urlscan.io logo urlscan.io
SecurityTrails logo

brasilnopositivo.com.br Open in urlscan Pro
2606:4700:10::6816:635  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.brasilnopositivo.com.br/
Effective URL: https://brasilnopositivo.com.br/
Submission: On August 14 via api from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 12 HTTP transactions. The main IP is 2606:4700:10::6816:635, located in United States and belongs to CLOUDFLARENET, US. The main domain is brasilnopositivo.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 31st 2020. Valid for: a year.
This is the only time brasilnopositivo.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:10::6816:735 (United States)

ASN13335 (CLOUDFLARENET, US)
www.brasilnopositivo.com.br
2    2606:4700:10::6816:635 (United States)

ASN13335 (CLOUDFLARENET, US)
brasilnopositivo.com.br
2    2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
img.youtube.com
1    2606:4700::6810:a723 (United States)

ASN13335 (CLOUDFLARENET, US)
ajax.cloudflare.com
1    2606:4700:3030::681b:9dfb (United States)

ASN13335 (CLOUDFLARENET, US)
code.responsivevoice.org
1    2a00:1450:4001:815::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:818::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s.ytimg.com
Domain Requested by
2 www.youtube.com brasilnopositivo.com.br
s.ytimg.com
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 img.youtube.com brasilnopositivo.com.br
2 brasilnopositivo.com.br ajax.cloudflare.com
1 s.ytimg.com www.youtube.com
1 www.google.de
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 www.googletagmanager.com ajax.cloudflare.com
1 code.responsivevoice.org ajax.cloudflare.com
1 ajax.cloudflare.com brasilnopositivo.com.br
1 www.brasilnopositivo.com.br 1 redirects
12 12
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-31 -
2021-07-31		 a year crt.sh
*.google.com
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
ajax.cloudflare.com
DigiCert ECC Secure Server CA		 2020-08-11 -
2022-08-16		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://brasilnopositivo.com.br/
Frame ID: 5FD7352E2EBA401F4693705F0C810291
Requests: 27 HTTP requests in this frame

Frame: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fbrasilnopositivo.com.br&widgetid=1
Frame ID: 0E807690D80262AD08ECF51115C68299
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.brasilnopositivo.com.br/ HTTP 302
    https://brasilnopositivo.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

12
Requests

100 %
HTTPS

100 %
IPv6

10
Domains

12
Subdomains

10
IPs

3
Countries

954 kB
Transfer

2505 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.brasilnopositivo.com.br/ HTTP 302
    https://brasilnopositivo.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1755360389&t=pageview&_s=1&dl=https%3A%2F%2Fbrasilnopositivo.com.br%2F&ul=en-us&de=UTF-8&dt=Cadastro%20Positivo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=292769656&gjid=306694615&cid=1637871202.1597368884&tid=UA-141681155-1&_gid=1271113787.1597368884&_r=1&gtm=2ou871&z=872163193 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-141681155-1&cid=1637871202.1597368884&jid=292769656&_gid=1271113787.1597368884&gjid=306694615&_v=j83&z=872163193 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-141681155-1&cid=1637871202.1597368884&jid=292769656&_v=j83&z=872163193 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-141681155-1&cid=1637871202.1597368884&jid=292769656&_v=j83&z=872163193&slf_rd=1&random=4028700783

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
brasilnopositivo.com.br/
Redirect Chain
  • http://www.brasilnopositivo.com.br/
  • https://brasilnopositivo.com.br/
1 MB
570 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://brasilnopositivo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:635 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfcb7d1ea1434957b02a8e6cb7db895a871c9ffc292abe1f72199de3482715be

Request headers

:method
GET
:authority
brasilnopositivo.com.br
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d52f2b857c84b50fcdb55d2f6e7fe00301597368882
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Fri, 14 Aug 2020 01:34:43 GMT
content-type
text/html
last-modified
Wed, 11 Mar 2020 03:03:48 GMT
vary
Accept-Encoding,User-Agent
cache-control
max-age=86400
cf-cache-status
HIT
age
38
cf-request-id
048c33f0550000d6d93025b200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5c26ef608f51d6d9-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date
Fri, 14 Aug 2020 01:34:43 GMT
Content-Type
text/html; charset=iso-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d52f2b857c84b50fcdb55d2f6e7fe00301597368882; expires=Sun, 13-Sep-20 01:34:42 GMT; path=/; domain=.brasilnopositivo.com.br; HttpOnly; SameSite=Lax
Location
https://brasilnopositivo.com.br/
CF-Cache-Status
BYPASS
cf-request-id
048c33eee40000e00b839db200000001
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
5c26ef5e3f7ce00b-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/ 		689 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19e4cce76fb2de43bf86beb402bd0bf09a5ea7c44422276d73b3cdd61e5bb2cd

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		275 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
829d884ecbba24f793859f0964771211c217ffb3ee8a0bb46a8565f91e79d957

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		12 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5fb03e9c9c6ef73b1bb910d648e87e4d6f020ead5134c2e2dee22bf28cc89b11

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c427fdd8b8b3ead73ba924cbfb2520d470ba875228ede1824c4a57c89526b275

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dc4d57d7772cba0e974a1b5bbeef9602085eee94752373b87021c4f52dfd443d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
853cd107df58dc6df79edb776bf698fed45b939eee5b86187b51b51a257d776e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
149efebf5d034b18766344fb93a78ec60e135f215d0c98736a1954896e03e803

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		48 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a25d92112fe1cc193a1bc51400b62ee1c11411b21a387d26d8c44d57c30db81

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		389 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df7e4da37914a1bf2586a28bc8c5bf9a02434503b40b6895e741db3a0cb5e126

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eefb9117d3cc82cf8ec23ca9531f1840175b5b2f77126c520486589ca2ed2fd0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		95 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a00978f85c9952342c71cc8af463218abc05cf27aec0d1d917cda9a5926dd240

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
maxresdefault.jpg
img.youtube.com/vi/R9ya6MSiTqQ/ 		112 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/R9ya6MSiTqQ/maxresdefault.jpg
Requested by
Host: brasilnopositivo.com.br
URL: https://brasilnopositivo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
734ff4a5a2027637353e77a968a89d0308d1f906562271508629452c19618c80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://brasilnopositivo.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 23:55:10 GMT
x-content-type-options
nosniff
server
sffe
age
5973
etag
"1559935303"
content-type
image/jpeg
status
200
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
114183
x-xss-protection
0
expires
Fri, 14 Aug 2020 01:55:10 GMT
truncated
/ 		34 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1031c15e05b7cfc071ef0708a8870156635e911dc4190332c2d3d44d26975644

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		34 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c6b9ff0667123748324b8648d6b66d0168a0029e3828fb860bc6ae62012a1ab4

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		41 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
78f34cc338f174a7c82e64e033a9c821cc035083fb0de578b20c4375f0da8afe

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		39 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
32af82220ad263739b13a61fbb4f3cf6e07d75b169ebb23d869ff778e8c02d40

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		35 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
150ad54de34f6d55413524cde30e0ef9c328333b2a483cd6b09f92e8fed77d7b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
maxresdefault.jpg
img.youtube.com/vi/xafnzsoU9Es/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/xafnzsoU9Es/maxresdefault.jpg
Requested by
Host: brasilnopositivo.com.br
URL: https://brasilnopositivo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1c8eb9ac05d4051fa6886b5d973d387bdc64e08dffc84dd3275910f46b5b82d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://brasilnopositivo.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 23:55:10 GMT
x-content-type-options
nosniff
server
sffe
age
5973
etag
"1556309697"
content-type
image/jpeg
status
200
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100288
x-xss-protection
0
expires
Fri, 14 Aug 2020 01:55:10 GMT
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Requested by
Host: brasilnopositivo.com.br
URL: https://brasilnopositivo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://brasilnopositivo.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 01:34:43 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 10 Aug 2020 18:41:06 GMT
server
cloudflare
etag
W/"5f3194c2-3016"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
5c26ef619ce43233-FRA
cf-request-id
048c33f103000032336fbf3200000001
expires
Sun, 16 Aug 2020 01:34:43 GMT
responsivevoice.js
code.responsivevoice.org/ 		104 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.responsivevoice.org/responsivevoice.js?key=dZQ30swZ
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:9dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8bb485a209bc93cb18564d2872594df68b4da543396c327c52a7aa91555ddfa

Request headers

Referer
https://brasilnopositivo.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 01:34:43 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
23957
etag
W/"636b0b2f058d015ae6a7eff2c80208fc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
x-ratelimit-remaining
999
cache-control
public, max-age=432000
x-ratelimit-limit
1000
cf-ray
5c26ef620cd0c286-FRA
cf-request-id
048c33f1470000c28601996200000001
cjsbaseclass.min.js
brasilnopositivo.com.br/js/ 		165 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://brasilnopositivo.com.br/js/cjsbaseclass.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:635 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2d9484982b05d591bb401ba15e6e556d9535088a2608a84195d7f2ab11b750b

Request headers

Referer
https://brasilnopositivo.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 01:34:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 Mar 2020 14:28:30 GMT
server
cloudflare
age
36
etag
W/"3401bc7-29568-5a06cd13bb7e8-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
cache-control
max-age=86400
cf-ray
5c26ef61c88cd6d9-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
048c33f11d0000d6d930265200000001
js
www.googletagmanager.com/gtag/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-141681155-1
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
386e3b576fc52af1902230167261f4efafeba42a0a3b2c4252d8042b165b9a36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://brasilnopositivo.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 01:34:43 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35737
x-xss-protection
0
last-modified
Fri, 14 Aug 2020 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 14 Aug 2020 01:34:43 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-141681155-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://brasilnopositivo.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
1143
date
Fri, 14 Aug 2020 01:15:40 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Fri, 14 Aug 2020 03:15:40 GMT
iframe_api
www.youtube.com/ 		859 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: brasilnopositivo.com.br
URL: https://brasilnopositivo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
688ab7694a2048554f750d773c962fb24e3df8c7cd63b568d015b50bb29f4789
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://brasilnopositivo.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 01:34:43 GMT
x-content-type-options
nosniff
server
YouTube Frontend Proxy
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
status
200
cache-control
no-cache
content-type
application/javascript
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
expires
Tue, 27 Apr 1971 19:44:06 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1755360389&t=pageview&_s=1&dl=https%3A%2F%2Fbrasilnopositivo.com.br%2F&ul=en-us&de=UTF-8&dt=Cadastro%20Positivo&sd=24-bit&sr=1600x1200&vp=160...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-141681155-1&cid=1637871202.1597368884&jid=292769656&_gid=1271113787.1597368884&gjid=306694615&_v=j83&z=872163193
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-141681155-1&cid=1637871202.1597368884&jid=292769656&_v=j83&z=872163193
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-141681155-1&cid=1637871202.1597368884&jid=292769656&_v=j83&z=872163193&slf_rd=1&random=4028700783
42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-141681155-1&cid=1637871202.1597368884&jid=292769656&_v=j83&z=872163193&slf_rd=1&random=4028700783
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://brasilnopositivo.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Aug 2020 01:34:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 14 Aug 2020 01:34:43 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-141681155-1&cid=1637871202.1597368884&jid=292769656&_v=j83&z=872163193&slf_rd=1&random=4028700783
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vflCK7GzY/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ytimg.com/yts/jsbin/www-widgetapi-vflCK7GzY/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad4e1859923f50843a070bdcdcc0a66cffcf98eff8a986d3d20b34fa35549725
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://brasilnopositivo.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 22:30:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97434
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33713
x-xss-protection
0
last-modified
Wed, 12 Aug 2020 21:40:54 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Thu, 20 Aug 2020 22:30:49 GMT
/
www.youtube.com/embed/ Frame 0E80 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fbrasilnopositivo.com.br&widgetid=1
Requested by
Host: s.ytimg.com
URL: https://s.ytimg.com/yts/jsbin/www-widgetapi-vflCK7GzY/www-widgetapi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/?enablejsapi=1&origin=https%3A%2F%2Fbrasilnopositivo.com.br&widgetid=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://brasilnopositivo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
YSC=c45LEHA_t4I; VISITOR_INFO1_LIVE=__GQ29y-JOE
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://brasilnopositivo.com.br/

Response headers

status
200
strict-transport-security
max-age=31536000
content-length
8824
content-encoding
br
expires
Tue, 27 Apr 1971 19:44:06 GMT
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control
no-cache
content-type
text/html; charset=utf-8
date
Fri, 14 Aug 2020 01:34:43 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
GPS=1; path=/; domain=.youtube.com; expires=Fri, 14-Aug-2020 02:04:43 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Verdicts & Comments Add Verdict or Comment

183 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __cfQR object| url function| gtag object| dataLayer function| TConsoleEx function| compact function| isset function| extract function| uniqid function| base64_decode function| array function| str_word_count function| ctype_alpha function| setlocale function| getenv function| utf8_decode function| base64_encode function| utf8_encode function| chr function| htmlentities function| get_html_translation_table function| htmlspecialchars function| htmlspecialchars_decode function| html_entity_decode function| md5 function| nl2br function| number_format function| parse_str function| urldecode function| sprintf function| stripos function| strip_tags function| strpos function| strtr function| krsort function| i18n_loc_get_default function| i18n_loc_set_default function| ini_set function| str_ireplace function| str_pad function| str_replace function| trim function| parse_url function| urlencode function| empty function| get_defined_vars function| _u_varToBoolean function| _u_hasMessageFromObject function| _u_extractMessageFromObject function| _u_hexToRgb function| _u_invertRgb function| _u_invertHex function| _u_colourNameToHex function| _typeof object| cjsbaseclass_ns number| k string| source object| attr string| data_name string| data_value number| CJS_DEBUG_MODE_0 number| CJS_DEBUG_MODE_1 number| CJS_DEBUG_MODE_2 undefined| Cookies object| Url object| is function| $ function| jQuery function| cjsbaseclass_jquery function| CjsBaseClass object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| rvAgentPlayer string| rvApiKey string| rvApiEndpoint object| $jscomp function| $jscomp$lookupPolyfilledValue function| ResponsiveVoice object| responsiveVoice object| config boolean| splitTestEnabled boolean| splitTest_useGS function| GetRandomMsg function| getHiddenProp function| getVisibilityState function| isHidden function| isPrerendered boolean| prerenderUsed function| createCookie function| readCookie function| eraseCookie function| getOrCreateTest function| oneTimeTest function| trackEvent undefined| rvNotificationPopup function| hoverintent object| _gsScope function| _extends function| jqueryumsmustache_utf8_encode function| jqueryumsmustache_md5 object| umsappJqueryPluginUmsMustache object| umslib object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| TweenMax function| TimelineLite function| TimelineMax function| BezierPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| ExpoScaleEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup function| EvEmitter object| Mustache function| LazyLoad function| imagesLoaded object| umsapp function| getSelectionText boolean| __cfRLUnblockHandlers object| ___classes_triggers function| onYouTubeIframeAPIReady object| gaplugins object| gaGlobal object| gaData object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportLogPayloadsQueue_ object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_

4 Cookies

Domain/Path Name / Value
.brasilnopositivo.com.br/ Name: _gat_gtag_UA_141681155_1
Value: 1
.brasilnopositivo.com.br/ Name: _gid
Value: GA1.3.1271113787.1597368884
.brasilnopositivo.com.br/ Name: _ga
Value: GA1.3.1637871202.1597368884
.brasilnopositivo.com.br/ Name: __cfduid
Value: d52f2b857c84b50fcdb55d2f6e7fe00301597368882

12 Console Messages

Source Level URL
Text
console-api log URL: https://code.responsivevoice.org/responsivevoice.js?key=dZQ30swZ(Line 31)
Message:
ResponsiveVoice r1.6.5
console-api log URL: https://code.responsivevoice.org/responsivevoice.js?key=dZQ30swZ(Line 322)
Message:
isHidden: false
console-api log URL: https://code.responsivevoice.org/responsivevoice.js?key=dZQ30swZ(Line 323)
Message:
Prerender: false
console-api log URL: https://code.responsivevoice.org/responsivevoice.js?key=dZQ30swZ(Line 384)
Message:
Configuring
console-api log URL: https://code.responsivevoice.org/responsivevoice.js?key=dZQ30swZ(Line 129)
Message:
Voice support NOT ready
console-api log URL: https://code.responsivevoice.org/responsivevoice.js?key=dZQ30swZ(Line 129)
Message:
Voice support NOT ready
console-api log URL: https://code.responsivevoice.org/responsivevoice.js?key=dZQ30swZ(Line 129)
Message:
Voice support NOT ready
console-api log URL: https://code.responsivevoice.org/responsivevoice.js?key=dZQ30swZ(Line 129)
Message:
Voice support NOT ready
console-api log URL: https://code.responsivevoice.org/responsivevoice.js?key=dZQ30swZ(Line 129)
Message:
Voice support NOT ready
console-api log URL: https://code.responsivevoice.org/responsivevoice.js?key=dZQ30swZ(Line 129)
Message:
Voice support NOT ready
console-api log URL: https://code.responsivevoice.org/responsivevoice.js?key=dZQ30swZ(Line 130)
Message:
RV: speechSynthesis present but no system voices found
console-api log URL: https://code.responsivevoice.org/responsivevoice.js?key=dZQ30swZ(Line 131)
Message:
RV: Enabling fallback mode

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.cloudflare.com
brasilnopositivo.com.br
code.responsivevoice.org
img.youtube.com
s.ytimg.com
stats.g.doubleclick.net
www.brasilnopositivo.com.br
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.youtube.com
2606:4700:10::6816:635
2606:4700:10::6816:735
2606:4700:3030::681b:9dfb
2606:4700::6810:a723
2a00:1450:4001:800::2003
2a00:1450:4001:800::2004
2a00:1450:4001:815::2008
2a00:1450:4001:816::200e
2a00:1450:4001:818::200e
2a00:1450:4001:819::200e
2a00:1450:4001:81a::200e
2a00:1450:400c:c00::9c
1031c15e05b7cfc071ef0708a8870156635e911dc4190332c2d3d44d26975644
149efebf5d034b18766344fb93a78ec60e135f215d0c98736a1954896e03e803
150ad54de34f6d55413524cde30e0ef9c328333b2a483cd6b09f92e8fed77d7b
19e4cce76fb2de43bf86beb402bd0bf09a5ea7c44422276d73b3cdd61e5bb2cd
32af82220ad263739b13a61fbb4f3cf6e07d75b169ebb23d869ff778e8c02d40
386e3b576fc52af1902230167261f4efafeba42a0a3b2c4252d8042b165b9a36
3a25d92112fe1cc193a1bc51400b62ee1c11411b21a387d26d8c44d57c30db81
5fb03e9c9c6ef73b1bb910d648e87e4d6f020ead5134c2e2dee22bf28cc89b11
688ab7694a2048554f750d773c962fb24e3df8c7cd63b568d015b50bb29f4789
734ff4a5a2027637353e77a968a89d0308d1f906562271508629452c19618c80
78f34cc338f174a7c82e64e033a9c821cc035083fb0de578b20c4375f0da8afe
829d884ecbba24f793859f0964771211c217ffb3ee8a0bb46a8565f91e79d957
853cd107df58dc6df79edb776bf698fed45b939eee5b86187b51b51a257d776e
a00978f85c9952342c71cc8af463218abc05cf27aec0d1d917cda9a5926dd240
ad4e1859923f50843a070bdcdcc0a66cffcf98eff8a986d3d20b34fa35549725
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
c427fdd8b8b3ead73ba924cbfb2520d470ba875228ede1824c4a57c89526b275
c6b9ff0667123748324b8648d6b66d0168a0029e3828fb860bc6ae62012a1ab4
d8bb485a209bc93cb18564d2872594df68b4da543396c327c52a7aa91555ddfa
dc4d57d7772cba0e974a1b5bbeef9602085eee94752373b87021c4f52dfd443d
df7e4da37914a1bf2586a28bc8c5bf9a02434503b40b6895e741db3a0cb5e126
dfcb7d1ea1434957b02a8e6cb7db895a871c9ffc292abe1f72199de3482715be
eefb9117d3cc82cf8ec23ca9531f1840175b5b2f77126c520486589ca2ed2fd0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1c8eb9ac05d4051fa6886b5d973d387bdc64e08dffc84dd3275910f46b5b82d
f2d9484982b05d591bb401ba15e6e556d9535088a2608a84195d7f2ab11b750b
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955