urlscan.io logo urlscan.io
SecurityTrails logo

brasilnopositivo.com.br Open in urlscan Pro
2606:4700:10::6814:ea79  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.brasilnopositivo.com.br/
Effective URL: https://brasilnopositivo.com.br/
Submission: On January 10 via api from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 12 HTTP transactions. The main IP is 2606:4700:10::6814:ea79, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is brasilnopositivo.com.br.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on December 17th 2019. Valid for: 6 months.
This is the only time brasilnopositivo.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
12 10
3    2606:4700:10::6814:ea79 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.brasilnopositivo.com.br
brasilnopositivo.com.br
2    2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
img.youtube.com
1    2606:4700::6811:4104 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ajax.cloudflare.com
1    2606:4700:30::681b:9cfb (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
code.responsivevoice.org
1    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
2    2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.youtube.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2001:4860:4802:36::75 (United States)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
1    2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
s.ytimg.com
Domain Requested by
2 www.youtube.com brasilnopositivo.com.br
s.ytimg.com
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 img.youtube.com brasilnopositivo.com.br
2 brasilnopositivo.com.br ajax.cloudflare.com
1 s.ytimg.com www.youtube.com
1 www.google.de
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 www.googletagmanager.com ajax.cloudflare.com
1 code.responsivevoice.org ajax.cloudflare.com
1 ajax.cloudflare.com brasilnopositivo.com.br
1 www.brasilnopositivo.com.br 1 redirects
12 12
Subject Issuer Validity Valid
ssl953276.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-12-17 -
2020-06-24		 6 months crt.sh
*.google.com
GTS CA 1O1		 2019-12-10 -
2020-03-03		 3 months crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2		 2020-01-07 -
2020-10-09		 9 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-08-26 -
2020-08-25		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-12-10 -
2020-03-03		 3 months crt.sh
www.google.de
GTS CA 1O1		 2019-12-10 -
2020-03-03		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://brasilnopositivo.com.br/
Frame ID: C57CBDE525F6A5F71574303C3CEABEA2
Requests: 27 HTTP requests in this frame

Frame: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fbrasilnopositivo.com.br&widgetid=1
Frame ID: FAA76107462082E58A8F61FECFB282B6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.brasilnopositivo.com.br/ HTTP 302
    https://brasilnopositivo.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

12
Requests

100 %
HTTPS

100 %
IPv6

10
Domains

12
Subdomains

10
IPs

3
Countries

942 kB
Transfer

2410 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.brasilnopositivo.com.br/ HTTP 302
    https://brasilnopositivo.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1238437063&t=pageview&_s=1&dl=https%3A%2F%2Fbrasilnopositivo.com.br%2F&ul=en-us&de=UTF-8&dt=Cadastro%20Positivo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1986533097&gjid=1160005877&cid=1832289819.1578615769&tid=UA-141681155-1&_gid=1192412110.1578615769&_r=1&gtm=2ou121&z=1262885949 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-141681155-1&cid=1832289819.1578615769&jid=1986533097&_gid=1192412110.1578615769&gjid=1160005877&_v=j79&z=1262885949 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-141681155-1&cid=1832289819.1578615769&jid=1986533097&_v=j79&z=1262885949 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-141681155-1&cid=1832289819.1578615769&jid=1986533097&_v=j79&z=1262885949&slf_rd=1&random=1787425325

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
brasilnopositivo.com.br/
Redirect Chain
  • http://www.brasilnopositivo.com.br/
  • https://brasilnopositivo.com.br/
1 MB
599 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://brasilnopositivo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea79 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
50b779d9b6933e5f4bb0c5b090129304e32c05cacefd98357106bc1d2c29d11f

Request headers

:method
GET
:authority
brasilnopositivo.com.br
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
cookie
__cfduid=de081fa4cb59d0c42acd79b8f29e39eef1578615767
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status
200
date
Fri, 10 Jan 2020 00:22:48 GMT
content-type
text/html
last-modified
Thu, 19 Dec 2019 21:21:19 GMT
vary
Accept-Encoding
access-control-allow-origin
*
access-control-allow-methods
HEAD, GET, POST, PUT, PATCH, DELETE
access-control-allow-headers
Origin, Content-Type, X-Auth-Token
cache-control
max-age=86400
cf-cache-status
HIT
age
47
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server
cloudflare
cf-ray
552a7fa5fff6bea6-FRA
content-encoding
br

Redirect headers

Date
Fri, 10 Jan 2020 00:22:47 GMT
Content-Type
text/html; charset=iso-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=de081fa4cb59d0c42acd79b8f29e39eef1578615767; expires=Sun, 09-Feb-20 00:22:47 GMT; path=/; domain=.brasilnopositivo.com.br; HttpOnly; SameSite=Lax
Location
https://brasilnopositivo.com.br/
CF-Cache-Status
BYPASS
Vary
Accept-Encoding
Alt-Svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
Server
cloudflare
CF-RAY
552a7fa3e993e00b-FRA
truncated
/ 		689 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19e4cce76fb2de43bf86beb402bd0bf09a5ea7c44422276d73b3cdd61e5bb2cd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		275 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
829d884ecbba24f793859f0964771211c217ffb3ee8a0bb46a8565f91e79d957

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		12 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5fb03e9c9c6ef73b1bb910d648e87e4d6f020ead5134c2e2dee22bf28cc89b11

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c427fdd8b8b3ead73ba924cbfb2520d470ba875228ede1824c4a57c89526b275

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dc4d57d7772cba0e974a1b5bbeef9602085eee94752373b87021c4f52dfd443d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
853cd107df58dc6df79edb776bf698fed45b939eee5b86187b51b51a257d776e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
149efebf5d034b18766344fb93a78ec60e135f215d0c98736a1954896e03e803

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		48 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a25d92112fe1cc193a1bc51400b62ee1c11411b21a387d26d8c44d57c30db81

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		389 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df7e4da37914a1bf2586a28bc8c5bf9a02434503b40b6895e741db3a0cb5e126

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		34 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1031c15e05b7cfc071ef0708a8870156635e911dc4190332c2d3d44d26975644

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eefb9117d3cc82cf8ec23ca9531f1840175b5b2f77126c520486589ca2ed2fd0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		95 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a00978f85c9952342c71cc8af463218abc05cf27aec0d1d917cda9a5926dd240

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/png
maxresdefault.jpg
img.youtube.com/vi/R9ya6MSiTqQ/ 		112 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/R9ya6MSiTqQ/maxresdefault.jpg
Requested by
Host: brasilnopositivo.com.br
URL: https://brasilnopositivo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
734ff4a5a2027637353e77a968a89d0308d1f906562271508629452c19618c80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://brasilnopositivo.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 10 Jan 2020 00:22:02 GMT
x-content-type-options
nosniff
server
sffe
age
46
etag
"1559935303"
content-type
image/jpeg
status
200
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
114183
x-xss-protection
0
expires
Fri, 10 Jan 2020 02:22:02 GMT
truncated
/ 		34 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c6b9ff0667123748324b8648d6b66d0168a0029e3828fb860bc6ae62012a1ab4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		41 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
78f34cc338f174a7c82e64e033a9c821cc035083fb0de578b20c4375f0da8afe

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		39 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
32af82220ad263739b13a61fbb4f3cf6e07d75b169ebb23d869ff778e8c02d40

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		35 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
150ad54de34f6d55413524cde30e0ef9c328333b2a483cd6b09f92e8fed77d7b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/png
maxresdefault.jpg
img.youtube.com/vi/xafnzsoU9Es/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/xafnzsoU9Es/maxresdefault.jpg
Requested by
Host: brasilnopositivo.com.br
URL: https://brasilnopositivo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f1c8eb9ac05d4051fa6886b5d973d387bdc64e08dffc84dd3275910f46b5b82d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://brasilnopositivo.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 10 Jan 2020 00:22:02 GMT
x-content-type-options
nosniff
server
sffe
age
46
etag
"1556309697"
content-type
image/jpeg
status
200
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100288
x-xss-protection
0
expires
Fri, 10 Jan 2020 02:22:02 GMT
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Requested by
Host: brasilnopositivo.com.br
URL: https://brasilnopositivo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://brasilnopositivo.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 10 Jan 2020 00:22:48 GMT
content-encoding
gzip
last-modified
Wed, 08 Jan 2020 13:55:30 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5e15df52-3016"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=172800, public
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
552a7fa71cb9c29a-FRA
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires
Sun, 12 Jan 2020 00:22:48 GMT
responsivevoice.js
code.responsivevoice.org/ 		77 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.responsivevoice.org/responsivevoice.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:9cfb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3267d897466476b1d501c49014e56820d5cd56fcd9d10906b2d210fa9eb0b1cf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' responsivevoice.com responsivevoice.org *.responsivevoice.com *.responsivevoice.org
X-Frame-Options ALLOW-FROM https://responsivevoice.com https://responsivevoice.org

Request headers

Referer
https://brasilnopositivo.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 10 Jan 2020 00:22:48 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
last-modified
Wed, 18 Dec 2019 18:09:47 GMT
server
cloudflare
age
5398
etag
W/"5dfa6b6b-1320d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
ALLOW-FROM https://responsivevoice.com https://responsivevoice.org
content-type
application/x-javascript
status
200
cache-control
max-age=14400
content-security-policy
frame-ancestors 'self' responsivevoice.com responsivevoice.org *.responsivevoice.com *.responsivevoice.org
cf-ray
552a7fa77b54d719-FRA
cjsbaseclass.min.js
brasilnopositivo.com.br/js/ 		165 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://brasilnopositivo.com.br/js/cjsbaseclass.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea79 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2d9484982b05d591bb401ba15e6e556d9535088a2608a84195d7f2ab11b750b

Request headers

Referer
https://brasilnopositivo.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 10 Jan 2020 00:22:48 GMT
content-encoding
br
cf-cache-status
HIT
age
46
status
200
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 19 Dec 2019 21:21:19 GMT
server
cloudflare
etag
W/"29568-59a1524648ee7-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET, POST, PUT, PATCH, DELETE
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
552a7fa75952bea6-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token
js
www.googletagmanager.com/gtag/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-141681155-1
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9bc361f5ecdbdacb0ffe7c480f813bd117ae06753ca9846da142c3224b9a1d69
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://brasilnopositivo.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 10 Jan 2020 00:22:48 GMT
content-encoding
br
last-modified
Fri, 10 Jan 2020 00:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
27912
x-xss-protection
0
expires
Fri, 10 Jan 2020 00:22:48 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-141681155-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://brasilnopositivo.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
6553
date
Thu, 09 Jan 2020 22:33:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Fri, 10 Jan 2020 00:33:35 GMT
iframe_api
www.youtube.com/ 		859 B
923 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: brasilnopositivo.com.br
URL: https://brasilnopositivo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
8b499b9cd5aec4c30e2cf9c64e8cf128e4f16f2111390f12850fbbc9882b4986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://brasilnopositivo.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 10 Jan 2020 00:22:48 GMT
x-content-type-options
nosniff
server
YouTube Frontend Proxy
content-type
application/javascript
status
200
cache-control
no-cache
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
859
x-xss-protection
0
expires
Tue, 27 Apr 1971 19:44:06 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1238437063&t=pageview&_s=1&dl=https%3A%2F%2Fbrasilnopositivo.com.br%2F&ul=en-us&de=UTF-8&dt=Cadastro%20Positivo&sd=24-bit&sr=1600x1200&vp=160...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-141681155-1&cid=1832289819.1578615769&jid=1986533097&_gid=1192412110.1578615769&gjid=1160005877&_v=j79&z=1262885949
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-141681155-1&cid=1832289819.1578615769&jid=1986533097&_v=j79&z=1262885949
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-141681155-1&cid=1832289819.1578615769&jid=1986533097&_v=j79&z=1262885949&slf_rd=1&random=1787425325
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-141681155-1&cid=1832289819.1578615769&jid=1986533097&_v=j79&z=1262885949&slf_rd=1&random=1787425325
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://brasilnopositivo.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Jan 2020 00:22:48 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 Jan 2020 00:22:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-141681155-1&cid=1832289819.1578615769&jid=1986533097&_v=j79&z=1262885949&slf_rd=1&random=1787425325
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vfl497i6p/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ytimg.com/yts/jsbin/www-widgetapi-vfl497i6p/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
336fcbed0b5b1a5c63e555efb1170170cf3a17ea6db699d15415d91930cdc0bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://brasilnopositivo.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 09 Jan 2020 11:54:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44916
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8776
x-xss-protection
0
last-modified
Wed, 08 Jan 2020 03:55:28 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Fri, 17 Jan 2020 11:54:12 GMT
/
www.youtube.com/embed/ Frame FAA7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fbrasilnopositivo.com.br&widgetid=1
Requested by
Host: s.ytimg.com
URL: https://s.ytimg.com/yts/jsbin/www-widgetapi-vfl497i6p/www-widgetapi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/?enablejsapi=1&origin=https%3A%2F%2Fbrasilnopositivo.com.br&widgetid=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://brasilnopositivo.com.br/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://brasilnopositivo.com.br/

Response headers

status
200
x-content-type-options
nosniff
cache-control
no-cache
content-encoding
br
expires
Tue, 27 Apr 1971 19:44:06 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
date
Fri, 10 Jan 2020 00:22:48 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=NNJ80K3JXIA; path=/; domain=.youtube.com; secure; expires=Wed, 08-Jul-2020 00:22:48 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=NNJ80K3JXIA; path=/; domain=.youtube.com; secure; expires=Wed, 08-Jul-2020 00:22:48 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Fri, 10-Jan-2020 00:52:48 GMT YSC=_mKG2o7ogvo; path=/; domain=.youtube.com; httponly
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Verdicts & Comments Add Verdict or Comment

154 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| __cfQR function| gtag object| dataLayer object| google_tag_manager function| TConsoleEx function| compact function| isset function| extract function| uniqid function| base64_decode function| array function| str_word_count function| ctype_alpha function| setlocale function| getenv function| utf8_decode function| base64_encode function| utf8_encode function| chr function| htmlentities function| get_html_translation_table function| htmlspecialchars function| htmlspecialchars_decode function| html_entity_decode function| md5 function| nl2br function| number_format function| parse_str function| urldecode function| sprintf function| stripos function| strip_tags function| strpos function| strtr function| krsort function| i18n_loc_get_default function| i18n_loc_set_default function| ini_set function| str_ireplace function| str_pad function| str_replace function| trim function| parse_url function| urlencode function| empty function| get_defined_vars function| _u_varToBoolean function| _u_hasMessageFromObject function| _u_extractMessageFromObject function| _u_hexToRgb function| _u_invertRgb function| _u_invertHex function| _u_colourNameToHex function| _typeof object| cjsbaseclass_ns number| k string| source object| attr string| data_name string| data_value number| CJS_DEBUG_MODE_0 number| CJS_DEBUG_MODE_1 number| CJS_DEBUG_MODE_2 undefined| Cookies object| Url object| is function| $ function| jQuery function| cjsbaseclass_jquery function| CjsBaseClass string| GoogleAnalyticsObject function| ga function| ResponsiveVoice object| responsiveVoice object| _gsScope function| _extends function| jqueryumsmustache_utf8_encode function| jqueryumsmustache_md5 object| umsappJqueryPluginUmsMustache object| umslib object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| TweenMax function| TimelineLite function| TimelineMax function| BezierPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| ExpoScaleEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup function| EvEmitter object| Mustache function| LazyLoad function| imagesLoaded object| umsapp function| getSelectionText boolean| __cfRLUnblockHandlers object| ___classes_triggers function| onYouTubeIframeAPIReady object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter

1 Cookies

Domain/Path Name / Value
.brasilnopositivo.com.br/ Name: __cfduid
Value: de081fa4cb59d0c42acd79b8f29e39eef1578615767

9 Console Messages

Source Level URL
Text
console-api log URL: https://code.responsivevoice.org/responsivevoice.js(Line 9)
Message:
ResponsiveVoice r1.6.0
console-api log URL: https://code.responsivevoice.org/responsivevoice.js(Line 106)
Message:
Voice support NOT ready
console-api log URL: https://code.responsivevoice.org/responsivevoice.js(Line 106)
Message:
Voice support NOT ready
console-api log URL: https://code.responsivevoice.org/responsivevoice.js(Line 106)
Message:
Voice support NOT ready
console-api log URL: https://code.responsivevoice.org/responsivevoice.js(Line 106)
Message:
Voice support NOT ready
console-api log URL: https://code.responsivevoice.org/responsivevoice.js(Line 106)
Message:
Voice support NOT ready
console-api log URL: https://code.responsivevoice.org/responsivevoice.js(Line 106)
Message:
Voice support NOT ready
console-api log URL: https://code.responsivevoice.org/responsivevoice.js(Line 107)
Message:
RV: speechSynthesis present but no system voices found
console-api log URL: https://code.responsivevoice.org/responsivevoice.js(Line 108)
Message:
RV: Enabling fallback mode

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.cloudflare.com
brasilnopositivo.com.br
code.responsivevoice.org
img.youtube.com
s.ytimg.com
stats.g.doubleclick.net
www.brasilnopositivo.com.br
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.youtube.com
2001:4860:4802:36::75
2606:4700:10::6814:ea79
2606:4700:30::681b:9cfb
2606:4700::6811:4104
2a00:1450:4001:808::2008
2a00:1450:4001:808::200e
2a00:1450:4001:814::200e
2a00:1450:4001:816::200e
2a00:1450:4001:81a::2003
2a00:1450:4001:820::200e
2a00:1450:400c:c00::9c
1031c15e05b7cfc071ef0708a8870156635e911dc4190332c2d3d44d26975644
149efebf5d034b18766344fb93a78ec60e135f215d0c98736a1954896e03e803
150ad54de34f6d55413524cde30e0ef9c328333b2a483cd6b09f92e8fed77d7b
19e4cce76fb2de43bf86beb402bd0bf09a5ea7c44422276d73b3cdd61e5bb2cd
3267d897466476b1d501c49014e56820d5cd56fcd9d10906b2d210fa9eb0b1cf
32af82220ad263739b13a61fbb4f3cf6e07d75b169ebb23d869ff778e8c02d40
336fcbed0b5b1a5c63e555efb1170170cf3a17ea6db699d15415d91930cdc0bd
3a25d92112fe1cc193a1bc51400b62ee1c11411b21a387d26d8c44d57c30db81
50b779d9b6933e5f4bb0c5b090129304e32c05cacefd98357106bc1d2c29d11f
5fb03e9c9c6ef73b1bb910d648e87e4d6f020ead5134c2e2dee22bf28cc89b11
734ff4a5a2027637353e77a968a89d0308d1f906562271508629452c19618c80
78f34cc338f174a7c82e64e033a9c821cc035083fb0de578b20c4375f0da8afe
829d884ecbba24f793859f0964771211c217ffb3ee8a0bb46a8565f91e79d957
853cd107df58dc6df79edb776bf698fed45b939eee5b86187b51b51a257d776e
8b499b9cd5aec4c30e2cf9c64e8cf128e4f16f2111390f12850fbbc9882b4986
9bc361f5ecdbdacb0ffe7c480f813bd117ae06753ca9846da142c3224b9a1d69
a00978f85c9952342c71cc8af463218abc05cf27aec0d1d917cda9a5926dd240
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
c427fdd8b8b3ead73ba924cbfb2520d470ba875228ede1824c4a57c89526b275
c6b9ff0667123748324b8648d6b66d0168a0029e3828fb860bc6ae62012a1ab4
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dc4d57d7772cba0e974a1b5bbeef9602085eee94752373b87021c4f52dfd443d
df7e4da37914a1bf2586a28bc8c5bf9a02434503b40b6895e741db3a0cb5e126
eefb9117d3cc82cf8ec23ca9531f1840175b5b2f77126c520486589ca2ed2fd0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1c8eb9ac05d4051fa6886b5d973d387bdc64e08dffc84dd3275910f46b5b82d
f2d9484982b05d591bb401ba15e6e556d9535088a2608a84195d7f2ab11b750b