urlscan.io logo urlscan.io
SecurityTrails logo

explorandoinvestimentos.com.br Open in urlscan Pro
108.179.192.88  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://explorandoinvestimentos.com.br/
Effective URL: https://explorandoinvestimentos.com.br/
Submission Tags: @phish_report
Submission: On September 14 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 4 domains to perform 24 HTTP transactions. The main IP is 108.179.192.88, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is explorandoinvestimentos.com.br.
TLS certificate: Issued by R11 on July 15th 2024. Valid for: 3 months.
This is the only time explorandoinvestimentos.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 108.179.192.88 19871 (NETWORK-S...)
2 2a00:1450:400... 15169 (GOOGLE)
2 157.240.0.6 32934 (FACEBOOK)
1 2600:1901:0:d... 396982 (GOOGLE-CL...)
4 2a03:2880:f17... 32934 (FACEBOOK)
1 142.250.181.232 15169 (GOOGLE)
24 7
13    108.179.192.88 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: br658-ip04.hostgator.com.br
explorandoinvestimentos.com.br
2    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
1    2600:1901:0:d7b8:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
stape.explorandoinvestimentos.com.br
4    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    142.250.181.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f8.1e100.net
www.googletagmanager.com
Apex Domain
Subdomains		 Transfer
14 explorandoinvestimentos.com.br
explorandoinvestimentos.com.br
stape.explorandoinvestimentos.com.br
142 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
4 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
172 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 178
73 KB
24 4
Domain Requested by
13 explorandoinvestimentos.com.br explorandoinvestimentos.com.br
4 www.facebook.com explorandoinvestimentos.com.br
3 www.googletagmanager.com explorandoinvestimentos.com.br
www.googletagmanager.com
2 connect.facebook.net explorandoinvestimentos.com.br
connect.facebook.net
1 stape.explorandoinvestimentos.com.br www.googletagmanager.com
24 5

This site contains links to these domains. Also see Links.

Domain
wordpress.org
pt.wordpress.org
wpastra.com
Subject Issuer Validity Valid
*.explorandoinvestimentos.com.br
R11		 2024-07-15 -
2024-10-13		 3 months crt.sh
*.google-analytics.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-06-24 -
2024-09-22		 3 months crt.sh
stape.explorandoinvestimentos.com.br
R10		 2024-08-06 -
2024-11-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://explorandoinvestimentos.com.br/
Frame ID: 31AF6A5F3D77A50FC49FDD2C62DD3FD4
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Explorando Investimentos

Page URL History Show full URLs

  1. http://explorandoinvestimentos.com.br/ HTTP 307
    https://explorandoinvestimentos.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

24
Requests

96 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

7
IPs

2
Countries

391 kB
Transfer

1303 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://explorandoinvestimentos.com.br/ HTTP 307
    https://explorandoinvestimentos.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
explorandoinvestimentos.com.br/
Redirect Chain
  • http://explorandoinvestimentos.com.br/
  • https://explorandoinvestimentos.com.br/
98 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://explorandoinvestimentos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.192.88 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br658-ip04.hostgator.com.br
Software
Apache /
Resource Hash
c4ee292c9613dbac8a071d062252f0459574d1a1c01f1424fb0ca56ab2eaf2c0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
max-age=604800
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 14 Sep 2024 21:32:10 GMT
expires
Sat, 21 Sep 2024 21:32:10 GMT
link
<https://explorandoinvestimentos.com.br/wp-json/>; rel="https://api.w.org/"
server
Apache
vary
Accept-Encoding,User-Agent

Redirect headers

Location
https://explorandoinvestimentos.com.br/
Non-Authoritative-Reason
HttpsUpgrades
main.min.css
explorandoinvestimentos.com.br/wp-content/themes/astra/assets/css/minified/ 		41 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://explorandoinvestimentos.com.br/wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.6.8
Requested by
Host: explorandoinvestimentos.com.br
URL: https://explorandoinvestimentos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.192.88 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br658-ip04.hostgator.com.br
Software
Apache /
Resource Hash
6ce7875c819b155e23c71443be6153d3f6dc2d4cbee2168c97eff06b56ddddcc

Request headers

Referer
https://explorandoinvestimentos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 21:32:11 GMT
content-encoding
gzip
last-modified
Wed, 11 Aug 2021 18:16:11 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
content-length
11957
expires
Mon, 14 Oct 2024 21:32:11 GMT
8a322244-a62c-4126-9d11-a996a59b2184
https://explorandoinvestimentos.com.br/ 		0
0
style.min.css
explorandoinvestimentos.com.br/wp-includes/css/dist/block-library/ 		110 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://explorandoinvestimentos.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.6.2
Requested by
Host: explorandoinvestimentos.com.br
URL: https://explorandoinvestimentos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.192.88 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br658-ip04.hostgator.com.br
Software
Apache /
Resource Hash
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5

Request headers

Referer
https://explorandoinvestimentos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 21:32:11 GMT
content-encoding
gzip
last-modified
Wed, 11 Sep 2024 04:01:12 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
expires
Mon, 14 Oct 2024 21:32:11 GMT
jquery.min.js
explorandoinvestimentos.com.br/wp-includes/js/jquery/ 		86 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://explorandoinvestimentos.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: explorandoinvestimentos.com.br
URL: https://explorandoinvestimentos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.192.88 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br658-ip04.hostgator.com.br
Software
Apache /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

Referer
https://explorandoinvestimentos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 21:32:11 GMT
content-encoding
gzip
last-modified
Wed, 08 Nov 2023 03:52:53 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
expires
Mon, 14 Oct 2024 21:32:11 GMT
jquery-migrate.min.js
explorandoinvestimentos.com.br/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://explorandoinvestimentos.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: explorandoinvestimentos.com.br
URL: https://explorandoinvestimentos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.192.88 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br658-ip04.hostgator.com.br
Software
Apache /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

Referer
https://explorandoinvestimentos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 21:32:11 GMT
content-encoding
gzip
last-modified
Wed, 09 Aug 2023 03:52:36 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5422
expires
Mon, 14 Oct 2024 21:32:11 GMT
jquery.bind-first-0.2.3.min.js
explorandoinvestimentos.com.br/wp-content/plugins/pixelyoursite/dist/scripts/ 		1 KB
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://explorandoinvestimentos.com.br/wp-content/plugins/pixelyoursite/dist/scripts/jquery.bind-first-0.2.3.min.js?ver=6.6.2
Requested by
Host: explorandoinvestimentos.com.br
URL: https://explorandoinvestimentos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.192.88 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br658-ip04.hostgator.com.br
Software
Apache /
Resource Hash
37045bf0d243623db4f2e99567c986944957b336dafa6368f4f75bcbad6fc4fa

Request headers

Referer
https://explorandoinvestimentos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 21:32:11 GMT
content-encoding
gzip
last-modified
Sun, 25 Aug 2024 13:28:50 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
689
expires
Mon, 14 Oct 2024 21:32:11 GMT
js.cookie-2.1.3.min.js
explorandoinvestimentos.com.br/wp-content/plugins/pixelyoursite/dist/scripts/ 		2 KB
931 B 		Script
General
Check archive.org
Download Go to
Full URL
https://explorandoinvestimentos.com.br/wp-content/plugins/pixelyoursite/dist/scripts/js.cookie-2.1.3.min.js?ver=2.1.3
Requested by
Host: explorandoinvestimentos.com.br
URL: https://explorandoinvestimentos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.192.88 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br658-ip04.hostgator.com.br
Software
Apache /
Resource Hash
4af105297c5b49ca668eaa0774c0eb479e907175f12ccc30e9c038dd7b6fcaf0

Request headers

Referer
https://explorandoinvestimentos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 21:32:11 GMT
content-encoding
gzip
last-modified
Sun, 25 Aug 2024 13:28:50 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
897
expires
Mon, 14 Oct 2024 21:32:11 GMT
public.js
explorandoinvestimentos.com.br/wp-content/plugins/pixelyoursite/dist/scripts/ 		118 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://explorandoinvestimentos.com.br/wp-content/plugins/pixelyoursite/dist/scripts/public.js?ver=9.7.1
Requested by
Host: explorandoinvestimentos.com.br
URL: https://explorandoinvestimentos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.192.88 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br658-ip04.hostgator.com.br
Software
Apache /
Resource Hash
7bb69f2363b8d61ca79aa77346468236ea06c62560a5b58bdff97e99c3bd7d65

Request headers

Referer
https://explorandoinvestimentos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 21:32:11 GMT
content-encoding
gzip
last-modified
Sun, 25 Aug 2024 13:28:50 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
expires
Mon, 14 Oct 2024 21:32:11 GMT
gtm.js
www.googletagmanager.com/ 		241 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WF93LMH6
Requested by
Host: explorandoinvestimentos.com.br
URL: https://explorandoinvestimentos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a3645a78aafdde02cff92ff4fb9e6fdc6488264d82ea3d00650e0e2e598a6cab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://explorandoinvestimentos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 21:32:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82284
x-xss-protection
0
last-modified
Sat, 14 Sep 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 14 Sep 2024 21:32:11 GMT
frontend.min.js
explorandoinvestimentos.com.br/wp-content/themes/astra/assets/js/minified/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://explorandoinvestimentos.com.br/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.6.8
Requested by
Host: explorandoinvestimentos.com.br
URL: https://explorandoinvestimentos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.192.88 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br658-ip04.hostgator.com.br
Software
Apache /
Resource Hash
e594d43ef5e6a3b462f2b1d47c0b4fdbc1178df5b7e5046dff5d208262a042c2

Request headers

Referer
https://explorandoinvestimentos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 21:32:11 GMT
content-encoding
gzip
last-modified
Wed, 11 Aug 2021 18:16:11 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5223
expires
Mon, 14 Oct 2024 21:32:11 GMT
wp-emoji-release.min.js
explorandoinvestimentos.com.br/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://explorandoinvestimentos.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.6.2
Requested by
Host: explorandoinvestimentos.com.br
URL: https://explorandoinvestimentos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.192.88 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br658-ip04.hostgator.com.br
Software
Apache /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

Referer
https://explorandoinvestimentos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 21:32:12 GMT
content-encoding
gzip
last-modified
Wed, 03 Apr 2024 04:13:54 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5365
expires
Mon, 14 Oct 2024 21:32:12 GMT
admin-ajax.php
explorandoinvestimentos.com.br/wp-admin/ 		117 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://explorandoinvestimentos.com.br/wp-admin/admin-ajax.php?action=pys_get_pbid
Requested by
Host: explorandoinvestimentos.com.br
URL: https://explorandoinvestimentos.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.192.88 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br658-ip04.hostgator.com.br
Software
Apache /
Resource Hash
70b59de5951733f840b05d635003b374b81d81179f3d4d1a26afbdc0e0d85482
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://explorandoinvestimentos.com.br/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 21:32:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
application/json; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
x-robots-tag
noindex
content-length
117
expires
Wed, 11 Jan 1984 05:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		225 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: explorandoinvestimentos.com.br
URL: https://explorandoinvestimentos.com.br/wp-content/plugins/pixelyoursite/dist/scripts/public.js?ver=9.7.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://explorandoinvestimentos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 14 Sep 2024 21:32:12 GMT
document-policy
force-load-at-top
x-fb-server-load
31
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58953
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=54, rtx=0, c=23, mss=1232, tbw=4414, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
Y1FhtgEUhsehR8XMi6iUz+CYBfLXMJHDPOKWV++rjtyYc2RPmQS8nCK8odGvw+1x7GJX6ZZ9u9LsA4mXKSJqOw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
admin-ajax.php
explorandoinvestimentos.com.br/wp-admin/ 		0
90 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://explorandoinvestimentos.com.br/wp-admin/admin-ajax.php
Requested by
Host: explorandoinvestimentos.com.br
URL: https://explorandoinvestimentos.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.192.88 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br658-ip04.hostgator.com.br
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Cache-Control
no-cache
Referer
https://explorandoinvestimentos.com.br/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 14 Sep 2024 21:32:12 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
Apache
x-frame-options
SAMEORIGIN
vary
User-Agent
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://explorandoinvestimentos.com.br
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
0
expires
Wed, 11 Jan 1984 05:00:00 GMT
js
www.googletagmanager.com/gtag/ 		260 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7FSFK72L29&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF93LMH6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
946f6f79dea4694299202934b9f2d739704050768d5fbcc2d9d94774d33f44aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://explorandoinvestimentos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 21:32:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93681
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 14 Sep 2024 21:32:12 GMT
486064316047161
connect.facebook.net/signals/config/ 		74 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/486064316047161?v=2.9.167&r=stable&domain=explorandoinvestimentos.com.br&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
968144d570fe9f7f5f0faeeb75a3f6ce056e3e77c31940a06f89c503d4cde0ee
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://explorandoinvestimentos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 14 Sep 2024 21:32:12 GMT
document-policy
force-load-at-top
x-fb-server-load
43
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=54, rtx=0, c=74, mss=1232, tbw=67116, tp=63, tpl=0, uplat=237, ullat=0
pragma
public
x-fb-debug
QhdBTMCh7ya9/1x26bNZK00hjQ1wCdh9bh4vuA4tGS/6UT2U4iRyT3LAi/JadlV7RuboZmey/8aCwdinu88o2g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stape.explorandoinvestimentos.com.br/g/ 		65 B
586 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stape.explorandoinvestimentos.com.br/g/collect?v=2&tid=G-7FSFK72L29&gtm=45je4990v9182281621z89182267756za200zb9182267756&_p=1726349531793&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1285750479.1726349532&ecid=33374710&ul=fi-fi&sr=1600x1200&_fplc=0&ur=RU-MOW&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=c&sst.etld=google.ru&sst.tft=1726349531793&sst.ude=0&_s=1&sid=1726349532&sct=1&seg=0&dl=https%3A%2F%2Fexplorandoinvestimentos.com.br%2F&dt=Explorando%20Investimentos&en=page_view&_fv=1&_nsi=1&_ss=1&ep.event_id=1726350000696_17263503502871&epn.event_time=1726349532&ep.action_source=website&ep.first_party_colletion=true&ep.x-fb-ck-fbp=fb.1.1726349531990.2789413737&ep.user_data.address.country=br&tfd=2032&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7FSFK72L29&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:d7b8:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://explorandoinvestimentos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 21:32:14 GMT
x-content-type-options
nosniff
content-type
text/plain
access-control-allow-origin
https://explorandoinvestimentos.com.br
cache-control
no-cache
access-control-allow-credentials
true
trace-id
4232c7d5-57ce-477b-bc67-b48ffa36600a
x-robots-tag
noindex, nofollow
x-accel-buffering
no
/
www.facebook.com/tr/ 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=486064316047161&ev=PageView&dl=https%3A%2F%2Fexplorandoinvestimentos.com.br%2F&rl=&if=false&ts=1726349532518&cd[post_category]=Uncategorized&cd[page_title]=Explorando%20Investimentos&cd[post_type]=page&cd[plugin]=PixelYourSite&cd[user_role]=guest&cd[event_url]=explorandoinvestimentos.com.br%2F&sw=1600&sh=1200&ud[external_id]=90e72f5b95ba398e8f58ead8f38ede035873bb732efb796383cc58fc5296a954&v=2.9.167&r=stable&a=dvpixelyoursite&ec=0&o=12318&fbp=fb.1.1726349531990.2789413737&cs_est=true&ler=empty&cdl=API_unavailable&it=1726349532195&coo=false&eid=0fbb32c3-7371-4a92-9ea8-a663e9d2fc82&rqm=GET
Requested by
Host: explorandoinvestimentos.com.br
URL: https://explorandoinvestimentos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://explorandoinvestimentos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=57, rtx=0, c=10, mss=1368, tbw=3128, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 14 Sep 2024 21:32:12 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=486064316047161&ev=PageView&dl=https%3A%2F%2Fexplorandoinvestimentos.com.br%2F&rl=&if=false&ts=1726349532518&cd[post_category]=Uncategorized&cd[page_title]=Explorando%20Investimentos&cd[post_type]=page&cd[plugin]=PixelYourSite&cd[user_role]=guest&cd[event_url]=explorandoinvestimentos.com.br%2F&sw=1600&sh=1200&ud[external_id]=90e72f5b95ba398e8f58ead8f38ede035873bb732efb796383cc58fc5296a954&v=2.9.167&r=stable&a=dvpixelyoursite&ec=0&o=12318&fbp=fb.1.1726349531990.2789413737&cs_est=true&ler=empty&cdl=API_unavailable&it=1726349532195&coo=false&eid=0fbb32c3-7371-4a92-9ea8-a663e9d2fc82&rqm=FGET
Requested by
Host: explorandoinvestimentos.com.br
URL: https://explorandoinvestimentos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://explorandoinvestimentos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Sat, 14 Sep 2024 21:32:12 GMT
document-policy
force-load-at-top
x-fb-server-load
33
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7414614782875601974", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=57, rtx=0, c=16, mss=1368, tbw=6541, tp=-1, tpl=-1, uplat=255, ullat=0
pragma
no-cache
x-fb-debug
UfwteDqYszHyfB780KF4ugIAVLaX9vo68XmKERVj91YuTN/1RkfiE26RvHVuXuF+hjfdSmPVaXtxu2m3yMm4ww==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7414614782875601974"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=486064316047161&ev=PageView&dl=https%3A%2F%2Fexplorandoinvestimentos.com.br%2F&rl=&if=false&ts=1726349532521&cd[fbp]=fb.1.1726349531990.2789413737&sw=1600&sh=1200&ud[external_id]=90e72f5b95ba398e8f58ead8f38ede035873bb732efb796383cc58fc5296a954&v=2.9.167&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=12318&fbp=fb.1.1726349531990.2789413737&cs_est=true&ler=empty&cdl=API_unavailable&it=1726349532195&coo=false&eid=1726350000696_17263503502871&tm=1&rqm=GET
Requested by
Host: explorandoinvestimentos.com.br
URL: https://explorandoinvestimentos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://explorandoinvestimentos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=57, rtx=0, c=10, mss=1368, tbw=2845, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 14 Sep 2024 21:32:12 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=486064316047161&ev=PageView&dl=https%3A%2F%2Fexplorandoinvestimentos.com.br%2F&rl=&if=false&ts=1726349532521&cd[fbp]=fb.1.1726349531990.2789413737&sw=1600&sh=1200&ud[external_id]=90e72f5b95ba398e8f58ead8f38ede035873bb732efb796383cc58fc5296a954&v=2.9.167&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=12318&fbp=fb.1.1726349531990.2789413737&cs_est=true&ler=empty&cdl=API_unavailable&it=1726349532195&coo=false&eid=1726350000696_17263503502871&tm=1&rqm=FGET
Requested by
Host: explorandoinvestimentos.com.br
URL: https://explorandoinvestimentos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://explorandoinvestimentos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Sat, 14 Sep 2024 21:32:12 GMT
document-policy
force-load-at-top
x-fb-server-load
24
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7414614782974459804", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=57, rtx=0, c=16, mss=1368, tbw=3280, tp=-1, tpl=-1, uplat=193, ullat=0
pragma
no-cache
x-fb-debug
qhEUEko/yCeQ/9F6CeoyQ5FxpgDDRemHZOyR2lgvAkf5UWoELt7qKLucflBXnnOOwYalT+ckXOQmY8Na3W3Y/A==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7414614782974459804"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?v=3&t=l&pid=1636967686&rv=4990&u=AAAAAAAIAAAAACAg&h=Ag&gtm=45je4990v9182281621za200zb9182267756&ccid=182281621&cid=G-7FSFK72L29&l=L1506.S50.B44.E699.I1688.EC5.TC10.HTC0~gtm.init.S0.V0.E43.TS5ogtautoevents.TI14.TE1.TS5ogt1pdatav2.TI16.TE1.TS5ccdgalast.TI17.TE0.TS5ccdautoredact.TI18.TE0.TS5ccdconversionmarking.TI19.TE0.TS5ccdgaregscope.TI20.TE2.TS5ogtgooglesignals.TI21.TE0.TS5setproductsettings.TI22.TE0.TS5ccdgafirst.TI23.TE0~gtm.js.S0.V0.E32.TS5gct.TI11.TE8~gtm.dom.S0.V0.E4~gtm.load.S0.V0.E0~gtm.init_consent.S3.V2.E46~GA526
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://explorandoinvestimentos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 21:32:13 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
Logo-EI.svg
explorandoinvestimentos.com.br/wp-content/uploads/2023/04/ 		554 B
422 B 		Other
General
Check archive.org
Download Go to
Full URL
https://explorandoinvestimentos.com.br/wp-content/uploads/2023/04/Logo-EI.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.192.88 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br658-ip04.hostgator.com.br
Software
Apache /
Resource Hash
3940242c2ba6ac862b0fc1751a6edc3438528e1c27227e484000777fa7ca84e9

Request headers

Referer
https://explorandoinvestimentos.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 21:32:13 GMT
content-encoding
gzip
last-modified
Mon, 03 Apr 2023 00:28:17 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
image/svg+xml
cache-control
max-age=604800
accept-ranges
bytes
content-length
307
expires
Sat, 21 Sep 2024 21:32:13 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
explorandoinvestimentos.com.br
URL
blob:https://explorandoinvestimentos.com.br/8a322244-a62c-4126-9d11-a996a59b2184

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wpemojiSettings function| jQuery function| Cookies object| pysOptions function| pys_generate_token function| getBundlePriceOnSingleProduct function| getPixelBySlag function| getUrlParameter function| getCookieYes boolean| firstVisit object| pys object| dataLayer object| rocketSplitTest object| astra function| astraGetParents function| getParents function| astraToggleClass function| toggleClass function| astraTriggerEvent function| popupTriggerClick function| AstraToggleSubMenu function| AstraToggleSetup function| astraNavMenuToggle function| fbq function| _fbq object| google_tag_manager object| google_tag_data number| gtmPageLoadId object| _fbq_gtm_ids object| twemoji object| wp object| gaGlobal

14 Cookies

Domain/Path Name / Value
.explorandoinvestimentos.com.br/ Name: elementor_split_test_client_id
Value: 168117da-6c7b-4d21-883f-dcc5e5b627c8
explorandoinvestimentos.com.br/ Name: pys_session_limit
Value: true
explorandoinvestimentos.com.br/ Name: pys_start_session
Value: true
explorandoinvestimentos.com.br/ Name: pys_first_visit
Value: true
explorandoinvestimentos.com.br/ Name: pysTrafficSource
Value: direct
explorandoinvestimentos.com.br/ Name: pys_landing_page
Value: https://explorandoinvestimentos.com.br/
explorandoinvestimentos.com.br/ Name: last_pysTrafficSource
Value: direct
explorandoinvestimentos.com.br/ Name: last_pys_landing_page
Value: https://explorandoinvestimentos.com.br/
explorandoinvestimentos.com.br/ Name: _fbp
Value: fb.1.1726349531990.2789413737
.explorandoinvestimentos.com.br/ Name: _ga_7FSFK72L29
Value: GS1.1.1726349532.1.0.1726349532.0.0.33374710
.explorandoinvestimentos.com.br/ Name: _ga
Value: GA1.1.1285750479.1726349532
explorandoinvestimentos.com.br/ Name: pbid
Value: e1e1f8c84b908bf6fa9034eea421a36d37ed843fece597bd34931faa0937465b
.explorandoinvestimentos.com.br/ Name: FPID
Value: FPID2.3.57pGGgi%2B0vkUYu%2Fv81PtEyknl%2BbaBcKf3F10bxBrPNs%3D.1726349532
.explorandoinvestimentos.com.br/ Name: FPLC
Value: twMNHUMAIzkoL5GTn55UUpXB4iB%2Bx%2FathaBhVCaD5lsVg8R2VI4mROsnpglQ9ypl9WAx8kfkJwEPfF4ssoqcD6iIpvhjq5we1rOJHg%2Bq3bUXWMy5y36o9EJ6V3bilQ%3D%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
explorandoinvestimentos.com.br
stape.explorandoinvestimentos.com.br
www.facebook.com
www.googletagmanager.com
explorandoinvestimentos.com.br
108.179.192.88
142.250.181.232
157.240.0.6
2600:1901:0:d7b8::
2a00:1450:4001:801::2008
2a03:2880:f177:185:face:b00c:0:25de
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
37045bf0d243623db4f2e99567c986944957b336dafa6368f4f75bcbad6fc4fa
3940242c2ba6ac862b0fc1751a6edc3438528e1c27227e484000777fa7ca84e9
4af105297c5b49ca668eaa0774c0eb479e907175f12ccc30e9c038dd7b6fcaf0
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
6ce7875c819b155e23c71443be6153d3f6dc2d4cbee2168c97eff06b56ddddcc
70b59de5951733f840b05d635003b374b81d81179f3d4d1a26afbdc0e0d85482
7bb69f2363b8d61ca79aa77346468236ea06c62560a5b58bdff97e99c3bd7d65
946f6f79dea4694299202934b9f2d739704050768d5fbcc2d9d94774d33f44aa
968144d570fe9f7f5f0faeeb75a3f6ce056e3e77c31940a06f89c503d4cde0ee
a3645a78aafdde02cff92ff4fb9e6fdc6488264d82ea3d00650e0e2e598a6cab
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
c4ee292c9613dbac8a071d062252f0459574d1a1c01f1424fb0ca56ab2eaf2c0
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e594d43ef5e6a3b462f2b1d47c0b4fdbc1178df5b7e5046dff5d208262a042c2
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5