::6816:1883 (United States)

ASN13335 (CLOUDFLARENET, US)
va.tawk.to
vsa58.tawk.to
2    2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
Domain Requested by
17 dominiospremium.pt 1 redirects dominiospremium.pt
4 cdn.jsdelivr.net static-v.tawk.to
4 va.tawk.to static-v.tawk.to
3 vsa58.tawk.to static-v.tawk.to
3 fonts.googleapis.com dominiospremium.pt
static-v.tawk.to
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 static-v.tawk.to embed.tawk.to
1 embed.tawk.to dominiospremium.pt
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com dominiospremium.pt
36 10

This site contains links to these domains. Also see Links.

Domain
www.webdot.pt
www.dominiospremium.pt
webdot.pt
url
Subject Issuer Validity Valid
dominiospremium.pt
Let's Encrypt Authority X3		 2020-10-11 -
2021-01-09		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-29 -
2021-07-29		 a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-26 -
2021-04-17		 6 months crt.sh

This page contains 4 frames:

Primary Page: https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
Frame ID: 84E88701AE4DB4AB39F49362F7FC5CCA
Requests: 29 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: B493D31BD299AE9960595424B58FB3DA
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: A6DAE1F8BD4546586A7512F28935890C
Requests: 5 HTTP requests in this frame

Frame: https://va.tawk.to/log
Frame ID: 042C7412FA26F03CDDE826DBF115A1A4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://dominiospremium.pt/pt/dominio-premium-xcloud-pt HTTP 301
    https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

36
Requests

100 %
HTTPS

90 %
IPv6

7
Domains

10
Subdomains

10
IPs

3
Countries

418 kB
Transfer

1461 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://dominiospremium.pt/pt/dominio-premium-xcloud-pt HTTP 301
    https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dominiospremium.pt/pt/dominio-premium-xcloud-pt/
Redirect Chain
  • https://dominiospremium.pt/pt/dominio-premium-xcloud-pt
  • https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
25 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.152.135 Strullendorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cloud65.serverpax.com
Software
nginx / PHP/7.4.11
Resource Hash
9baaa4f2eda715bfb2192f903ebc41da323d2f54e3bd0d01982f11a75c294528

Request headers

:method
GET
:authority
dominiospremium.pt
:scheme
https
:path
/pt/dominio-premium-xcloud-pt/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
super_session=b6fdf2bb83d4cccc7842f947cdae7be8%7C%7C1606677255%7C%7C1606676895; pll_language=pt
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
date
Sun, 29 Nov 2020 18:44:16 GMT
content-type
text/html; charset=UTF-8
content-length
6476
x-powered-by
PHP/7.4.11
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
pragma
no-cache
link
<https://dominiospremium.pt/wp-json/>; rel="https://api.w.org/", <https://dominiospremium.pt/wp-json/wp/v2/pages/1394>; rel="alternate"; type="application/json", <https://dominiospremium.pt/?p=1394>; rel=shortlink
set-cookie
super_session=b6fdf2bb83d4cccc7842f947cdae7be8%7C%7C1606677255%7C%7C1606676895; expires=Sun, 29-Nov-2020 19:14:15 GMT; Max-Age=1799; path=/
last-modified
Sun, 29 Nov 2020 18:44:16 GMT
vary
Accept-Encoding,User-Agent
content-encoding
gzip

Redirect headers

server
nginx
date
Sun, 29 Nov 2020 18:44:15 GMT
content-type
text/html; charset=UTF-8
content-length
0
x-powered-by
PHP/7.4.11
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
pragma
no-cache
x-redirect-by
Polylang
set-cookie
super_session=b6fdf2bb83d4cccc7842f947cdae7be8%7C%7C1606677255%7C%7C1606676895; expires=Sun, 29-Nov-2020 19:14:15 GMT; Max-Age=1800; path=/ pll_language=pt; expires=Mon, 29-Nov-2021 18:44:15 GMT; Max-Age=31536000; path=/; secure
last-modified
Sun, 29 Nov 2020 18:44:15 GMT
location
https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
vary
User-Agent
fl-icons.css
dominiospremium.pt/wp-content/themes/flatsome/assets/css/ 		328 B
367 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dominiospremium.pt/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.12
Requested by
Host: dominiospremium.pt
URL: https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.152.135 Strullendorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cloud65.serverpax.com
Software
nginx /
Resource Hash
30fd9ec16112567ac68f1db9d60e71dd610be376f97dd1856ad61ba4265e8fd2

Request headers

Referer
https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 29 Nov 2020 18:44:16 GMT
content-encoding
gzip
last-modified
Wed, 26 Aug 2020 09:27:25 GMT
server
nginx
etag
"148-5adc46d7fc348-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
x-accel-version
0.01
accept-ranges
bytes
content-length
161
arpw-frontend.css
dominiospremium.pt/wp-content/plugins/advanced-random-posts-widget/assets/css/ 		275 B
379 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dominiospremium.pt/wp-content/plugins/advanced-random-posts-widget/assets/css/arpw-frontend.css?ver=5.5.3
Requested by
Host: dominiospremium.pt
URL: https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.152.135 Strullendorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cloud65.serverpax.com
Software
nginx /
Resource Hash
c097810c5c2818c403e04fffc03a639cde42bdecb0c53323119cd7f77f8394fa

Request headers

Referer
https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 29 Nov 2020 18:44:16 GMT
content-encoding
gzip
last-modified
Tue, 08 Sep 2020 23:08:07 GMT
server
nginx
etag
"113-5aed568771cf8-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
x-accel-version
0.01
accept-ranges
bytes
content-length
173
flatsome.css
dominiospremium.pt/wp-content/themes/flatsome/assets/css/ 		143 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dominiospremium.pt/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.12.2
Requested by
Host: dominiospremium.pt
URL: https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.152.135 Strullendorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cloud65.serverpax.com
Software
nginx /
Resource Hash
497b66a80f838d9eb5f619d5af58ae6f8fa8f5790437680a5e87a41cad2f5c19

Request headers

Referer
https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 29 Nov 2020 18:44:16 GMT
content-encoding
gzip
last-modified
Wed, 26 Aug 2020 09:27:25 GMT
server
nginx
etag
W/"5f462afd-23a2b"
vary
Accept-Encoding
content-type
text/css
css
fonts.googleapis.com/ 		3 KB
672 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Quicksand%3Aregular%2C700%2Cregular%2C700%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9
Requested by
Host: dominiospremium.pt
URL: https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5792d09863f582f55fe2b7d4d3b14059e674652131f84c765e09abc8cb03f03a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 29 Nov 2020 18:44:16 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
date
Sun, 29 Nov 2020 18:44:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Sun, 29 Nov 2020 18:44:16 GMT
jquery.js
dominiospremium.pt/wp-includes/js/jquery/ 		95 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dominiospremium.pt/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: dominiospremium.pt
URL: https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.152.135 Strullendorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cloud65.serverpax.com
Software
nginx /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 29 Nov 2020 18:44:16 GMT
content-encoding
gzip
last-modified
Fri, 17 May 2019 13:55:54 GMT
server
nginx
etag
W/"5cdebd6a-17a69"
vary
Accept-Encoding
content-type
application/javascript
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-137506214-6
Requested by
Host: dominiospremium.pt
URL: https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
692e53b0584ddff44b79ca60423b3d8fc3720e3fc3082998ffbd33ae536e16ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 29 Nov 2020 18:44:16 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38695
x-xss-protection
0
last-modified
Sun, 29 Nov 2020 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 29 Nov 2020 18:44:16 GMT
logo-3.png
dominiospremium.pt/wp-content/uploads/2020/08/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dominiospremium.pt/wp-content/uploads/2020/08/logo-3.png
Requested by
Host: dominiospremium.pt
URL: https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.152.135 Strullendorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cloud65.serverpax.com
Software
nginx /
Resource Hash
20f8cd0e8c210dd30d9da211596d54508c6a8d4f6349ce86784737ccf5589e4c

Request headers

Referer
https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 29 Nov 2020 18:44:16 GMT
last-modified
Wed, 26 Aug 2020 09:30:22 GMT
server
nginx
accept-ranges
bytes
etag
"5f462bae-c75"
content-length
3189
content-type
image/png
pt.png
dominiospremium.pt/wp-content/plugins/polylang/flags/ 		554 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dominiospremium.pt/wp-content/plugins/polylang/flags/pt.png
Requested by
Host: dominiospremium.pt
URL: https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.152.135 Strullendorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cloud65.serverpax.com
Software
nginx /
Resource Hash
ba636f1cb6bfd323dac1fb079cd002b5d486ed5eff54f4c4744b81316b257e96

Request headers

Referer
https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 29 Nov 2020 18:44:16 GMT
last-modified
Wed, 04 Nov 2020 09:18:43 GMT
server
nginx
etag
"22a-5b3447743604a"
content-type
image/png
x-accel-version
0.01
accept-ranges
bytes
content-length
554
gb.png
dominiospremium.pt/wp-content/plugins/polylang/flags/ 		599 B
759 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dominiospremium.pt/wp-content/plugins/polylang/flags/gb.png
Requested by
Host: dominiospremium.pt
URL: https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.152.135 Strullendorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cloud65.serverpax.com
Software
nginx /
Resource Hash
5d72c5a8bef80fca6f99f476e15ec95ce2d5e5f65c6dab9ee8e56348be0d39fc

Request headers

Referer
https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 29 Nov 2020 18:44:16 GMT
last-modified
Wed, 04 Nov 2020 09:18:43 GMT
server
nginx
etag
"257-5b34477433552"
content-type
image/png
x-accel-version
0.01
accept-ranges
bytes
content-length
599
flatsome-instant-page.js
dominiospremium.pt/wp-content/themes/flatsome/inc/extensions/flatsome-instant-page/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dominiospremium.pt/wp-content/themes/flatsome/inc/extensions/flatsome-instant-page/flatsome-instant-page.js?ver=1.2.1
Requested by
Host: dominiospremium.pt
URL: https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.152.135 Strullendorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cloud65.serverpax.com
Software
nginx /
Resource Hash
44d8986e61b7b212a93ba0c3a3a9c880420451d7efa7938d711dd03e655c0969

Request headers

Referer
https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 29 Nov 2020 18:44:16 GMT
content-encoding
gzip
last-modified
Wed, 26 Aug 2020 09:27:27 GMT
server
nginx
etag
W/"5f462aff-dd2"
vary
Accept-Encoding
content-type
application/javascript
flatsome-live-search.js
dominiospremium.pt/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dominiospremium.pt/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.12.2
Requested by
Host: dominiospremium.pt
URL: https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.152.135 Strullendorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cloud65.serverpax.com
Software
nginx /
Resource Hash
ebf0e8c538ae3047cf5056253a32daa65d23d8fb531ea05b0f0f28d58f828143

Request headers

Referer
https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 29 Nov 2020 18:44:16 GMT
content-encoding
gzip
last-modified
Wed, 26 Aug 2020 09:27:27 GMT
server
nginx
etag
W/"5f462aff-3e04"
vary
Accept-Encoding
content-type
application/javascript
hoverIntent.min.js
dominiospremium.pt/wp-includes/js/ 		1 KB
636 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dominiospremium.pt/wp-includes/js/hoverIntent.min.js?ver=1.8.1
Requested by
Host: dominiospremium.pt
URL: https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.152.135 Strullendorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cloud65.serverpax.com
Software
nginx /
Resource Hash
5036d77bc45902a3567f499ebf981076387d71995d6fab43c9be0cd0b962b230

Request headers

Referer
https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 29 Nov 2020 18:44:16 GMT
content-encoding
gzip
last-modified
Sat, 26 Oct 2019 09:47:08 GMT
server
nginx
etag
W/"5db4161c-46a"
vary
Accept-Encoding
content-type
application/javascript
flatsome.js
dominiospremium.pt/wp-content/themes/flatsome/assets/js/ 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dominiospremium.pt/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.12.2
Requested by
Host: dominiospremium.pt
URL: https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.152.135 Strullendorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cloud65.serverpax.com
Software
nginx /
Resource Hash
fb5bb847d63c20fa89fbd4ec8a08c5c4d5b37247fa9f926f45df00ab03406392

Request headers

Referer
https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 29 Nov 2020 18:44:16 GMT
content-encoding
gzip
last-modified
Wed, 26 Aug 2020 09:27:25 GMT
server
nginx
etag
W/"5f462afd-2a4c3"
vary
Accept-Encoding
content-type
application/javascript
flatsome-lazy-load.js
dominiospremium.pt/wp-content/themes/flatsome/inc/extensions/flatsome-lazy-load/ 		2 KB
787 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dominiospremium.pt/wp-content/themes/flatsome/inc/extensions/flatsome-lazy-load/flatsome-lazy-load.js?ver=3.12.2
Requested by
Host: dominiospremium.pt
URL: https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.152.135 Strullendorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cloud65.serverpax.com
Software
nginx /
Resource Hash
ef8fea302c93f5619c53b4b7f8435c3d7dbaf5a4296593fb9f353e574c9b34d4

Request headers

Referer
https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 29 Nov 2020 18:44:16 GMT
content-encoding
gzip
last-modified
Wed, 26 Aug 2020 09:27:27 GMT
server
nginx
etag
W/"5f462aff-933"
vary
Accept-Encoding
content-type
application/javascript
wp-embed.min.js
dominiospremium.pt/wp-includes/js/ 		1 KB
924 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dominiospremium.pt/wp-includes/js/wp-embed.min.js?ver=5.5.3
Requested by
Host: dominiospremium.pt
URL: https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.152.135 Strullendorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cloud65.serverpax.com
Software
nginx /
Resource Hash
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer
https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 29 Nov 2020 18:44:16 GMT
content-encoding
gzip
last-modified
Sat, 26 Oct 2019 09:47:08 GMT
server
nginx
etag
W/"5db4161c-59a"
vary
Accept-Encoding
content-type
application/javascript
underline.png
dominiospremium.pt/wp-content/themes/flatsome/assets/img/ 		1020 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dominiospremium.pt/wp-content/themes/flatsome/assets/img/underline.png
Requested by
Host: dominiospremium.pt
URL: https://dominiospremium.pt/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.12.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.152.135 Strullendorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cloud65.serverpax.com
Software
nginx /
Resource Hash
d772eda3430d031bfea1576d68fceb9813226ddd63857cceeba00205014a8538

Request headers

Referer
https://dominiospremium.pt/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.12.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 29 Nov 2020 18:44:16 GMT
last-modified
Wed, 26 Aug 2020 09:27:25 GMT
server
nginx
etag
"3fc-5adc46d7a0e58"
content-type
image/png
x-accel-version
0.01
accept-ranges
bytes
content-length
1020
6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2
fonts.gstatic.com/s/quicksand/v21/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v21/6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand%3Aregular%2C700%2Cregular%2C700%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b47478ebfad192488b281cb20b85ef93444ff24c547c4a03511e400defb38aa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://dominiospremium.pt
Referer
https://fonts.googleapis.com/css?family=Quicksand%3Aregular%2C700%2Cregular%2C700%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 29 Nov 2020 08:15:28 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Jun 2020 02:43:58 GMT
server
sffe
age
37728
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26160
x-xss-protection
0
expires
Mon, 29 Nov 2021 08:15:28 GMT
fl-icons.woff2
dominiospremium.pt/wp-content/themes/flatsome/assets/css/icons/ 		6 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dominiospremium.pt/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2
Requested by
Host: dominiospremium.pt
URL: https://dominiospremium.pt/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.152.135 Strullendorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cloud65.serverpax.com
Software
nginx /
Resource Hash
815e5395652e03d7051b767baade615d279fe3644bbf8f8bbdc54a8b9573be67

Request headers

Origin
https://dominiospremium.pt
Referer
https://dominiospremium.pt/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.12
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 29 Nov 2020 18:44:16 GMT
last-modified
Wed, 26 Aug 2020 09:27:25 GMT
server
nginx
accept-ranges
bytes
etag
"5f462afd-1988"
content-length
6536
content-type
font/woff2
default
embed.tawk.to/5f438a62cc6a6a5947ae3cd8/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/5f438a62cc6a6a5947ae3cd8/default
Requested by
Host: dominiospremium.pt
URL: https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89c7eceb201a23a74c66d91ee8334ceebe9a20e85cb2226b3c88c3201a815bf7
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://dominiospremium.pt
Referer
https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 29 Nov 2020 18:44:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
server
cloudflare
etag
W/"fulls69716"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, s-maxage=3600
strict-transport-security
max-age=0; includeSubDomains; preload
cf-ray
5f9e7aa1aa319778-FRA
cf-request-id
06b6eaf90800009778be2e6000000001
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137506214-6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
3265
date
Sun, 29 Nov 2020 17:49:51 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Sun, 29 Nov 2020 19:49:51 GMT
collect
www.google-analytics.com/j/ 		1 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1555560993&t=pageview&_s=1&dl=https%3A%2F%2Fdominiospremium.pt%2Fpt%2Fdominio-premium-xcloud-pt%2F&ul=en-us&de=UTF-8&dt=xcloud.pt%20%E2%80%93%20Dominios%20Premium&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1524719623&gjid=1558081972&cid=1113905222.1606675456&tid=UA-137506214-6&_gid=235640169.1606675456&_r=1&gtm=2oub41&z=1669494873
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Nov 2020 18:44:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dominiospremium.pt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
app.js
static-v.tawk.to/697/ 		497 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-v.tawk.to/697/app.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5f438a62cc6a6a5947ae3cd8/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e83c077fb845b06ebcac94b6ab6e543f586434895e9361ce5db3d67ca95c8ae
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://dominiospremium.pt
Referer
https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 29 Nov 2020 18:44:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
cf-request-id
06b6eafba70000977898171000000001
pragma
public
last-modified
Thu, 26 Nov 2020 12:13:39 GMT
server
cloudflare
etag
W/"5fbf9bf3-7c2ca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000, must-revalidate, proxy-revalidate
cf-ray
5f9e7aa5dd7f9778-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
widget-settings
va.tawk.to/v1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/widget-settings?propertyId=5f438a62cc6a6a5947ae3cd8&widgetId=default
Requested by
Host: static-v.tawk.to
URL: https://static-v.tawk.to/697/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b5e9c453d22ffc3c998c295c596a592f5cfb41cc2822cb964dbf575b8ce0ea
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 29 Nov 2020 18:44:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
strict-transport-security
max-age=0; includeSubDomains; preload
vary
Accept-Encoding
cf-request-id
06b6eafe6400009778dd0d3000000001
x-served-by
visitor-application-preemptive-h5bx
server
cloudflare
etag
W/"1-16-0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
public, s-maxage=14400, max-age=14400
cf-ray
5f9e7aaa38859778-FRA
1606675457637
va.tawk.to/register/ 		708 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/register/1606675457637
Requested by
Host: static-v.tawk.to
URL: https://static-v.tawk.to/697/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e87ea42a8deb4dc957bfb7a7f0f00e51a62bd0414acc3e038438b7eb2c8a5c9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 29 Nov 2020 18:44:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
vary
Accept-Encoding
cf-request-id
06b6eafe790000d725ee30a000000001
x-served-by
visitor-application-preemptive-mgr0
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://dominiospremium.pt
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
5f9e7aaa5e7bd725-FRA
access-control-allow-headers
origin, content-type
css
fonts.googleapis.com/ Frame B493 		7 KB
796 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: static-v.tawk.to
URL: https://static-v.tawk.to/697/app.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8fe68a79ff7e8b9ccdce4e20adb572b32db90aad5e1b3b1bcb290ab357bb88c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 29 Nov 2020 17:32:17 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
date
Sun, 29 Nov 2020 18:44:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Sun, 29 Nov 2020 18:44:18 GMT
css
fonts.googleapis.com/ Frame A6DA 		7 KB
619 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: static-v.tawk.to
URL: https://static-v.tawk.to/697/app.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8fe68a79ff7e8b9ccdce4e20adb572b32db90aad5e1b3b1bcb290ab357bb88c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 29 Nov 2020 17:32:00 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
date
Sun, 29 Nov 2020 18:44:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Sun, 29 Nov 2020 18:44:18 GMT
emojione.min.css
cdn.jsdelivr.net/emojione/2.2.7/assets/css/ Frame A6DA 		192 B
276 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/assets/css/emojione.min.css
Requested by
Host: static-v.tawk.to
URL: https://static-v.tawk.to/697/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
2759450
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
152
etag
W/"c0-akPwBVON2fKdb1Kdc8vjvcdyWY0"
x-served-by
cache-fra19174-FRA, cache-hhn4053-HHN
date
Sun, 29 Nov 2020 18:44:18 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ Frame A6DA 		295 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
Requested by
Host: static-v.tawk.to
URL: https://static-v.tawk.to/697/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
2302878
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
53889
etag
W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
x-served-by
cache-fra19168-FRA, cache-hhn4053-HHN
date
Sun, 29 Nov 2020 18:44:18 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
/
vsa58.tawk.to/s/ 		101 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsa58.tawk.to/s/?k=5fc3ec0193e25d6f7ccd4d1d&u=EeMaTKNMhD3HJVJIFUboVIzr5iOq8L54GqtYdeHeTZe708iRu4vC%2Bip35wWmtsRs&uv=2&a=5f438a62cc6a6a5947ae3cd8&cver=0&pop=false&jv=697&asver=414&ust=false&EIO=3&transport=polling&__t=NOLKUYz
Requested by
Host: static-v.tawk.to
URL: https://static-v.tawk.to/697/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad878325122d8e6e46efa1ea9ab8ad328952c6f08dce1f242a2c6219e6b52b3e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 29 Nov 2020 18:44:18 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://dominiospremium.pt
access-control-allow-credentials
true
cf-ray
5f9e7aae0e56d725-FRA
content-length
101
cf-request-id
06b6eb00c80000d725ee340000000001
26a1.png
cdn.jsdelivr.net/emojione/assets/png/ Frame A6DA 		413 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/emojione/assets/png/26a1.png?v=2.2.7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
age
2759448
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
413
etag
W/"19d-NgetWBBUGNU0Su9xItAjaREfnb0"
x-served-by
cache-fra19127-FRA, cache-hhn4053-HHN
date
Sun, 29 Nov 2020 18:44:18 GMT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
/
vsa58.tawk.to/s/ 		77 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsa58.tawk.to/s/?k=5fc3ec0193e25d6f7ccd4d1d&u=EeMaTKNMhD3HJVJIFUboVIzr5iOq8L54GqtYdeHeTZe708iRu4vC%2Bip35wWmtsRs&uv=2&a=5f438a62cc6a6a5947ae3cd8&cver=0&pop=false&jv=697&asver=414&ust=false&EIO=3&transport=polling&__t=NOLKUc4&sid=Juks5vIOieSWvAwlOOrZ
Requested by
Host: static-v.tawk.to
URL: https://static-v.tawk.to/697/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b07387435d5b4184e80ffe09a43d2a7444f27f094735a96567dac59571d8621
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 29 Nov 2020 18:44:19 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://dominiospremium.pt
access-control-allow-credentials
true
cf-ray
5f9e7aaf38d5d725-FRA
content-length
77
cf-request-id
06b6eb01920000d7252a972000000001
v3
va.tawk.to/log-performance/ 		5 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/log-performance/v3
Requested by
Host: static-v.tawk.to
URL: https://static-v.tawk.to/697/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 29 Nov 2020 18:44:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
vary
Accept-Encoding
cf-request-id
06b6eb04290000d725e8b88000000001
x-served-by
visitor-application-preemptive-hzmk
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST
content-type
text/html; charset=utf-8
access-control-allow-origin
https://dominiospremium.pt
access-control-allow-credentials
true
cf-ray
5f9e7ab3790dd725-FRA
access-control-allow-headers
origin, content-type
/
vsa58.tawk.to/s/ 		4 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsa58.tawk.to/s/?k=5fc3ec0193e25d6f7ccd4d1d&u=EeMaTKNMhD3HJVJIFUboVIzr5iOq8L54GqtYdeHeTZe708iRu4vC%2Bip35wWmtsRs&uv=2&a=5f438a62cc6a6a5947ae3cd8&cver=0&pop=false&jv=697&asver=414&ust=false&EIO=3&transport=polling&__t=NOLKUmb&sid=Juks5vIOieSWvAwlOOrZ
Requested by
Host: static-v.tawk.to
URL: https://static-v.tawk.to/697/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 29 Nov 2020 18:44:19 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://dominiospremium.pt
access-control-allow-credentials
true
cf-ray
5f9e7ab37911d725-FRA
content-length
4
cf-request-id
06b6eb042b0000d72552af0000000001
26a1.png
cdn.jsdelivr.net/emojione/assets/png/ Frame A6DA 		413 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/emojione/assets/png/26a1.png?v=2.2.7
Requested by
Host: static-v.tawk.to
URL: https://static-v.tawk.to/697/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dominiospremium.pt/pt/dominio-premium-xcloud-pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
age
2759451
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
413
etag
W/"19d-NgetWBBUGNU0Su9xItAjaREfnb0"
x-served-by
cache-fra19127-FRA, cache-hhn4053-HHN
date
Sun, 29 Nov 2020 18:44:20 GMT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
log
va.tawk.to/ Frame 042C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/log
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:method
POST
:authority
va.tawk.to
:scheme
https
:path
/log
content-length
651
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://dominiospremium.pt
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ss=d9tuy931fp; tawkUUID=50PqFrhxcGM%2B5PL6p4P2qKCppH78c2bB6yuhH1OFWS81xrL7rQyBDsT%2B1iogo7TY%7C%7C2
Upgrade-Insecure-Requests
1
Origin
https://dominiospremium.pt
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 29 Nov 2020 18:44:21 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=db4ae7bf21a1938fb3ede270bf50925b01606675460; expires=Tue, 29-Dec-20 18:44:20 GMT; path=/; domain=.tawk.to; HttpOnly; SameSite=Lax
x-served-by
visitor-application-preemptive-g48t
access-control-allow-origin
https://dominiospremium.pt
access-control-allow-credentials
true
access-control-allow-methods
POST
access-control-allow-headers
origin, content-type
vary
Accept-Encoding
strict-transport-security
max-age=0; includeSubDomains; preload
cf-cache-status
DYNAMIC
cf-request-id
06b6eb0b3d0000d7250e97a000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options
nosniff
server
cloudflare
cf-ray
5f9e7abec918d725-FRA
content-encoding
br

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated undefined| $ function| jQuery function| gtag object| dataLayer object| Tawk_API object| Tawk_LoadStart object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| flatsomeVars function| StickySidebar function| Waypoint object| __core-js_shared__ object| Flatsome string| waypointContextKey object| jQuery1124025561455912722897 function| objectFitImages function| cookie object| wp string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| $_Tawk_LoadStart function| TawkClass object| Inheritance_Manager string| messagePreviewRadius string| bottomBorderRadius string| topBorderRadius number| minWidth number| minHeight string| bodyClassName

5 Cookies

Domain/Path Name / Value
.dominiospremium.pt/ Name: _gat_gtag_UA_137506214_6
Value: 1
.dominiospremium.pt/ Name: _gid
Value: GA1.2.235640169.1606675456
dominiospremium.pt/ Name: pll_language
Value: pt
.dominiospremium.pt/ Name: _ga
Value: GA1.2.1113905222.1606675456
dominiospremium.pt/ Name: super_session
Value: b6fdf2bb83d4cccc7842f947cdae7be8%7C%7C1606677255%7C%7C1606676895

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
dominiospremium.pt
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
static-v.tawk.to
va.tawk.to
vsa58.tawk.to
www.google-analytics.com
www.googletagmanager.com
136.243.152.135
2606:4700:10::6816:1883
2606:4700:10::6816:1983
2a00:1450:4001:808::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2003
2a00:1450:4001:817::2008
2a00:1450:4001:820::200a
2a00:1450:4001:824::200e
2a04:4e42:1b::621
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
20f8cd0e8c210dd30d9da211596d54508c6a8d4f6349ce86784737ccf5589e4c
2e87ea42a8deb4dc957bfb7a7f0f00e51a62bd0414acc3e038438b7eb2c8a5c9
30fd9ec16112567ac68f1db9d60e71dd610be376f97dd1856ad61ba4265e8fd2
44b5e9c453d22ffc3c998c295c596a592f5cfb41cc2822cb964dbf575b8ce0ea
44d8986e61b7b212a93ba0c3a3a9c880420451d7efa7938d711dd03e655c0969
497b66a80f838d9eb5f619d5af58ae6f8fa8f5790437680a5e87a41cad2f5c19
5036d77bc45902a3567f499ebf981076387d71995d6fab43c9be0cd0b962b230
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
5792d09863f582f55fe2b7d4d3b14059e674652131f84c765e09abc8cb03f03a
5d72c5a8bef80fca6f99f476e15ec95ce2d5e5f65c6dab9ee8e56348be0d39fc
692e53b0584ddff44b79ca60423b3d8fc3720e3fc3082998ffbd33ae536e16ad
6b07387435d5b4184e80ffe09a43d2a7444f27f094735a96567dac59571d8621
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e83c077fb845b06ebcac94b6ab6e543f586434895e9361ce5db3d67ca95c8ae
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
815e5395652e03d7051b767baade615d279fe3644bbf8f8bbdc54a8b9573be67
89c7eceb201a23a74c66d91ee8334ceebe9a20e85cb2226b3c88c3201a815bf7
8fe68a79ff7e8b9ccdce4e20adb572b32db90aad5e1b3b1bcb290ab357bb88c1
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
9baaa4f2eda715bfb2192f903ebc41da323d2f54e3bd0d01982f11a75c294528
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
ad878325122d8e6e46efa1ea9ab8ad328952c6f08dce1f242a2c6219e6b52b3e
b47478ebfad192488b281cb20b85ef93444ff24c547c4a03511e400defb38aa5
ba636f1cb6bfd323dac1fb079cd002b5d486ed5eff54f4c4744b81316b257e96
c097810c5c2818c403e04fffc03a639cde42bdecb0c53323119cd7f77f8394fa
d772eda3430d031bfea1576d68fceb9813226ddd63857cceeba00205014a8538
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ebf0e8c538ae3047cf5056253a32daa65d23d8fb531ea05b0f0f28d58f828143
ef8fea302c93f5619c53b4b7f8435c3d7dbaf5a4296593fb9f353e574c9b34d4
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
fb5bb847d63c20fa89fbd4ec8a08c5c4d5b37247fa9f926f45df00ab03406392