valentin.com.br Open in urlscan Pro
186.202.161.148  Public Scan

11 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response valentin.com.br/	6 KB 2 KB	1878ms 233ms	Document text/html	186.202.161.148 Locaweb Servicos ...
General Check archive.org Show headers Download Go to Full URL http://valentin.com.br/ Protocol HTTP/1.1 Server 186.202.161.148 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR), Reverse DNS pleskl0038.hospedagemdesites.ws Software nginx / PleskLin Resource Hash 09acb7b541a7273967ecc02000065c1c79bf924e79c8a7717ecd081635b21ec8 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Sun, 16 Apr 2023 23:22:03 GMT ETag W/"6340e9c6-16be" Last-Modified Sat, 08 Oct 2022 03:08:54 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding X-Powered-By PleskLin
GET H/1.1	200 OK	style.css valentin.com.br/css/	5 KB 2 KB	304ms 303ms	Stylesheet text/css	186.202.161.148 Locaweb Servicos ...
General Check archive.org Show headers Download Go to Full URL http://valentin.com.br/css/style.css Requested by Host: valentin.com.br URL: http://valentin.com.br/ Protocol HTTP/1.1 Server 186.202.161.148 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR), Reverse DNS pleskl0038.hospedagemdesites.ws Software nginx / PleskLin Resource Hash 809ee8fafa9ef203162bdea1bac55fe5452bb90a4b4b41b9f9b28b249f6024f0 Request headers accept-language de-DE,de;q=0.9 Referer http://valentin.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers Date Sun, 16 Apr 2023 23:22:03 GMT Content-Encoding gzip Last-Modified Mon, 01 Aug 2016 22:18:35 GMT Server nginx ETag W/"579fcabb-1281" X-Powered-By PleskLin Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Connection keep-alive
GET H2	200	1.js Show response cdn.ywxi.net/js/	19 KB 5 KB	126ms 24ms	Script text/javascript	2600:9000:225e:8c00:14:6bfc:5740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.ywxi.net/js/1.js Requested by Host: valentin.com.br URL: http://valentin.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:8c00:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash ee01d40bfdd77aba5652b3ff93095712b618a6a2cc2637828bd875979cfe9cb8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer http://valentin.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 23:19:12 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-encoding gzip via 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P4 age 171 content-security-policy-report-only report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self' x-cache Hit from cloudfront content-length 4567 referrer-policy strict-origin-when-cross-origin server Apache x-trace 2B4A73C24B1FD1F27281882EB3AF89C38828FB169E000000000000000000 content-type text/javascript; charset=utf-8 access-control-allow-origin * x-amz-cf-id czPYyUIeJmroUz1LQ12Hmwl-Z_QkO028Bp7p0cl1RDMCPYnwsCS3Dw== expires Mon, 17 Apr 2023 00:19:11 GMT
GET H/1.1	200 OK	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	137 KB 50 KB	74ms 41ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: valentin.com.br URL: http://valentin.com.br/ Protocol HTTP/1.1 Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 60263d9b016e42c37135fdb0d3b5df9c76c339b08bfcf689b3ada28e21348969 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://valentin.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers Date Sun, 16 Apr 2023 23:22:03 GMT Content-Encoding gzip X-Content-Type-Options nosniff P3P policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Cross-Origin-Resource-Policy cross-origin Content-Disposition attachment; filename="f.txt" Content-Length 50710 X-XSS-Protection 0 Server cafe ETag 15405286707360467069 Vary Accept-Encoding Content-Type text/javascript; charset=UTF-8 Access-Control-Allow-Origin * Cache-Control private, max-age=3600 Timing-Allow-Origin * Expires Sun, 16 Apr 2023 23:22:03 GMT
GET H/1.1	200 OK	panel-logo.png valentin.com.br/img/	4 KB 4 KB	237ms 236ms	Image image/png	186.202.161.148 Locaweb Servicos ...
General Check archive.org Show headers Download Go to Show image Full URL http://valentin.com.br/img/panel-logo.png Requested by Host: valentin.com.br URL: http://valentin.com.br/ Protocol HTTP/1.1 Server 186.202.161.148 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR), Reverse DNS pleskl0038.hospedagemdesites.ws Software nginx / PleskLin Resource Hash 72a293701b3852690e7fff4b03b819ac41d2c2fc12dccdcd47c2f1391490045d Request headers accept-language de-DE,de;q=0.9 Referer http://valentin.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers Date Sun, 16 Apr 2023 23:22:03 GMT Content-Encoding gzip Last-Modified Mon, 01 Aug 2016 22:18:35 GMT Server nginx ETag W/"579fcabb-e29" X-Powered-By PleskLin Transfer-Encoding chunked Vary Accept-Encoding Content-Type image/png Connection keep-alive
GET H/1.1	200 OK	client.json Show response s3-us-west-2.amazonaws.com/mfesecure-public/host/valentin.com.br/	201 B 977 B	446ms 236ms	XHR application/json	52.218.225.160 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://s3-us-west-2.amazonaws.com/mfesecure-public/host/valentin.com.br/client.json?source=jsmain Requested by Host: cdn.ywxi.net URL: https://cdn.ywxi.net/js/1.js Protocol HTTP/1.1 Server 52.218.225.160 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-us-west-2.amazonaws.com Software AmazonS3 / Resource Hash 362c6f15e10587c2553f0df1066a313144c577742066be60bf393f32443959a5 Request headers accept-language de-DE,de;q=0.9 Referer http://valentin.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers Date Sun, 16 Apr 2023 23:22:04 GMT Content-Encoding gzip x-amz-version-id .54G.WUoVSDTIuvS2EDYnp9ppmWnA.0t x-amz-request-id QYF4WN5261BZ2VDD x-amz-replication-status COMPLETED Content-Length 167 x-amz-id-2 339LMjputD+ouSDxRcn6Q8+UG4bJIyzNbzlBUosmxgMHcx9q6q2TBaKnZHSFDW5dGnnXiItYiYw= Last-Modified Fri, 16 Jul 2021 16:48:40 GMT Server AmazonS3 ETag "b1c1583e2bf43d0ca76c2ac32df5e970" Access-Control-Max-Age 60 Access-Control-Allow-Methods GET, HEAD Content-Type application/json Access-Control-Allow-Origin http://valentin.com.br Access-Control-Expose-Headers Access-Control-Allow-Origin Vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method Access-Control-Allow-Credentials true Cache-Control public, max-age=60 Accept-Ranges bytes
GET H/1.1	200 OK	client.json Show response s3-us-west-2.amazonaws.com/mfesecure-public/host/valentin.com.br/	201 B 977 B	446ms 232ms	XHR application/json	52.218.225.160 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://s3-us-west-2.amazonaws.com/mfesecure-public/host/valentin.com.br/client.json?source=jsinline Requested by Host: cdn.ywxi.net URL: https://cdn.ywxi.net/js/1.js Protocol HTTP/1.1 Server 52.218.225.160 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-us-west-2.amazonaws.com Software AmazonS3 / Resource Hash 362c6f15e10587c2553f0df1066a313144c577742066be60bf393f32443959a5 Request headers accept-language de-DE,de;q=0.9 Referer http://valentin.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers Date Sun, 16 Apr 2023 23:22:04 GMT Content-Encoding gzip x-amz-version-id .54G.WUoVSDTIuvS2EDYnp9ppmWnA.0t x-amz-request-id QYF9F25PG5C761SG x-amz-replication-status COMPLETED Content-Length 167 x-amz-id-2 qc10owRWWu9UYJqU47kBDbk0WUMdFqfSVOPxGZG7FfOqnSlH3xbyjkXDxwB+pkQGw3qyIspEZq8= Last-Modified Fri, 16 Jul 2021 16:48:40 GMT Server AmazonS3 ETag "b1c1583e2bf43d0ca76c2ac32df5e970" Access-Control-Max-Age 60 Access-Control-Allow-Methods GET, HEAD Content-Type application/json Access-Control-Allow-Origin http://valentin.com.br Access-Control-Expose-Headers Access-Control-Allow-Origin Vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method Access-Control-Allow-Credentials true Cache-Control public, max-age=60 Accept-Ranges bytes
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230412/r20190131/ Frame 0D12	10 KB 5 KB	79ms 22ms	Document text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230412/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://valentin.com.br/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 63213 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4549 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 16 Apr 2023 05:48:30 GMT etag 2378337311435320485 expires Sun, 30 Apr 2023 05:48:30 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/	0 349 B	113ms 57ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=new_abg_tag&value=false&host_v=false&frequency=0.01&eid=44759927%2C44759842%2C44759876%2C31071755%2C31073770%2C31073794 Requested by Host: valentin.com.br URL: http://valentin.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://valentin.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers pragma no-cache date Sun, 16 Apr 2023 23:22:03 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/	0 56 B	111ms 58ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=modern_js&fy=2021&supports=true&c=2021&eid=44759927%2C44759842%2C44759876%2C31071755%2C31073770%2C31073794 Requested by Host: valentin.com.br URL: http://valentin.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://valentin.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers pragma no-cache date Sun, 16 Apr 2023 23:22:03 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110101/	345 KB 116 KB	113ms 60ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3195365629325345&plah=valentin.com.br&bust=31073770 Requested by Host: pagead2.googlesyndication.com URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash dd328a0dfccbe6f8f817da49a0f781a70051cf0efcce7d3b54bbd0690fe18ba5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://valentin.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 23:22:03 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 118230 x-xss-protection 0 server cafe etag 14770445563276964963 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Sun, 16 Apr 2023 23:22:03 GMT
GET H/1.1	200 OK	top-bottom.png valentin.com.br/img/	1 KB 1 KB	233ms 233ms	Image image/png	186.202.161.148 Locaweb Servicos ...
General Check archive.org Show headers Download Go to Show image Full URL http://valentin.com.br/img/top-bottom.png Requested by Host: valentin.com.br URL: http://valentin.com.br/css/style.css Protocol HTTP/1.1 Server 186.202.161.148 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR), Reverse DNS pleskl0038.hospedagemdesites.ws Software nginx / PleskLin Resource Hash 3139e648ad6392b154569f8acf43334f6a0dc1777cc678b592ff49e1de8a49eb Request headers accept-language de-DE,de;q=0.9 Referer http://valentin.com.br/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers Date Sun, 16 Apr 2023 23:22:03 GMT Content-Encoding gzip Last-Modified Mon, 01 Aug 2016 22:18:35 GMT Server nginx ETag W/"579fcabb-451" X-Powered-By PleskLin Transfer-Encoding chunked Vary Accept-Encoding Content-Type image/png Connection keep-alive
GET H2	404	banner.js www.magazinevoce.com.br/js/	0 0	635ms 150ms	Script text/html	195.181.174.138 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://www.magazinevoce.com.br/js/banner.js?store=lgvalent Requested by Host: valentin.com.br URL: http://valentin.com.br/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-195-181-174-138.azioncdn.net Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer http://valentin.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers
GET H/1.1	200 OK	p-box.png valentin.com.br/img/	943 B 940 B	482ms 249ms	Image image/png	186.202.161.148 Locaweb Servicos ...
General Check archive.org Show headers Download Go to Show image Full URL http://valentin.com.br/img/p-box.png Requested by Host: valentin.com.br URL: http://valentin.com.br/css/style.css Protocol HTTP/1.1 Server 186.202.161.148 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR), Reverse DNS pleskl0038.hospedagemdesites.ws Software nginx / PleskLin Resource Hash cdaf3f547e6a8177b48c232110a3eb5e85ef1092a6442158b0ff4dc5d16921fd Request headers accept-language de-DE,de;q=0.9 Referer http://valentin.com.br/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers Date Sun, 16 Apr 2023 23:22:03 GMT Content-Encoding gzip Last-Modified Mon, 01 Aug 2016 22:18:35 GMT Server nginx X-Accel-Version 0.01 ETag W/"5a2dfa-3af-53909fb3ae710" X-Powered-By PleskLin Transfer-Encoding chunked Vary Accept-Encoding Content-Type image/png Connection keep-alive
GET H/1.1	200 OK	globe.png valentin.com.br/img/	45 KB 45 KB	530ms 297ms	Image image/png	186.202.161.148 Locaweb Servicos ...
General Check archive.org Show headers Download Go to Show image Full URL http://valentin.com.br/img/globe.png Requested by Host: valentin.com.br URL: http://valentin.com.br/css/style.css Protocol HTTP/1.1 Server 186.202.161.148 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR), Reverse DNS pleskl0038.hospedagemdesites.ws Software nginx / PleskLin Resource Hash def4b21b4717650d6155a46a4272ca4d6499a3a51acdb19b976e65de4f95992b Request headers accept-language de-DE,de;q=0.9 Referer http://valentin.com.br/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers Date Sun, 16 Apr 2023 23:22:03 GMT Content-Encoding gzip Last-Modified Mon, 01 Aug 2016 22:18:35 GMT Server nginx ETag W/"579fcabb-b4ac" X-Powered-By PleskLin Transfer-Encoding chunked Vary Accept-Encoding Content-Type image/png Connection keep-alive
GET H/1.1	200 OK	bullet.gif valentin.com.br/img/	1 KB 1 KB	665ms 233ms	Image image/gif	186.202.161.148 Locaweb Servicos ...
General Check archive.org Show headers Download Go to Show image Full URL http://valentin.com.br/img/bullet.gif Requested by Host: valentin.com.br URL: http://valentin.com.br/css/style.css Protocol HTTP/1.1 Server 186.202.161.148 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR), Reverse DNS pleskl0038.hospedagemdesites.ws Software nginx / PleskLin Resource Hash 9c3765b3ca5fd7c7482a7ea1bc0d72b93693e941e51324488f24d38a2b69a3dd Request headers accept-language de-DE,de;q=0.9 Referer http://valentin.com.br/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers Date Sun, 16 Apr 2023 23:22:03 GMT Last-Modified Mon, 01 Aug 2016 22:18:35 GMT Server nginx ETag "579fcabb-4bd" X-Powered-By PleskLin Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 1213
GET H/1.1	200 OK	fastcgi.png valentin.com.br/img/icons/	3 KB 3 KB	713ms 231ms	Image image/png	186.202.161.148 Locaweb Servicos ...
General Check archive.org Show headers Download Go to Show image Full URL http://valentin.com.br/img/icons/fastcgi.png Requested by Host: valentin.com.br URL: http://valentin.com.br/css/style.css Protocol HTTP/1.1 Server 186.202.161.148 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR), Reverse DNS pleskl0038.hospedagemdesites.ws Software nginx / PleskLin Resource Hash edc1c674f3b4532e501f801943b9509525bf5722d75bdce857702c156cba11e2 Request headers accept-language de-DE,de;q=0.9 Referer http://valentin.com.br/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers Date Sun, 16 Apr 2023 23:22:04 GMT Content-Encoding gzip Last-Modified Mon, 01 Aug 2016 22:18:35 GMT Server nginx ETag W/"579fcabb-b8b" X-Powered-By PleskLin Transfer-Encoding chunked Vary Accept-Encoding Content-Type image/png Connection keep-alive
GET H/1.1	200 OK	python.png valentin.com.br/img/icons/	3 KB 3 KB	500ms 273ms	Image image/png	186.202.161.148 Locaweb Servicos ...
General Check archive.org Show headers Download Go to Show image Full URL http://valentin.com.br/img/icons/python.png Requested by Host: valentin.com.br URL: http://valentin.com.br/css/style.css Protocol HTTP/1.1 Server 186.202.161.148 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR), Reverse DNS pleskl0038.hospedagemdesites.ws Software nginx / PleskLin Resource Hash 63f46052acd32342c0c0df5f2bea4ef46b87eddca6c4e01a087b85f3d050b0a2 Request headers accept-language de-DE,de;q=0.9 Referer http://valentin.com.br/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers Date Sun, 16 Apr 2023 23:22:03 GMT Content-Encoding gzip Last-Modified Mon, 01 Aug 2016 22:18:35 GMT Server nginx ETag W/"579fcabb-aad" X-Powered-By PleskLin Transfer-Encoding chunked Vary Accept-Encoding Content-Type image/png Connection keep-alive
GET H/1.1	200 OK	php.png valentin.com.br/img/icons/	3 KB 3 KB	475ms 253ms	Image image/png	186.202.161.148 Locaweb Servicos ...
General Check archive.org Show headers Download Go to Show image Full URL http://valentin.com.br/img/icons/php.png Requested by Host: valentin.com.br URL: http://valentin.com.br/css/style.css Protocol HTTP/1.1 Server 186.202.161.148 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR), Reverse DNS pleskl0038.hospedagemdesites.ws Software nginx / PleskLin Resource Hash df917621fe23c8650ce43c42be6e494ba3e026b15c1831f5ffc26c9974cc1db0 Request headers accept-language de-DE,de;q=0.9 Referer http://valentin.com.br/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers Date Sun, 16 Apr 2023 23:22:03 GMT Content-Encoding gzip Last-Modified Mon, 01 Aug 2016 22:18:35 GMT Server nginx ETag W/"579fcabb-a63" X-Powered-By PleskLin Transfer-Encoding chunked Vary Accept-Encoding Content-Type image/png Connection keep-alive
GET H/1.1	200 OK	perl.png valentin.com.br/img/icons/	3 KB 3 KB	526ms 299ms	Image image/png	186.202.161.148 Locaweb Servicos ...
General Check archive.org Show headers Download Go to Show image Full URL http://valentin.com.br/img/icons/perl.png Requested by Host: valentin.com.br URL: http://valentin.com.br/css/style.css Protocol HTTP/1.1 Server 186.202.161.148 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR), Reverse DNS pleskl0038.hospedagemdesites.ws Software nginx / PleskLin Resource Hash 79cc97d03bcf7078c997cf1c8c125abbc49fbcc7e9a29e2d65b78e4a3f39390b Request headers accept-language de-DE,de;q=0.9 Referer http://valentin.com.br/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers Date Sun, 16 Apr 2023 23:22:03 GMT Content-Encoding gzip Last-Modified Mon, 01 Aug 2016 22:18:35 GMT Server nginx ETag W/"579fcabb-cfc" X-Powered-By PleskLin Transfer-Encoding chunked Vary Accept-Encoding Content-Type image/png Connection keep-alive
GET H/1.1	200 OK	ssi.png valentin.com.br/img/icons/	3 KB 3 KB	426ms 252ms	Image image/png	186.202.161.148 Locaweb Servicos ...
General Check archive.org Show headers Download Go to Show image Full URL http://valentin.com.br/img/icons/ssi.png Requested by Host: valentin.com.br URL: http://valentin.com.br/css/style.css Protocol HTTP/1.1 Server 186.202.161.148 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR), Reverse DNS pleskl0038.hospedagemdesites.ws Software nginx / PleskLin Resource Hash b3e0c55dc0579179753cb945e0777018a9c4954e247e2646fbd23486e5d5aa28 Request headers accept-language de-DE,de;q=0.9 Referer http://valentin.com.br/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers Date Sun, 16 Apr 2023 23:22:03 GMT Content-Encoding gzip Last-Modified Mon, 01 Aug 2016 22:18:35 GMT Server nginx ETag W/"579fcabb-b0b" X-Powered-By PleskLin Transfer-Encoding chunked Vary Accept-Encoding Content-Type image/png Connection keep-alive
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/	0 56 B	62ms 59ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=abg::amalserr&status=tcto&guarding=true&timeout=50&rate=0.01&eid=44759927%2C44759842%2C44759876%2C31071755%2C31073770%2C31073794 Requested by Host: valentin.com.br URL: http://valentin.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://valentin.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers pragma no-cache date Sun, 16 Apr 2023 23:22:03 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/	0 56 B	57ms 56ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=abg_host&host=valentin.com.br&eid=44759927%2C44759842%2C44759876%2C31071755%2C31073770%2C31073794 Requested by Host: valentin.com.br URL: http://valentin.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://valentin.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers pragma no-cache date Sun, 16 Apr 2023 23:22:03 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/	0 56 B	56ms 56ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=2&tms=200&eid=44759927%2C44759842%2C44759876%2C31071755%2C31073770%2C31073794 Requested by Host: valentin.com.br URL: http://valentin.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://valentin.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers pragma no-cache date Sun, 16 Apr 2023 23:22:03 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	397 B 609 B	86ms 33ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=valentin.com.br&callback=_gfp_s_&client=ca-pub-3195365629325345 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3195365629325345&plah=valentin.com.br&bust=31073770 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5080c834caa6e3db17c419e0ef69fb5e5c2bbdadef4e41674a4f62564aa4306f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://valentin.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 23:22:03 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 257 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 531 B	104ms 34ms	Script application/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=valentin.com.br Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3195365629325345&plah=valentin.com.br&bust=31073770 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://valentin.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 23:22:03 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 456 B	110ms 33ms	Script application/javascript	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=valentin.com.br Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3195365629325345&plah=valentin.com.br&bust=31073770 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://valentin.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 23:22:03 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 45F0	603 B 245 B	43ms 42ms	Document text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3195365629325345&output=html&adk=1812271804&adf=3025194257&lmt=1665198534&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=http%3A%2F%2Fvalentin.com.br%2F&ea=0&pra=5&wgl=1&dt=1681687323437&bpp=4&bdt=308&idt=187&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7011044852083&frm=20&pv=2&ga_vid=1426640738.1681687324&ga_sid=1681687324&ga_hid=1885894045&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31071755%2C31073770%2C31073794&oid=2&pvsid=2508084733126951&tmod=1713832921&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=214 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3195365629325345&plah=valentin.com.br&bust=31073770 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://valentin.com.br/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 46 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 16 Apr 2023 23:22:03 GMT expires Sun, 16 Apr 2023 23:22:03 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	ajax Show response www.trustedsite.com/rpc/	6 B 997 B	605ms 197ms	Script text/javascript	44.230.4.96 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.trustedsite.com/rpc/ajax?do=tmjs-visit&host=valentin.com.br&rand=1681687323710 Requested by Host: cdn.ywxi.net URL: https://cdn.ywxi.net/js/1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.230.4.96 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-230-4-96.us-west-2.compute.amazonaws.com Software Apache / Resource Hash a4aa9f775af34f63386d8b4d8a14fce2225c317c3f93cbafdeb5a8524eb542a1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer http://valentin.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 23:22:04 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin content-encoding gzip server Apache x-trace 2B70FBE83EE61114684B9ACEEECD666DD7985A9E56000000000000000000 content-security-policy-report-only report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self' content-type text/javascript; charset=utf-8 content-length 26
GET H2	200	205.svg cdn.ywxi.net/meter/valentin.com.br/	20 KB 8 KB	174ms 174ms	Image image/svg+xml	2600:9000:225e:8c00:14:6bfc:5740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ywxi.net/meter/valentin.com.br/205.svg?ts=1626454115697&l=en-US Requested by Host: valentin.com.br URL: http://valentin.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:8c00:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash 1a0989896f2933670321396aa9d0581db5ec8bdf3327691ca35f9c4bfa98c8fd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer http://valentin.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 23:22:03 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-encoding gzip via 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P4 content-security-policy-report-only report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self' x-cache Miss from cloudfront content-length 7400 referrer-policy strict-origin-when-cross-origin server Apache x-trace 2B06183389B852E429CEB1CC7F152F559B8A16C027000000000000000000 content-type image/svg+xml cache-control public x-amz-cf-id g6WnrMdrNsrjqo1lwn8F8i1zTeBa8kqH2l82rE9uG3m8tyV6A7GcBQ== expires Mon, 17 Apr 2023 00:22:03 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	15 KB 11 KB	123ms 73ms	XHR application/json	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230412&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3195365629325345&plah=valentin.com.br&bust=31073770 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 54d6e685fa93e51dfccabeb862dc5a865ee9c9f7afbfab2bd56bb382c56fa5f8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://valentin.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 23:22:04 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11356 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	128ms 41ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3195365629325345&plah=valentin.com.br&bust=31073770 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://valentin.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 23:22:04 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sun, 16 Apr 2023 23:22:04 GMT
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 70F5	13 KB 5 KB	28ms 27ms	Document text/html	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://valentin.com.br/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 4763 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Sun, 16 Apr 2023 22:02:41 GMT expires Mon, 15 Apr 2024 22:02:41 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame A1AC	783 B 1 KB	94ms 35ms	Document text/html	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash fa9364c322b8c1e6392558d7d3521aae213b835bebcee229c3eca5ffb10037a6 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-htHgNzwh73fATacf-cDqGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://valentin.com.br/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-length 512 content-security-policy script-src 'report-sample' 'nonce-htHgNzwh73fATacf-cDqGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sun, 16 Apr 2023 23:22:04 GMT expires Sun, 16 Apr 2023 23:22:04 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	bsdAhfwWdZZ0lwKfZyotoKMYFbxnkv02xNqAhtGyATM.js Show response pagead2.googlesyndication.com/bg/ Frame 70F5	36 KB 14 KB	25ms 24ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/bsdAhfwWdZZ0lwKfZyotoKMYFbxnkv02xNqAhtGyATM.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6ec74085fc1675967497029f672a2da0a31815bc6792fd36c4da8086d1b20133 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sat, 15 Apr 2023 13:54:13 GMT content-encoding br x-content-type-options nosniff age 120471 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14296 x-xss-protection 0 last-modified Tue, 11 Apr 2023 10:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 14 Apr 2024 13:54:13 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 70F5	0 10 B	24ms 24ms	Image text/plain	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?g2HNuA Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 23:22:04 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame A1AC	0 0	58ms 57ms	Image text/html	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230412&jk=2508084733126951&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	61ms 61ms	Image text/html	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230412&jk=2508084733126951&bg=!HR6lHkrNAAZA7GLoYOw7ADkAdvg8WnDZbhrTa1neOV4EDpjESPHRBMLXLhmMm3L8wKjm1LUo1fpgMugn-Y1j37jtoF2daDEz1d4CAAAAnlIAAAADaAEHmQMEedN3FEUgYL5hbtIA9XmoqTQnCwsEDhVH7EsYCiLyvs0rl7Y2Qz-B_J8Hvx4Yha65gFCHmStIBHOid8nE_ludKID1zXn3S4zcUheK225eufr5zGWCN9SYrwJDIDSlXATkhDKqxXDGlW_h4c5AiZMHkeOQijdcC-_rT0bOYj-5NSd-PXNHwt2POEl_22d8j-QsrfEIJm8yZt7aZl1PracHQGS9PETsP9MfAB3lZ0Y1yIdOgB_jKpOAVoOAYC8o4oW4t7n6TNdB0spc2J-h1IWqpKPIZyfGCfGd9bqz2z1EuFh0Cn6IjvRKEFOz0xLxN0Khws9dwFYMyza-BLNmtVccpgSgBkj-uRq0QBhN1huYrEMoKYUOvlxvjgqbqg3Uw4ta38JTQX77i7B4qnJEjOt_08v_pGpMZBio6tLzTr796FiOo4ZuXR5W5K4dc4G67nf3ByodFOY_m156vN8V8VGhed80Vj01kFJip_fgRdkn9B0JaREmXMNdy35X-kb8c2RKyFt8UJ_C5AY-ec7t358R_H6BTP8oPiPqrwnpnjO8y12Wq329p7J5Fof4NYEH80QQqAMvren49G_snVUVITwyWbSNMqXCSFovnnx2P1trW0h9p4wU9k5S12ePusTR5C_wIRRFovETkejFX4qekmTXALt06GwIDo99IyIcp5EpTBYniGdIC5J-sMaz0c7jgC3-6MDRNEUlhpWQJ6nejApAd3SD-kMwAOv7TVPhvescFXDM6xyREq6XqF4vJgOEQsS3ZdMw0SUb2TwJkZ5s-ZM7M5HvUUBjbpebHw4R5n-kdBULhc4V7x2kWZKpzwYdr55Mu-FMUvG7pFR5ByUi6dFobnZdvpRz5sEiIAXbyz8U1ipQL6s6_b0EBrxO2cGS5CVfEUhmogWSjycHq2FYlVkXOXbU4I1bhalv4Zqf57SHcouDQ-lIyn5HCz7LmqFQjgwKB_GAVmgYd1jvsdBShFpl05B5H5p8SOjIU2A5Qbewer9gLC4kRYSGdpidAepoSELC613a9g Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer http://valentin.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless object| TrustedSite number| TrustedSite_done object| TrustedSiteInline object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_image_requests object| adsbygoogle object| google_sa_queue function| google_process_slots number| google_rum_task_id_counter function| google_spfd number| google_unique_id object| google_sv_map function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-20 11:08:08	Name: test_cookie Value: CheckForPermission
			valentin.com.br/	1970-01-20 11:09:33	Name: trustedsite_visit Value: 1
			valentin.com.br/	1970-01-20 11:08:07	Name: trustedsite_tm_float_seen Value: 1
			.valentin.com.br/	1970-01-20 20:29:43	Name: __gads Value: ID=a14308a43e12a76b-2296bdb59add005f:T=1681687323:RT=1681687323:S=ALNI_MYQqAcMcNTl5VeBZU9plnQUVKIeVw
			.valentin.com.br/	1970-01-20 20:29:43	Name: __gpi Value: UID=00000bd6c28c78f1:T=1681687323:RT=1681687323:S=ALNI_Mb_7gtyPFVG0FilO7rm8JtvDhZL7Q
			www.trustedsite.com/	1970-01-20 11:18:12	Name: AWSALBCORS Value: 94g0M5Mtfurqsl/T67bH3F4eqnGkc5A7/sZCFfsUJgwXMlPnat/O+EhYIXVahTOspy3cMSrhR4j4L0sLgbPElg/+nvO77bD4qoao9ks5Ge9OGSrIBKxFuwMR16ml

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.magazinevoce.com.br/js/banner.js?store=lgvalent Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.ywxi.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
s3-us-west-2.amazonaws.com
tpc.googlesyndication.com
valentin.com.br
www.google.com
www.magazinevoce.com.br
www.trustedsite.com
186.202.161.148
195.181.174.138
2600:9000:225e:8c00:14:6bfc:5740:93a1
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:812::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
44.230.4.96
52.218.225.160
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
09acb7b541a7273967ecc02000065c1c79bf924e79c8a7717ecd081635b21ec8
1a0989896f2933670321396aa9d0581db5ec8bdf3327691ca35f9c4bfa98c8fd
3139e648ad6392b154569f8acf43334f6a0dc1777cc678b592ff49e1de8a49eb
362c6f15e10587c2553f0df1066a313144c577742066be60bf393f32443959a5
5080c834caa6e3db17c419e0ef69fb5e5c2bbdadef4e41674a4f62564aa4306f
54d6e685fa93e51dfccabeb862dc5a865ee9c9f7afbfab2bd56bb382c56fa5f8
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
60263d9b016e42c37135fdb0d3b5df9c76c339b08bfcf689b3ada28e21348969
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63f46052acd32342c0c0df5f2bea4ef46b87eddca6c4e01a087b85f3d050b0a2
6ec74085fc1675967497029f672a2da0a31815bc6792fd36c4da8086d1b20133
72a293701b3852690e7fff4b03b819ac41d2c2fc12dccdcd47c2f1391490045d
79cc97d03bcf7078c997cf1c8c125abbc49fbcc7e9a29e2d65b78e4a3f39390b
809ee8fafa9ef203162bdea1bac55fe5452bb90a4b4b41b9f9b28b249f6024f0
9c3765b3ca5fd7c7482a7ea1bc0d72b93693e941e51324488f24d38a2b69a3dd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4aa9f775af34f63386d8b4d8a14fce2225c317c3f93cbafdeb5a8524eb542a1
b3e0c55dc0579179753cb945e0777018a9c4954e247e2646fbd23486e5d5aa28
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cdaf3f547e6a8177b48c232110a3eb5e85ef1092a6442158b0ff4dc5d16921fd
dd328a0dfccbe6f8f817da49a0f781a70051cf0efcce7d3b54bbd0690fe18ba5
def4b21b4717650d6155a46a4272ca4d6499a3a51acdb19b976e65de4f95992b
df917621fe23c8650ce43c42be6e494ba3e026b15c1831f5ffc26c9974cc1db0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edc1c674f3b4532e501f801943b9509525bf5722d75bdce857702c156cba11e2
ee01d40bfdd77aba5652b3ff93095712b618a6a2cc2637828bd875979cfe9cb8
fa9364c322b8c1e6392558d7d3521aae213b835bebcee229c3eca5ffb10037a6