Submitted URL: https://doiscoracoes.net.br/
Effective URL: https://www.doiscoracoes.net.br/
Submission Tags: phishingrod
Submission: On May 03 via api from DE — Scanned from DE

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 40 HTTP transactions. The main IP is 3.86.125.55, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.doiscoracoes.net.br.
TLS certificate: Issued by R3 on May 2nd 2023. Valid for: 3 months.
This is the only time www.doiscoracoes.net.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.6.83.27 14618 (AMAZON-AES)
1 1 34.234.176.3 14618 (AMAZON-AES)
2 3.86.125.55 14618 (AMAZON-AES)
10 2600:9000:212... 16509 (AMAZON-02)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2001:4860:480... 15169 (GOOGLE)
15 2a03:2880:f01... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f17... 32934 (FACEBOOK)
40 9
Apex Domain
Subdomains
Transfer
14 alboompro.com
bifrost.alboompro.com
alfred.alboompro.com
871 KB
13 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 680
scontent.xx.fbcdn.net — Cisco Umbrella Rank: 266
173 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
14 KB
4 doiscoracoes.net.br
doiscoracoes.net.br
www.doiscoracoes.net.br
12 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 189
89 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
21 KB
2 alboom.ninja
storage.alboom.ninja
18 MB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 166
351 B
40 8
Domain Requested by
11 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
10 bifrost.alboompro.com www.doiscoracoes.net.br
bifrost.alboompro.com
4 www.facebook.com connect.facebook.net
4 alfred.alboompro.com www.doiscoracoes.net.br
3 www.doiscoracoes.net.br 1 redirects bifrost.alboompro.com
2 scontent.xx.fbcdn.net www.facebook.com
2 connect.facebook.net www.doiscoracoes.net.br
connect.facebook.net
2 www.google-analytics.com www.doiscoracoes.net.br
www.google-analytics.com
2 storage.alboom.ninja www.doiscoracoes.net.br
1 stats.g.doubleclick.net www.google-analytics.com
1 doiscoracoes.net.br 1 redirects
40 11
Subject Issuer Validity Valid
www.doiscoracoes.net.br
R3
2023-05-02 -
2023-07-31
3 months crt.sh
*.alboompro.com
Sectigo RSA Domain Validation Secure Server CA
2023-05-02 -
2024-05-02
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-06 -
2023-06-05
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-02-09 -
2023-05-10
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.doiscoracoes.net.br/
Frame ID: F242B39468C7A4887E2D3A280DAFFFFE
Requests: 24 HTTP requests in this frame

Frame: https://www.facebook.com/v2.9/plugins/comments.php?app_id=882466608465785&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fd085335f7e48%26domain%3Dwww.doiscoracoes.net.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.doiscoracoes.net.br%252Ff237640fb7e028c%26relation%3Dparent.parent&container_width=0&count=true&height=100&href=http%3A%2F%2Fwww.doiscoracoes.net.br%2Fpost.php%3Fid%3D75282&locale=pt_BR&sdk=joey&version=v2.9&width=550
Frame ID: C77B5172FDDCBD4CC92FF71961596C49
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.9/plugins/comments.php?app_id=882466608465785&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df31082bd90100b4%26domain%3Dwww.doiscoracoes.net.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.doiscoracoes.net.br%252Ff237640fb7e028c%26relation%3Dparent.parent&container_width=0&count=true&height=100&href=http%3A%2F%2Fwww.doiscoracoes.net.br%2Fpost.php%3Fid%3D75019&locale=pt_BR&sdk=joey&version=v2.9&width=550
Frame ID: 76482EBB800D5ADCDB20387F21ECE137
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.9/plugins/comments.php?app_id=882466608465785&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df39a82286af5%26domain%3Dwww.doiscoracoes.net.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.doiscoracoes.net.br%252Ff237640fb7e028c%26relation%3Dparent.parent&container_width=0&count=true&height=100&href=http%3A%2F%2Fwww.doiscoracoes.net.br%2Fpost.php%3Fid%3D56695&locale=pt_BR&sdk=joey&version=v2.9&width=550
Frame ID: 8EDA671407E7D1390CBDCFF351017922
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.9/plugins/like_box.php?app_id=882466608465785&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2535777e39a574%26domain%3Dwww.doiscoracoes.net.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.doiscoracoes.net.br%252Ff237640fb7e028c%26relation%3Dparent.parent&color_scheme=light&container_width=410&header=false&height=300&href=https%3A%2F%2Fwww.facebook.com%2Fhttps%3A%2F%2Fwww.facebook.com%2FDois-Cora%C3%A7%C3%B5es-102324055906495%2F&locale=pt_BR&sdk=joey&show_border=false&show_faces=true&stream=false&width=360
Frame ID: 2AC9D7CEF954D4B77B94B2D1A36E5E24
Requests: 14 HTTP requests in this frame

Screenshot

Page Title

Dois Corações Filmes

Page URL History Show full URLs

  1. https://doiscoracoes.net.br/ HTTP 301
    http://www.doiscoracoes.net.br/ HTTP 302
    https://www.doiscoracoes.net.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

40
Requests

100 %
HTTPS

70 %
IPv6

8
Domains

11
Subdomains

9
IPs

3
Countries

19906 kB
Transfer

20991 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://doiscoracoes.net.br/ HTTP 301
    http://www.doiscoracoes.net.br/ HTTP 302
    https://www.doiscoracoes.net.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.doiscoracoes.net.br/
Redirect Chain
  • https://doiscoracoes.net.br/
  • http://www.doiscoracoes.net.br/
  • https://www.doiscoracoes.net.br/
55 KB
11 KB
Document
General
Full URL
https://www.doiscoracoes.net.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.86.125.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-86-125-55.compute-1.amazonaws.com
Software
nginx/1.8.1 / Boomwall v1.0
Resource Hash
cd8cde2664b9f03a07af52a71382a4582b95373486c18976524caeadea3045ba
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Age
2
Cache-Instance-Id
i-09bcdd5b4fb879f03
Content-Encoding
gzip
Content-Length
11371
Content-Type
text/html; charset=utf-8
Date
Wed, 03 May 2023 10:49:35 GMT
Hits
1
Server
nginx/1.8.1
Vary
Accept-Encoding
X-Cache
cached
X-Content-Type-Options
nosniff
X-Cookie
Deny
X-Powered-By
Boomwall v1.0

Redirect headers

Age
0
Cache-Instance-Id
i-09bcdd5b4fb879f03
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Wed, 03 May 2023 10:49:34 GMT
Hits
0
Location
https://www.doiscoracoes.net.br/
Server
nginx/1.8.1
X-Cache
uncached
X-Content-Type-Options
nosniff
X-Cookie
Deny
X-Powered-By
Boomwall v1.0
main.min.css
bifrost.alboompro.com/static/boom-v3/themes/9/dist/css/
177 KB
27 KB
Stylesheet
General
Full URL
https://bifrost.alboompro.com/static/boom-v3/themes/9/dist/css/main.min.css?v=2.8.594
Requested by
Host: www.doiscoracoes.net.br
URL: https://www.doiscoracoes.net.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:d800:b:fbb2:d080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fab3509b71083b01b8384c2b1875dfb30eeb1b4941dcd723a0f8bfee740d9725

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.doiscoracoes.net.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 12:37:55 GMT
content-encoding
gzip
via
1.1 0c8bf5614b4bcc3e76982cb7ff9a7662.cloudfront.net (CloudFront)
last-modified
Mon, 16 Aug 2021 14:34:25 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
3190301
etag
W/"db602f3c1b6e96fab661f5f5e258bad4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
CyN400rdGjIW_ZtImuOqHOHUa-9oqVd0Ovxc3_yGKY9Zcbazp8VrRQ==
webfonts.min.css
bifrost.alboompro.com/fonts/
215 KB
216 KB
Stylesheet
General
Full URL
https://bifrost.alboompro.com/fonts/webfonts.min.css?v=2.8.594
Requested by
Host: www.doiscoracoes.net.br
URL: https://www.doiscoracoes.net.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:d800:b:fbb2:d080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0f7177915dc9973169a518dc5824b8763bb1583857f36c1994a1742d2864d303

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.doiscoracoes.net.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 01:59:45 GMT
via
1.1 0c8bf5614b4bcc3e76982cb7ff9a7662.cloudfront.net (CloudFront)
last-modified
Mon, 04 May 2020 23:19:11 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
31791
etag
"91d31fbfc51612eeb0baa9279bbc6620"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
31536000
accept-ranges
bytes
content-length
220203
x-amz-cf-id
aZZ4oNtaI6uRi0vDaDBI5iKHZQtzb0tGm2Un1wcpGXca6zuXQFbAlA==
all.min.css
bifrost.alboompro.com/static/boom-v3/assets/vendors/font-awesome/5.9.0/css/
56 KB
12 KB
Stylesheet
General
Full URL
https://bifrost.alboompro.com/static/boom-v3/assets/vendors/font-awesome/5.9.0/css/all.min.css?v=2.8.594
Requested by
Host: www.doiscoracoes.net.br
URL: https://www.doiscoracoes.net.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:d800:b:fbb2:d080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a680b90260b5106d79f4075491ab31daafa7429eff686453c40b58357309649

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.doiscoracoes.net.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 00:42:08 GMT
content-encoding
gzip
via
1.1 0c8bf5614b4bcc3e76982cb7ff9a7662.cloudfront.net (CloudFront)
last-modified
Mon, 04 May 2020 23:15:35 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
8935648
etag
W/"2a0e11a7655cf7af50d9152727c134ef"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
31536000
x-amz-cf-id
5_uao5rHvgCBrfr-mSv3ZMpKrRi_PRC_g5NWzHVMw7j06A_YWLnwGg==
corao_03.png
alfred.alboompro.com/resize/width/370/height/150/quality/99/url/storage.alboom.ninja/sites/15499/img/logo/
3 KB
3 KB
Image
General
Full URL
https://alfred.alboompro.com/resize/width/370/height/150/quality/99/url/storage.alboom.ninja/sites/15499/img/logo/corao_03.png?t=1663773815
Requested by
Host: www.doiscoracoes.net.br
URL: https://www.doiscoracoes.net.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b501fc0476768f0ba061a8a5944c93dfaf020ed29e60ebe5937046018b242198

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.doiscoracoes.net.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 10:49:35 GMT
via
1.1 474733f16f494ddb794b4f7dfd7de966.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
86466
x-amz-cf-pop
FRA56-P3
cf-polished
origSize=3312, status=vary_header_present
x-cache
Hit from cloudfront
content-length
2869
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
w/"c907c3ad687be35362e0053569781c35"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gvD8sr4FufO0luI%2F%2Bq3NC4Wv3cybIvgpv9VaXOXbcq3n56H5Eq%2BraSJn0Xv%2ByESKxmyw6hMhQKHfzgswTFI4SCiGDY%2FnoAoi5D6mwkn8RfNf%2FBT8vIan24ZV6Lq%2BmVbpzoNf3dRtvl6NC4Yf5%2BpoLi7B"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
x-server
Alboom Router v2
accept-ranges
bytes
cf-ray
7c17f02c1bc33807-FRA
x-amz-cf-id
cA6XZoTHr_MAtOv0lQ68WFB0htXuiG7_yPgioz4YjTbM_xgCG6IU6g==
corao_03.png
storage.alboom.ninja/sites/15499/img/logo/
13 KB
13 KB
Image
General
Full URL
https://storage.alboom.ninja/sites/15499/img/logo/corao_03.png?t=1663773815
Requested by
Host: www.doiscoracoes.net.br
URL: https://www.doiscoracoes.net.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:496d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77ca1b997bb75175ebb65f761057581bcf49816fb5826908f90738d9762f8ac3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.doiscoracoes.net.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 10:49:35 GMT
x-amz-meta-heigth
300
via
1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
age
87946
x-amz-meta-width
300
x-amz-meta-pusher
private-user-15499
x-cache
Miss from cloudfront
x-amz-meta-path
sites/15499/img/logo/
content-length
13091
last-modified
Wed, 21 Sep 2022 15:23:36 GMT
x-amz-meta-client_id
15499
server
cloudflare
etag
"bcf59aea2aa811bae73e6a86efad8ae0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wodvwk2l%2F0rfhFsbIdpHsy3t2%2FlbamTCz6KvNqVh3%2Bkt3BQSUTIgLEZELF9Dj4bhqJ3ycUc0Mz2XViGTd7Nz%2B8H0RhmHUUKliisDr8S7WabyqIO6y9hFQk3CqaOSAK%2B7not3ycF19PdLE5vUAiufnte8"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7c17f02d3b411976-FRA
x-amz-cf-id
YyE3nU4T96ar7L3XwIz7piU412ZZsC8aIhqk3jqauejwnss3iLNNPQ==
original.svg
bifrost.alboompro.com/static/icon/whatsapp/
156 KB
102 KB
Image
General
Full URL
https://bifrost.alboompro.com/static/icon/whatsapp/original.svg
Requested by
Host: www.doiscoracoes.net.br
URL: https://www.doiscoracoes.net.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:d800:b:fbb2:d080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c960fed6f5644c2cdffa2b3250a951a73efd64bd1b6c78638fa6e8583c9ea677

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.doiscoracoes.net.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 13:07:57 GMT
content-encoding
gzip
via
1.1 0c8bf5614b4bcc3e76982cb7ff9a7662.cloudfront.net (CloudFront)
last-modified
Wed, 07 Oct 2020 19:35:28 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
2756499
etag
W/"0e878a0fa68c61b06e781cee2e6bc71f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
-5syUzf9kU-g5kncfBd_5iyhlEUyse1uaFj2K8pD_PzFf8JF68zBUw==
libj.min.js
bifrost.alboompro.com/static/boom-v3/assets/vendors/libj/2.2.4/
84 KB
30 KB
Script
General
Full URL
https://bifrost.alboompro.com/static/boom-v3/assets/vendors/libj/2.2.4/libj.min.js?v=2.8.594
Requested by
Host: www.doiscoracoes.net.br
URL: https://www.doiscoracoes.net.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:d800:b:fbb2:d080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.doiscoracoes.net.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 03:55:57 GMT
content-encoding
gzip
via
1.1 0c8bf5614b4bcc3e76982cb7ff9a7662.cloudfront.net (CloudFront)
last-modified
Mon, 04 May 2020 23:15:37 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
1407218
etag
W/"b354cc9d56a1da6b0c77604d1b153850"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
31536000
x-amz-cf-id
RTYwEbcwAFvEEwKLn4mTD0yGcjb0BvL0ihHnl8h-SgGF3gSUIfDjfQ==
main.min.js
bifrost.alboompro.com/static/boom-v3/dist/
127 KB
36 KB
Script
General
Full URL
https://bifrost.alboompro.com/static/boom-v3/dist/main.min.js?v=2.8.594
Requested by
Host: www.doiscoracoes.net.br
URL: https://www.doiscoracoes.net.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:d800:b:fbb2:d080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
672b0d6e2576404ef7e489d3c3ea12429847f48da963705b3c33241d609bf3f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.doiscoracoes.net.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 01:36:12 GMT
content-encoding
gzip
via
1.1 0c8bf5614b4bcc3e76982cb7ff9a7662.cloudfront.net (CloudFront)
last-modified
Mon, 16 Aug 2021 14:34:17 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
10055604
etag
W/"c930b1d3d55309a319d86cfd81c8b8e2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
XIqn4JvWuJMxVK-t1w_d7EAu4RtpW9XGQOue3FzUy5vabue4XkhubQ==
analytics.js
www.google-analytics.com/
51 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.doiscoracoes.net.br
URL: https://www.doiscoracoes.net.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.doiscoracoes.net.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 03 May 2023 10:35:44 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
831
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Wed, 03 May 2023 12:35:44 GMT
sdk.js
connect.facebook.net/pt_BR/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/pt_BR/sdk.js
Requested by
Host: www.doiscoracoes.net.br
URL: https://www.doiscoracoes.net.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
66ff5bc3c0dff01bbaa8f9463a82c40786d711248a481bc74bf1c0332287fb44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.doiscoracoes.net.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 03 May 2023 10:49:35 GMT
content-md5
FmEvb1w41qf0g0Tuy/A98w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
o8JxPZJKVqR6cqwmbwf+7U4jn7Rn+sRQ2ZdIDtTwNfztDvbNwlEG0XwYfmBNRLdVYzlCrUaCSLnEQLGer+E88g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
cd3f494e774edd1671d3b130df26428f
cross-origin-opener-policy
same-origin-allow-popups
etag
"a72aa048042d71b673c24a9cbda310af"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-frame-options
DENY
timing-allow-origin
*
expires
Wed, 03 May 2023 10:54:44 GMT
truncated
/
138 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
46c6aacb632eedd9e10828539c96a5d1b0031f4e262e77d83913f68f100cb21b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
Raleway-Regular.woff
bifrost.alboompro.com/fonts/Raleway/
79 KB
80 KB
Font
General
Full URL
https://bifrost.alboompro.com/fonts/Raleway/Raleway-Regular.woff
Requested by
Host: bifrost.alboompro.com
URL: https://bifrost.alboompro.com/fonts/webfonts.min.css?v=2.8.594
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:d800:b:fbb2:d080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd8b0129bc6a4b1af3737998505de672bcc61ae00899279debd9605c1c24b87f

Request headers

Referer
https://bifrost.alboompro.com/fonts/webfonts.min.css?v=2.8.594
Origin
https://www.doiscoracoes.net.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 10:49:36 GMT
via
1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
x-amz-meta-crossftp-original-file-date-iso8601
2017-04-07T19:51:21.000Z
x-amz-cf-pop
PRG50-C1
x-cache
RefreshHit from cloudfront
content-length
80892
last-modified
Mon, 04 May 2020 23:17:46 GMT
server
AmazonS3
etag
"c1317f473bbc0ffa7c190750dcd23558"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
31536000
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
TVNgSZNv9zs4D-zCcftSXzBDegXB3Ibj2fYPXV1PRBN1DudIL-X9Bg==
fa-solid-900.woff2
bifrost.alboompro.com/static/boom-v3/assets/vendors/font-awesome/5.9.0/webfonts/
74 KB
75 KB
Font
General
Full URL
https://bifrost.alboompro.com/static/boom-v3/assets/vendors/font-awesome/5.9.0/webfonts/fa-solid-900.woff2
Requested by
Host: bifrost.alboompro.com
URL: https://bifrost.alboompro.com/static/boom-v3/assets/vendors/font-awesome/5.9.0/css/all.min.css?v=2.8.594
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:d800:b:fbb2:d080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c3097237d60f42e800ebe4009c9af144bb19e5581e1c0501c7b259eee7e210c

Request headers

Referer
https://bifrost.alboompro.com/static/boom-v3/assets/vendors/font-awesome/5.9.0/css/all.min.css?v=2.8.594
Origin
https://www.doiscoracoes.net.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 10:23:50 GMT
via
1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
87946
x-cache
Hit from cloudfront
content-length
76120
last-modified
Mon, 04 May 2020 23:15:37 GMT
server
AmazonS3
etag
"55eb2a60e8181f0e68b558c991973bf0"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
31536000
vary
Origin,Access-Control-Request-Headers
accept-ranges
bytes
x-amz-cf-id
E5chuchbH4g8-w-P50A96l9RUIKehGjMD-Rq8c1Alu0jX-AvjJCypw==
Alice-Regular.woff
bifrost.alboompro.com/fonts/Alice/
65 KB
66 KB
Font
General
Full URL
https://bifrost.alboompro.com/fonts/Alice/Alice-Regular.woff
Requested by
Host: bifrost.alboompro.com
URL: https://bifrost.alboompro.com/fonts/webfonts.min.css?v=2.8.594
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:d800:b:fbb2:d080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3827e2ba88bff42e9dbbdf870d461f918ce0a5212506a94308b54ac5ac848ddc

Request headers

Referer
https://bifrost.alboompro.com/fonts/webfonts.min.css?v=2.8.594
Origin
https://www.doiscoracoes.net.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 10:49:36 GMT
via
1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
x-cache
RefreshHit from cloudfront
content-length
66632
last-modified
Mon, 04 May 2020 23:16:16 GMT
server
AmazonS3
etag
"016549954f9387d75538c8cff7a94415"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
cache-control
31536000
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
1WJdBRwTwLwwOoQAAKoHCA7F5KxCSx0dOdrtOsPsPBHFPo-Ba5VYjA==
fa-brands-400.woff2
bifrost.alboompro.com/static/boom-v3/assets/vendors/font-awesome/5.9.0/webfonts/
75 KB
75 KB
Font
General
Full URL
https://bifrost.alboompro.com/static/boom-v3/assets/vendors/font-awesome/5.9.0/webfonts/fa-brands-400.woff2
Requested by
Host: bifrost.alboompro.com
URL: https://bifrost.alboompro.com/static/boom-v3/assets/vendors/font-awesome/5.9.0/css/all.min.css?v=2.8.594
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:d800:b:fbb2:d080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
089630244600f33230010f5e04c67419ec642c5228540adb42e3fe92c631e6bf

Request headers

Referer
https://bifrost.alboompro.com/static/boom-v3/assets/vendors/font-awesome/5.9.0/css/all.min.css?v=2.8.594
Origin
https://www.doiscoracoes.net.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 10:23:50 GMT
via
1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
87946
x-cache
Hit from cloudfront
content-length
76548
last-modified
Mon, 04 May 2020 23:15:36 GMT
server
AmazonS3
etag
"067595ad77ecc0db9c81c8905a7eef32"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
31536000
vary
Origin,Access-Control-Request-Headers
accept-ranges
bytes
x-amz-cf-id
19aNKt8qx-kxVowfj2aVghJr4XbDSMFLMFKiy9oanEK1gXL16Blwpg==
insta_3.mp4
storage.alboom.ninja/sites/15499/banners/536003/
18 MB
18 MB
Media
General
Full URL
https://storage.alboom.ninja/sites/15499/banners/536003/insta_3.mp4?t=1663769520
Requested by
Host: www.doiscoracoes.net.br
URL: https://www.doiscoracoes.net.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:496d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.doiscoracoes.net.br/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 03 May 2023 10:49:35 GMT
via
1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
age
87946
x-amz-meta-pusher
private-user-15499
x-amz-meta-banner_id
536003
x-cache
Miss from cloudfront
Content-Range
bytes 0-19139656/19139657
x-amz-meta-path
sites/15499/banners/536003
Content-Length
19139657
last-modified
Wed, 21 Sep 2022 14:12:01 GMT
x-amz-meta-client_id
15499
server
cloudflare
etag
"b72d1e7bdbe2010eebc61624d0ac5df1"
x-amz-meta-action
bannerImage
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xaw1DtOjcvK05hhTUKolREqhgMN5qJOxoFormW7hSUuBuME7xggdKyPQoz9kva6I6Wy7ghypb%2BgA601kTffGpN%2F5fi4%2B5eWc%2BQHzd9fvE0kcex0vdgfVn3KWmSKxzFuXc%2BkzFeA7kf5h3%2BCFFjlHwY5W"}],"group":"cf-nel","max_age":604800}
content-type
application/mp4
cache-control
max-age=31536000
cf-ray
7c17f02d3b421976-FRA
x-amz-cf-id
2KrwS7P_aPlOvq6TObrhAqA3a9U_QJUw83U1nTBdzIwgYn6iSgJ3pw==
data
www.doiscoracoes.net.br/verify/posts/
2 B
375 B
XHR
General
Full URL
https://www.doiscoracoes.net.br/verify/posts/data
Requested by
Host: bifrost.alboompro.com
URL: https://bifrost.alboompro.com/static/boom-v3/assets/vendors/libj/2.2.4/libj.min.js?v=2.8.594
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.86.125.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-86-125-55.compute-1.amazonaws.com
Software
nginx/1.8.1 / Boomwall v1.0
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.doiscoracoes.net.br/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Wed, 03 May 2023 10:49:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx/1.8.1
Age
0
X-Powered-By
Boomwall v1.0
Vary
Accept-Encoding
Hits
0
Content-Type
application/json
Cache-Instance-Id
i-09bcdd5b4fb879f03
X-Cache
uncached
X-Cookie
Allow
Accept-Ranges
bytes
Content-Length
22
sddefault.jpg
alfred.alboompro.com/crop/width/640/height/480/type/jpeg/url/img.youtube.com/vi/TkcplQZCp6s/
29 KB
29 KB
Image
General
Full URL
https://alfred.alboompro.com/crop/width/640/height/480/type/jpeg/url/img.youtube.com/vi/TkcplQZCp6s/sddefault.jpg
Requested by
Host: www.doiscoracoes.net.br
URL: https://www.doiscoracoes.net.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caf28797e99adb5b13752a41a62c6a32f330fa7db4bce3786e71d0fbd06b2b5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.doiscoracoes.net.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 10:49:35 GMT
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
85472
x-amz-cf-pop
FRA56-P3
cf-polished
degrade=85, origSize=44465, status=vary_header_present
x-cache
Hit from cloudfront
content-length
29343
cf-bgj
imgq:85,h2pri
last-modified
Tue, 02 May 2023 11:05:03 GMT
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=veYOnBylW%2F7RnVjsi4gbZ8jqTjV8OsgF%2FofrUOMtBqLTDvumG5izt75rKD61s5tjMRi7hYm3ZG6cJsPj68MgUB7sK4liT5oiAiTovVd6cXpw3WozZAeYN0cDE9HngzzW6Tw7yqntlvvac5uVq5CY2q4o"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
x-server
Alboom Router v2
accept-ranges
bytes
cf-ray
7c17f02c5c143807-FRA
x-amz-cf-id
dOi7wPhCN01jB-M0H8jy0mozDf735t23_Ku600aZM6RFxGLz_XIh7A==
sddefault.jpg
alfred.alboompro.com/crop/width/640/height/480/type/jpeg/url/img.youtube.com/vi/HlwNECj7SEk/
70 KB
71 KB
Image
General
Full URL
https://alfred.alboompro.com/crop/width/640/height/480/type/jpeg/url/img.youtube.com/vi/HlwNECj7SEk/sddefault.jpg
Requested by
Host: www.doiscoracoes.net.br
URL: https://www.doiscoracoes.net.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab58c1cf3082230e4417602c58818ad91a0a76b23c4ec16b4b3e61bbd2992d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.doiscoracoes.net.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 10:49:35 GMT
via
1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
85472
x-amz-cf-pop
FRA56-P3
cf-polished
degrade=85, origSize=106043, status=vary_header_present
x-cache
Hit from cloudfront
content-length
72152
cf-bgj
imgq:85,h2pri
last-modified
Tue, 02 May 2023 11:05:03 GMT
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZGeY9geZm6RLy8YUqcuKAXr%2FrtcPQHTaMfJaF0aUS778K9R09fQDUQU%2F0g7R0Le7X%2BNjlNG0mQ5pewiyFDSwAcoio7OeYrXSeXfN%2Bu2EDVPjR5aSg0NqFZiHVE361TqNmwS%2F1nY8FsvtSSBTaysRdTG5"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
x-server
Alboom Router v2
accept-ranges
bytes
cf-ray
7c17f02c5c163807-FRA
x-amz-cf-id
djny5EmXaT26cC2nSDJJXsrNvR75dFjLHF2TJWI35zl4xrH88i5owg==
sddefault.jpg
alfred.alboompro.com/crop/width/640/height/480/type/jpeg/url/img.youtube.com/vi/1nwwu-YbLbU/
48 KB
48 KB
Image
General
Full URL
https://alfred.alboompro.com/crop/width/640/height/480/type/jpeg/url/img.youtube.com/vi/1nwwu-YbLbU/sddefault.jpg
Requested by
Host: www.doiscoracoes.net.br
URL: https://www.doiscoracoes.net.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13e10e4e9fee5756fc511943319d1b73924e249d6562406962f743bfd42af641

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.doiscoracoes.net.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 10:49:35 GMT
via
1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
85472
x-amz-cf-pop
FRA56-P3
cf-polished
degrade=85, origSize=73571, status=vary_header_present
x-cache
Hit from cloudfront
content-length
49125
cf-bgj
imgq:85,h2pri
last-modified
Tue, 02 May 2023 11:05:03 GMT
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zg1ru1jjQ13Y9ygYKJWifyqTzOaDrwUwpgqqTbywHooEsyMRxtjlQwHoV3Dq5P0mAB%2FgQHz%2Bhw3qONbwGT8ddEtxZO4EdmbfUKhC5ptrpb5iJmiPlJJoA7lTH0f1GjivXRDorIqewCVo2LFASR0cgm5c"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
x-server
Alboom Router v2
accept-ranges
bytes
cf-ray
7c17f02c5c183807-FRA
x-amz-cf-id
5UnUUvA2Pef-cq6Z6JARTE_rG1qnzSFNMDzcN7lRsW-j3VTNs5aiqg==
collect
www.google-analytics.com/j/
4 B
214 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=2143567513&t=pageview&_s=1&dl=https%3A%2F%2Fwww.doiscoracoes.net.br%2F&ul=en-us&de=UTF-8&dt=Dois%20Cora%C3%A7%C3%B5es%20Filmes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=480590956&gjid=1380419426&cid=1720582941.1683110975&tid=UA-63230122-4&_gid=1436743469.1683110975&_r=1&_slc=1&z=332822858
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.doiscoracoes.net.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 May 2023 10:49:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.doiscoracoes.net.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/pt_BR/
306 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/pt_BR/sdk.js?hash=80c824a0704d734894ca81081ce79c2f
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
60e8579669ad0e12b0f73f2310663dd7a5bd718c0ae5e5ddf15459aacdbd7c78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.doiscoracoes.net.br/
Origin
https://www.doiscoracoes.net.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 03 May 2023 10:49:35 GMT
content-md5
xDRjo75JxBRLWg3v2D7+Xw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88684
x-fb-rlafr
0
x-fb-debug
kXFGu4O/Z8DYldbkj1q9TUAnB0dm01GXBbH2PlSrIpatAvp9TMKHc1N1JVMAHK1Sz6TP7SJPHfhv44GrfyQGUw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
8d718e0bbaf9fcdd7d439a62bcf19dd6
cross-origin-opener-policy
same-origin-allow-popups
etag
"539e3a277115917e1b2aed942467ec87"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Thu, 02 May 2024 09:49:59 GMT
collect
stats.g.doubleclick.net/j/
1 B
351 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-63230122-4&cid=1720582941.1683110975&jid=480590956&gjid=1380419426&_gid=1436743469.1683110975&_u=IEBAAEAAAAAAACAAI~&z=1731850835
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.doiscoracoes.net.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 03 May 2023 10:49:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.doiscoracoes.net.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
comments.php
www.facebook.com/v2.9/plugins/ Frame C77B
0
0
Document
General
Full URL
https://www.facebook.com/v2.9/plugins/comments.php?app_id=882466608465785&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fd085335f7e48%26domain%3Dwww.doiscoracoes.net.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.doiscoracoes.net.br%252Ff237640fb7e028c%26relation%3Dparent.parent&container_width=0&count=true&height=100&href=http%3A%2F%2Fwww.doiscoracoes.net.br%2Fpost.php%3Fid%3D75282&locale=pt_BR&sdk=joey&version=v2.9&width=550
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=80c824a0704d734894ca81081ce79c2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.doiscoracoes.net.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 03 May 2023 10:49:36 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options
nosniff
x-fb-debug
Q1QOp87KWHwItt27b+28TqqnVzSelbqq7GdKBLnnROdVLaXE49lPn1uvT8KqJeYca8QLdgV0Ua5JnoV0MtH7Uw==
x-frame-options
DENY
x-xss-protection
0
comments.php
www.facebook.com/v2.9/plugins/ Frame 7648
0
0
Document
General
Full URL
https://www.facebook.com/v2.9/plugins/comments.php?app_id=882466608465785&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df31082bd90100b4%26domain%3Dwww.doiscoracoes.net.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.doiscoracoes.net.br%252Ff237640fb7e028c%26relation%3Dparent.parent&container_width=0&count=true&height=100&href=http%3A%2F%2Fwww.doiscoracoes.net.br%2Fpost.php%3Fid%3D75019&locale=pt_BR&sdk=joey&version=v2.9&width=550
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=80c824a0704d734894ca81081ce79c2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.doiscoracoes.net.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 03 May 2023 10:49:36 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options
nosniff
x-fb-debug
rUOD5Ts5EI6WHu1SKCnnI6PRl3ZuYYsKeXylhFt+FrAOKViDkFjP3qZ+1Ad6zB4LZyRdY+6umygNB/IX34di/A==
x-frame-options
DENY
x-xss-protection
0
comments.php
www.facebook.com/v2.9/plugins/ Frame 8EDA
0
0
Document
General
Full URL
https://www.facebook.com/v2.9/plugins/comments.php?app_id=882466608465785&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df39a82286af5%26domain%3Dwww.doiscoracoes.net.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.doiscoracoes.net.br%252Ff237640fb7e028c%26relation%3Dparent.parent&container_width=0&count=true&height=100&href=http%3A%2F%2Fwww.doiscoracoes.net.br%2Fpost.php%3Fid%3D56695&locale=pt_BR&sdk=joey&version=v2.9&width=550
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=80c824a0704d734894ca81081ce79c2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.doiscoracoes.net.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 03 May 2023 10:49:36 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options
nosniff
x-fb-debug
ZBC87mYgeDBqtRGBy80HMCLPhsgzeziHpdFnoniJHOvp5H1eVATQDpK17dfybiaeaIHesZc4WOVAFQcuV2eppQ==
x-frame-options
DENY
x-xss-protection
0
like_box.php
www.facebook.com/v2.9/plugins/ Frame 2AC9
43 KB
14 KB
Document
General
Full URL
https://www.facebook.com/v2.9/plugins/like_box.php?app_id=882466608465785&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2535777e39a574%26domain%3Dwww.doiscoracoes.net.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.doiscoracoes.net.br%252Ff237640fb7e028c%26relation%3Dparent.parent&color_scheme=light&container_width=410&header=false&height=300&href=https%3A%2F%2Fwww.facebook.com%2Fhttps%3A%2F%2Fwww.facebook.com%2FDois-Cora%C3%A7%C3%B5es-102324055906495%2F&locale=pt_BR&sdk=joey&show_border=false&show_faces=true&stream=false&width=360
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=80c824a0704d734894ca81081ce79c2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7926674b670191ca2fba539e332528707600b96e85365c3178f74ca08a11b459
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.doiscoracoes.net.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 03 May 2023 10:49:36 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v10.0
origin-agent-cluster
?0
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
h1PJL2l9mq12y0VUXJKOmppW73QWJTShlbcTQMjTeF/QeXZB9ZFf+tW1ozbc1IXClosBlLQgdk1Iqre80UIr7Q==
x-fb-rlafr
0
x-xss-protection
0
QqryG7ksrg0.css
static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/ Frame 2AC9
21 KB
6 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/QqryG7ksrg0.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.9/plugins/like_box.php?app_id=882466608465785&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2535777e39a574%26domain%3Dwww.doiscoracoes.net.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.doiscoracoes.net.br%252Ff237640fb7e028c%26relation%3Dparent.parent&color_scheme=light&container_width=410&header=false&height=300&href=https%3A%2F%2Fwww.facebook.com%2Fhttps%3A%2F%2Fwww.facebook.com%2FDois-Cora%C3%A7%C3%B5es-102324055906495%2F&locale=pt_BR&sdk=joey&show_border=false&show_faces=true&stream=false&width=360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
20d70f7a45249c38a3e6c6d5d9dd99758f5201f8950ccf8e9beed05c003e26ce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 10:49:36 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
1oiV3jH9zE4818Mt+BcI+Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5281
x-fb-rlafr
0
x-fb-debug
fXcbmMgH8G8KD3XvpGXyK27iK9MpxPz+SHv8Lq4q21pl9B30yKUUtexFs30YQvnZGfFtUlTVRDlSRyqop0FlQA==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 02 May 2024 02:37:48 GMT
k9frVvgZWTr.css
static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/ Frame 2AC9
2 KB
1 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/k9frVvgZWTr.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.9/plugins/like_box.php?app_id=882466608465785&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2535777e39a574%26domain%3Dwww.doiscoracoes.net.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.doiscoracoes.net.br%252Ff237640fb7e028c%26relation%3Dparent.parent&color_scheme=light&container_width=410&header=false&height=300&href=https%3A%2F%2Fwww.facebook.com%2Fhttps%3A%2F%2Fwww.facebook.com%2FDois-Cora%C3%A7%C3%B5es-102324055906495%2F&locale=pt_BR&sdk=joey&show_border=false&show_faces=true&stream=false&width=360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 10:49:36 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
q6bCky1+00PrRbx3auADnQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
833
x-fb-rlafr
0
x-fb-debug
Om14dNxFW+BghtR8VuV7/zFfYzKJLt0P7nXIKeW9XXUOA8hTcYVZeyKsLvz4AmRsD3rvQjblP49I0/pyXlgVqw==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 24 Apr 2024 19:35:04 GMT
BWAw9Os-g2M.js
static.xx.fbcdn.net/rsrc.php/v3/y3/r/ Frame 2AC9
305 KB
80 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/BWAw9Os-g2M.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.9/plugins/like_box.php?app_id=882466608465785&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2535777e39a574%26domain%3Dwww.doiscoracoes.net.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.doiscoracoes.net.br%252Ff237640fb7e028c%26relation%3Dparent.parent&color_scheme=light&container_width=410&header=false&height=300&href=https%3A%2F%2Fwww.facebook.com%2Fhttps%3A%2F%2Fwww.facebook.com%2FDois-Cora%C3%A7%C3%B5es-102324055906495%2F&locale=pt_BR&sdk=joey&show_border=false&show_faces=true&stream=false&width=360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
992c5e398f3092e2be5c546c589c4c5d91c20490e78d2f215f76fe2fc48ef592
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 10:49:36 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
qLXsFV/3MWcOco6vl8TBow==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
81761
x-fb-rlafr
0
x-fb-debug
NBztPNSiP+ThQXFW5f4ptPrLaqTgcLtg2+aL+IY14b1wm7lnx0ZRBX3iboK6nQptrwT7Vgs6ucR+Y/nDara9Pg==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 25 Apr 2024 19:52:21 GMT
r4a3QRhOoun.js
static.xx.fbcdn.net/rsrc.php/v3/yM/r/ Frame 2AC9
5 KB
2 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/r4a3QRhOoun.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.9/plugins/like_box.php?app_id=882466608465785&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2535777e39a574%26domain%3Dwww.doiscoracoes.net.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.doiscoracoes.net.br%252Ff237640fb7e028c%26relation%3Dparent.parent&color_scheme=light&container_width=410&header=false&height=300&href=https%3A%2F%2Fwww.facebook.com%2Fhttps%3A%2F%2Fwww.facebook.com%2FDois-Cora%C3%A7%C3%B5es-102324055906495%2F&locale=pt_BR&sdk=joey&show_border=false&show_faces=true&stream=false&width=360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e9e69e15d6ef8ea1c7a0590b19efa29323f4ba40f3af0bcfc665f1c35ca50c8d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 10:49:36 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
7Z5vEhjBpZ5QNJQY63PI5A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1755
x-fb-rlafr
0
x-fb-debug
i+8KPJIDb45H1hUQS6ueD+2MuAoKeL9xxYA85n1XGtMvyNVavmaFbeb79ELHs+YuLgSUhE00KV8nBOrhZyN9EA==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 20 Apr 2024 08:22:36 GMT
RQfORQ1J0bX.js
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame 2AC9
57 KB
18 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/RQfORQ1J0bX.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.9/plugins/like_box.php?app_id=882466608465785&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2535777e39a574%26domain%3Dwww.doiscoracoes.net.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.doiscoracoes.net.br%252Ff237640fb7e028c%26relation%3Dparent.parent&color_scheme=light&container_width=410&header=false&height=300&href=https%3A%2F%2Fwww.facebook.com%2Fhttps%3A%2F%2Fwww.facebook.com%2FDois-Cora%C3%A7%C3%B5es-102324055906495%2F&locale=pt_BR&sdk=joey&show_border=false&show_faces=true&stream=false&width=360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6cfbd2099728d1c7d9bcad2e546ac0c9f98fb133209cd064d968eaab7d66c0dd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 10:49:36 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
/p690gXlQ1beFu4KEOcmEA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
17967
x-fb-rlafr
0
x-fb-debug
zdNUb8e8rvhJ6Cup4QHxye1bgwRZjHz9Eh4z9AOLeV5FkfWwbfXSrb0X2J+9irSRhN105ZSo8ha88noFcbXd7g==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Tue, 30 Apr 2024 10:14:58 GMT
q55PMpzZgkW.js
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame 2AC9
55 KB
17 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/q55PMpzZgkW.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.9/plugins/like_box.php?app_id=882466608465785&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2535777e39a574%26domain%3Dwww.doiscoracoes.net.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.doiscoracoes.net.br%252Ff237640fb7e028c%26relation%3Dparent.parent&color_scheme=light&container_width=410&header=false&height=300&href=https%3A%2F%2Fwww.facebook.com%2Fhttps%3A%2F%2Fwww.facebook.com%2FDois-Cora%C3%A7%C3%B5es-102324055906495%2F&locale=pt_BR&sdk=joey&show_border=false&show_faces=true&stream=false&width=360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f7cf499374cfb2383a6986a2195b4167801dc98421d3fecfb4a86fdd08734a2e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 10:49:36 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
4bPG9qP7lYdgXiSXb3qODg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
17489
x-fb-rlafr
0
x-fb-debug
5b2Pxul1vHGTqv+XtFY905F7cndxlkmxG69jg3qQr2fkaC4p2VSKv61k3CpZKFnjMXannU/jfNRR/j05lkMC2Q==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 02 May 2024 02:49:48 GMT
Mmv4MP8w1zQ.js
static.xx.fbcdn.net/rsrc.php/v3iM-F4/yS/l/pt_BR/ Frame 2AC9
75 KB
22 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iM-F4/yS/l/pt_BR/Mmv4MP8w1zQ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.9/plugins/like_box.php?app_id=882466608465785&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2535777e39a574%26domain%3Dwww.doiscoracoes.net.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.doiscoracoes.net.br%252Ff237640fb7e028c%26relation%3Dparent.parent&color_scheme=light&container_width=410&header=false&height=300&href=https%3A%2F%2Fwww.facebook.com%2Fhttps%3A%2F%2Fwww.facebook.com%2FDois-Cora%C3%A7%C3%B5es-102324055906495%2F&locale=pt_BR&sdk=joey&show_border=false&show_faces=true&stream=false&width=360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a068d1dd56dedca56a61758237d98a14ce79d5e704a3b520d95818c5dc303303
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 10:49:36 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
7Di5cxYomzuZNV11RWv1Iw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
22182
x-fb-rlafr
0
x-fb-debug
ibMOyBsC02Ij3ZVwB/g0md3tZ+bcqZEyaLwgowkT1sUwqGU8tSmOhI1W8Br4ycCFx/XszpPFWZDKahI7M/TLYQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Mon, 29 Apr 2024 18:10:42 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 2AC9
507 B
486 B
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.9/plugins/like_box.php?app_id=882466608465785&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2535777e39a574%26domain%3Dwww.doiscoracoes.net.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.doiscoracoes.net.br%252Ff237640fb7e028c%26relation%3Dparent.parent&color_scheme=light&container_width=410&header=false&height=300&href=https%3A%2F%2Fwww.facebook.com%2Fhttps%3A%2F%2Fwww.facebook.com%2FDois-Cora%C3%A7%C3%B5es-102324055906495%2F&locale=pt_BR&sdk=joey&show_border=false&show_faces=true&stream=false&width=360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 10:49:36 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L5E9gSgR735vyjAzTFly4g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
293
x-fb-rlafr
0
x-fb-debug
C2s7rWlokynMi9AYR+yoZO6NgcxQkoTkEAhGY3qbBsCRFfHHYNck47wXdkHUHyQn1yOXLNtT2ANIYcxjbHScmA==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Tue, 23 Apr 2024 21:11:07 GMT
308021277_126739756798258_671183925555956238_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame 2AC9
12 KB
12 KB
Image
General
Full URL
https://scontent.xx.fbcdn.net/v/t39.30808-6/308021277_126739756798258_671183925555956238_n.jpg?stp=dst-jpg_p240x240&_nc_cat=105&ccb=1-7&_nc_sid=dd9801&_nc_ohc=Nd0NevF5aaYAX9Xu77D&_nc_ht=scontent.xx&edm=AGVn53UEAAAA&oh=00_AfDlKak2Ie3X6hnOOUXtsD8pJIVYLucyrTaXD9CUT8USjQ&oe=6457BD97
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.9/plugins/like_box.php?app_id=882466608465785&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2535777e39a574%26domain%3Dwww.doiscoracoes.net.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.doiscoracoes.net.br%252Ff237640fb7e028c%26relation%3Dparent.parent&color_scheme=light&container_width=410&header=false&height=300&href=https%3A%2F%2Fwww.facebook.com%2Fhttps%3A%2F%2Fwww.facebook.com%2FDois-Cora%C3%A7%C3%B5es-102324055906495%2F&locale=pt_BR&sdk=joey&show_border=false&show_faces=true&stream=false&width=360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d45b6c809a24864449b8f9c3d16bb726f4e0c0bcc64671e8535e5e99088294f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 10:49:36 GMT
x-fb-trip-id
1679558926
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Wed, 21 Sep 2022 13:44:27 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=1530857718
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
773568372
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
12262
294402410_102324152573152_1727949642337202302_n.png
scontent.xx.fbcdn.net/v/t39.30808-1/ Frame 2AC9
2 KB
2 KB
Image
General
Full URL
https://scontent.xx.fbcdn.net/v/t39.30808-1/294402410_102324152573152_1727949642337202302_n.png?stp=cp0_dst-png_p50x50&_nc_cat=105&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=Cm_sITdRGh0AX_UMI2k&_nc_ht=scontent.xx&edm=AGVn53UEAAAA&oh=00_AfDBSCdj7eXNSHAYwVIKagkSPl1ZOwRaicddXGts4UHkxw&oe=6457B51B
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.9/plugins/like_box.php?app_id=882466608465785&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2535777e39a574%26domain%3Dwww.doiscoracoes.net.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.doiscoracoes.net.br%252Ff237640fb7e028c%26relation%3Dparent.parent&color_scheme=light&container_width=410&header=false&height=300&href=https%3A%2F%2Fwww.facebook.com%2Fhttps%3A%2F%2Fwww.facebook.com%2FDois-Cora%C3%A7%C3%B5es-102324055906495%2F&locale=pt_BR&sdk=joey&show_border=false&show_faces=true&stream=false&width=360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
21372b5c06aedc55d8dcd9e400d9c1a078a945f16dece7f4cb1e7c22160fdab1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-haystack-needlechecksum
2084102156
date
Wed, 03 May 2023 10:49:36 GMT
x-fb-trip-id
1679558926
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Fri, 22 Jul 2022 22:39:36 GMT
content-type
image/png
access-control-allow-origin
*
content-digest
adler32=3154242423
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3791215090
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
2061
UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 2AC9
573 B
628 B
Image
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/QqryG7ksrg0.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/QqryG7ksrg0.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 10:49:36 GMT
x-content-type-options
nosniff
content-md5
07aG/2AEtDHVAZ5LUajMDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
573
x-fb-rlafr
0
x-fb-debug
Yyj51PZSmuh2dLbk+7SFwXSPxKvylG0zgazjcfbzuA0OtVujYPkhO1e7FnKDvPVx7Y9GxzYpZ8lUDVOlL/a5ZQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1,i
expires
Fri, 26 Apr 2024 00:31:28 GMT
nuY4ZVhpy0_.js
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame 2AC9
26 KB
9 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/nuY4ZVhpy0_.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/BWAw9Os-g2M.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1c74d397a06345c6350c59bb8d38df59a103a1c572d42d8e5c59ce5d5d48f032
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 10:49:36 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
8wHSoMosnFObbNhwLLWyVA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
8696
x-fb-rlafr
0
x-fb-debug
MXTyl+AnO4jdehKNtRLCSjHPiaVru11P6S549TXcm9RagWgu5PwOqPjvlphUayFhJBC3ktDODJvsKr9SX8XCIg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Wed, 01 May 2024 15:46:11 GMT
ylIxp4x2cRp.js
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame 2AC9
10 KB
3 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/ylIxp4x2cRp.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/BWAw9Os-g2M.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f8df478f9d18731bad6e5d69751e2f355290c791a15ad936c32dc8cee40e5b3c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 03 May 2023 10:49:36 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
X1OO+7TNJ0JdFLN97TnLOA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3518
x-fb-rlafr
0
x-fb-debug
8rBnevSb415MYN838ThYjSfm40d5Uy/h/S1KPYfsVBDyIPsy8SnScOt+e2ufCteL4e3uyF4RdEUDUZVNNhwAiA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Wed, 01 May 2024 15:46:11 GMT

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| credentialless string| GoogleAnalyticsObject function| ga number| templateId function| $ function| jQuery function| debounce function| throttle function| isObject function| isObjectLike function| isSymbol function| toNumber function| ExecOnBlogV2 object| Boom function| _extends function| _typeof string| FUNC_ERROR_TEXT number| NAN string| symbolTag object| reTrim object| reIsBadHex object| reIsBinary object| reIsOctal function| freeParseInt boolean| freeGlobal object| freeSelf object| root object| objectProto function| objectToString function| nativeMax function| nativeMin function| now function| LazyLoad function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry object| Modernizr object| SliderParallax function| handleContactSubType object| OwlDefaults object| css object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| FB object| $el object| __buffer

3 Cookies

Domain/Path Name / Value
.doiscoracoes.net.br/ Name: _ga
Value: GA1.3.1720582941.1683110975
.doiscoracoes.net.br/ Name: _gid
Value: GA1.3.1436743469.1683110975
.doiscoracoes.net.br/ Name: _gat_Alboom
Value: 1

3 Console Messages

Source Level URL
Text
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alfred.alboompro.com
bifrost.alboompro.com
connect.facebook.net
doiscoracoes.net.br
scontent.xx.fbcdn.net
static.xx.fbcdn.net
stats.g.doubleclick.net
storage.alboom.ninja
www.doiscoracoes.net.br
www.facebook.com
www.google-analytics.com
2001:4860:4802:38::178
2600:9000:2127:d800:b:fbb2:d080:93a1
2606:4700:20::ac43:496d
2606:4700:20::ac43:4aa5
2a00:1450:400c:c07::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.86.125.55
34.234.176.3
52.6.83.27
089630244600f33230010f5e04c67419ec642c5228540adb42e3fe92c631e6bf
0f7177915dc9973169a518dc5824b8763bb1583857f36c1994a1742d2864d303
13e10e4e9fee5756fc511943319d1b73924e249d6562406962f743bfd42af641
1c74d397a06345c6350c59bb8d38df59a103a1c572d42d8e5c59ce5d5d48f032
20d70f7a45249c38a3e6c6d5d9dd99758f5201f8950ccf8e9beed05c003e26ce
21372b5c06aedc55d8dcd9e400d9c1a078a945f16dece7f4cb1e7c22160fdab1
2c3097237d60f42e800ebe4009c9af144bb19e5581e1c0501c7b259eee7e210c
3827e2ba88bff42e9dbbdf870d461f918ce0a5212506a94308b54ac5ac848ddc
46c6aacb632eedd9e10828539c96a5d1b0031f4e262e77d83913f68f100cb21b
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
60e8579669ad0e12b0f73f2310663dd7a5bd718c0ae5e5ddf15459aacdbd7c78
66ff5bc3c0dff01bbaa8f9463a82c40786d711248a481bc74bf1c0332287fb44
672b0d6e2576404ef7e489d3c3ea12429847f48da963705b3c33241d609bf3f4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cfbd2099728d1c7d9bcad2e546ac0c9f98fb133209cd064d968eaab7d66c0dd
77ca1b997bb75175ebb65f761057581bcf49816fb5826908f90738d9762f8ac3
7926674b670191ca2fba539e332528707600b96e85365c3178f74ca08a11b459
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
992c5e398f3092e2be5c546c589c4c5d91c20490e78d2f215f76fe2fc48ef592
9a680b90260b5106d79f4075491ab31daafa7429eff686453c40b58357309649
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
a068d1dd56dedca56a61758237d98a14ce79d5e704a3b520d95818c5dc303303
ab58c1cf3082230e4417602c58818ad91a0a76b23c4ec16b4b3e61bbd2992d59
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b501fc0476768f0ba061a8a5944c93dfaf020ed29e60ebe5937046018b242198
c960fed6f5644c2cdffa2b3250a951a73efd64bd1b6c78638fa6e8583c9ea677
caf28797e99adb5b13752a41a62c6a32f330fa7db4bce3786e71d0fbd06b2b5a
cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b
cd8b0129bc6a4b1af3737998505de672bcc61ae00899279debd9605c1c24b87f
cd8cde2664b9f03a07af52a71382a4582b95373486c18976524caeadea3045ba
d45b6c809a24864449b8f9c3d16bb726f4e0c0bcc64671e8535e5e99088294f7
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e9e69e15d6ef8ea1c7a0590b19efa29323f4ba40f3af0bcfc665f1c35ca50c8d
f7cf499374cfb2383a6986a2195b4167801dc98421d3fecfb4a86fdd08734a2e
f8df478f9d18731bad6e5d69751e2f355290c791a15ad936c32dc8cee40e5b3c
fab3509b71083b01b8384c2b1875dfb30eeb1b4941dcd723a0f8bfee740d9725
fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46