![](/screenshots/ba0017f9-ed9a-45f4-9e64-c71cc47de815.png)
www.google.com
Open in
urlscan Pro
2607:f8b0:4004:c1b::69
Public Scan
Effective URL: https://www.google.com/
Submission: On January 26 via api from US — Scanned from US
Summary
TLS certificate: Issued by GTS CA 1C3 on January 2nd 2024. Valid for: 3 months.
This is the only time www.google.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 45.90.56.13 45.90.56.13 | 204957 (GREENFLOI...) (GREENFLOID-AS) | |
3 14 | 45.60.63.22 45.60.63.22 | 19551 (INCAPSULA) (INCAPSULA) | |
3 | 2607:f8b0:400... 2607:f8b0:4004:c1f::61 | 15169 (GOOGLE) (GOOGLE) | |
2 | 91.241.94.8 91.241.94.8 | 49582 (UPSTREAM-...) (UPSTREAM-AS Greece) | |
1 | 2001:4860:480... 2001:4860:4802:32::181 | () () | |
1 | 2607:f8b0:400... 2607:f8b0:4004:c08::9b | () () | |
1 1 | 2607:f8b0:400... 2607:f8b0:4004:c09::65 | () () | |
2 | 2607:f8b0:400... 2607:f8b0:4004:c1b::69 | () () | |
28 | 8 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
tim.com.br
3 redirects
auth3.tim.com.br |
79 KB |
4 |
google.com
1 redirects
analytics.google.com google.com www.google.com |
58 KB |
3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37 |
152 KB |
2 |
timpromos.com.br
www.timpromos.com.br |
46 KB |
2 |
topadvisitpro.pro
1 redirects
topadvisitpro.pro |
6 KB |
1 |
doubleclick.net
stats.g.doubleclick.net |
254 B |
0 |
gstatic.com
Failed
www.gstatic.com Failed |
|
0 |
securewebfraud.io
Failed
analytics-br-tim.securewebfraud.io Failed |
|
0 |
dindo.com.br
Failed
wap.dindo.com.br Failed |
|
28 | 9 |
Domain | Requested by | |
---|---|---|
14 | auth3.tim.com.br |
3 redirects
auth3.tim.com.br
|
3 | www.googletagmanager.com |
auth3.tim.com.br
www.googletagmanager.com |
2 | www.google.com |
topadvisitpro.pro
www.google.com |
2 | www.timpromos.com.br |
auth3.tim.com.br
|
2 | topadvisitpro.pro |
1 redirects
auth3.tim.com.br
|
1 | google.com | 1 redirects |
1 | stats.g.doubleclick.net |
www.googletagmanager.com
|
1 | analytics.google.com |
www.googletagmanager.com
|
0 | www.gstatic.com Failed |
www.google.com
|
0 | analytics-br-tim.securewebfraud.io Failed | |
0 | wap.dindo.com.br Failed |
auth3.tim.com.br
|
28 | 11 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
auth3.tim.com.br DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-04-19 - 2024-04-18 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.google.com/
Frame ID: 7C17EFF0BF13F1470D5C0097FFB1C203
Requests: 24 HTTP requests in this frame
Frame:
https://wap.dindo.com.br/newMobile/auth/tim/header.aspx?s=25
Frame ID: 39F0BCE300EE5736629F47BC2C5A077C
Requests: 1 HTTP requests in this frame
Frame:
https://auth3.tim.com.br/v3/accesscontrol-web/assets/OTA-BRTIM-CENTR-rendafixa1-weekly-pt-doi-web.css?ver=16
Frame ID: 52C48E1C570DB0DFE5E62A57A4DAD995
Requests: 4 HTTP requests in this frame
Screenshot
![](/screenshots/ba0017f9-ed9a-45f4-9e64-c71cc47de815.png)
Page URL History Show full URLs
-
http://topadvisitpro.pro/lion/591vdcfasd.php
HTTP 301
http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982F... Page URL
-
https://google.com/
HTTP 301
https://www.google.com/ Page URL
Detected technologies
Detected patterns
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://topadvisitpro.pro/lion/591vdcfasd.php
HTTP 301
http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2 Page URL
-
https://google.com/
HTTP 301
https://www.google.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://topadvisitpro.pro/lion/591vdcfasd.php HTTP 301
- http://auth3.tim.com.br/v3/accesscontrol-web/heloading?bmctx=D1C237A58FCD95265CB8D6ACE4AD377F2DE982FD5328553125A1F2A984F4091ACB28FCD2C93EFA64F67EC7905B8B708C&contextType=external&username=string&enablePersistentLogin=true&password=secure_string&challenge_url=http%3A%2F%2Fauth3.tim.com.br%2Fv3%2Faccesscontrol-web%2Fheloading&request_id=8407358969913691941&authn_try_count=0&locale=uk_UA&resource_url=https%253A%252F%252Fauth3.tim.com.br%252Fv3%252Faccesscontrol-web%252Fhe%253Fclient_id%253Db4da3e0624b94cbabb4d4c82b84b3012%2526csp%253D751%2526appid%253D11657%2526msisdn%253D16982527516%2526redirect_uri%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2525252FNCN%2525252Fcallback%2525252Fpending%2526SecureSessionId%253DAQ4z3kkKCibe9oqqd_5osqMKaYkmfLQn0SBDpKMj_k8SHvaQO11enrYcmhdBDWgLEgjG%2526campaignReturnURL%253Dhttp%2525253A%2525252F%2525252Fwww.timpromos.com.br%2522%253E%00%00%00%00%00%00%00%253CScript%253Eeval(atob(window.location.hash.substr(1)))%253C%252FScript%253E%2525252FNCN%2525252Fredirect%2526paymentType%253D2
- http://auth3.tim.com.br/v3/accesscontrol-web/assets/OTA-BRTIM-CENTR-rendafixa1-weekly-pt-doi-web.css?ver=16 HTTP 302
- https://auth3.tim.com.br/v3/accesscontrol-web/assets/OTA-BRTIM-CENTR-rendafixa1-weekly-pt-doi-web.css?ver=16 HTTP 302
- https://auth3.tim.com.br/v3/accesscontrol-web/assets/OTA-BRTIM-CENTR-rendafixa1-weekly-pt-doi-web.css?ver=16
- http://auth3.tim.com.br/v3/accesscontrol-web/assets/images/Telecom/OTA-rendafixa1-logo.png HTTP 302
- https://auth3.tim.com.br/v3/accesscontrol-web/assets/images/Telecom/OTA-rendafixa1-logo.png
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
heloading
auth3.tim.com.br/v3/accesscontrol-web/ Redirect Chain
|
14 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TIM-Login-styles-sheet.css
auth3.tim.com.br/OTP/css/ |
21 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
cns.css
wap.dindo.com.br/newMobile/auth/tim/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
auth3.tim.com.br/OTP/js/ |
95 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.mask.min.js
auth3.tim.com.br/OTP/js/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.bxslider.min.js
auth3.tim.com.br/OTP/js/ |
20 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bowser.js
auth3.tim.com.br/OTP/js/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spinner.js
auth3.tim.com.br/OTP/js/ |
611 B 902 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logClientV3.js
auth3.tim.com.br/OTP/js/ |
304 B 725 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading.gif
auth3.tim.com.br/OTP/imgs/ |
22 KB 23 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
header.aspx
wap.dindo.com.br/newMobile/auth/tim/ Frame 39F0 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
temp.js
topadvisitpro.pro/lion/222gdhj/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rendafixa1-weekly-pt-doi-web
www.timpromos.com.br/OTA-BRTIM-CENTR/ |
169 KB 45 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OTA-BRTIM-CENTR-rendafixa1-weekly-pt-doi-web.css
auth3.tim.com.br/v3/accesscontrol-web/assets/ Frame 52C4 Redirect Chain
|
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
182 KB 65 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OTA-rendafixa1-logo.png
auth3.tim.com.br/v3/accesscontrol-web/assets/images/Telecom/ Frame 52C4 Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
AQ4z3kk7ZCcSIBWNCRPtNIcrNtP6HgtKWxTEEvF4EaU1abz6e-EeXYzCgJcg_Wih01xI
analytics-br-tim.securewebfraud.io/web/v1/content/view/Confirmation/br_tim/ Frame 52C4 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AQ4z3kk7ZCcSIBWNCRPtNIcrNtP6HgtKWxTEEvF4EaU1abz6e-EeXYzCgJcg_Wih01xI
www.timpromos.com.br/security-platform-web/web/v1/content/view/Confirmation/br_tim/ Frame 52C4 |
51 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
255 KB 87 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
analytics.google.com/g/ |
0 254 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 254 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
www.google.com/ Redirect Chain
|
198 KB 57 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl
www.google.com/xjs/_/js/k=xjs.hd.en.r15tfw-0Tds.O/am=AAAAAAAAAAAAAAAAAAAAAAAgAAAAQAL9hEMANkAAAAAAAySAAIAARgCiUJAAYABAEPBQJgAAMAECQ2ACSBF4JwEAABNQBRAAAAAAAADBAFEAgQcEAACgAwBADEWABiQIUAAEAAAAIA8AwQEw... |
658 KB 0 |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
315 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
rs=AA2YrTvLnSTmjOk117_e95V0EKaPsslVbQ
www.gstatic.com/og/_/js/k=og.qtm.en_US.RScl3bbyirc.2019.O/rt=j/m=qabr,q_d,qcwid,qapid,qald,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
rs=AA2YrTtRVVd7Ifu6yXdUSAZNCo3PPUxNcQ
www.gstatic.com/og/_/ss/k=og.qtm.p59jgm9SRCU.L.W.O/m=qcwid/excm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/ct=zgms/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
desktop_searchbox_sprites318_hr.webp
www.google.com/images/searchbox/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- wap.dindo.com.br
- URL
- https://wap.dindo.com.br/newMobile/auth/tim/cns.css
- Domain
- wap.dindo.com.br
- URL
- https://wap.dindo.com.br/newMobile/auth/tim/header.aspx?s=25
- Domain
- analytics-br-tim.securewebfraud.io
- URL
- http://analytics-br-tim.securewebfraud.io/web/v1/content/view/Confirmation/br_tim/AQ4z3kk7ZCcSIBWNCRPtNIcrNtP6HgtKWxTEEvF4EaU1abz6e-EeXYzCgJcg_Wih01xI
- Domain
- www.google.com
- URL
- https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
- Domain
- www.gstatic.com
- URL
- https://www.gstatic.com/og/_/js/k=og.qtm.en_US.RScl3bbyirc.2019.O/rt=j/m=qabr,q_d,qcwid,qapid,qald,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTvLnSTmjOk117_e95V0EKaPsslVbQ
- Domain
- www.gstatic.com
- URL
- https://www.gstatic.com/og/_/ss/k=og.qtm.p59jgm9SRCU.L.W.O/m=qcwid/excm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/ct=zgms/rs=AA2YrTtRVVd7Ifu6yXdUSAZNCo3PPUxNcQ
- Domain
- www.google.com
- URL
- https://www.google.com/images/searchbox/desktop_searchbox_sprites318_hr.webp
Verdicts & Comments Add Verdict or Comment
25 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| dataLayer function| $ function| jQuery object| bowser function| logClient object| s string| idClick string| link function| _0xb311 function| _0x4596 function| _0x4ac69e function| rand string| fill object| _0x212f function| _0x5cb9 string| CURRENT_APP_URL string| AJAX_EVENT_ENDPOINT function| secureDMsisdnValidationFn function| prefillValues function| countryCode object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
topadvisitpro.pro/lion | Name: f7e825e1eb287f8edd169ab7f72d6c44 Value: 1 |
|
auth3.tim.com.br/ | Name: JSESSIONID Value: 4NpH6qXW8zWS4iGbbBvzie2A77JP_iJkAP55f1xZxiKlY3IiyhMI!481158243 |
|
.tim.com.br/ | Name: visid_incap_2787765 Value: clMYeBHdTNyavSs0MTxz4d8ztGUAAAAAQUIPAAAAAAA6Pl1Bl5Mx0zHAdqDbE9sc |
|
.tim.com.br/ | Name: incap_ses_8074_2787765 Value: ZUzHXvPJTlELnKhaNJ0McOEztGUAAAAAkxC1tXB7AZb2egvjbfnYTg== |
|
.tim.com.br/ | Name: _gcl_au Value: 1.1.1561436542.1706308582 |
|
.tim.com.br/ | Name: _ga Value: GA1.1.1557754923.1706308582 |
|
.tim.com.br/ | Name: _ga_B1HB0WT4GL Value: GS1.1.1706308582.1.0.1706308582.60.0.0 |
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics-br-tim.securewebfraud.io
analytics.google.com
auth3.tim.com.br
google.com
stats.g.doubleclick.net
topadvisitpro.pro
wap.dindo.com.br
www.google.com
www.googletagmanager.com
www.gstatic.com
www.timpromos.com.br
analytics-br-tim.securewebfraud.io
wap.dindo.com.br
www.google.com
www.gstatic.com
2001:4860:4802:32::181
2607:f8b0:4004:c08::9b
2607:f8b0:4004:c09::65
2607:f8b0:4004:c1b::69
2607:f8b0:4004:c1f::61
45.60.63.22
45.90.56.13
91.241.94.8
38b82be8dc970bd32e5651b51b46d5c5bdd81a1766c035bbe022f1d00ac09fce
3e75a6774ef7041083d556b2f83a816acdd398eff6add8c1867c0cea9ddf6d4b
4abd6ff5b6cf2a4fdcd226db72cd17a7403f7ac80812b7fcf752d7fd8b1b2082
646de1820a3f0a81b2aa7ea26de561e5cbab36ef8430d7bb7b7f0ab024569b40
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
71928367deed25916c0de98665f5733b47e07ae048a79a0901a48fabb9876040
7455bacb03f7ef04d79010638db14d8434cf7a349914c2ee99eb5d4220338675
88110f429325c27461fa3bc30cbba4f9244d380e5ecb6ea43cafb60f368d088a
9490d44beb42fa006a56b9c9a2d6357aaa705d3c2b422cf5d5c9ac53bf076dd9
a91a14d9348464ad7656a276ea6789cbba2aa2dcc38e0fb1f0249b3d5fdd63a3
c28f024df8df9c3553efca35b134d3bde558f9e5f85a3b052d581bef81c47c90
d67560b4eda2f71426f7aee31cd20da76b245c16e01c5335ce4c538041eded04
d8151845717c3ed76a8002136f43423e7efedc096b4f60eb7aefe62c65544eef
dfc968774223d526b5bd576d65d52926560be675eb4d289e4b50b6b2d1c4c34c
e0ef803f8bb9cbe07f2407212c2422f87d48dbd08addb5bb994c5f485b2dcc6a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f05e67abbb4c8036ae631ee4fc5a99428d5bad75fd8996dfb01c09ec6ade3a1b