homemdomatopremios.com Open in urlscan Pro
172.67.148.227 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://homemdomatopremios.com/
Effective URL:
https://homemdomatopremios.com/
Submission Tags: suspect
Submission: On July 24 via api (July 24th 2024, 2:34:46 pm UTC) from BR — Scanned from US

Summary HTTP 45 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 2 countries across 12 domains to perform 45 HTTP transactions. The main IP is 172.67.148.227, located in United States and belongs to CLOUDFLARENET, US. The main domain is homemdomatopremios.com.
TLS certificate: Issued by WE1 on July 23rd 2024. Valid for: 3 months.

This is the only time homemdomatopremios.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	172.67.148.227 172.67.148.227	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.21.234.234 104.21.234.234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	173.194.207.95 173.194.207.95	15169 (GOOGLE) (GOOGLE)
3	209.85.232.155 209.85.232.155	15169 (GOOGLE) (GOOGLE)
3	172.253.63.97 172.253.63.97	15169 (GOOGLE) (GOOGLE)
1	172.217.197.91 172.217.197.91	15169 (GOOGLE) (GOOGLE)
2	31.13.66.19 31.13.66.19	32934 (FACEBOOK) (FACEBOOK)
1	142.251.174.155 142.251.174.155	15169 (GOOGLE) (GOOGLE)
2	216.239.34.181 216.239.34.181	15169 (GOOGLE) (GOOGLE)
1	172.217.222.156 172.217.222.156	15169 (GOOGLE) (GOOGLE)
1	172.67.68.222 172.67.68.222	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	57.144.104.1 57.144.104.1	32934 (FACEBOOK) (FACEBOOK)
1	173.194.204.147 173.194.204.147	15169 (GOOGLE) (GOOGLE)
2	142.251.174.154 142.251.174.154	15169 (GOOGLE) (GOOGLE)
2	173.194.204.132 173.194.204.132	15169 (GOOGLE) (GOOGLE)
1	173.194.204.106 173.194.204.106	15169 (GOOGLE) (GOOGLE)
45	18

14 172.67.148.227 (United States)

ASN13335 (CLOUDFLARENET, US)

homemdomatopremios.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.21.234.234 (None, )

ASN13335 (CLOUDFLARENET, US)

rsms.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.207.95 (United States)

ASN15169 (GOOGLE, US)
PTR: qk-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.85.232.155 (United States)

ASN15169 (GOOGLE, US)
PTR: qt-in-f155.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.63.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.197.91 (United States)

ASN15169 (GOOGLE, US)
PTR: qa-in-f91.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.174.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: qc-in-f155.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.34.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.222.156 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.68.222 (United States)

ASN13335 (CLOUDFLARENET, US)

fbapi.rifa.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 57.144.104.1 (Highlands Ranch, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-den2.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.204.147 (United States)

ASN15169 (GOOGLE, US)
PTR: qb-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.174.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: qc-in-f154.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.204.132 (United States)

ASN15169 (GOOGLE, US)
PTR: qb-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.204.106 (United States)

ASN15169 (GOOGLE, US)
PTR: qb-in-f106.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	homemdomatopremios.com homemdomatopremios.com	588 KB
5	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157 tpc.googlesyndication.com — Cisco Umbrella Rank: 203	215 KB
4	google.com analytics.google.com — Cisco Umbrella Rank: 238 www.google.com — Cisco Umbrella Rank: 10	455 B
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 77 stats.g.doubleclick.net — Cisco Umbrella Rank: 252	2 KB
4	rsms.me rsms.me — Cisco Umbrella Rank: 24298	327 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	284 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	72 KB
1	rifa.digital fbapi.rifa.digital
1	youtube.com www.youtube.com — Cisco Umbrella Rank: 84 Failed
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	855 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	17 KB
45	12

	Domain	Requested by
14	homemdomatopremios.com	homemdomatopremios.com
4	rsms.me	homemdomatopremios.com rsms.me
3	googleads.g.doubleclick.net	www.googletagmanager.com pagead2.googlesyndication.com
3	www.googletagmanager.com	homemdomatopremios.com www.googletagmanager.com
3	pagead2.googlesyndication.com	homemdomatopremios.com pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.google.com	homemdomatopremios.com tpc.googlesyndication.com
2	www.facebook.com	homemdomatopremios.com
2	analytics.google.com	www.googletagmanager.com
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
1	fbapi.rifa.digital	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	www.youtube.com	homemdomatopremios.com
1	fonts.googleapis.com	homemdomatopremios.com
1	cdnjs.cloudflare.com	homemdomatopremios.com
45	15

This site contains no links.

Subject Issuer	Validity	Valid
homemdomatopremios.com WE1	`2024-07-23` - `2024-10-21`	3 months	crt.sh
rsms.me WE1	`2024-06-23` - `2024-09-21`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-02` - `2024-07-31`	3 months	crt.sh
rifa.digital WE1	`2024-07-19` - `2024-10-17`	3 months	crt.sh
www.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://homemdomatopremios.com/
Frame ID: A11416409FF506AC2C498020EAC0D397
Requests: 39 HTTP requests in this frame

Frame: https://www.youtube.com/embed/DUeCvF7e2_o
Frame ID: 08F35E4D8946F7E6488FED0632642230
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/DUeCvF7e2_o
Frame ID: 7B450FB82BC92A60434B321C53CE127D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240722/r20110914/zrt_lookup_fy2021.html
Frame ID: 4F8AB45075BB0A272B86A3BB3914C5C8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2984742400813413&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1721831682&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fhomemdomatopremios.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=29~32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=29~32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=29_18~32_18~30_19&aiixl=29_5~32_9~30_6&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721831681431&bpp=4&bdt=1127&idt=916&shv=r20240722&mjsv=m202407180101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=7567428225598&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31084868%2C44798934%2C95330279%2C95331832%2C95334524%2C95334829%2C95337026%2C95337869%2C95338249%2C31084185%2C95331953%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3948367824034419&tmod=243882137&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=941
Frame ID: F28698D96B3CE681151907A5D5579C60
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E8CAF4A2BE0ACF0B76CD58B3EFBEA13C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5DF9CCE95AAC5E6115A37F84134AF3D7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Termine a configuração do seu dominio | Rifa Digital

Page URL History Show full URLs

http://homemdomatopremios.com/ HTTP 307
https://homemdomatopremios.com/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

45
Requests

93 %
HTTPS

0 %
IPv6

12
Domains

15
Subdomains

18
IPs

2
Countries

1511 kB
Transfer

3532 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://homemdomatopremios.com/ HTTP 307
https://homemdomatopremios.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
homemdomatopremios.com/
Redirect Chain

http://homemdomatopremios.com/
https://homemdomatopremios.com/

38 KB
12 KB

498ms
71ms

Document
text/html

172.67.148.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://homemdomatopremios.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.148.227 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aecbef12a58a4a22e32569651e1c563a4235bd414bc1a733f3776438bdbae042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8a84a1e16d2d0f9c-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 24 Jul 2024 14:34:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4K4%2FVEDvh67YFeX0Cg7MurUqhZd5MjRwLOfm2a55TvjFCy1pXiYAOtA5cmUAD8aD6IHoteg8NnbNCwUecvWj7IqXCuCuyRqPfdxLOkdKEJwLYON5WdLddM6Vyq%2BVJ9j%2BlhddsNta5dbo"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding X-Inertia
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Location: https://homemdomatopremios.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 inter.css
rsms.me/inter/ 7 KB
1 KB 348ms
19ms Stylesheet
text/css 104.21.234.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/inter.css
Requested by: Host: homemdomatopremios.com
URL: https://homemdomatopremios.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.234.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fedfb7def1421aa9d58d1732be7164e33eec27b9c87193e010b9ddaa67b6a18

Request headers

Referer: https://homemdomatopremios.com/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

x-fastly-request-id: 6e16f390e76bb8f5a277f830af884ef6d27123b8
date: Wed, 24 Jul 2024 14:34:40 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 547
x-cache: HIT
x-proxy-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 712
x-served-by: cache-lga21926-LGA
last-modified: Mon, 25 Mar 2024 16:53:19 GMT
server: cloudflare
x-github-request-id: 3C5E:5429:13E69AF:1AF2215:6601AC04
x-timer: S1711385766.016748,VS0,VE2
etag: W/"6601abff-1b8d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p4YDQxwdYeazpxoO50dHBnsW%2BDoeZIOuEry2SV21rvfLeVx73krmbdObsvS7Y9VAUChjEE47NRoPwwEgWZEqfkyyMyvcOJxEPsKf3xodPG559LcgBoI9wCm1"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-origin-cache: HIT
cf-ray: 8a84a1e3ff9742ce-EWR
expires: Tue, 16 Jul 2024 10:48:05 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/ 99 KB
17 KB 345ms
16ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/all.min.css

Requested by

Host: homemdomatopremios.com
URL: https://homemdomatopremios.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5e8e8eb22e2eaf1ad02370c22c63c04774ab0b83b4329d5945333750814bb2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://homemdomatopremios.com/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Wed, 24 Jul 2024 14:34:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2915666
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 17188
last-modified: Mon, 25 Jul 2022 19:31:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "62deef96-4324"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mj6iSq441b0WeNIMJV1H48%2FI4R9vi%2BpYQXrXhOPXQmIoabwTg5saUjzn8xz%2B8%2FAs6voaykHkNSihsbJe1zbshsC1oyucUmm8QJMkEvThrxYI%2BeGCVfTPSwzJLHvSAQn4TjvaAq%2BW"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a84a1e3ff187c9a-EWR
expires: Mon, 14 Jul 2025 14:34:40 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
855 B 412ms
62ms Stylesheet
text/css 173.194.207.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lexend:wght@400;500&display=swap

Requested by

Host: homemdomatopremios.com
URL: https://homemdomatopremios.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.207.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qk-in-f95.1e100.net

Software

ESF /

Resource Hash

e6a6df9353807084166ea6718f1d0869b5d5b3b5d862275b087bea6a2774184c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://homemdomatopremios.com/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Jul 2024 14:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Jul 2024 14:34:40 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 159 KB
53 KB 724ms
143ms Script
text/javascript 209.85.232.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2984742400813413

Requested by

Host: homemdomatopremios.com
URL: https://homemdomatopremios.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.232.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qt-in-f155.1e100.net

Software

cafe /

Resource Hash

298e542c68f01e04564e8c3a66a3be85366bfa62b3cb166ca49e5b13c0e100cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://homemdomatopremios.com/
Origin: https://homemdomatopremios.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Wed, 24 Jul 2024 14:34:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53434
x-xss-protection: 0
server: cafe
etag: 7162733239253349598
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 24 Jul 2024 14:34:41 GMT

GET
H2 200 app-C2Rkk2Fc.css
homemdomatopremios.com/build/assets/ 13 KB
2 KB 22ms
18ms Stylesheet
text/css 172.67.148.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://homemdomatopremios.com/build/assets/app-C2Rkk2Fc.css

Requested by

Host: homemdomatopremios.com
URL: https://homemdomatopremios.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.148.227 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4522082cba4909ad4b9a81e3b657c4c243f2e62f6dd5556d1a7b1a72caff6405

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://homemdomatopremios.com/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Wed, 24 Jul 2024 14:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3563
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Jul 2024 00:57:55 GMT
server: cloudflare
etag: W/"66a05193-3241"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xQgJLTVF1kmv2Lh0Cwcc%2F2%2FLcM5Jtax4kV8VGCCPHaS%2BuqvQqBlhpq6VQKVWos%2FjStJPsO15u7Iis7rCeqb9NIIKIwtxomIWzxiBmj9UtjuchgZ8LSVoD0jtFTknREMDxdLn%2FVh7Vtu8"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8a84a1e1fdaa0f9c-EWR

GET
H2 200 app-C6WqxJNU.css
homemdomatopremios.com/build/assets/ 109 KB
17 KB 22ms
18ms Stylesheet
text/css 172.67.148.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://homemdomatopremios.com/build/assets/app-C6WqxJNU.css

Requested by

Host: homemdomatopremios.com
URL: https://homemdomatopremios.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.148.227 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46e57573d5bb744375fcd74bfbe9beca2a4830909542a9a79edf0762cd24e945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://homemdomatopremios.com/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Wed, 24 Jul 2024 14:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3563
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Jul 2024 00:57:55 GMT
server: cloudflare
etag: W/"66a05193-1b39a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2nw5HeBoImXhkRRZ1xBcXOzhmvo61Z63dtEkLK5cXA4QvBpdyA3QMlqiaQUFYNlbPLsWX245NYsgvImHTm2fjfDFNTS7okMnaKRk4KeKu2VAr%2Fl9RVtYbjaHYRG7%2BHaHBJBlUo8wt9Vl"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8a84a1e1fdad0f9c-EWR

GET
H2 200 app-68s7FtWA.js Show response
homemdomatopremios.com/build/assets/ 374 KB
136 KB 22ms
19ms Script
application/javascript 172.67.148.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://homemdomatopremios.com/build/assets/app-68s7FtWA.js

Requested by

Host: homemdomatopremios.com
URL: https://homemdomatopremios.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.148.227 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ec1eec73c52850d3acf72f41cabfdf7180b8b56ae3095b503ee7b0a7886b9e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://homemdomatopremios.com/
Origin: https://homemdomatopremios.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Wed, 24 Jul 2024 14:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3563
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Jul 2024 00:57:55 GMT
server: cloudflare
etag: W/"66a05193-5d6f2"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=db5BAl5I3xXgKimJecrIHDd%2Bilepppr%2FKQuoW9YagG7KABFfxFNzSVwr0Ne9K9t%2BjtokY8yNblKcdSWz2qVmYMxUCPu2PyUIYjXc7A%2Frtmo%2FrzlSU6pFCX6dPNkW1o8LJZMKFQwjOSOR"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8a84a1e1fdaf0f9c-EWR

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 271 KB
94 KB 570ms
35ms Script
application/javascript 172.253.63.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MDPCFZ7

Requested by

Host: homemdomatopremios.com
URL: https://homemdomatopremios.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

e532ee789d45d762ed37bd9b4aee9b6b359ace5a19318c8e2ffee29cbbff17f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://homemdomatopremios.com/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Wed, 24 Jul 2024 14:34:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95861
x-xss-protection: 0
last-modified: Wed, 24 Jul 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Jul 2024 14:34:41 GMT

GET DUeCvF7e2_o
www.youtube.com/embed/ Frame 08F3 0
0

GET
H2 200 Inter-Bold.woff2
rsms.me/inter/font-files/ 108 KB
109 KB 345ms
24ms Font
font/woff2 104.21.234.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/font-files/Inter-Bold.woff2?v=4.0
Requested by: Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.234.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 220976705fbec109f43c5cfdceca639e99ace7e51f3eb67292b105d3575eb39b

Request headers

Referer: https://rsms.me/inter/inter.css
Origin: https://homemdomatopremios.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

x-fastly-request-id: c9cc1bca99207ae3eaa06a7206379a720efaed97
date: Wed, 24 Jul 2024 14:34:41 GMT
via: 1.1 varnish
expires: Wed, 24 Jul 2024 07:54:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3563
x-cache: HIT
x-proxy-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 111040
x-served-by: cache-lga21947-LGA
last-modified: Mon, 25 Mar 2024 16:53:19 GMT
server: cloudflare
x-github-request-id: 8813:9C6A1:59B09E:70ABEF:66A0B12B
x-timer: S1721828118.348784,VS0,VE0
etag: "6601abff-1b1c0"
x-hosts-log-append: pages_hosts_ips:{ [1] = 10.0.1.153,[2] = 10.0.18.188,[3] = 10.0.34.183,}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KFWVa3RiuO2naNGxyz%2FLppoId%2FiO%2BG5fusS4bP%2BNWevKdeYCLtMyuoCm55maPcuoxVvgP7BzYoCMOqmJL7LB%2BUhxoLYSSx4UuvK5OElIUt1NoBITUjk3OVbg"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 8a84a1e6afe48c12-EWR
x-cache-hits: 12

GET
H2 200 Inter-SemiBold.woff2
rsms.me/inter/font-files/ 109 KB
110 KB 354ms
33ms Font
font/woff2 104.21.234.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/font-files/Inter-SemiBold.woff2?v=4.0
Requested by: Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.234.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e52a861dc26ff4608c50bd7ff89b65d0d6216a2afe7b47ce5d84544811ca400

Request headers

Referer: https://rsms.me/inter/inter.css
Origin: https://homemdomatopremios.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

x-fastly-request-id: a7ff1af9f106013dff20963bc158a2ef25d2cf32
date: Wed, 24 Jul 2024 14:34:41 GMT
via: 1.1 varnish
x-cache-hits: 22
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3563
x-cache: HIT
x-proxy-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 111588
x-served-by: cache-lga21967-LGA
last-modified: Mon, 25 Mar 2024 16:53:19 GMT
server: cloudflare
x-github-request-id: 63B9:16DA:D99C94:10EDB7E:669F7F94
x-timer: S1721828118.344482,VS0,VE1
etag: "6601abff-1b3e4"
x-hosts-log-append: pages_hosts_ips:{ [1] = 10.0.1.153,[2] = 10.0.18.188,[3] = 10.0.34.183,}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zavfahl6MTOH3t77TvImHI2N%2BS8EiDnem9xsmv8dpTb3mu1IqunplJA9zFecRuMeAjObgqKF6DFtuoE4zK9ssM9p%2BAHSUDPZ5PpQ9kgwikU%2BsPcUSfuUKl90"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
x-origin-cache: HIT
cf-ray: 8a84a1e6afe58c12-EWR
expires: Tue, 23 Jul 2024 10:11:56 GMT

GET
H2 200 Inter-Regular.woff2
rsms.me/inter/font-files/ 106 KB
106 KB 345ms
24ms Font
font/woff2 104.21.234.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/font-files/Inter-Regular.woff2?v=4.0
Requested by: Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.234.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6f9db9e45be20f3c1312c97fbee7ec36b7d8280f8caa4d53c9ba0408cc9997a

Request headers

Referer: https://rsms.me/inter/inter.css
Origin: https://homemdomatopremios.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

x-fastly-request-id: e5b164be0a7a932e40f32f5ab3bc935582ecb676
date: Wed, 24 Jul 2024 14:34:41 GMT
via: 1.1 varnish
expires: Tue, 02 Jul 2024 08:38:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3563
x-cache: HIT
x-proxy-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 108488
x-served-by: cache-lga21977-LGA
last-modified: Mon, 25 Mar 2024 16:53:19 GMT
server: cloudflare
x-github-request-id: 4D55:3DA1A1:39AA433:441D26A:6683BA30
x-timer: S1721828118.345262,VS0,VE0
etag: "6601abff-1a7c8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BkCAabuJ1VzcDkHjTsr9mY8gJILBg60HcYWCLgQ0vLTpbgveHRFpXEXK5qsnSdpMmI3cEpjQI1%2FfBH5Oxauy3919bxwCEz9rTyigMHbUsv%2B7K10RXbKVY3Gm"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 8a84a1e6afe68c12-EWR
x-cache-hits: 2

GET
H2 200 ConfigDomain-5LOYPpWP.js Show response
homemdomatopremios.com/build/assets/ 3 KB
2 KB 58ms
55ms Script
application/javascript 172.67.148.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://homemdomatopremios.com/build/assets/ConfigDomain-5LOYPpWP.js

Requested by

Host: homemdomatopremios.com
URL: https://homemdomatopremios.com/build/assets/app-68s7FtWA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.148.227 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a207db1bb10d8cb63bc087116e78013ade00461936323fbe9132b1c32ba6a2cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://homemdomatopremios.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Wed, 24 Jul 2024 14:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Jul 2024 00:57:55 GMT
server: cloudflare
etag: W/"66a05193-aa3"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G8LrvlBll1NiZzoOAvJPtCxsWTTzWSzhxLwVGogp8psOjcTrT0VKTHwi8F2OltSPtzmNDOdDPc605w67BjmuKmPmWkXWNy59tGoZU6vFoZK6SQIql6LYnf%2FSdQVQtaFahvXvIUPv2Slx"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8a84a1e508b60f9c-EWR

GET
H2 200 _plugin-vue_export-helper-DlAUqK2U.js Show response
homemdomatopremios.com/build/assets/ 91 B
378 B 23ms
20ms Script
application/javascript 172.67.148.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://homemdomatopremios.com/build/assets/_plugin-vue_export-helper-DlAUqK2U.js

Requested by

Host: homemdomatopremios.com
URL: https://homemdomatopremios.com/build/assets/app-68s7FtWA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.148.227 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb85b0f263dbe24e857338301c0627076592e9f1f1a5662929f86d2c126444aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://homemdomatopremios.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Wed, 24 Jul 2024 14:34:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3562
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Jul 2024 00:57:55 GMT
server: cloudflare
etag: W/"66a05193-5b"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8wZ0RB8n58T0fI%2FigEno2w30ACR23gwl3Tkwl%2FmYKq6TZ7mo%2Ftza2Gv4Cimc8B7aewc%2FVOvPA8mJh9kK%2F6R6PX12Z24eRjBT7A4LNzb5VwPTtMipdFYZE9M8nxkXL1mfalb0RWBbI9oH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 8a84a1e508b90f9c-EWR

GET
H2 200 disclosure-BIMWMfnu.js Show response
homemdomatopremios.com/build/assets/ 3 KB
2 KB 58ms
56ms Script
application/javascript 172.67.148.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://homemdomatopremios.com/build/assets/disclosure-BIMWMfnu.js

Requested by

Host: homemdomatopremios.com
URL: https://homemdomatopremios.com/build/assets/app-68s7FtWA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.148.227 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71d4834cc40f28ac4aef5b0af3cc627e41a5ce17d06ec6d38e73fbb926a07c05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://homemdomatopremios.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Wed, 24 Jul 2024 14:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Jul 2024 00:57:55 GMT
server: cloudflare
etag: W/"66a05193-dbe"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JzSoCP0JEAVpgyX4f%2B2ayu37uB8WZhkT%2F1HtUgb7MTz%2FF3BhnVZesgT8hfzTKFgnnUGFQ7d%2B54NWjEbSQsZqP3CdvJu291QU8%2FYVtGHVP1vIuqm7OYaYTdi4EIk6BFtqKbKov9R7c8qm"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8a84a1e508ba0f9c-EWR

GET
H2 200 keyboard-MzZTiKmX.js Show response
homemdomatopremios.com/build/assets/ 4 KB
2 KB 25ms
23ms Script
application/javascript 172.67.148.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://homemdomatopremios.com/build/assets/keyboard-MzZTiKmX.js

Requested by

Host: homemdomatopremios.com
URL: https://homemdomatopremios.com/build/assets/app-68s7FtWA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.148.227 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a82457ac6fd3f5b9dfdf544b96e96eeeba88c1d71d3b167e969f806cde421a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://homemdomatopremios.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Wed, 24 Jul 2024 14:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3562
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Jul 2024 00:57:55 GMT
server: cloudflare
etag: W/"66a05193-e54"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uGj%2BLE2xkL6FNW%2FYbR%2B6lKCHNa1fc2jXf%2B7bFoVrPaT7vqxRfrjjDOKZO8ZdtgzlvUDquXN5VNDVwGl7EDmgGi4tPRVaPSMnEidV4%2FtsL9qvqXePD0lDFCBH8ZgMpwGhXsoO3LhUcFES"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8a84a1e518bd0f9c-EWR

GET
H2 200 use-resolve-button-type-Bd2_1c5W.js Show response
homemdomatopremios.com/build/assets/ 455 B
596 B 25ms
24ms Script
application/javascript 172.67.148.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://homemdomatopremios.com/build/assets/use-resolve-button-type-Bd2_1c5W.js

Requested by

Host: homemdomatopremios.com
URL: https://homemdomatopremios.com/build/assets/app-68s7FtWA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.148.227 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad454f4cb6ff0dce1ad02660f85d8323d5d9663460441924da3c67accd016442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://homemdomatopremios.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Wed, 24 Jul 2024 14:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3562
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Jul 2024 00:57:55 GMT
server: cloudflare
etag: W/"66a05193-1c7"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=znOKSe0V6gn6yRRRgWpFM5qXuaAiRFhFMc%2FJfqUOhlxbQQEIXc3CttSFvbX7jnd828x3HA67FvNOgBIybX%2BV%2BjNxOr2glOANwC%2Fz6GmG3ETyMp1wfUtSbuEjv5VE71UQAkLH09yhR5fP"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8a84a1e518be0f9c-EWR

GET
H2 200 WhatsappFloat-DF1pnl2M.js Show response
homemdomatopremios.com/build/assets/ 1 KB
934 B 60ms
59ms Script
application/javascript 172.67.148.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://homemdomatopremios.com/build/assets/WhatsappFloat-DF1pnl2M.js

Requested by

Host: homemdomatopremios.com
URL: https://homemdomatopremios.com/build/assets/app-68s7FtWA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.148.227 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47782f6d742445b12fe6522de2325369f5e045f2c4aed5fefb59ff22bf9e8644

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://homemdomatopremios.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Wed, 24 Jul 2024 14:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Jul 2024 00:57:55 GMT
server: cloudflare
etag: W/"66a05193-408"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IfYp3JyQARGPwOWnsB0mL7sB04a4OX4C2dv%2Fi5fQkdugq5sLGCVL%2BPh0KCv4po4Z%2B8kd1eJlBeYoU0dacrMlyebUrp2g9G%2FaFfEZwusyZoxmUuhhx2bVZRHKjeUoaAFAzF9U7WoGPSWb"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8a84a1e518c00f9c-EWR

GET
H2 200 WhatsappIcon-CKah8bbq.js Show response
homemdomatopremios.com/build/assets/ 1 KB
1 KB 60ms
59ms Script
application/javascript 172.67.148.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://homemdomatopremios.com/build/assets/WhatsappIcon-CKah8bbq.js

Requested by

Host: homemdomatopremios.com
URL: https://homemdomatopremios.com/build/assets/app-68s7FtWA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.148.227 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad6eb02b88846f05401e2e7632b9106f9f90aaccc2e2c223dd9fae6cd70d727a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://homemdomatopremios.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Wed, 24 Jul 2024 14:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Jul 2024 00:57:55 GMT
server: cloudflare
etag: W/"66a05193-5ad"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gOm6ln59LtMl9pJ9lEN%2F9jnYFbO0gUCRzRiETiSoEM7N93GcAMhlaXgUPM3qjp%2B56bRbVd2HpFriAgSOJRziC7Be5XPz8AIKFZzeSwwv9BbPhw%2Fw7S1cr8Tw1ppeA7mxgb71bf%2F24GR7"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8a84a1e518c30f9c-EWR

GET
H2 200 Modal-Di7llZCI.js Show response
homemdomatopremios.com/build/assets/ 675 B
798 B 22ms
21ms Script
application/javascript 172.67.148.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://homemdomatopremios.com/build/assets/Modal-Di7llZCI.js

Requested by

Host: homemdomatopremios.com
URL: https://homemdomatopremios.com/build/assets/app-68s7FtWA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.148.227 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46be4edaf684a58f0b606dc3d28355cd9b98eda368450eb8ac26427bbe09d8b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://homemdomatopremios.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Wed, 24 Jul 2024 14:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3562
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Jul 2024 00:57:55 GMT
server: cloudflare
etag: W/"66a05193-2a3"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EPvZK2hNLQpuDmmYjqDDXX%2FgQHEpIZvb57RP%2BVs%2Bwedc6b9L5f4VX%2FdKv8wSdmOhaxmQP2cFvXKBYEvAWa%2FrPWWg0Dsz%2BeONxntF%2BinF%2FYNQpwm55rdflRDwrVy3cUj5dIda1ThHjGwX"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8a84a1e518c40f9c-EWR

GET
H2 200 DUeCvF7e2_o
www.youtube.com/embed/ Frame 7B45 0
0 313ms
77ms Document
text/html 172.217.197.91
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/DUeCvF7e2_o

Requested by

Host: homemdomatopremios.com
URL: https://homemdomatopremios.com/build/assets/app-68s7FtWA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.197.91 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f91.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://homemdomatopremios.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jul 2024 14:34:41 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 313 KB
104 KB 47ms
46ms Script
application/javascript 172.253.63.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KHYBPRP9RF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDPCFZ7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

13174418812caba498cb70c4c624323bd6842d350a56cbd56eaf6bdd42bb552c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://homemdomatopremios.com/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Wed, 24 Jul 2024 14:34:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 106647
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 24 Jul 2024 14:34:41 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 224 KB
60 KB 348ms
16ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDPCFZ7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://homemdomatopremios.com/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 24 Jul 2024 14:34:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58677
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=12, rtx=0, c=12, mss=1348, tbw=2783, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: Blslb6O1JvJ/ZmmVX6p7rWyKm/dhRab1mzNTdWBSnGdq3qmUtlcEpaXbG0kUkASzRUZxo1rymja20BZPsQib2g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 243 KB
86 KB 37ms
36ms Script
application/javascript 172.253.63.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-10846468162&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDPCFZ7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

aa6c7fc32ddda5c6c5fc89e0c52fe07e7007de4381043602cba668f381e9a22d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://homemdomatopremios.com/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Wed, 24 Jul 2024 14:34:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88098
x-xss-protection: 0
last-modified: Wed, 24 Jul 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Jul 2024 14:34:41 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/ 423 KB
143 KB 763ms
419ms Script
text/javascript 209.85.232.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2984742400813413

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.232.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qt-in-f155.1e100.net

Software

cafe /

Resource Hash

fe2d552f5b5f5d466d6a729cc466fc8960adf03addda7a8de60b7de2ba95d7f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://homemdomatopremios.com/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Wed, 24 Jul 2024 14:34:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146095
x-xss-protection: 0
server: cafe
etag: 8998190916158754913
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jul 2024 14:34:42 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10846468162/ 2 KB
2 KB 634ms
39ms Script
text/javascript 142.251.174.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10846468162/?random=1721831681476&cv=11&fst=1721831681476&bg=ffffff&guid=ON&async=1&gtm=45be47h0v869150249z8857888618za201zb857888618&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhomemdomatopremios.com%2F&hn=www.googleadservices.com&frm=0&tiba=Termine%20a%20configura%C3%A7%C3%A3o%20do%20seu%20dominio%20%7C%20Rifa%20Digital&npa=0&pscdl=noapi&auid=404157368.1721831681&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-10846468162&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.174.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f155.1e100.net

Software

cafe /

Resource Hash

35470112dd48b1d3a4b5038a158af8fc9f29f6ef75a4a213eb6e5c9e1a7d005a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://homemdomatopremios.com/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

pragma: no-cache
date: Wed, 24 Jul 2024 14:34:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1384
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
0 379ms
27ms Fetch
text/plain 216.239.34.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-KHYBPRP9RF&gtm=45je47h0v875720306z8857888618za200zb857888618&_p=1721831680722&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1889471254.1721831682&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721831681&sct=1&seg=0&dl=https%3A%2F%2Fhomemdomatopremios.com%2F&dt=Termine%20a%20configura%C3%A7%C3%A3o%20do%20seu%20dominio%20%7C%20Rifa%20Digital&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1747&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KHYBPRP9RF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://homemdomatopremios.com/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

pragma: no-cache
date: Wed, 24 Jul 2024 14:34:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://homemdomatopremios.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
258 B 385ms
22ms Ping
text/plain 172.217.222.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KHYBPRP9RF&cid=1889471254.1721831682&gtm=45je47h0v875720306z8857888618za200zb857888618&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KHYBPRP9RF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.222.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: qi-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://homemdomatopremios.com/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

pragma: no-cache
date: Wed, 24 Jul 2024 14:34:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://homemdomatopremios.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
0 366ms
25ms Fetch
text/plain 216.239.34.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-KHYBPRP9RF&gtm=45je47h0v875720306z8857888618za200zb857888618&_p=1721831680722&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1889471254.1721831682&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAC&_s=2&sid=1721831681&sct=1&seg=1&dl=https%3A%2F%2Fhomemdomatopremios.com%2F&dt=Termine%20a%20configura%C3%A7%C3%A3o%20do%20seu%20dominio%20%7C%20Rifa%20Digital&en=page_view&_et=4&tfd=1758&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KHYBPRP9RF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://homemdomatopremios.com/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

pragma: no-cache
date: Wed, 24 Jul 2024 14:34:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://homemdomatopremios.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 404 collect
fbapi.rifa.digital/g/ 0
0 651ms
135ms Fetch
text/html 172.67.68.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fbapi.rifa.digital/g/collect?v=2&tid=G-KHYBPRP9RF&gtm=45je47h0v875720306z8857888618za200zb857888618&_p=1721831680722&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1889471254.1721831682&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1721831681&sct=1&seg=1&dl=https%3A%2F%2Fhomemdomatopremios.com%2F&dt=Termine%20a%20configura%C3%A7%C3%A3o%20do%20seu%20dominio%20%7C%20Rifa%20Digital&en=PageView&ep.event_id=1721831681356.685662.1&_et=1&tfd=1772&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KHYBPRP9RF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://homemdomatopremios.com/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

GET
H2 200 619464952447923 Show response
connect.facebook.net/signals/config/ 60 KB
12 KB 68ms
67ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/619464952447923?v=2.9.162&r=stable&domain=homemdomatopremios.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

a88bf9bd4ea51b2b2fcdf2b3ab990e0f13aea182c2b6e75aaf0b4b6a4386ddea

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://homemdomatopremios.com/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 24 Jul 2024 14:34:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=12, rtx=0, c=62, mss=1348, tbw=64190, tp=-1, tpl=-1, uplat=52, ullat=0
pragma: public
x-fb-debug: vpBPqODapbzPXFd2DoHNQBpcTWMGnQdaLBACjHxZkI321EiQnEuGtjXousll4jjEPSXU+hvP6Eo5sgZin+imfA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 577ms
50ms Image
text/plain 57.144.104.1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=619464952447923&ev=PageView&dl=https%3A%2F%2Fhomemdomatopremios.com%2F&rl=&if=false&ts=1721831681851&sw=1600&sh=1200&v=2.9.162&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1721831681847.364631410909543561&ler=empty&cdl=API_unavailable&it=1721831681751&coo=false&eid=1721831681356.685662.1&tm=1&chmd=&chpv=&chfv=undefined&rqm=GET

Requested by

Host: homemdomatopremios.com
URL: https://homemdomatopremios.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

57.144.104.1 Highlands Ranch, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-den2.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://homemdomatopremios.com/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=48, rtx=0, c=10, mss=1348, tbw=2809, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 24 Jul 2024 14:34:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 628ms
102ms Image
image/png 57.144.104.1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=619464952447923&ev=PageView&dl=https%3A%2F%2Fhomemdomatopremios.com%2F&rl=&if=false&ts=1721831681851&sw=1600&sh=1200&v=2.9.162&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1721831681847.364631410909543561&ler=empty&cdl=API_unavailable&it=1721831681751&coo=false&eid=1721831681356.685662.1&tm=1&chmd=&chpv=&chfv=undefined&rqm=FGET

Requested by

Host: homemdomatopremios.com
URL: https://homemdomatopremios.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

57.144.104.1 Highlands Ranch, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-den2.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://homemdomatopremios.com/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Wed, 24 Jul 2024 14:34:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=48, rtx=0, c=12, mss=1348, tbw=3127, tp=-1, tpl=-1, uplat=49, ullat=0
pragma: no-cache
x-fb-debug: MLF7YK7jpMTSfdU+uQNToFUaUNnsL1y01bhHdi/yJ6urb6SRlBbMYuIWjK7w1yoqpV0b8PAEPt0dONdA489pdA==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10846468162/ 42 B
455 B 373ms
29ms Image
image/gif 173.194.204.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10846468162/?random=1721831681476&cv=11&fst=1721829600000&bg=ffffff&guid=ON&async=1&gtm=45be47h0v869150249z8857888618za201zb857888618&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhomemdomatopremios.com%2F&hn=www.googleadservices.com&frm=0&tiba=Termine%20a%20configura%C3%A7%C3%A3o%20do%20seu%20dominio%20%7C%20Rifa%20Digital&npa=0&pscdl=noapi&auid=404157368.1721831681&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLs_G5qZL9x4rfTVFUWfVgDVWlox0dHA&random=458205009&rmt_tld=0&ipr=y

Requested by

Host: homemdomatopremios.com
URL: https://homemdomatopremios.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.204.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://homemdomatopremios.com/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

pragma: no-cache
date: Wed, 24 Jul 2024 14:34:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240722/r20110914/ Frame 4F8A 0
0 21ms
21ms Document
text/html 142.251.174.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240722/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.174.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://homemdomatopremios.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

age: 76743
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4142
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jul 2024 17:15:39 GMT
etag: 2738592464165616
expires: Tue, 06 Aug 2024 17:15:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame F286 0
0 58ms
56ms Document
text/html 142.251.174.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2984742400813413&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1721831682&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fhomemdomatopremios.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=29~32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=29~32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=29_18~32_18~30_19&aiixl=29_5~32_9~30_6&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721831681431&bpp=4&bdt=1127&idt=916&shv=r20240722&mjsv=m202407180101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=7567428225598&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31084868%2C44798934%2C95330279%2C95331832%2C95334524%2C95334829%2C95337026%2C95337869%2C95338249%2C31084185%2C95331953%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3948367824034419&tmod=243882137&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=941

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.174.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://homemdomatopremios.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jul 2024 14:34:42 GMT
expires: Wed, 24 Jul 2024 14:34:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 398ms
396ms XHR
application/json 209.85.232.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240722&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.232.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qt-in-f155.1e100.net

Software

cafe /

Resource Hash

502aec374c82c1b51b5aac32da9f45cf733698e8715de613d69b464c8527b7e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://homemdomatopremios.com/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Wed, 24 Jul 2024 14:34:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12933
x-xss-protection: 0

GET
H2 200 favicon2.png
homemdomatopremios.com/images/ 412 KB
413 KB 55ms
54ms Other
image/png 172.67.148.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://homemdomatopremios.com/images/favicon2.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.148.227 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4beab007326b210349e30a05dc28160e8e058f840f8be41b8e3650dd6e11761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://homemdomatopremios.com/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Wed, 24 Jul 2024 14:34:42 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 421668
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Nov 2023 03:03:39 GMT
server: cloudflare
etag: "6554350b-66f24"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e63Kon0dEJWaJO1IK9bSuAFrwnE8QwVY63BMRvXFDXCZUD99lh3PLJBpi90Z0KAwUIYXbnbUSnDZ1p0lcB0iFZVggtGJHfnxuOz3KJlOQZAGHkFU9IZj5jiIdKIT8rDzYEcOUNkURBGI"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a84a1efaaab0f9c-EWR

GET
H2 200 favicon2.png
homemdomatopremios.com/images/ 412 KB
0 0ms
0ms Other
image/png 172.67.148.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://homemdomatopremios.com/images/favicon2.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.148.227 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4beab007326b210349e30a05dc28160e8e058f840f8be41b8e3650dd6e11761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://homemdomatopremios.com/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Wed, 24 Jul 2024 14:34:42 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 421668
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Nov 2023 03:03:39 GMT
server: cloudflare
etag: "6554350b-66f24"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e63Kon0dEJWaJO1IK9bSuAFrwnE8QwVY63BMRvXFDXCZUD99lh3PLJBpi90Z0KAwUIYXbnbUSnDZ1p0lcB0iFZVggtGJHfnxuOz3KJlOQZAGHkFU9IZj5jiIdKIT8rDzYEcOUNkURBGI"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a84a1efaaab0f9c-EWR

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 374ms
23ms Script
text/javascript 173.194.204.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.204.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://homemdomatopremios.com/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Wed, 24 Jul 2024 14:34:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 Jul 2024 14:34:43 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E8CA 0
0 363ms
22ms Document
text/html 173.194.204.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.204.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f132.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://homemdomatopremios.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

accept-ranges: bytes
age: 589112
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 17 Jul 2024 18:56:11 GMT
expires: Thu, 17 Jul 2025 18:56:11 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe
www.google.com/recaptcha/api2/ Frame 5DF9 0
0 29ms
28ms Document
text/html 173.194.204.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.204.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f106.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-Tj5JGC7N0xWKnbYNwWFtBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://homemdomatopremios.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'nonce-Tj5JGC7N0xWKnbYNwWFtBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jul 2024 14:34:43 GMT
expires: Wed, 24 Jul 2024 14:34:43 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

POST collect
analytics.google.com/g/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.youtube.com
URL: https://www.youtube.com/embed/DUeCvF7e2_o

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240722&jk=3948367824034419&bg=!YWKlYi3NAAYaZPuaOmQ7ADQBe5WfOLTc_iex1jtD7eUD2Ce9oWKRZMpGLUZtR2ztwZ_R7Kf5fylbCUe7Fw8NdB0oIbwzAgAAAEhSAAAAA2gBB34ANYKWhafKIqxNnkrkFHyb8ZWxLA42ulw94RKM23W87rEK_NaAWw2h1fWJXgiFCCQJtrRfPj5NCgAv67RfC8O_5Rdd9KYn47BWJyAmjGTGqbUe-B5Gj8WD-7uzfi-hNJAkKbQETON2u26ZArolsfXx7K_jnLjfVIkra5x8GUnu63K6aYVIUtKvSMUDIsI5t_YfMpfxYLa2uhjNma5-d_jNoJqJXnFToWicqyU_GNkz7fL9LoC4WthTRl8XOW6cYHh_V3L3XGBo62L-nmQsBbQkDmFm4qiumUai_x1ec5QLEiG9c9hcTklZL-BguVwUEJq_1FAiSmQiCaGqsDJIrxfbq4PVu06PobOXoDWu-4a3jR-P78JkrojmeGdBDMh7p8dacvfZZc6NAU97lnTfn5Zy0zDeMLRwSRNlzuIxNZz_XkvmZxidohf7WfrIFZi0vm4-PL24C14ukQYWXGUo7yEcNhU-2HNIiv3P8O1IJTjGKNg_P4VwOwF6s1dQHzfT_58IwkJfVKhgFJbjqemEsK34NOcuB8LBD5sOZzWlgX_ayq3U86Xhu8IcJ1N9j-Ap7rFSCc_xj3qUdr1P0LXbqjuoEzpn1oZgJOf7x_naWYvwdrZ5Biu2BesHwotfz7OXjUfPo35FVqrnOXuVzJbsOkvRCkeUhYCf_nksSTHRGr3-NEXJp2gZ4_sQa7Sxr7iX32nZm_cP_5oWvHb_RjK7OmykdRmyFZQJKLW-DlZcrqz0hCx1zyoMK9qlHvG8EtTLo-4XyfJ8m3AQ5X22ohedONYZqRmAuYhvMfbF-bIQY4OFGxJOY3aobcJh18wniPNu13s1ZRzZDPFRxfGifduzvdv1CmHaJ7yerWIPi6m2C-cdmULuICJKu8TGKQgIr771_3QydiXWRshCVL6RPSTMEM9z0z8DxCydpNomyefzulde2B9y94Uw9xnbNV8okWc44cXoV-7mVAYL-GiN4LS0BBkzwGoACZDmPl-rR4dprtsuKQvhe759-l8YEtb_jwiXP2Ivv2AQ_zEZWlTke0nj7vnDU6K3E8gfkBz7VrlZ1Xp_76VSMGRRew

Domain: analytics.google.com
URL: https://analytics.google.com/g/collect?v=2&tid=G-KHYBPRP9RF&gtm=45je47h0v875720306za200zb857888618&_p=1721831680722&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1889471254.1721831682&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=4&sid=1721831681&sct=1&seg=1&dl=https%3A%2F%2Fhomemdomatopremios.com%2F&dt=Termine%20a%20configura%C3%A7%C3%A3o%20do%20seu%20dominio%20%7C%20Rifa%20Digital&en=scroll&epn.percent_scrolled=90&_et=11&tfd=6773&_z=fetch

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
homemdomatopremios.com/	1970-01-20 22:17:40	Name: XSRF-TOKEN Value: eyJpdiI6InpDRHFmamV2MG1wdlJXUWEwcjBjZmc9PSIsInZhbHVlIjoiU0xGaWFUV1QzZjM2V1ZPVW9ZUW9od2orQUc4Y3daMVMwakJNZU1jcW5IQ28renNDZm1zTzhZbnROdnZxYWlzZzFsY0RGOUhINEZYUkxGcThEMndJTmFlekVCc3REay96Zkd3bWJtME16bUM2YWlabGhLZVV0dTlqcG9Ob2hBVXkiLCJtYWMiOiJjZjk1N2MzNmZjNjJiNTAwYjg4MDQxZDJiZThjYTA1MWU5NTliMjQ1OGY4Mjk3M2Q1MTA0YjcxYjliMjFlZWNkIiwidGFnIjoiIn0%3D
homemdomatopremios.com/	1970-01-20 22:17:40	Name: rifadigital_session Value: eyJpdiI6IjRVQ1hUU1FObTU2dmNhZUErMVlPWFE9PSIsInZhbHVlIjoiRUhiN0RBSVdsNlp5K3NVa3cwYkViZmo4dFFHcVNWVjRwVTR6d3RlVGNaOTJQVTFoSlFOWTNNd0xjSWczVFJjZDZtMHZCSUI3VDdOWmFvYWcxOWJCUVltamxwL0VTUDloQ1JwQkJQOGxBbys5MzhGUEFZZnVnNXdpQWZtNnFCek8iLCJtYWMiOiI0NjkwYWQ3MjkyYmVhMmZhMGI4OWY4NDlhODY4M2QzNzc3NGFjNzMxMmUxYzEzZDRkMWRjZmU2OGU4NTlkNWYxIiwidGFnIjoiIn0%3D
.homemdomatopremios.com/	1970-01-21 00:26:47	Name: _gcl_au Value: 1.1.404157368.1721831681
.homemdomatopremios.com/	1970-01-21 07:53:11	Name: _ga Value: GA1.1.1889471254.1721831682
.homemdomatopremios.com/	1970-01-21 07:53:11	Name: _ga_KHYBPRP9RF Value: GS1.1.1721831681.1.1.1721831681.60.0.0
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: kxBIrUrR0MM
.youtube.com/	1970-01-21 02:36:23	Name: VISITOR_INFO1_LIVE Value: rSSgzEpQIsQ
.youtube.com/	1970-01-21 02:36:23	Name: VISITOR_PRIVACY_METADATA Value: CgJVUxIEGgAgHg%3D%3D
.homemdomatopremios.com/	1970-01-21 00:26:47	Name: _fbp Value: fb.1.1721831681847.364631410909543561
.doubleclick.net/	1970-01-21 07:53:11	Name: IDE Value: AHWqTUl_2nv0pwvaeFcF2upR1W6oNJ4oSbys5H0XyzOGWzfqz-HmRCWGo5dxeBZYHo8

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://fbapi.rifa.digital/g/collect?v=2&tid=G-KHYBPRP9RF&gtm=45je47h0v875720306z8857888618za200zb857888618&_p=1721831680722&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1889471254.1721831682&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1721831681&sct=1&seg=1&dl=https%3A%2F%2Fhomemdomatopremios.com%2F&dt=Termine%20a%20configura%C3%A7%C3%A3o%20do%20seu%20dominio%20%7C%20Rifa%20Digital&en=PageView&ep.event_id=1721831681356.685662.1&_et=1&tfd=1772&_z=fetch Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
cdnjs.cloudflare.com
connect.facebook.net
fbapi.rifa.digital
fonts.googleapis.com
googleads.g.doubleclick.net
homemdomatopremios.com
pagead2.googlesyndication.com
rsms.me
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.youtube.com
analytics.google.com
pagead2.googlesyndication.com
www.youtube.com
104.17.25.14
104.21.234.234
142.251.174.154
142.251.174.155
172.217.197.91
172.217.222.156
172.253.63.97
172.67.148.227
172.67.68.222
173.194.204.106
173.194.204.132
173.194.204.147
173.194.207.95
209.85.232.155
216.239.34.181
31.13.66.19
57.144.104.1
0a82457ac6fd3f5b9dfdf544b96e96eeeba88c1d71d3b167e969f806cde421a5
13174418812caba498cb70c4c624323bd6842d350a56cbd56eaf6bdd42bb552c
220976705fbec109f43c5cfdceca639e99ace7e51f3eb67292b105d3575eb39b
298e542c68f01e04564e8c3a66a3be85366bfa62b3cb166ca49e5b13c0e100cd
2ec1eec73c52850d3acf72f41cabfdf7180b8b56ae3095b503ee7b0a7886b9e2
35470112dd48b1d3a4b5038a158af8fc9f29f6ef75a4a213eb6e5c9e1a7d005a
4522082cba4909ad4b9a81e3b657c4c243f2e62f6dd5556d1a7b1a72caff6405
46be4edaf684a58f0b606dc3d28355cd9b98eda368450eb8ac26427bbe09d8b1
46e57573d5bb744375fcd74bfbe9beca2a4830909542a9a79edf0762cd24e945
47782f6d742445b12fe6522de2325369f5e045f2c4aed5fefb59ff22bf9e8644
502aec374c82c1b51b5aac32da9f45cf733698e8715de613d69b464c8527b7e3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
71d4834cc40f28ac4aef5b0af3cc627e41a5ce17d06ec6d38e73fbb926a07c05
8e52a861dc26ff4608c50bd7ff89b65d0d6216a2afe7b47ce5d84544811ca400
8fedfb7def1421aa9d58d1732be7164e33eec27b9c87193e010b9ddaa67b6a18
a207db1bb10d8cb63bc087116e78013ade00461936323fbe9132b1c32ba6a2cf
a88bf9bd4ea51b2b2fcdf2b3ab990e0f13aea182c2b6e75aaf0b4b6a4386ddea
aa6c7fc32ddda5c6c5fc89e0c52fe07e7007de4381043602cba668f381e9a22d
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ad454f4cb6ff0dce1ad02660f85d8323d5d9663460441924da3c67accd016442
ad6eb02b88846f05401e2e7632b9106f9f90aaccc2e2c223dd9fae6cd70d727a
aecbef12a58a4a22e32569651e1c563a4235bd414bc1a733f3776438bdbae042
b4beab007326b210349e30a05dc28160e8e058f840f8be41b8e3650dd6e11761
b6f9db9e45be20f3c1312c97fbee7ec36b7d8280f8caa4d53c9ba0408cc9997a
c5e8e8eb22e2eaf1ad02370c22c63c04774ab0b83b4329d5945333750814bb2f
cb85b0f263dbe24e857338301c0627076592e9f1f1a5662929f86d2c126444aa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e532ee789d45d762ed37bd9b4aee9b6b359ace5a19318c8e2ffee29cbbff17f0
e6a6df9353807084166ea6718f1d0869b5d5b3b5d862275b087bea6a2774184c
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fe2d552f5b5f5d466d6a729cc466fc8960adf03addda7a8de60b7de2ba95d7f2

homemdomatopremios.com Open in urlscan Pro 172.67.148.227 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

93 %HTTPS

0 %IPv6

12 Domains

15 Subdomains

18 IPs

2 Countries

1511 kBTransfer

3532 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

homemdomatopremios.com Open in urlscan Pro
172.67.148.227 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

93 %
HTTPS

0 %
IPv6

12
Domains

15
Subdomains

18
IPs

2
Countries

1511 kB
Transfer

3532 kB
Size

10
Cookies

45 HTTP transactions
0 data transactions