urlscan.io logo urlscan.io
SecurityTrails logo

boa.vivamaisleve.online Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.boa.vivamaisleve.online/
Effective URL: https://boa.vivamaisleve.online/
Submission: On October 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 8 domains to perform 25 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is boa.vivamaisleve.online.
TLS certificate: Issued by WE1 on September 16th 2024. Valid for: 3 months.
This is the only time boa.vivamaisleve.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 158.220.116.6 51167 (CONTABO)
10 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:9000:214... 16509 (AMAZON-02)
1 18.66.102.51 16509 (AMAZON-02)
1 13.32.27.19 16509 (AMAZON-02)
1 172.67.74.152 13335 (CLOUDFLAR...)
1 2607:f2d8:1:3... 18450 (WEBNX)
2 18.229.197.58 16509 (AMAZON-02)
2 157.240.253.1 32934 (FACEBOOK)
2 2a03:2880:f17... 32934 (FACEBOOK)
25 12
1    158.220.116.6 (Düsseldorf, Germany)

ASN51167 (CONTABO, DE)
PTR: mail.edicoes4m.com
www.boa.vivamaisleve.online
10    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
boa.vivamaisleve.online
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2600:9000:214f:5400:1e:2dac:2040:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.utmify.com.br
1    18.66.102.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-51.fra56.r.cloudfront.net
static.hotjar.com
1    13.32.27.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-19.fra56.r.cloudfront.net
script.hotjar.com
1    172.67.74.152 (United States)

ASN13335 (CLOUDFLARENET, US)
api.ipify.org
1    2607:f2d8:1:3c::4 (United States)

ASN18450 (WEBNX, US)
api6.ipify.org
2    18.229.197.58 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-229-197-58.sa-east-1.compute.amazonaws.com
tracking.utmify.com.br
2    157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net
connect.facebook.net
2    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
11 vivamaisleve.online
www.boa.vivamaisleve.online
boa.vivamaisleve.online
55 KB
4 utmify.com.br
cdn.utmify.com.br — Cisco Umbrella Rank: 412306
tracking.utmify.com.br — Cisco Umbrella Rank: 521667
14 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
71 KB
2 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2041
api6.ipify.org — Cisco Umbrella Rank: 27985
376 B
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 877
script.hotjar.com — Cisco Umbrella Rank: 1177
61 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 311
7 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
2 KB
25 8
Domain Requested by
10 boa.vivamaisleve.online boa.vivamaisleve.online
2 www.facebook.com
2 connect.facebook.net cdn.utmify.com.br
connect.facebook.net
2 tracking.utmify.com.br cdn.utmify.com.br
2 cdn.utmify.com.br boa.vivamaisleve.online
1 api6.ipify.org cdn.utmify.com.br
1 api.ipify.org cdn.utmify.com.br
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com boa.vivamaisleve.online
1 cdn.jsdelivr.net boa.vivamaisleve.online
1 fonts.googleapis.com boa.vivamaisleve.online
1 www.boa.vivamaisleve.online 1 redirects
25 12

This site contains no links.

Subject Issuer Validity Valid
vivamaisleve.online
WE1		 2024-09-16 -
2024-12-15		 3 months crt.sh
upload.video.google.com
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh
cdn.utmify.com.br
Amazon RSA 2048 M02		 2024-09-13 -
2025-10-12		 a year crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
ipify.org
WE1		 2024-09-15 -
2024-12-14		 3 months crt.sh
*.ipify.org
RapidSSL TLS RSA CA G1		 2024-02-08 -
2025-03-10		 a year crt.sh
tracking.utmify.com.br
Amazon RSA 2048 M02		 2024-08-31 -
2025-09-29		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-07-12 -
2024-10-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://boa.vivamaisleve.online/
Frame ID: C680E3EDCF519CA379A3E374EAD0203C
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

aprender

Page URL History Show full URLs

  1. https://www.boa.vivamaisleve.online/ HTTP 301
    https://boa.vivamaisleve.online/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

25
Requests

96 %
HTTPS

50 %
IPv6

8
Domains

12
Subdomains

12
IPs

3
Countries

213 kB
Transfer

993 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.boa.vivamaisleve.online/ HTTP 301
    https://boa.vivamaisleve.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
boa.vivamaisleve.online/
Redirect Chain
  • https://www.boa.vivamaisleve.online/
  • https://boa.vivamaisleve.online/
45 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://boa.vivamaisleve.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c18c262e536eaa5acb163c11df785bc60d443fc6deb1beabf9968fb13c11cd5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8ccd675c4d7ed266-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 03 Oct 2024 13:50:52 GMT
link
<https://boa.vivamaisleve.online/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0qhbEWFVdHp%2BhmyEZI6BzNXlbL%2BzyAPYmhG%2Fc7SUaxvPAoBBAt%2BF8Kk1cNA6KQcWeUgKhsX%2FcCbw89tDOrnSKRDJyH7lp%2BaZg5b2gGBNle0fLIMD%2FsjGpKcZOYG9C0pCT4tEvZOJ8ZxOeN2FICQEsHm3tJUBzg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding
x-litespeed-cache
hit

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 03 Oct 2024 13:50:52 GMT
location
https://boa.vivamaisleve.online/
server
LiteSpeed
x-litespeed-cache
miss
x-litespeed-cache-control
public,max-age=604800
x-litespeed-tag
a57_HTTP.200,a57_HTTP.301,a57_home,a57_URL.6666cd76f96956469e7be39d750cc7d9,a57_F,a57_
x-redirect-by
WordPress
speculation
boa.vivamaisleve.online/cdn-cgi/ 		128 B
486 B 		Other
General
Check archive.org
Download Go to
Full URL
https://boa.vivamaisleve.online/cdn-cgi/speculation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://boa.vivamaisleve.online
Referer
https://boa.vivamaisleve.online/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iF5bTNH2IINGStp0C1XQE3t6GN7d7Pn4Gow%2FUTyflmuJHa9rutJOiQxJMfQxF2L0DRXQwKDHf%2Fv6vZHDV4UyZd9z2D7mPAWJoOeWJJ222h%2BOUio0AfLmRQwepf2aiAMRVm3g9HakimzU0XHzbanoYLf%2Bg0Rbiw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ccd675cffe7d266-FRA
access-control-allow-origin
https://boa.vivamaisleve.online
content-length
128
date
Thu, 03 Oct 2024 13:50:52 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
style.css
boa.vivamaisleve.online/wp-content/plugins/html5-audio-player/assets/css/ 		1 KB
705 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://boa.vivamaisleve.online/wp-content/plugins/html5-audio-player/assets/css/style.css?ver=1727486097
Requested by
Host: boa.vivamaisleve.online
URL: https://boa.vivamaisleve.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f5367b010068e0dac77f6edfc91602726dc2f7455c2bb7bcb1ac101416a185d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://boa.vivamaisleve.online/

Response headers

cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"4a1-66a98cfc-37bb36;br"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TU3UAZ1EuCRMhzLaiGuf%2FyCRWGgzqkTAgxyEmcUj5j2fdXU1QhCfj2GsXIUtLvyQoY4gB%2BbLEdeLhwkgQ948JQ3jWxYs1P36YNnLSvGKZ5qlEg7uOzvNBOtvjDu4xnJsGk992nu%2FWnoCvqv%2FZDoXKcFhLXxv6g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ccd675cffcfd266-FRA
expires
Thu, 10 Oct 2024 13:50:52 GMT
date
Thu, 03 Oct 2024 13:50:52 GMT
content-type
text/css
last-modified
Wed, 31 Jul 2024 01:01:48 GMT
vary
Accept-Encoding
server
cloudflare
frontend-lite.min.css
boa.vivamaisleve.online/wp-content/plugins/elementor/assets/css/ 		206 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://boa.vivamaisleve.online/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.23.3
Requested by
Host: boa.vivamaisleve.online
URL: https://boa.vivamaisleve.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8622883baa82b071ef2e8d06622d33bb94a51d2dd0bfffc0c08df7ea80105769

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://boa.vivamaisleve.online/

Response headers

cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"3397f-66a98e69-37bf4f;br"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JAiwyA%2FsadzyhSsvwV65uCylSGX%2B3LOPa1d4b1k5RDS%2FNBP9l00fheus5PyXfFe2wr13278MeRPdy02pwgfDVSutj5aDTzyjH1f%2Fro4pRNKCU7UKMvFVDm3Qd46cOVuL06xidiLVyHxievlG02UKTEnbME5KmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ccd675cffd7d266-FRA
expires
Thu, 10 Oct 2024 13:50:52 GMT
date
Thu, 03 Oct 2024 13:50:53 GMT
content-type
text/css
last-modified
Wed, 31 Jul 2024 01:07:53 GMT
vary
Accept-Encoding
server
cloudflare
swiper.min.css
boa.vivamaisleve.online/wp-content/plugins/elementor/assets/lib/swiper/v8/css/ 		16 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://boa.vivamaisleve.online/wp-content/plugins/elementor/assets/lib/swiper/v8/css/swiper.min.css?ver=8.4.5
Requested by
Host: boa.vivamaisleve.online
URL: https://boa.vivamaisleve.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c57e64fcb72bddafa9c38de574441c3e69ac6c961df96b0cad34da83658bd196

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://boa.vivamaisleve.online/

Response headers

cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"4057-66a98e69-37c123;br"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QgJl7AKN%2Fpxfgd8tUhW%2BF7IH2adqdEgUq7ntiF3nHU3g0M3rYbyN2a2bsvP4%2BSCHT%2F5LWmlegFL3WSNUDVYdLJ8x26iNw0NRnzvfS4td%2FWBqSVgf0FFhEOMIOfRJyiIWxQLOzhnR0tWjLwUqmAvMLsqsK7NBhA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ccd675cffdcd266-FRA
expires
Thu, 10 Oct 2024 13:50:52 GMT
date
Thu, 03 Oct 2024 13:50:52 GMT
content-type
text/css
last-modified
Wed, 31 Jul 2024 01:07:53 GMT
vary
Accept-Encoding
server
cloudflare
post-9.css
boa.vivamaisleve.online/wp-content/uploads/elementor/css/ 		1 KB
818 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://boa.vivamaisleve.online/wp-content/uploads/elementor/css/post-9.css?ver=1722388138
Requested by
Host: boa.vivamaisleve.online
URL: https://boa.vivamaisleve.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b40b4089814e7f2a1df6ba380737ff839466b6daf449268c4fff7cd1113821ee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://boa.vivamaisleve.online/

Response headers

cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"598-66a98eaa-2f4039;br"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KRGBovaeWMs7IYXh9eWXXHiSlOqODYdJcNc6WUSgHvk22MHarvmyA%2BFNSCB3zNAtVOIwNYZf6VrBqpKvnYbjhdMHqZHsj%2FZt0XZiPZZVpifPO7pYVH3P3vacSS3J3QAv0b0D8tT1AZrLQPuQeraDqPY%2F7knSJw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ccd675cffdfd266-FRA
expires
Thu, 10 Oct 2024 13:50:52 GMT
date
Thu, 03 Oct 2024 13:50:52 GMT
content-type
text/css
last-modified
Wed, 31 Jul 2024 01:08:58 GMT
vary
Accept-Encoding
server
cloudflare
frontend-lite.min.css
boa.vivamaisleve.online/wp-content/plugins/elementor-pro/assets/css/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://boa.vivamaisleve.online/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.23.2
Requested by
Host: boa.vivamaisleve.online
URL: https://boa.vivamaisleve.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ceaa7d544911934a4b2d733ed3cf1529a2a4e5ebd9541ef796940780c62a58e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://boa.vivamaisleve.online/

Response headers

cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"2b2d-66a98e7e-37c4dc;br"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XJMk87TJ7RlLbTmQVADitUeyxNYtb6sHlGqB%2Bb1SNVUpxQIB7DjpE%2BSk1VkYGyTZTxnX%2FuwgQQQ6%2F6s9Ptbj9%2FBCvIEeyxMp9%2F0mpCkTFXPxv8liLmGzxy7DBo6aXsX1R4MnGfRxQ3kJmMgRdoiP2nqaUUPiqg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ccd675cffe1d266-FRA
expires
Thu, 10 Oct 2024 13:50:52 GMT
date
Thu, 03 Oct 2024 13:50:52 GMT
content-type
text/css
last-modified
Wed, 31 Jul 2024 01:08:14 GMT
vary
Accept-Encoding
server
cloudflare
global.css
boa.vivamaisleve.online/wp-content/uploads/elementor/css/ 		54 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://boa.vivamaisleve.online/wp-content/uploads/elementor/css/global.css?ver=1722400148
Requested by
Host: boa.vivamaisleve.online
URL: https://boa.vivamaisleve.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a523ad559618cddb2a84f5e73683f7177bf3da07893bb2287dff6e18b23f2a6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://boa.vivamaisleve.online/

Response headers

cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"d70b-66a9bd94-2f6871;br"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ccvpQhxDWONgjXC2xLqMR2L0mEi9v%2Bs5E5sYtEpZGjgpl6rDr6ztb%2BYpEXFlYXTcV89I%2BWHg%2FVl%2Fej8KpQ1OR84BfIxXJEeQ8U9%2F7qXaOYr9orPpGtf%2FE%2F6UzWTjF%2Ft%2ByDKJlZ13gMSQbqEYqyL14%2BS9X6dGzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ccd675cffe4d266-FRA
expires
Thu, 10 Oct 2024 13:50:52 GMT
date
Thu, 03 Oct 2024 13:50:52 GMT
content-type
text/css
last-modified
Wed, 31 Jul 2024 04:29:08 GMT
vary
Accept-Encoding
server
cloudflare
css
fonts.googleapis.com/ 		49 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.6.2
Requested by
Host: boa.vivamaisleve.online
URL: https://boa.vivamaisleve.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f0fa06655078e0ac20e2af926a55c9e56ce3484ddc439cb4643a7f8c8f6ac031
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://boa.vivamaisleve.online/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 03 Oct 2024 13:50:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 13:50:53 GMT
content-type
text/css; charset=utf-8
last-modified
Thu, 03 Oct 2024 13:10:15 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
disable-devtool
cdn.jsdelivr.net/npm/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/disable-devtool
Requested by
Host: boa.vivamaisleve.online
URL: https://boa.vivamaisleve.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a23f92a25922d13437d67f25ba2269b64080b5ec030f5cba982e0261abbfe04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://boa.vivamaisleve.online/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"4372-cTTqYs22VcKkI7FmI2XJm6ZFwr0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hrrt1FXJwGWDeBkE7nC9XdRcLS2aMsQcR4AQ1ddYYEVfUyaBIlaidk0IJWKBASdTPUggkwIrlTcWJIub0uH9g3CwZW%2BL5SBcJ2u7ustNv78FWjQgggzYF50jhuMbHX2lIHsSpoJDgCgNi486RNE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
x-cache
HIT, HIT
date
Thu, 03 Oct 2024 13:50:53 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230052-FRA, cache-lga21978-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8ccd675d79fadbc8-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
6161
server
cloudflare
x-jsd-version
0.3.8
latest.js
cdn.utmify.com.br/scripts/utms/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.utmify.com.br/scripts/utms/latest.js
Requested by
Host: boa.vivamaisleve.online
URL: https://boa.vivamaisleve.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:5400:1e:2dac:2040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
49d27da262ad785fa9419ab27578c8542a4c485af0aa2b0f2cdf57f920729788

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://boa.vivamaisleve.online/

Response headers

x-amz-cf-pop
FRA53-C1
content-encoding
gzip
etag
W/"eff48ccccc0d8f470b7cc59ce398e473"
age
34518
via
1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
OnNUYqzHGQ42Z86sE1mVjAvC_iiEQl-uInvVjdF9tBe-M47-BC8rWw==
date
Thu, 03 Oct 2024 04:15:36 GMT
content-type
text/javascript
vary
Accept-Encoding
server
AmazonS3
last-modified
Thu, 19 Sep 2024 15:30:06 GMT
x-amz-server-side-encryption
AES256
fdb989f2-1c87-4320-bc40-6f56527c941f
https://boa.vivamaisleve.online/ 		0
0
hotjar-3899205.js
static.hotjar.com/c/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3899205.js?sv=6
Requested by
Host: boa.vivamaisleve.online
URL: https://boa.vivamaisleve.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-51.fra56.r.cloudfront.net
Software
/
Resource Hash
6d9768bca8844399554bde2115af426fca37a893640d9196f51a5a80fe456090
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://boa.vivamaisleve.online/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=60
content-encoding
br
etag
W/24d67fafc2c804746bcf34de5a3a4222
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
x-cache-hit
1
via
1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
ibUTadZaTKTsWT3e7zPm6Q7-pTUtvRad0vh3XIcJPU1tr7r_I8EYcQ==
date
Thu, 03 Oct 2024 13:50:53 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-amz-cf-pop
FRA56-P2
pixel.js
cdn.utmify.com.br/scripts/pixel/ 		30 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.utmify.com.br/scripts/pixel/pixel.js
Requested by
Host: boa.vivamaisleve.online
URL: https://boa.vivamaisleve.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:5400:1e:2dac:2040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
04271d07aaf8bcb2c5045426ea8fd22cdfa47738b857aae98f68c80070edddd6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://boa.vivamaisleve.online/

Response headers

x-amz-cf-pop
FRA53-C1
content-encoding
gzip
etag
W/"c67eb6909092e3b745f9b85d961e9666"
age
39432
via
1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
OkCRzci_xw4mWa3EXGRG7mf_vsNLMTQd6WR6UlZDfZIWJcC-VA2i9Q==
date
Thu, 03 Oct 2024 06:29:13 GMT
content-type
text/javascript
vary
Accept-Encoding
server
AmazonS3
last-modified
Thu, 19 Sep 2024 15:30:06 GMT
x-amz-server-side-encryption
AES256
wp-emoji-release.min.js
boa.vivamaisleve.online/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://boa.vivamaisleve.online/wp-includes/js/wp-emoji-release.min.js?ver=6.6.2
Requested by
Host: boa.vivamaisleve.online
URL: https://boa.vivamaisleve.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://boa.vivamaisleve.online/

Response headers

cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"4926-660caa3e-2fed6e;br"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=40TENJXstgsLK0qqgp1ewjXQocvRiFnijfk8GqVDV3378trhGfgQ1W%2FuvlgOwkwnfPukuVe2iQAsJ4BcIThM5%2Bp0BTldUYXcWemAe5AYWRibnLuNcFeKTgHTss9yUZKIHKbYUyp3eFXXOia%2FK2kuRtV2tqRitA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ccd675e8d61d266-FRA
expires
Thu, 10 Oct 2024 13:50:53 GMT
date
Thu, 03 Oct 2024 13:50:53 GMT
content-type
application/x-javascript
last-modified
Wed, 03 Apr 2024 01:00:46 GMT
vary
Accept-Encoding
server
cloudflare
modules.35ef77a5f94ab0b63bfe.js
script.hotjar.com/ 		224 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.35ef77a5f94ab0b63bfe.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3899205.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-19.fra56.r.cloudfront.net
Software
/
Resource Hash
0fb710a3981deeb0fc42ba0c1169e18d043e921512be49eae7446e821b00882f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://boa.vivamaisleve.online/

Response headers

x-robots-tag
none
content-encoding
br
etag
"8c7357761da75e923581a2b59a0692f4"
age
11566
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
7ghk1Gracw7TTw8J7w3QODSELnWG3IbFvqYdlIzTU9iETB_rifGL_w==
date
Thu, 03 Oct 2024 10:38:07 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 03 Oct 2024 10:37:33 GMT
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
56542
x-amz-cf-pop
FRA56-C2
/
api.ipify.org/ 		21 B
154 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d189c5e6207aeb72c92e212854f1f87c747215fea0255195dd6d65c43796dd8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://boa.vivamaisleve.online/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8ccd6761497c9012-FRA
access-control-allow-origin
*
content-length
21
date
Thu, 03 Oct 2024 13:50:53 GMT
content-type
application/json
vary
Origin
server
cloudflare
/
api6.ipify.org/ 		29 B
222 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api6.ipify.org/?format=json
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:f2d8:1:3c::4 , United States, ASN18450 (WEBNX, US),
Reverse DNS
Software
nginx /
Resource Hash
5e1ceb4ca4165700fe43da1fea5ee9eace60e7e0f18738f93e8a800306d31fb8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://boa.vivamaisleve.online/

Response headers

Access-Control-Allow-Origin
*
Content-Length
29
Date
Thu, 03 Oct 2024 13:50:54 GMT
Content-Type
application/json
Vary
Origin
Server
nginx
Connection
keep-alive
cropped-8040742a059411d4a55fa17e1bab437c-32x32.jpg
boa.vivamaisleve.online/wp-content/uploads/2024/09/ 		702 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://boa.vivamaisleve.online/wp-content/uploads/2024/09/cropped-8040742a059411d4a55fa17e1bab437c-32x32.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbbbb990d25c69c4dc61abec87e9946fd5eba442ea85144286c768f00be9f847

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://boa.vivamaisleve.online/

Response headers

cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"2be-66f07b10-3f00f2;;;"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3sZGauzOfgKC65qH9q0RZD5%2ByzKQBaq7uhXYuLw5LEFXDXZ9MwdFtTW6Qq%2BH8MKG0nS3hZPDZUChJ0Ux9t%2BIyBMmoOQLG7vPSWGpnk8DLmucNwCOh46HS0ISJ5PZgnKWejGVM6Bo%2FUAMGn2tuCAvM5ZKNSiM9w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ccd6761e8e9d266-FRA
expires
Thu, 10 Oct 2024 13:50:53 GMT
accept-ranges
bytes
content-length
702
date
Thu, 03 Oct 2024 13:50:53 GMT
content-type
image/jpeg
last-modified
Sun, 22 Sep 2024 20:16:16 GMT
vary
Accept-Encoding
server
cloudflare
events
tracking.utmify.com.br/tracking/v1/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tracking.utmify.com.br/tracking/v1/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.229.197.58 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-229-197-58.sa-east-1.compute.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://boa.vivamaisleve.online
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Thu, 03 Oct 2024 13:50:54 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
events
tracking.utmify.com.br/tracking/v1/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tracking.utmify.com.br/tracking/v1/events
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.229.197.58 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-229-197-58.sa-east-1.compute.amazonaws.com
Software
/ Express
Resource Hash
a7575c05c0ff847dcd9cd70a6d21275a0ddf31aff49893561d52071a7b8b8767

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://boa.vivamaisleve.online/

Response headers

access-control-allow-origin
*
content-length
1702
date
Thu, 03 Oct 2024 13:50:56 GMT
etag
W/"6a6-OfHM+/GY4OSUfXmgsqJjFaNuZ8k"
content-type
application/json; charset=utf-8
x-powered-by
Express
access-control-allow-credentials
true
fbevents.js
connect.facebook.net/en_US/ 		226 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cdn.utmify.com.br
URL: https://cdn.utmify.com.br/scripts/pixel/pixel.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://boa.vivamaisleve.online/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Thu, 03 Oct 2024 13:50:56 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=23, mss=1232, tbw=4550, tp=11, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
G2s+JglMuvaTtMX/N/JpzGS8EVNfeAppo033CpEBf/ewGQVWVnO950G9Z9/FrG02Vp0sEzerTs3Nc1H0/axxnQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
59131
x-xss-protection
0
origin-agent-cluster
?0
1214071379919785
connect.facebook.net/signals/config/ 		68 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1214071379919785?v=2.9.170&r=stable&domain=boa.vivamaisleve.online&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
1b88c95e7b448747d2da2260a9f5ce8c7439cc588c725cf98408da345f248f24
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://boa.vivamaisleve.online/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Thu, 03 Oct 2024 13:50:56 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=67, mss=1232, tbw=67382, tp=64, tpl=0, uplat=323, ullat=0
pragma
public
x-fb-debug
Ag3OyxHZTw0sVp7pAtv4vgORjHUcKXSpyy1rE6FMe38IjdsvlJqW5hqYzg5kK3kPMYkyEnSrbONx3D+Y2PntRw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1214071379919785&ev=PageView&dl=https%3A%2F%2Fboa.vivamaisleve.online%2F&rl=&if=false&ts=1727963456844&cd[event_time]=1727963456&cd[event_day]=Thursday&cd[event_day_in_month]=3&cd[event_month]=October&cd[event_time_interval]=15-16&cd[event_url]=https%3A%2F%2Fboa.vivamaisleve.online%2F&cd[event_source_url]=https%3A%2F%2Fboa.vivamaisleve.online%2F&cd[traffic_source]=&cd[client_user_agent]=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F129.0.0.0%20Safari%2F537.36&cd[client_ip_address]=2a01%3A4a0%3A1338%3A93%3A%3A10&cd[content_type]=product&cd[page_title]=aprender&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=12318&fbp=fb.1.1727963456842.84698119500855654&ler=empty&cdl=API_unavailable&it=1727963456456&coo=false&eid=66fea13f7e6810feac5acd45&exp=h3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://boa.vivamaisleve.online/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=10, mss=1297, tbw=2907, tp=-1, tpl=-1, uplat=1, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 03 Oct 2024 13:50:56 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1214071379919785&ev=PageView&dl=https%3A%2F%2Fboa.vivamaisleve.online%2F&rl=&if=false&ts=1727963456844&cd[event_time]=1727963456&cd[event_day]=Thursday&cd[event_day_in_month]=3&cd[event_month]=October&cd[event_time_interval]=15-16&cd[event_url]=https%3A%2F%2Fboa.vivamaisleve.online%2F&cd[event_source_url]=https%3A%2F%2Fboa.vivamaisleve.online%2F&cd[traffic_source]=&cd[client_user_agent]=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F129.0.0.0%20Safari%2F537.36&cd[client_ip_address]=2a01%3A4a0%3A1338%3A93%3A%3A10&cd[content_type]=product&cd[page_title]=aprender&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=12318&fbp=fb.1.1727963456842.84698119500855654&ler=empty&cdl=API_unavailable&it=1727963456456&coo=false&eid=66fea13f7e6810feac5acd45&exp=h3&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://boa.vivamaisleve.online/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7421546533273353801"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 03 Oct 2024 13:50:57 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
ekGINg+mXx8UWDxXmyBU7aO+kPi1fIJk0M7Fr61epfvUMu+CHJD5bdrMIcdp99uY39DR5rav0sDapiKRydDIzg==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7421546533273353801", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=10, mss=1297, tbw=3225, tp=-1, tpl=-1, uplat=298, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
boa.vivamaisleve.online
URL
blob:https://boa.vivamaisleve.online/fdb989f2-1c87-4320-bc40-6f56527c941f

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _wpemojiSettings string| show_msg function| nocontextmenu function| addMultiEventListener function| show_toast function| h5vpLoader function| loadHVPAssets function| DisableDevtool function| hj object| _hjSettings object| a string| pixelId object| twemoji object| wp object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| paramsList number| itemExpInDays object| utmParams function| fbq function| _fbq

3 Cookies

Domain/Path Name / Value
.vivamaisleve.online/ Name: _hjSessionUser_3899205
Value: eyJpZCI6IjU4YWEwODczLTY2OWQtNWViNi05MzM2LTFjOWE3MjQ4NzFhMCIsImNyZWF0ZWQiOjE3Mjc5NjM0NTM2ODgsImV4aXN0aW5nIjpmYWxzZX0=
.vivamaisleve.online/ Name: _hjSession_3899205
Value: eyJpZCI6IjQ4MzI0ZTk3LTZlMjMtNGE3Yi04YTVlLTU2ZDU0YTk0ODU1MCIsImMiOjE3Mjc5NjM0NTM2ODksInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.vivamaisleve.online/ Name: _fbp
Value: fb.1.1727963456842.84698119500855654

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipify.org
api6.ipify.org
boa.vivamaisleve.online
cdn.jsdelivr.net
cdn.utmify.com.br
connect.facebook.net
fonts.googleapis.com
script.hotjar.com
static.hotjar.com
tracking.utmify.com.br
www.boa.vivamaisleve.online
www.facebook.com
boa.vivamaisleve.online
13.32.27.19
157.240.253.1
158.220.116.6
172.67.74.152
18.229.197.58
18.66.102.51
2600:9000:214f:5400:1e:2dac:2040:93a1
2606:4700::6812:bb1f
2607:f2d8:1:3c::4
2a00:1450:4001:806::200a
2a03:2880:f176:181:face:b00c:0:25de
2a06:98c1:3120::3
04271d07aaf8bcb2c5045426ea8fd22cdfa47738b857aae98f68c80070edddd6
0fb710a3981deeb0fc42ba0c1169e18d043e921512be49eae7446e821b00882f
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
1b88c95e7b448747d2da2260a9f5ce8c7439cc588c725cf98408da345f248f24
1ceaa7d544911934a4b2d733ed3cf1529a2a4e5ebd9541ef796940780c62a58e
1f5367b010068e0dac77f6edfc91602726dc2f7455c2bb7bcb1ac101416a185d
2a523ad559618cddb2a84f5e73683f7177bf3da07893bb2287dff6e18b23f2a6
48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a
49d27da262ad785fa9419ab27578c8542a4c485af0aa2b0f2cdf57f920729788
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5d189c5e6207aeb72c92e212854f1f87c747215fea0255195dd6d65c43796dd8
5e1ceb4ca4165700fe43da1fea5ee9eace60e7e0f18738f93e8a800306d31fb8
6c18c262e536eaa5acb163c11df785bc60d443fc6deb1beabf9968fb13c11cd5
6d9768bca8844399554bde2115af426fca37a893640d9196f51a5a80fe456090
8622883baa82b071ef2e8d06622d33bb94a51d2dd0bfffc0c08df7ea80105769
8a23f92a25922d13437d67f25ba2269b64080b5ec030f5cba982e0261abbfe04
a7575c05c0ff847dcd9cd70a6d21275a0ddf31aff49893561d52071a7b8b8767
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b40b4089814e7f2a1df6ba380737ff839466b6daf449268c4fff7cd1113821ee
c57e64fcb72bddafa9c38de574441c3e69ac6c961df96b0cad34da83658bd196
dbbbb990d25c69c4dc61abec87e9946fd5eba442ea85144286c768f00be9f847
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0fa06655078e0ac20e2af926a55c9e56ce3484ddc439cb4643a7f8c8f6ac031