paratiservicosonline.com Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response paratiservicosonline.com/	113 KB 18 KB	341ms 257ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://paratiservicosonline.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6c26fb4582d37c887fa3dd99744535a98f6cb139162be67d34010469333b433f Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 85f1c3990cf13c89-CDG content-encoding br content-type text/html date Mon, 04 Mar 2024 12:10:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GtRn1YmXVn295UB00PSI4gjE8ujKOJyN4x8huOuuycxSCGOxWDoEM9h%2FEPcHoIjgqLhIGEZohmecgPI%2FE1aMho32OnrCoALAUabuqn7mJ0XCNzwjQkOdHyrKYI2%2B%2FHZaA2AjuBdLcB5fBzaZUSgAEApU9stzF4c%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-envoy-upstream-service-time 21
GET H2	200	whatsapp-button.css cdn.positus.global/production/resources/robbu/whatsapp-button/	1 KB 1 KB	142ms 27ms	Stylesheet text/css	2606:4700::6812:dc0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.positus.global/production/resources/robbu/whatsapp-button/whatsapp-button.css Requested by Host: paratiservicosonline.com URL: https://paratiservicosonline.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:dc0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 22120ba014723371323e40c95760825dce2c2febf4bbc9ec3cff1892cbd0b2f8 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language nl-NL,nl;q=0.9 Referer https://paratiservicosonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Mon, 04 Mar 2024 12:10:36 GMT strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding gzip cf-cache-status HIT x-amz-request-id tx00000c8cb713025bda653-0065844867-4eccb1a7-nyc3b age 1131 x-envoy-upstream-healthchecked-cluster last-modified Fri, 23 Apr 2021 15:35:32 GMT server cloudflare etag W/"41dfe686f38fafe13e7545ea3bea1159" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding content-type text/css x-do-cdn-uuid e36ebcc9-e5fc-46da-a9a0-78ccfc3fba8b x-rgw-object-type Normal cache-control max-age=3600 cf-ray 85f1c39c9cf337da-FRA
GET H2	200	whatsapp-icon.svg cdn.positus.global/production/resources/robbu/whatsapp-button/	1 KB 1 KB	144ms 29ms	Image image/svg+xml	2606:4700::6812:dc0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.positus.global/production/resources/robbu/whatsapp-button/whatsapp-icon.svg Requested by Host: paratiservicosonline.com URL: https://paratiservicosonline.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:dc0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cb695a481cc898bb7bea1ead5d9a8df158302815050de8eafd8db69e7d6e9366 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language nl-NL,nl;q=0.9 Referer https://paratiservicosonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Mon, 04 Mar 2024 12:10:36 GMT strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding gzip cf-cache-status HIT x-amz-request-id tx000000000000071cb3188-00656a239d-4d30364f-nyc3b age 2438 x-envoy-upstream-healthchecked-cluster last-modified Fri, 23 Apr 2021 15:35:32 GMT server cloudflare etag W/"2bccdb1c8f2d2bcf50759f5131724c18" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding content-type image/svg+xml x-do-cdn-uuid e36ebcc9-e5fc-46da-a9a0-78ccfc3fba8b x-rgw-object-type Normal cache-control max-age=3600 cf-ray 85f1c39c9cf437da-FRA
GET H2	200	gtm.js Show response www.googletagmanager.com/	171 KB 64 KB	103ms 49ms	Script application/javascript	2a00:1450:4001:812::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-568PP9B Requested by Host: paratiservicosonline.com URL: https://paratiservicosonline.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 6f6b1dbabcc04d26aba4e747433e8ea9c89aee681a8863d1dd9c6a65733901a0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://paratiservicosonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Mon, 04 Mar 2024 12:10:36 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 65540 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 04 Mar 2024 12:10:36 GMT
GET H2	200	kxH5zD8ua0m3J2AC6WQuRA.png rck.imgix.net/efShKwdMQUmQmTNN4sb9Q/images/	2 KB 2 KB	528ms 169ms	Image image/png	2a04:4e42:400::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://rck.imgix.net/efShKwdMQUmQmTNN4sb9Q/images/kxH5zD8ua0m3J2AC6WQuRA.png?auto=compress&width=108 Requested by Host: paratiservicosonline.com URL: https://paratiservicosonline.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Google Frontend / Resource Hash 1ca797b4491f0903f437d56592e0fd946fa368efca1d91a2647738ad43c30c26 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://paratiservicosonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Mon, 04 Mar 2024 12:10:37 GMT x-content-type-options nosniff age 466719 x-cache HIT, MISS x-imgix-id 8dafd64ac024095b467546be578bf2d77165aa9f cross-origin-resource-policy cross-origin content-length 2333 x-served-by cache-sjc1000123-SJC, cache-ams21027-AMS x-imgix-render-farm 02.131592 last-modified Wed, 28 Feb 2024 02:31:57 GMT server Google Frontend content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin *
GET H2	200	CjQFcWb7kC8hX7MAjpw.jpeg rck.imgix.net/efShKwdMQUmQmTNN4sb9Q/images/	11 KB 11 KB	538ms 180ms	Image image/jpeg	2a04:4e42:400::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://rck.imgix.net/efShKwdMQUmQmTNN4sb9Q/images/CjQFcWb7kC8hX7MAjpw.jpeg?auto=compress&width=437 Requested by Host: paratiservicosonline.com URL: https://paratiservicosonline.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Google Frontend / Resource Hash c49fc6dc55f61016c24a97d9f6f76b41012679332a1f2ca05eaebfa612aef9df Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://paratiservicosonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Mon, 04 Mar 2024 12:10:37 GMT x-content-type-options nosniff age 295003 x-cache HIT, MISS x-imgix-id 0a7edd6540e5b76a00763cb652891c0fc99d63ea cross-origin-resource-policy cross-origin content-length 11331 x-served-by cache-sjc1000110-SJC, cache-ams21027-AMS x-imgix-render-farm 02.131592 last-modified Fri, 01 Mar 2024 02:13:54 GMT server Google Frontend content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin *
GET H2	200	s52J1hbgkCXvpexs3iIg.jpeg rck.imgix.net/efShKwdMQUmQmTNN4sb9Q/images/	29 KB 29 KB	521ms 162ms	Image image/jpeg	2a04:4e42:400::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://rck.imgix.net/efShKwdMQUmQmTNN4sb9Q/images/s52J1hbgkCXvpexs3iIg.jpeg?auto=compress&width= Requested by Host: paratiservicosonline.com URL: https://paratiservicosonline.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Google Frontend / Resource Hash bb43744c40abb1038b00dabac793b351aab1c09cc26879137d6a11d74049156f Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://paratiservicosonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Mon, 04 Mar 2024 12:10:37 GMT x-content-type-options nosniff age 381171 x-cache HIT, MISS x-imgix-id eb38a584a8419038a62327d7994ffe3710f682ed cross-origin-resource-policy cross-origin content-length 29926 x-served-by cache-sjc1000146-SJC, cache-ams21027-AMS x-imgix-render-farm 02.131592 last-modified Thu, 29 Feb 2024 02:17:46 GMT server Google Frontend content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin *
GET H2	200	EFzqbTZpkCwnEiyppJ0bg.png rck.imgix.net/qWDdPHrEUeLkK8Np6REw/images/	601 B 926 B	383ms 25ms	Image image/png	2a04:4e42:400::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://rck.imgix.net/qWDdPHrEUeLkK8Np6REw/images/EFzqbTZpkCwnEiyppJ0bg.png?auto=compress&width=20 Requested by Host: paratiservicosonline.com URL: https://paratiservicosonline.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Google Frontend / Resource Hash ab34d7ad12dd977bdbc1d246814faa966a0d73cc471ca494c38b087c3d2cfb38 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://paratiservicosonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Mon, 04 Mar 2024 12:10:37 GMT x-content-type-options nosniff age 847506 x-cache HIT, HIT x-imgix-id 8a3d6c336aa69b8d61a5e7549d6b8f7276242ffe cross-origin-resource-policy cross-origin content-length 601 x-served-by cache-sjc1000111-SJC, cache-ams21027-AMS x-imgix-render-farm 02.131592 last-modified Fri, 23 Feb 2024 16:45:30 GMT server Google Frontend content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin *
GET H2	200	Azu30b0sDkWkKBt2lkegw.jpeg rck.imgix.net/efShKwdMQUmQmTNN4sb9Q/images/	1 KB 1 KB	521ms 163ms	Image image/jpeg	2a04:4e42:400::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://rck.imgix.net/efShKwdMQUmQmTNN4sb9Q/images/Azu30b0sDkWkKBt2lkegw.jpeg?auto=compress&width=58 Requested by Host: paratiservicosonline.com URL: https://paratiservicosonline.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Google Frontend / Resource Hash 7f508bdb89718f32bc123b0ebcfceeddea91f9a43714b5681a4c5a4102f23b2f Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://paratiservicosonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Mon, 04 Mar 2024 12:10:37 GMT x-content-type-options nosniff age 1396998 x-cache HIT, MISS x-imgix-id 20cc9c956371d9645b0d6cc54b8a2a437c071145 cross-origin-resource-policy cross-origin content-length 1374 x-served-by cache-sjc10041-SJC, cache-ams21027-AMS x-imgix-render-farm 02.131624 last-modified Sat, 17 Feb 2024 08:07:18 GMT server Google Frontend content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin *
GET H2	200	ZjS2H0TKcEqg5VoeCVnK5g.jpeg rck.imgix.net/efShKwdMQUmQmTNN4sb9Q/images/	1 KB 1 KB	527ms 169ms	Image image/jpeg	2a04:4e42:400::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://rck.imgix.net/efShKwdMQUmQmTNN4sb9Q/images/ZjS2H0TKcEqg5VoeCVnK5g.jpeg?auto=compress&width=58 Requested by Host: paratiservicosonline.com URL: https://paratiservicosonline.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Google Frontend / Resource Hash d99c7f1dd1061a26256db2152cb2f65707adc657632591ffab509bdbf48f8c24 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://paratiservicosonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Mon, 04 Mar 2024 12:10:37 GMT x-content-type-options nosniff age 1317673 x-cache HIT, MISS x-imgix-id 794eb8b03e1e1dfe6dad6ca9ce782863ba72a003 cross-origin-resource-policy cross-origin content-length 1225 x-served-by cache-sjc10034-SJC, cache-ams21027-AMS x-imgix-render-farm 02.131624 last-modified Sun, 18 Feb 2024 06:09:24 GMT server Google Frontend content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin *
GET H2	200	eie2Vju5ZkScFehAAVOPA.png rck.imgix.net/qWDdPHrEUeLkK8Np6REw/images/	4 KB 4 KB	162ms 162ms	Image image/png	2a04:4e42:400::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://rck.imgix.net/qWDdPHrEUeLkK8Np6REw/images/eie2Vju5ZkScFehAAVOPA.png?auto=compress&width=58 Requested by Host: paratiservicosonline.com URL: https://paratiservicosonline.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Google Frontend / Resource Hash bec69927accbd5d56e27f19e8a8694f59cec897ddea8f6bafb276849cdb33d52 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://paratiservicosonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Mon, 04 Mar 2024 12:10:37 GMT x-content-type-options nosniff age 199 x-cache HIT, MISS x-imgix-id 448b07c5e908c4df24f2c4ceffb5ff671ef488f0 cross-origin-resource-policy cross-origin content-length 3715 x-served-by cache-sjc1000103-SJC, cache-ams21027-AMS x-imgix-render-farm 02.131592 last-modified Mon, 04 Mar 2024 12:07:18 GMT server Google Frontend content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin *
GET H2	200	uS7QZW7uLE2RbZso1KRPtw.svg rck.imgix.net/qWDdPHrEUeLkK8Np6REw/images/	1 KB 839 B	23ms 23ms	Image image/svg+xml	2a04:4e42:400::720 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://rck.imgix.net/qWDdPHrEUeLkK8Np6REw/images/uS7QZW7uLE2RbZso1KRPtw.svg Requested by Host: paratiservicosonline.com URL: https://paratiservicosonline.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US), Reverse DNS Software imgix / Resource Hash a8cf7641a805dd6a7f43bef0c02e508853eaee3f79f7ca41b735f5c6fa4d4434 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://paratiservicosonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Mon, 04 Mar 2024 12:10:37 GMT content-encoding gzip x-content-type-options nosniff age 1910600 x-cache HIT, HIT x-imgix-id ec08be823ad3d292e3a0ea9071d19450a7f1f1ba cross-origin-resource-policy cross-origin content-length 667 x-served-by cache-sjc10032-SJC, cache-ams21027-AMS x-imgix-render-farm 01.132136 last-modified Mon, 12 Jul 2021 14:03:39 GMT server imgix vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin *
GET BLOB	200 OK	d91bfdd4-3d7c-4f25-b953-0d7bdd87f019 https://paratiservicosonline.com/	1 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://paratiservicosonline.com/d91bfdd4-3d7c-4f25-b953-0d7bdd87f019 Requested by Host: paratiservicosonline.com URL: https://paratiservicosonline.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash b557de19c319d4e025ba23c0db266ce30da3a345f8cfe35a5cbdb43585b53db4 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Content-Length 1259 Content-Type text/javascript
GET H2	200	css fonts.googleapis.com/	4 KB 959 B	83ms 30ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Poppins:300,regular,regular,700,900&subset=latin,latin-ext&display=swap Requested by Host: paratiservicosonline.com URL: https://paratiservicosonline.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash a23f25fa5fd1497f97139de177f5ac224d56ff6e15277f90d02a88e598122e8e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://paratiservicosonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 04 Mar 2024 12:10:36 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 04 Mar 2024 12:10:36 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 04 Mar 2024 12:10:36 GMT
GET H2	200	pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	70ms 22ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Poppins:300,regular,regular,700,900&subset=latin,latin-ext&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://paratiservicosonline.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 27 Feb 2024 03:33:07 GMT x-content-type-options nosniff age 549449 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7816 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:11:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 26 Feb 2025 03:33:07 GMT
GET H2	200	pxiEyp8kv8JHgFVrJJfecg.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	67ms 20ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Poppins:300,regular,regular,700,900&subset=latin,latin-ext&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://paratiservicosonline.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Thu, 29 Feb 2024 14:25:40 GMT x-content-type-options nosniff age 337496 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7884 x-xss-protection 0 last-modified Wed, 27 Apr 2022 17:03:52 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 28 Feb 2025 14:25:40 GMT
GET H2	200	destination Show response www.googletagmanager.com/gtag/	212 KB 76 KB	55ms 55ms	Script application/javascript	2a00:1450:4001:812::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-10851828765&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-568PP9B Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b44ff7381b9a2124025698163ee56791b5d394383e6e6c3c8ea0ff1395aefed9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://paratiservicosonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Mon, 04 Mar 2024 12:10:36 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 78225 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 04 Mar 2024 12:10:36 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/10851828765/	3 KB 2 KB	110ms 57ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10851828765/?random=1709554237030&cv=11&fst=1709554237030&bg=ffffff&guid=ON&async=1&gtm=45be42t1z89105209981za201&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fparatiservicosonline.com%2F&hn=www.googleadservices.com&frm=0&tiba=Parati%20Pagamentos&npa=0&pscdl=noapi&auid=853387297.1709554237&uamb=0&uaw=0&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/destination?id=AW-10851828765&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c35add7bb3dc12e63d7e33f7aa98627634500fb9a28586577432326d5d5f9a71 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://paratiservicosonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers pragma no-cache date Mon, 04 Mar 2024 12:10:37 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1276 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/10851828765/	42 B 455 B	90ms 39ms	Image image/gif	2a00:1450:4001:830::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/10851828765/?random=1709554237030&cv=11&fst=1709553600000&bg=ffffff&guid=ON&async=1&gtm=45be42t1z89105209981za201&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fparatiservicosonline.com%2F&frm=0&tiba=Parati%20Pagamentos&npa=0&fmt=3&is_vtc=1&cid=CAQSGwB7FLtquaACas7ZiY72AbCS-DA_MhFnl9fwVQ&random=4146017535&rmt_tld=0&ipr=y Requested by Host: paratiservicosonline.com URL: https://paratiservicosonline.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://paratiservicosonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers pragma no-cache date Mon, 04 Mar 2024 12:10:37 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.nl/pagead/1p-user-list/10851828765/	42 B 455 B	84ms 33ms	Image image/gif	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.nl/pagead/1p-user-list/10851828765/?random=1709554237030&cv=11&fst=1709553600000&bg=ffffff&guid=ON&async=1&gtm=45be42t1z89105209981za201&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fparatiservicosonline.com%2F&frm=0&tiba=Parati%20Pagamentos&npa=0&fmt=3&is_vtc=1&cid=CAQSGwB7FLtquaACas7ZiY72AbCS-DA_MhFnl9fwVQ&random=4146017535&rmt_tld=1&ipr=y Requested by Host: paratiservicosonline.com URL: https://paratiservicosonline.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://paratiservicosonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers pragma no-cache date Mon, 04 Mar 2024 12:10:37 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	vendor_e06534953fb807bdf519.js Show response paratiservicosonline.com/dist/	241 KB 79 KB	451ms 451ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://paratiservicosonline.com/dist/vendor_e06534953fb807bdf519.js Requested by Host: paratiservicosonline.com URL: https://paratiservicosonline.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9e994eddd06b2fc81a439e342f44405b8315bf8e99e9af64313f3def98d91383 Request headers accept-language nl-NL,nl;q=0.9 Referer https://paratiservicosonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Mon, 04 Mar 2024 12:10:39 GMT content-encoding br cf-cache-status MISS last-modified Mon, 19 Feb 2024 17:12:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1da6356defb8619" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=txNw3wde1V6ed9tn1WLU%2BBGlsLS7s7lRj9buIRtw%2BImLZRlEPDXFS0GsLN%2FTpKz2nZoyZSSVEm7oKVqpHMm9gJO72WgjTg%2B6kYWNfoGQcYLF%2F182%2FqzxKwfVarq%2FlooWNMpNC157%2FFZR8gRjsl9EULekvckZNDM%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=31536000 x-envoy-upstream-service-time 18 cf-ray 85f1c3abb9e33c89-CDG alt-svc h3=":443"; ma=86400
GET H3	200	main-client_d0844f4b360c4902296f.js Show response paratiservicosonline.com/dist/	662 KB 154 KB	180ms 180ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://paratiservicosonline.com/dist/main-client_d0844f4b360c4902296f.js Requested by Host: paratiservicosonline.com URL: https://paratiservicosonline.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 61a5457fa3ebbb9d9a9198ee32a62680d79abe186788319f7c212b07edbb0ed8 Request headers accept-language nl-NL,nl;q=0.9 Referer https://paratiservicosonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Mon, 04 Mar 2024 12:10:39 GMT content-encoding br cf-cache-status MISS last-modified Mon, 19 Feb 2024 17:12:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1da6356df9a8020" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6RfgI3%2F1tELJmk%2FMhPHBsUn1%2FezOTHEIEVjf8WXbEJu%2Bi%2Byv%2ByqPJ9ka59Ysfz5u4LYexaJVCkcCKBe%2B%2F94prj%2F6Vy1k8fo2OuJ2m%2Bdf83%2BXhNXNyUK7wp3Fmk9Nztd4%2BBDCASEicuJJPYuzThCw%2FzEV27LfuTE%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=31536000 x-envoy-upstream-service-time 11 cf-ray 85f1c3aefaf60f5f-EWR alt-svc h3=":443"; ma=86400
OPTIONS H2	204	visits app.rockfunnels.com/api/insights/	0 0	745ms 199ms	Preflight	191.235.57.232 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://app.rockfunnels.com/api/insights/visits Protocol H2 Security TLS 1.3, , AES_128_GCM Server 191.235.57.232 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software istio-envoy / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://paratiservicosonline.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin * date Mon, 04 Mar 2024 12:10:40 GMT server istio-envoy x-envoy-upstream-service-time 1
POST H2	204	visits app.rockfunnels.com/api/insights/	0 0	198ms 198ms	Fetch	191.235.57.232 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://app.rockfunnels.com/api/insights/visits Requested by Host: paratiservicosonline.com URL: https://paratiservicosonline.com/dist/main-client_d0844f4b360c4902296f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 191.235.57.232 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software istio-envoy / Resource Hash Request headers Referer https://paratiservicosonline.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Content-Type application/json Response headers access-control-allow-origin * date Mon, 04 Mar 2024 12:10:40 GMT x-envoy-upstream-service-time 1 server istio-envoy

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| sessionId function| checkStateAndCall function| getMain function| getFont object| dataLayer object| initialReduxState object| blob object| worker number| deviceWidth string| deviceType object| imgs object| img string| src object| widthMap number| finalWidth number| logicalSize object| google_tag_manager object| google_tag_data object| GooglebQhCsO function| vendor_e06534953fb807bdf519 object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| scCGSHMRCache boolean| VimeoPlayerResizeEmbeds_

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.cdn.positus.global/	1970-01-20 18:52:36	Name: __cf_bm Value: TZvnmTz4Q78bwRioavRDFHZmD_X7hb2699t6WxsCDzQ-1709554236-1.0.1.1-tXAjRWcPeLiuMVc5nnitsI0TPU1j5miLmw6PzOLYB6tWIoS8FIFC0HG0nCuZBxEmSTk9i6X2QRsD_yp0IGGJMg
			.paratiservicosonline.com/	1970-01-20 21:02:10	Name: _gcl_au Value: 1.1.853387297.1709554237
			.doubleclick.net/	1970-01-20 18:52:35	Name: test_cookie Value: CheckForPermission

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://paratiservicosonline.com/(Line 850) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://paratiservicosonline.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://paratiservicosonline.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.rockfunnels.com
cdn.positus.global
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
paratiservicosonline.com
rck.imgix.net
www.google.com
www.google.nl
www.googletagmanager.com
191.235.57.232
2606:4700::6812:dc0
2a00:1450:4001:812::2008
2a00:1450:4001:813::2003
2a00:1450:4001:827::2003
2a00:1450:4001:828::200a
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a04:4e42:400::720
2a06:98c1:3120::3
1ca797b4491f0903f437d56592e0fd946fa368efca1d91a2647738ad43c30c26
22120ba014723371323e40c95760825dce2c2febf4bbc9ec3cff1892cbd0b2f8
61a5457fa3ebbb9d9a9198ee32a62680d79abe186788319f7c212b07edbb0ed8
6c26fb4582d37c887fa3dd99744535a98f6cb139162be67d34010469333b433f
6f6b1dbabcc04d26aba4e747433e8ea9c89aee681a8863d1dd9c6a65733901a0
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f508bdb89718f32bc123b0ebcfceeddea91f9a43714b5681a4c5a4102f23b2f
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9e994eddd06b2fc81a439e342f44405b8315bf8e99e9af64313f3def98d91383
a23f25fa5fd1497f97139de177f5ac224d56ff6e15277f90d02a88e598122e8e
a8cf7641a805dd6a7f43bef0c02e508853eaee3f79f7ca41b735f5c6fa4d4434
ab34d7ad12dd977bdbc1d246814faa966a0d73cc471ca494c38b087c3d2cfb38
b44ff7381b9a2124025698163ee56791b5d394383e6e6c3c8ea0ff1395aefed9
b557de19c319d4e025ba23c0db266ce30da3a345f8cfe35a5cbdb43585b53db4
bb43744c40abb1038b00dabac793b351aab1c09cc26879137d6a11d74049156f
bec69927accbd5d56e27f19e8a8694f59cec897ddea8f6bafb276849cdb33d52
c35add7bb3dc12e63d7e33f7aa98627634500fb9a28586577432326d5d5f9a71
c49fc6dc55f61016c24a97d9f6f76b41012679332a1f2ca05eaebfa612aef9df
cb695a481cc898bb7bea1ead5d9a8df158302815050de8eafd8db69e7d6e9366
d99c7f1dd1061a26256db2152cb2f65707adc657632591ffab509bdbf48f8c24
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629