urlscan.io logo urlscan.io
SecurityTrails logo

associacao-lideras-2.vendus.cv Open in urlscan Pro
54.192.51.27  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://associacao-lideras-2.vendus.cv/
Effective URL: https://associacao-lideras-2.vendus.cv/login/
Submission: On January 11 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 1 countries across 11 domains to perform 32 HTTP transactions. The main IP is 54.192.51.27, located in United States and belongs to AMAZON-02, US. The main domain is associacao-lideras-2.vendus.cv.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 26th 2023. Valid for: a year.
This is the only time associacao-lideras-2.vendus.cv was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    54.192.51.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-27.yul62.r.cloudfront.net
associacao-lideras-2.vendus.cv
3    2607:f8b0:400d:c0c::61 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2607:f8b0:400d:c07::64 (None, )

ASN- ()
www.google-analytics.com
2    2620:1ec:29:1::40 (None, )

ASN- ()
www.clarity.ms
2    2607:f8b0:400d:c02::66 (None, )

ASN- ()
analytics.google.com
3    2607:f8b0:400d:c0b::9a (None, )

ASN- ()
stats.g.doubleclick.net
1    2a03:2880:f112:182:face:b00c:0:25de (None, )

ASN- ()
www.facebook.com
1    2606:4700:3036::6815:5759 (None, )

ASN- ()
client.crisp.im
3    2606:4700:4400::ac40:994b (None, )

ASN- ()
client.crisp.chat
2    20.110.205.119 (None, )

ASN- ()
c.clarity.ms
1    2620:1ec:c11::200 (None, )

ASN- ()
c.bing.com
1    2607:f8b0:400d:c09::63 (None, )

ASN- ()
www.google.com
1    20.114.189.135 (None, )

ASN- ()
v.clarity.ms
Domain Requested by
10 associacao-lideras-2.vendus.cv 1 redirects associacao-lideras-2.vendus.cv
3 client.crisp.chat client.crisp.im
client.crisp.chat
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www.googletagmanager.com associacao-lideras-2.vendus.cv
www.googletagmanager.com
www.google-analytics.com
2 c.clarity.ms 1 redirects
2 analytics.google.com www.googletagmanager.com
2 www.clarity.ms associacao-lideras-2.vendus.cv
www.clarity.ms
2 connect.facebook.net associacao-lideras-2.vendus.cv
connect.facebook.net
1 v.clarity.ms www.clarity.ms
1 www.google.com
1 c.bing.com 1 redirects
1 client.crisp.im 1 redirects
1 www.facebook.com
32 14

This site contains links to these domains. Also see Links.

Domain
www.vendus.cv
Subject Issuer Validity Valid
vendus.com
Amazon RSA 2048 M01		 2023-02-26 -
2024-03-27		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-20 -
2024-01-18		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
crisp.chat
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh

This page contains 1 frames:

Primary Page: https://associacao-lideras-2.vendus.cv/login/
Frame ID: 26CF6A9F8FBF31BD5B2AE7B3E608EE63
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login na sua Conta - Vendus

Page URL History Show full URLs

  1. https://associacao-lideras-2.vendus.cv/ HTTP 302
    https://associacao-lideras-2.vendus.cv/login/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

32
Requests

91 %
HTTPS

79 %
IPv6

11
Domains

14
Subdomains

13
IPs

1
Countries

679 kB
Transfer

2513 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://associacao-lideras-2.vendus.cv/ HTTP 302
    https://associacao-lideras-2.vendus.cv/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://client.crisp.im/l.js HTTP 301
  • https://client.crisp.chat/l.js
Request Chain 19
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=FEBB3949C0B44D08A62988FADFF2236E&RedC=c.clarity.ms&MXFR=0D2AEC10243C68DF2D94F813203C663E HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FEBB3949C0B44D08A62988FADFF2236E&MUID=3C28C6B6961967EF00BCD2B5977566D5

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
associacao-lideras-2.vendus.cv/login/
Redirect Chain
  • https://associacao-lideras-2.vendus.cv/
  • https://associacao-lideras-2.vendus.cv/login/
9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://associacao-lideras-2.vendus.cv/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-27.yul62.r.cloudfront.net
Software
Apache /
Resource Hash
50798396cb2ff4bffef30c5c6886c28c758edb0e749a210e335762a831a549af

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate no-transform
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 02:51:50 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
vary
Accept-Encoding
vendus_login_request
1
via
1.1 f7da5d3db9ee44e1812f138a4bdfd564.cloudfront.net (CloudFront)
x-amz-cf-id
QaPHJa5pjuu971JLb87fNwaJ89YakEEj8rn1zNeTKhwLJA-nu6ZLlA==
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
x-ec2
i-06eeeec8abc3c84f2
x-env
online
x-ua-compatible
IE=Edge,chrome=1

Redirect headers

cache-control
no-store, no-cache, must-revalidate no-transform
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 02:51:49 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://associacao-lideras-2.vendus.cv/login/
pragma
no-cache
server
Apache
via
1.1 f7da5d3db9ee44e1812f138a4bdfd564.cloudfront.net (CloudFront)
x-amz-cf-id
isis4q5n07f9GeMdsjkvN8oD5bCQh7V06EUnzaw-T5WuVMFNXnlxnA==
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
x-default-redirect
1
x-ec2
i-073c879aa3db3aa83
x-ua-compatible
IE=Edge,chrome=1
logo_blue.svg
associacao-lideras-2.vendus.cv/m-img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://associacao-lideras-2.vendus.cv/m-img/logo_blue.svg
Requested by
Host: associacao-lideras-2.vendus.cv
URL: https://associacao-lideras-2.vendus.cv/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-27.yul62.r.cloudfront.net
Software
Apache /
Resource Hash
fb137507803d122c67fe5483ea7e2017b5e1e1bfe421575bdd89547c2483673d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://associacao-lideras-2.vendus.cv/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 02:51:50 GMT
content-encoding
gzip
via
1.1 f7da5d3db9ee44e1812f138a4bdfd564.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
x-ec2
i-073c879aa3db3aa83
x-cache
Miss from cloudfront
content-length
1031
last-modified
Sun, 23 Jul 2023 22:28:25 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
no-transform
accept-ranges
bytes
x-amz-cf-id
AZH3dKq9-pW6Enap6dQkRD4JFZc3lfKg6f4wHrFw5kwIlGiiME5ltw==
expires
Sat, 10 Feb 2024 02:51:50 GMT
google-logo.png
associacao-lideras-2.vendus.cv/m-img/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://associacao-lideras-2.vendus.cv/m-img/google-logo.png
Requested by
Host: associacao-lideras-2.vendus.cv
URL: https://associacao-lideras-2.vendus.cv/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-27.yul62.r.cloudfront.net
Software
Apache /
Resource Hash
e2087f585c3b213ba537a56c8bc8e6134c69d6fa1a5728d306df56d697b4e7ab

Request headers

accept-language
en-US,en;q=0.9
Referer
https://associacao-lideras-2.vendus.cv/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 02:51:50 GMT
via
1.1 f7da5d3db9ee44e1812f138a4bdfd564.cloudfront.net (CloudFront)
last-modified
Sun, 23 Jul 2023 22:28:25 GMT
server
Apache
x-amz-cf-pop
YUL62-C2
x-ec2
i-0c05d53e698529bf9
x-cache
Miss from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
no-transform
accept-ranges
bytes
content-length
16590
x-amz-cf-id
eRl5PihNyclbDKi0xK9eFeaToR4yh2ncjN6V1Jyu6OfbeKa4vCt1kA==
expires
Sat, 10 Feb 2024 02:51:50 GMT
facebook.svg
associacao-lideras-2.vendus.cv/m-img/ 		270 B
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://associacao-lideras-2.vendus.cv/m-img/facebook.svg
Requested by
Host: associacao-lideras-2.vendus.cv
URL: https://associacao-lideras-2.vendus.cv/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-27.yul62.r.cloudfront.net
Software
Apache /
Resource Hash
d8c05b70224bc688bca13509c9bcc2a900c3161e8a3b73ca8981b4cdf13f756a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://associacao-lideras-2.vendus.cv/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 02:51:50 GMT
content-encoding
gzip
via
1.1 f7da5d3db9ee44e1812f138a4bdfd564.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
x-ec2
i-06eeeec8abc3c84f2
x-cache
Miss from cloudfront
content-length
208
last-modified
Sun, 23 Jul 2023 22:28:25 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
no-transform
accept-ranges
bytes
x-amz-cf-id
VCn7b_n6tWlTkE4m2a8ba6dim8A7v8QGtLKImgtGWv8iaq33TtQQRA==
expires
Sat, 10 Feb 2024 02:51:50 GMT
marvel-100.min.js
associacao-lideras-2.vendus.cv/ 		80 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://associacao-lideras-2.vendus.cv/marvel-100.min.js
Requested by
Host: associacao-lideras-2.vendus.cv
URL: https://associacao-lideras-2.vendus.cv/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-27.yul62.r.cloudfront.net
Software
Apache /
Resource Hash
12db4e31a7a4ad043ae2a2a101ed8eb8cd8155ab51d42ba08e91bd24cc061d1a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://associacao-lideras-2.vendus.cv/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 02:51:50 GMT
content-encoding
gzip
via
1.1 f7da5d3db9ee44e1812f138a4bdfd564.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
x-ec2
i-06eeeec8abc3c84f2
x-cache
Miss from cloudfront
content-length
25463
last-modified
Sun, 23 Jul 2023 22:28:25 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-transform
accept-ranges
bytes
x-amz-cf-id
CvGAf1oQ1At_pkUaIoFjO-p_iGpS4LSCMvVgcQiUxjDZl3d-0jtruw==
expires
Fri, 10 Jan 2025 02:51:50 GMT
marvel216.css
associacao-lideras-2.vendus.cv/ 		393 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://associacao-lideras-2.vendus.cv/marvel216.css
Requested by
Host: associacao-lideras-2.vendus.cv
URL: https://associacao-lideras-2.vendus.cv/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-27.yul62.r.cloudfront.net
Software
Apache /
Resource Hash
debdc3774ad58e7f65e80f6fe59ad015964cdb51d88132d8e0bd0c45c6dff2c3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://associacao-lideras-2.vendus.cv/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 02:51:50 GMT
content-encoding
gzip
via
1.1 f7da5d3db9ee44e1812f138a4bdfd564.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
x-ec2
i-0c05d53e698529bf9
x-cache
Miss from cloudfront
content-length
59900
last-modified
Mon, 01 Jan 2024 23:33:24 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
no-transform
accept-ranges
bytes
x-amz-cf-id
IhE7GIUAZu64urq3EefKX8vfya9Qlgsup6OR3LUEnEp0mEeR8HyGYQ==
expires
Fri, 10 Jan 2025 02:51:50 GMT
/
associacao-lideras-2.vendus.cv/index/visit/ 		0
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://associacao-lideras-2.vendus.cv/index/visit/
Requested by
Host: associacao-lideras-2.vendus.cv
URL: https://associacao-lideras-2.vendus.cv/marvel-100.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-27.yul62.r.cloudfront.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://associacao-lideras-2.vendus.cv/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
date
Thu, 11 Jan 2024 02:51:50 GMT
content-encoding
gzip
via
1.1 f7da5d3db9ee44e1812f138a4bdfd564.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
YUL62-C2
x-ec2
i-0c05d53e698529bf9
vary
Accept-Encoding
content-type
text/html; charset=utf-8
x-cache
Miss from cloudfront
cache-control
no-store, no-cache, must-revalidate, no-transform
x-amz-cf-id
Rfa0wYNmLuWspM3I-dfXGD-4aUsQ8kcT5DdpOQqltIDEFS0p9H2MlQ==
x-ua-compatible
IE=Edge,chrome=1
sZlLdRyC6CRYbkEaDZtQS6A.woff2
associacao-lideras-2.vendus.cv/public/layouts/marvel/css/font/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://associacao-lideras-2.vendus.cv/public/layouts/marvel/css/font/sZlLdRyC6CRYbkEaDZtQS6A.woff2
Requested by
Host: associacao-lideras-2.vendus.cv
URL: https://associacao-lideras-2.vendus.cv/marvel216.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-27.yul62.r.cloudfront.net
Software
Apache /
Resource Hash
084d79a07edf9ed6f16093ad3df141b706355e1fad0b6d18d496d32c7af85809

Request headers

Referer
https://associacao-lideras-2.vendus.cv/marvel216.css
Origin
https://associacao-lideras-2.vendus.cv
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sat, 10 Feb 2024 02:51:50 GMT
date
Thu, 11 Jan 2024 02:51:50 GMT
via
1.1 f7da5d3db9ee44e1812f138a4bdfd564.cloudfront.net (CloudFront)
last-modified
Sun, 23 Jul 2023 22:28:25 GMT
server
Apache
x-amz-cf-pop
YUL62-C2
x-ec2
i-0c0f6640d7cc057cc
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
no-transform
accept-ranges
bytes
content-length
10840
x-amz-cf-id
hY17wh5aYsuIM1cmDB1Ot8hXqq8uKKWZoc-wji-izyFuo89bSj9s5g==
x-ua-compatible
IE=Edge,chrome=1
sZlEdRyC6CRYZp4-GLZyRooVef4.woff2
associacao-lideras-2.vendus.cv/public/layouts/marvel/css/font/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://associacao-lideras-2.vendus.cv/public/layouts/marvel/css/font/sZlEdRyC6CRYZp4-GLZyRooVef4.woff2
Requested by
Host: associacao-lideras-2.vendus.cv
URL: https://associacao-lideras-2.vendus.cv/marvel216.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-27.yul62.r.cloudfront.net
Software
Apache /
Resource Hash
b4206641679f5aea3a2db952c54be8cd615629dcbe94eac8d4b9d7470504786f

Request headers

Referer
https://associacao-lideras-2.vendus.cv/marvel216.css
Origin
https://associacao-lideras-2.vendus.cv
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sat, 10 Feb 2024 02:51:50 GMT
date
Thu, 11 Jan 2024 02:51:50 GMT
via
1.1 f7da5d3db9ee44e1812f138a4bdfd564.cloudfront.net (CloudFront)
last-modified
Sun, 23 Jul 2023 22:28:25 GMT
server
Apache
x-amz-cf-pop
YUL62-C2
x-ec2
i-0c0f6640d7cc057cc
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
no-transform
accept-ranges
bytes
content-length
10884
x-amz-cf-id
F6mo_Zh0hthkLF-4W-d8vij5RHqPbKUapcaIuY-bBDEeJHkDgpF4HA==
x-ua-compatible
IE=Edge,chrome=1
gtm.js
www.googletagmanager.com/ 		270 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MPSKD8P
Requested by
Host: associacao-lideras-2.vendus.cv
URL: https://associacao-lideras-2.vendus.cv/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0c::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
917d94bb47fc47defdd999f571704e9439c8d9efc679ad2407586cdd487b10ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://associacao-lideras-2.vendus.cv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 02:51:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92601
x-xss-protection
0
last-modified
Thu, 11 Jan 2024 01:40:48 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 11 Jan 2024 02:51:54 GMT
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: associacao-lideras-2.vendus.cv
URL: https://associacao-lideras-2.vendus.cv/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b625d5a8adce0e637b3263a627b65445e87da3ec1e62aff4ff86869707ed4fe7
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://associacao-lideras-2.vendus.cv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 11 Jan 2024 02:51:54 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54366
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
rP9SJ8SyjMzcs4BYKevqCIx+R1dLk5TKkaJUgotm/IQs3lCT0X6CA7pNRwq23SrHipVZhvqpJGOmAmluKdf7FQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		253 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6XVXP8GPQM&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MPSKD8P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0c::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bb099054f1cd9edd9c5a6a17f432ffae318a28be855b38e6be657258b70648b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://associacao-lideras-2.vendus.cv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 02:51:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88245
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 11 Jan 2024 02:51:54 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MPSKD8P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::64 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://associacao-lideras-2.vendus.cv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 11 Jan 2024 01:17:45 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5649
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 11 Jan 2024 03:17:45 GMT
620279165909144
connect.facebook.net/signals/config/ 		139 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/620279165909144?v=2.9.139&r=stable&domain=associacao-lideras-2.vendus.cv
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ee0b15a6610eca55c861b0b7659e8723b286ad120b433f471106a38594179494
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://associacao-lideras-2.vendus.cv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 11 Jan 2024 02:51:54 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
2fu6q63WGzM7LSmVNc2zl0xWR0bD4lu/LzthtadYvuKZRK/pDm2dx3RTJfqY3ztFv8JbDcY4Q1WmsIlcCI1m1w==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
fd6vvhbhfu
www.clarity.ms/tag/ 		1018 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/fd6vvhbhfu?ref=gtm2
Requested by
Host: associacao-lideras-2.vendus.cv
URL: https://associacao-lideras-2.vendus.cv/login/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::40 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea2b4ffba9985a1a7fe1963073b229dd4e0972bfafb283d0d236355d63d9134d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://associacao-lideras-2.vendus.cv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

request-context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
date
Thu, 11 Jan 2024 02:51:54 GMT
x-azure-ref
0ylefZQAAAACFtXI+nGSNT6Bp/I0McsdxQk4xQUEyMDUxMDIwMDUzADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
content-length
1018
expires
-1
collect
analytics.google.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-6XVXP8GPQM&gtm=45je4180v888949963z8856118577&_p=1704941513623&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=150372198.1704941515&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704941514&sct=1&seg=0&dl=https%3A%2F%2Fassociacao-lideras-2.vendus.cv%2Flogin%2F&dt=Login%20na%20sua%20Conta%20-%20Vendus&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5176
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6XVXP8GPQM&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c02::66 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://associacao-lideras-2.vendus.cv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 02:51:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://associacao-lideras-2.vendus.cv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
264 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6XVXP8GPQM&cid=150372198.1704941515&gtm=45je4180v888949963z8856118577&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6XVXP8GPQM&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0b::9a -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://associacao-lideras-2.vendus.cv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 02:51:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://associacao-lideras-2.vendus.cv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=620279165909144&ev=PageView&dl=https%3A%2F%2Fassociacao-lideras-2.vendus.cv%2Flogin%2F&rl=&if=false&ts=1704941514608&sw=1600&sh=1200&v=2.9.139&r=stable&ec=0&o=4126&fbp=fb.1.1704941514605.1424179700&cs_est=true&ler=empty&it=1704941514278&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de -, , ASN (),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://associacao-lideras-2.vendus.cv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 11 Jan 2024 02:51:54 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
l.js
client.crisp.chat/
Redirect Chain
  • https://client.crisp.im/l.js
  • https://client.crisp.chat/l.js
8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/l.js
Protocol
H2
Server
2606:4700:4400::ac40:994b -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
85b5189d8ec907e1c80ed6e6d31b40ae2cb464783c168f3261008bffa082e713
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://associacao-lideras-2.vendus.cv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 02:51:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
8469
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 24 Aug 2023 11:12:52 GMT
server
cloudflare
etag
W/"64e73b34-205d"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
false
vary
Accept-Encoding
cf-ray
8439dc549c0831da-MIA
access-control-allow-headers
Content-Type, Origin
expires
Fri, 12 Jan 2024 02:51:54 GMT

Redirect headers

date
Thu, 11 Jan 2024 02:51:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
51428
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nk%2BQSUOPXXIxWTBr73teL8NN53VAXjhvn8OQSZkmX0Y%2Fc3T%2FgN0J1%2FGHmd8kpt2bm1WPpaMvsq3CmeFBStTSk9zYeBHUOAFe04qM9Vg1gZsE2IcZ2SMypqx0fg0NbRAksvfifFpYteaIMPRaYqk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://client.crisp.chat/l.js
cache-control
max-age=86400
cf-ray
8439dc53b90d67bd-MIA
alt-svc
h3=":443"; ma=86400
content-length
162
clarity.js
www.clarity.ms/s/0.7.20/ 		60 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.20/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/fd6vvhbhfu?ref=gtm2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::40 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://associacao-lideras-2.vendus.cv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 02:51:54 GMT
content-encoding
br
last-modified
Wed, 10 Jan 2024 14:13:16 GMT
x-azure-ref-originshield
0C1CfZQAAAADDI3schs7dTq1//Nay1x/GTU5aMjIxMDYwNjExMDIxADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag
"0x8DC11E64A3C39E6"
x-azure-ref
0ylefZQAAAADL/h8c8m3PQ71F5bnclefqQk4xQUEyMDUxMDIwMDUzADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
3d637761-701e-0011-2a05-44b46f000000
cache-control
public, max-age=86400
x-ms-version
2018-03-28
accept-ranges
bytes
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=FEBB3949C0B44D08A62988FADFF2236E&RedC=c.clarity.ms&MXFR=0D2AEC10243C68DF2D94F813203C663E
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FEBB3949C0B44D08A62988FADFF2236E&MUID=3C28C6B6961967EF00BCD2B5977566D5
42 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FEBB3949C0B44D08A62988FADFF2236E&MUID=3C28C6B6961967EF00BCD2B5977566D5
Protocol
H2
Server
20.110.205.119 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://associacao-lideras-2.vendus.cv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 02:51:55 GMT
last-modified
Wed, 10 Jan 2024 01:59:15 GMT
server
Microsoft-IIS/10.0
etag
"c5fcfc9c6843da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 02:51:54 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B8C1059FE6834636BE6EFE81A563ECE2 Ref B: MIAEDGE1917 Ref C: 2024-01-11T02:51:55Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FEBB3949C0B44D08A62988FADFF2236E&MUID=3C28C6B6961967EF00BCD2B5977566D5
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
collect
www.google-analytics.com/j/ 		16 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=441338732&t=pageview&_s=1&dl=https%3A%2F%2Fassociacao-lideras-2.vendus.cv%2Flogin%2F&ul=en-us&de=UTF-8&dt=Login%20na%20sua%20Conta%20-%20Vendus&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=1422269803&gjid=1945582970&cid=150372198.1704941515&tid=UA-16650868-27&_gid=2087609529.1704941515&_r=1&_slc=1&gtm=45He4180n81MPSKD8Pv856118577&gcd=11l1l1l1l1&dma=0&z=235558129
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::64 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
651f79f2dd1ecbb88cc11273bbf8e33ce2ed49ab6ccfcb007afa5c6d6984c936
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://associacao-lideras-2.vendus.cv/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 02:51:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://associacao-lideras-2.vendus.cv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=441338732&t=event&ni=1&_s=2&dl=https%3A%2F%2Fassociacao-lideras-2.vendus.cv%2Flogin%2F&ul=en-us&de=UTF-8&dt=Login%20na%20sua%20Conta%20-%20Vendus&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=ph4rmp&_u=aDDACEABBAAAACAAI~&jid=&gjid=&cid=150372198.1704941515&tid=UA-16650868-27&_gid=2087609529.1704941515&gtm=45He4180n81MPSKD8Pv856118577&gcd=11l1l1l1l1&dma=0&cd1=https%3A%2F%2Fclarity.microsoft.com%2Fga%2Ffd6vvhbhfu%2F1fmcddq%2Fph4rmp&z=1006724204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::64 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://associacao-lideras-2.vendus.cv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 16:36:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
36909
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-16650868-27&cid=150372198.1704941515&jid=1422269803&gjid=1945582970&_gid=2087609529.1704941515&_u=YCDACEAABAAAACAAI~&z=1203741121
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0b::9a -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://associacao-lideras-2.vendus.cv/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 11 Jan 2024 02:51:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://associacao-lideras-2.vendus.cv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		241 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VVG7J53HM9&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0c::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d44b680906120f34f98abc1c75dc0ce1b6f463fe9c1b66ab1f1289dadf13f7b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://associacao-lideras-2.vendus.cv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 02:51:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85992
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 11 Jan 2024 02:51:54 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-16650868-27&cid=150372198.1704941515&jid=1422269803&_u=YCDACEAABAAAACAAI~&z=444813149
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::63 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://associacao-lideras-2.vendus.cv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 02:51:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
v.clarity.ms/ 		0
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.135 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
application/x-clarity-gzip
Referer
https://associacao-lideras-2.vendus.cv/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://associacao-lideras-2.vendus.cv
Date
Thu, 11 Jan 2024 02:51:55 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
client.js
client.crisp.chat/static/javascripts/ 		410 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/javascripts/client.js?0a15717
Requested by
Host: client.crisp.im
URL: https://client.crisp.im/l.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:994b -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://associacao-lideras-2.vendus.cv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 02:51:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
8469
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 24 Aug 2023 11:12:52 GMT
server
cloudflare
etag
W/"64e73b34-667ba"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
false
vary
Accept-Encoding
cf-ray
8439dc54fc2031da-MIA
access-control-allow-headers
Content-Type, Origin
expires
Sun, 08 Jan 2034 02:51:55 GMT
client_default.css
client.crisp.chat/static/stylesheets/ 		355 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/stylesheets/client_default.css?0a15717
Requested by
Host: client.crisp.im
URL: https://client.crisp.im/l.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:994b -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
789ba33b9073ea156a1449be494d9cad33defb75015bbbaf716cf8eb30c66a8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://associacao-lideras-2.vendus.cv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 02:51:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
8469
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jan 2024 00:29:39 GMT
server
cloudflare
etag
W/"65974d73-58bcb"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
false
vary
Accept-Encoding
cf-ray
8439dc54fc1f31da-MIA
access-control-allow-headers
Content-Type, Origin
expires
Sun, 08 Jan 2034 02:51:55 GMT
collect
analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-VVG7J53HM9&gtm=45je4180v9164374355&_p=1704941513623&_gaz=1&gcd=11l1l1l1l2&dma=0&ul=en-us&sr=1600x1200&cid=150372198.1704941515&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fassociacao-lideras-2.vendus.cv%2Flogin%2F&dt=Login%20na%20sua%20Conta%20-%20Vendus&sid=1704941515&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=5790
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VVG7J53HM9&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c02::66 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://associacao-lideras-2.vendus.cv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 02:51:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://associacao-lideras-2.vendus.cv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VVG7J53HM9&cid=150372198.1704941515&gtm=45je4180v9164374355&aip=1&dma=0&gcd=11l1l1l1l2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VVG7J53HM9&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0b::9a -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://associacao-lideras-2.vendus.cv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 02:51:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://associacao-lideras-2.vendus.cv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
client.crisp.chat/settings/website/49061376-c647-4306-acfe-6dc516a624d5/prelude/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
client.crisp.chat
URL
https://client.crisp.chat/settings/website/49061376-c647-4306-acfe-6dc516a624d5/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2024-0-10-16-51

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| initGTMOnEvent function| initGTM function| loadScripts function| findAnimationElement function| live function| serialize object| animate object| docCookies function| tns function| LazyLoad object| electronJs object| marvelJs string| ua boolean| gtmDidInit object| dataLayer function| fbq function| _fbq object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| clarity function| onYouTubeIframeAPIReady object| gaGlobal object| CRISP_RUNTIME_CONFIG object| $crisp string| CRISP_WEBSITE_ID object| d object| s function| CRISP_READY_TRIGGER

6 Cookies

Domain/Path Name / Value
.vendus.cv/ Name: PHPSESSID
Value: 2n7t85ddmgbahpm8duek9mi9k4
.vendus.cv/ Name: tvisitor
Value: 80c84b3b011250b871d331278f98f674
.vendus.cv/ Name: _gcl_au
Value: 1.1.1784437278.1704941514
.vendus.cv/ Name: _ga
Value: GA1.1.150372198.1704941515
.vendus.cv/ Name: _ga_6XVXP8GPQM
Value: GS1.1.1704941514.1.0.1704941514.60.0.0
.vendus.cv/ Name: _fbp
Value: fb.1.1704941514605.1424179700

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
associacao-lideras-2.vendus.cv
c.bing.com
c.clarity.ms
client.crisp.chat
client.crisp.im
connect.facebook.net
stats.g.doubleclick.net
v.clarity.ms
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
client.crisp.chat
20.110.205.119
20.114.189.135
2606:4700:3036::6815:5759
2606:4700:4400::ac40:994b
2607:f8b0:400d:c02::66
2607:f8b0:400d:c07::64
2607:f8b0:400d:c09::63
2607:f8b0:400d:c0b::9a
2607:f8b0:400d:c0c::61
2620:1ec:29:1::40
2620:1ec:c11::200
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
54.192.51.27
084d79a07edf9ed6f16093ad3df141b706355e1fad0b6d18d496d32c7af85809
12db4e31a7a4ad043ae2a2a101ed8eb8cd8155ab51d42ba08e91bd24cc061d1a
50798396cb2ff4bffef30c5c6886c28c758edb0e749a210e335762a831a549af
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
651f79f2dd1ecbb88cc11273bbf8e33ce2ed49ab6ccfcb007afa5c6d6984c936
789ba33b9073ea156a1449be494d9cad33defb75015bbbaf716cf8eb30c66a8a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85b5189d8ec907e1c80ed6e6d31b40ae2cb464783c168f3261008bffa082e713
917d94bb47fc47defdd999f571704e9439c8d9efc679ad2407586cdd487b10ef
b4206641679f5aea3a2db952c54be8cd615629dcbe94eac8d4b9d7470504786f
b625d5a8adce0e637b3263a627b65445e87da3ec1e62aff4ff86869707ed4fe7
bb099054f1cd9edd9c5a6a17f432ffae318a28be855b38e6be657258b70648b6
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
d44b680906120f34f98abc1c75dc0ce1b6f463fe9c1b66ab1f1289dadf13f7b3
d8c05b70224bc688bca13509c9bcc2a900c3161e8a3b73ca8981b4cdf13f756a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
debdc3774ad58e7f65e80f6fe59ad015964cdb51d88132d8e0bd0c45c6dff2c3
e2087f585c3b213ba537a56c8bc8e6134c69d6fa1a5728d306df56d697b4e7ab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea2b4ffba9985a1a7fe1963073b229dd4e0972bfafb283d0d236355d63d9134d
ee0b15a6610eca55c861b0b7659e8723b286ad120b433f471106a38594179494
fb137507803d122c67fe5483ea7e2017b5e1e1bfe421575bdd89547c2483673d