pretaopremios.online Open in urlscan Pro
172.67.188.47 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pretaopremios.online/
Effective URL:
https://pretaopremios.online/
Submission: On December 16 via api (December 16th 2023, 11:29:29 pm UTC) from US — Scanned from US

Summary HTTP 46 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 2 countries across 15 domains to perform 46 HTTP transactions. The main IP is 172.67.188.47, located in United States and belongs to CLOUDFLARENET, US. The main domain is pretaopremios.online.
TLS certificate: Issued by E1 on November 2nd 2023. Valid for: 3 months.

This is the only time pretaopremios.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.21.56.239 104.21.56.239	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.67.188.47 172.67.188.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	142.251.40.162 142.251.40.162	15169 (GOOGLE) (GOOGLE)
3	104.21.234.234 104.21.234.234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.176.202 142.250.176.202	15169 (GOOGLE) (GOOGLE)
3	142.251.32.98 142.251.32.98	15169 (GOOGLE) (GOOGLE)
2	142.251.40.168 142.251.40.168	15169 (GOOGLE) (GOOGLE)
2	172.67.70.147 172.67.70.147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	204.79.197.200 204.79.197.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	172.67.214.18 172.67.214.18	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	31.13.71.7 31.13.71.7	32934 (FACEBOOK) (FACEBOOK)
2	13.107.213.40 13.107.213.40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	142.250.65.228 142.250.65.228	15169 (GOOGLE) (GOOGLE)
3	216.239.32.181 216.239.32.181	15169 (GOOGLE) (GOOGLE)
1	172.253.63.154 172.253.63.154	15169 (GOOGLE) (GOOGLE)
1	104.26.1.203 104.26.1.203	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	31.13.71.36 31.13.71.36	32934 (FACEBOOK) (FACEBOOK)
3	23.96.124.156 23.96.124.156	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	142.250.81.225 142.250.81.225	15169 (GOOGLE) (GOOGLE)
46	20

1 104.21.56.239 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

pretaopremios.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.188.47 (United States)

ASN13335 (CLOUDFLARENET, US)

pretaopremios.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.251.40.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.21.234.234 (None, )

ASN13335 (CLOUDFLARENET, US)

rsms.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.176.202 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.32.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.168 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.70.147 (United States)

ASN13335 (CLOUDFLARENET, US)

static.userguiding.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 204.79.197.200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.214.18 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.everlionllc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.71.7 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-lga3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.213.40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.228 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.239.32.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.63.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.1.203 (None, )

ASN13335 (CLOUDFLARENET, US)

fbapi.rifa.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.13.71.36 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-lga3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.96.124.156 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

w.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.81.225 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	224 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 796 w.clarity.ms — Cisco Umbrella Rank: 7494 c.clarity.ms — Cisco Umbrella Rank: 1377	28 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 152	2 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 329 c.bing.com — Cisco Umbrella Rank: 228	16 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75	7 KB
4	pretaopremios.online 1 redirects pretaopremios.online	653 KB
3	rsms.me rsms.me — Cisco Umbrella Rank: 10039	221 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	89 KB
2	everlionllc.com cdn.everlionllc.com	18 KB
2	userguiding.com static.userguiding.com — Cisco Umbrella Rank: 44555	504 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	174 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	rifa.digital fbapi.rifa.digital
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	895 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	17 KB
46	15

	Domain	Requested by
7	pagead2.googlesyndication.com	pretaopremios.online pagead2.googlesyndication.com tpc.googlesyndication.com
4	pretaopremios.online	1 redirects pretaopremios.online
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	w.clarity.ms	www.clarity.ms
3	analytics.google.com	www.googletagmanager.com
3	bat.bing.com	pretaopremios.online bat.bing.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googletagmanager.com
3	rsms.me	pretaopremios.online rsms.me
2	c.clarity.ms	1 redirects
2	www.google.com	pretaopremios.online tpc.googlesyndication.com
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	cdn.everlionllc.com	pretaopremios.online
2	static.userguiding.com	pretaopremios.online static.userguiding.com
2	www.googletagmanager.com	pretaopremios.online www.googletagmanager.com
1	c.bing.com	1 redirects
1	www.facebook.com	pretaopremios.online
1	fbapi.rifa.digital	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	fonts.googleapis.com	pretaopremios.online
1	cdnjs.cloudflare.com	pretaopremios.online
46	21

This site contains no links.

Subject Issuer	Validity	Valid
pretaopremios.online E1	`2023-11-02` - `2024-01-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
rsms.me E1	`2023-10-31` - `2024-01-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
cdn.everlionllc.com Cloudflare Inc ECC CA-3	`2023-02-22` - `2024-02-21`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-25` - `2023-12-24`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://pretaopremios.online/
Frame ID: 9262DDD0BA1699AAA358C6DAB684A7E1
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 950E3B6C070FC6113A01E0C5C0C4A5C0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2984742400813413&output=html&adk=1812271804&adf=3025194257&lmt=1702769362&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpretaopremios.online%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702769362365&bpp=196&bdt=260&idt=539&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4375247805408&frm=20&pv=2&ga_vid=1414585269.1702769363&ga_sid=1702769363&ga_hid=1014634940&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C95320884&oid=2&pvsid=2187452357457730&tmod=498734193&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=614
Frame ID: DBC9F7A42D23C28032003B5B63D9645B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4BBA63EB12123ECD71D486429A226E4E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9307C6CC67152539E4F25FFAD8F7E68D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pretão Prêmios | Rifa Digital

Page URL History Show full URLs

http://pretaopremios.online/ HTTP 301
https://pretaopremios.online/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

46
Requests

98 %
HTTPS

0 %
IPv6

15
Domains

21
Subdomains

20
IPs

2
Countries

1952 kB
Transfer

6501 kB
Size

20
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pretaopremios.online/ HTTP 301
https://pretaopremios.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A2F6A6BB425347A9A8304F8F46C00377&RedC=c.clarity.ms&MXFR=38DD5486DE7D60A8072F476FDA7D6E39 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A2F6A6BB425347A9A8304F8F46C00377&MUID=3ADEE8FDEF7666881A50FB14EEA26758

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
pretaopremios.online/
Redirect Chain

http://pretaopremios.online/
https://pretaopremios.online/

40 KB
12 KB

150ms
98ms

Document
text/html

172.67.188.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pretaopremios.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.188.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd2417f716d9986f0b86c1e5485674a85d2bcad3c38e589862b515145c228e4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 836ab5409cba4bc1-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 16 Dec 2023 23:29:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UDd0BMkdzUQ2TUxwW8okJv3M95TECeCuMZDO3vFd8y9EKO1Vxn8%2BqzJW%2FjuFZBfFQ21VV9DfwYNj19ms4tggJ%2Fvs9VJZuMaWeVHv58NAovsGV0zloZSEAoTlIPTKnT0Arps8yZTJAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding X-Inertia
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 836ab53f2a8636a6-YYZ
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sat, 16 Dec 2023 23:29:21 GMT
Expires: Sun, 17 Dec 2023 00:29:21 GMT
Location: https://pretaopremios.online/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T6zXGVs8HdMULyIQkJup9yfYw9vmVwHTXFeN5Sck3jRC%2FHL5s4e8yIVMDHRNxgSIXShbRxZNJMWOr1zD%2Bn%2FOksg7OJ5be1XvwB7TDuvO5W9Py02zuGNwFwNLlP%2FDN%2FcEfYoXkpPPRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 app.css
pretaopremios.online/css/ 121 KB
19 KB 52ms
51ms Stylesheet
text/css 172.67.188.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pretaopremios.online/css/app.css?id=19ad589ca6b414928a518104c3d0d000

Requested by

Host: pretaopremios.online
URL: https://pretaopremios.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.188.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bcbec5351bf56ecef1f3f9b4b9bac370b2bd008f11f3f181259bafc6d283139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pretaopremios.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 23:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 04 Dec 2023 20:58:21 GMT
server: cloudflare
etag: W/"656e3d6d-1e2be"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qa589DbtW3kw%2FeU%2FmMua1aeA9J6v%2Flkyby70ACIushpXmQEDzKMtZDdIhA8oTcg6Vy1C4CZOTvuIrZNM9Tu%2FsPX4C8dRCpNvWlsR%2FsaP7yuMlZFhaHXXtTWYkWuEhKgjOtigXcKemg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 836ab5413cfd4bc1-BUF

GET
H2 200 app.js Show response
pretaopremios.online/js/ 2 MB
622 KB 177ms
176ms Script
application/javascript 172.67.188.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pretaopremios.online/js/app.js?id=95507eda5adf2edb064de6d29b230a8a

Requested by

Host: pretaopremios.online
URL: https://pretaopremios.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.188.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3217a3a9068d2ab79b3d1796fef60013820d6a71ebe6f38fd8372f07e1a27b15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pretaopremios.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 23:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 08 Dec 2023 14:17:35 GMT
server: cloudflare
etag: W/"6573257f-26dc81"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MWZzvavv7wuIpSAVTAPg1YfqlzULrrhAS9529vCRdo3mTd9Ev0BF0xlbC5%2FFpAyGfKZFrt%2FrrP70QoTaLR8pibJZxPCYSRoqTaiB1Fv5UXWEAC1R6aq74FYffjNtWgckUssy5MfF8w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 836ab5413cfe4bc1-BUF

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 125ms
55ms Script
text/javascript 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2984742400813413

Requested by

Host: pretaopremios.online
URL: https://pretaopremios.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

caae5aa1610a81be2cd82e5c7d65dc96c1535e5fef2afce626f91dcfebc4ad01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pretaopremios.online/
Origin: https://pretaopremios.online
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 23:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51286
x-xss-protection: 0
server: cafe
etag: 17886040857540134863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 23:29:22 GMT

GET
H2 200 inter.css
rsms.me/inter/ 7 KB
1 KB 379ms
40ms Stylesheet
text/css 104.21.234.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/inter.css
Requested by: Host: pretaopremios.online
URL: https://pretaopremios.online/css/app.css?id=19ad589ca6b414928a518104c3d0d000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.234.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fedfb7def1421aa9d58d1732be7164e33eec27b9c87193e010b9ddaa67b6a18

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pretaopremios.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: c3a93a58b5af9bbb7e049eb6b6870e9a3e4e031c
date: Sat, 16 Dec 2023 23:29:22 GMT
via: 1.1 varnish
content-encoding: br
expires: Thu, 14 Dec 2023 09:53:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42
x-cache: HIT
x-proxy-cache: MISS
alt-svc: h3=":443"; ma=86400
x-served-by: cache-yyz4546-YYZ
last-modified: Mon, 20 Nov 2023 16:23:05 GMT
server: cloudflare
x-github-request-id: FA92:5611:1A72EFA:22CBCAD:655B88B2
x-timer: S1701414284.882083,VS0,VE1
etag: W/"655b87e9-1b8d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JvS%2Bta9WrSU3l9H3bHspTYPutvHRkBKavQv4GMNiRfYwAk8eStPXeJQxtXQUsz7UJrkIffbfUHlGcbLj232SkfKTfvGfb5gIgH57X4snI4D1CVlNJI%2BccWb8"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-origin-cache: HIT
cf-ray: 836ab543ce6636bd-YYZ
x-cache-hits: 1

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/ 99 KB
17 KB 106ms
37ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/all.min.css

Requested by

Host: pretaopremios.online
URL: https://pretaopremios.online/css/app.css?id=19ad589ca6b414928a518104c3d0d000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5e8e8eb22e2eaf1ad02370c22c63c04774ab0b83b4329d5945333750814bb2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pretaopremios.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 23:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1346044
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 17188
last-modified: Mon, 25 Jul 2022 19:31:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "62deef96-4324"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3H4r%2BqHbAnFtlYLHdOOQxlDZmkhXPINwI31%2FoqAERzcDfaNTDtPRAoaeEbTggtd%2FS82NRxxnbipDgTP9ccSvt6MJgln5ud8uNs5AoRxDYT0LNjNBMpnXEKQmgYdrvSsfRvyPpITy"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 836ab5420eec3700-YYZ
expires: Thu, 05 Dec 2024 23:29:22 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
895 B 107ms
38ms Stylesheet
text/css 142.250.176.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lexend:wght@400;500&display=swap

Requested by

Host: pretaopremios.online
URL: https://pretaopremios.online/css/app.css?id=19ad589ca6b414928a518104c3d0d000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f10.1e100.net

Software

ESF /

Resource Hash

c964033868df1d79bb0546aa59e93e8ba938a9425f045e8e7f0477cac9da36f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pretaopremios.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 16 Dec 2023 23:29:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 16 Dec 2023 23:29:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 16 Dec 2023 23:29:22 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 160ms
108ms Script
text/javascript 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2984742400813413

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

8f53a375130a9dcc33b79b95d8e58d5ec02d92e70aac3ef70e17083dda50a7d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pretaopremios.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 23:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137920
x-xss-protection: 0
server: cafe
etag: 5399571436788735572
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 23:29:22 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 950E 9 KB
4 KB 88ms
24ms Document
text/html 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2984742400813413

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pretaopremios.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 12032
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 16 Dec 2023 20:08:50 GMT
etag: 5585625838579639069
expires: Sat, 30 Dec 2023 20:08:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 237 KB
83 KB 110ms
47ms Script
application/javascript 142.251.40.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MDPCFZ7

Requested by

Host: pretaopremios.online
URL: https://pretaopremios.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

606dac08d6818415e4827885b7cf99ef9c002161e23bee1282a4e57a194f496e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pretaopremios.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 23:29:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84311
x-xss-protection: 0
last-modified: Sat, 16 Dec 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 16 Dec 2023 23:29:22 GMT

GET
H2 200 user-guiding-BQH70437VSRID-embedded.js Show response
static.userguiding.com/media/ 2 MB
502 KB 480ms
157ms Script
application/javascript 172.67.70.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.userguiding.com/media/user-guiding-BQH70437VSRID-embedded.js

Requested by

Host: pretaopremios.online
URL: https://pretaopremios.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.70.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

32f5b132c8231d24e41ab0c518c03db2378606ba4283cedb252631f6e2531c6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pretaopremios.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 23:29:23 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
last-modified: Fri, 15 Dec 2023 13:01:16 GMT
server: cloudflare
etag: W/"1dd0b2-18c6d911f95"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bl57g79c%2FvuIfAGnqJafhtaohpzZsEzUg7RGcK2DXQpROWZT%2Bhg0XolBUnz%2BSHwlJ9Xh6IqJKNpN4tstYvsTqw0hVoXrT05aU5DkslcjFVv5xOEBntbDvQRsom8iiy213Xa%2FV8abkZw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-sent: true
x-timestamp: 1702769362922
cache-control: public, max-age=1800
x-robots-tag: noindex,nofollow
cf-ray: 836ab54608024bc3-BUF

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 101ms
38ms Script
application/javascript 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: pretaopremios.online
URL: https://pretaopremios.online/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0001.a-msedge.net

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pretaopremios.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 16 Dec 2023 23:29:22 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CADB130A21344743B56666D4C901A2E4 Ref B: NYCEDGE1621 Ref C: 2023-12-16T23:29:22Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H/1.1 200
OK 69717316986726423421.png
cdn.everlionllc.com/logos/ 10 KB
11 KB 301ms
208ms Image
image/png 172.67.214.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.everlionllc.com/logos/69717316986726423421.png
Requested by: Host: pretaopremios.online
URL: https://pretaopremios.online/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.214.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 845ab042b2f85c538238613f372866f50d511e7e064844b352eef38c3acf7237

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pretaopremios.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 16 Dec 2023 23:29:22 GMT
CF-Cache-Status: MISS
Last-Modified: Mon, 30 Oct 2023 13:30:42 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "7388702b94765e8994c3cf58d846eeea"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O6bfLRrrDBh%2FjT6vStbH3A8VlsSARNw1Pdg8X%2BasG%2BqQdwdXOS72KgYz9hJwNskOV0xi8bXlNZJv%2FVdp6PnrqnjAoNnpFYJiMRijOrtht7MxY0GckHzwrJgajWW%2FBECUkanU3AwP"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 836ab5458e3d39cc-YYZ
alt-svc: h3=":443"; ma=86400
Content-Length: 10588

GET
H/1.1 200
OK 2-milzao-na-mao-17019892594197.jpg
cdn.everlionllc.com/raffles/ 6 KB
7 KB 244ms
171ms Image
image/jpeg 172.67.214.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.everlionllc.com/raffles/2-milzao-na-mao-17019892594197.jpg
Requested by: Host: pretaopremios.online
URL: https://pretaopremios.online/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.214.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59f677f648c121c678302673699a3141bb320ba3a1b5ceef0c6e84a2ef922045

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pretaopremios.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 16 Dec 2023 23:29:22 GMT
CF-Cache-Status: MISS
Last-Modified: Thu, 07 Dec 2023 22:47:39 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "3922f30ba006876a2bbb6285b116c8c1"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u9dCzBZBQWN8ieeVb1l2vc8sq9%2BP14UJyApVmYDqnOBbJDNVTAhFQze8%2BFVB3iV3EJXJbRTYiMbY9SUxvWZJnWXpcGMbybYUUzfE%2BvePEByNDU%2B2xcJkUYYATimw3sv8TwN55Y%2B3"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 836ab5456aef4bd2-BUF
alt-svc: h3=":443"; ma=86400
Content-Length: 6255

GET
H3 200 Inter-Medium.woff2
rsms.me/inter/font-files/ 109 KB
109 KB 156ms
88ms Font
font/woff2 104.21.234.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/font-files/Inter-Medium.woff2?v=4.0
Requested by: Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.234.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8458f8afa67b5691c1fcbe51607a2dafb53a9839e48131c608a186b65415d96d

Request headers

Referer: https://rsms.me/inter/inter.css
Origin: https://pretaopremios.online
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: b65c34a50984a8fb63c5495ec08442200ec6e408
date: Sat, 16 Dec 2023 23:29:22 GMT
via: 1.1 varnish
expires: Mon, 20 Nov 2023 16:36:27 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache: HIT
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 111380
x-served-by: cache-yyz4540-YYZ
last-modified: Mon, 20 Nov 2023 16:23:03 GMT
server: cloudflare
x-github-request-id: E6FE:7B0F:1BAAF94:240F7C9:655B88B9
x-timer: S1702769363.804339,VS0,VE2
etag: "655b87e7-1b314"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gZrgRhyv%2BLatOE%2BbK8xFGudFU0HKnxjHUrKUiNTuMqZXZP0N0XMCggMTICLvJgkcALD8FYxegMNrbeWFsAJBZJNaOA5Xkrkn138qKxIwdLhKBSFALXJn8oyt"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
x-origin-cache: HIT
cf-ray: 836ab5457a0139ef-YYZ
x-cache-hits: 1

GET
H3 200 Inter-SemiBold.woff2
rsms.me/inter/font-files/ 109 KB
110 KB 124ms
56ms Font
font/woff2 104.21.234.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/font-files/Inter-SemiBold.woff2?v=4.0
Requested by: Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.234.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e52a861dc26ff4608c50bd7ff89b65d0d6216a2afe7b47ce5d84544811ca400

Request headers

Referer: https://rsms.me/inter/inter.css
Origin: https://pretaopremios.online
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: 70b707aa13a89980cf9ad213b36f76dacc97adb7
date: Sat, 16 Dec 2023 23:29:22 GMT
via: 1.1 varnish
expires: Mon, 20 Nov 2023 16:36:07 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache: HIT
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 111588
x-served-by: cache-yyz4543-YYZ
last-modified: Mon, 20 Nov 2023 16:23:03 GMT
server: cloudflare
x-github-request-id: 71CE:6C8B:1B48B1E:23A727F:655B88B3
x-timer: S1702769363.803867,VS0,VE3
etag: "655b87e7-1b3e4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hT6FBUlcWr1vfk4S3teYmZQ8md%2F2lHHK%2FHG697ckAvsa3oESHWtzG9SSszG52gS629LwzXsy%2FUfJbWkKFulmbWgJx0chFZLSISmaG3oagi0HmqRPdkjDmxyP"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
x-origin-cache: HIT
cf-ray: 836ab5457a0439ef-YYZ
x-cache-hits: 1

GET
H2 200 343034858.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 39ms
37ms Script
application/javascript 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/343034858.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0001.a-msedge.net

Software

Resource Hash

cb38ffe0bf7323c1814575cac3492f267a7c1c4f21448623c7fce619be74f2eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pretaopremios.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Sat, 16 Dec 2023 23:29:22 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4DE1B8673BEC41C3B562B2C79407EB48 Ref B: NYCEDGE1621 Ref C: 2023-12-16T23:29:22Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
360 B 43ms
43ms Image
text/plain 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=343034858&Ver=2&mid=3ec3572d-cfbe-456c-ab3c-6b9cb40b0c6c&sid=f19239c09c6a11ee86990fd74de3968a&vid=f1929bb09c6a11ee9f724f84d6cda5d7&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Pret%C3%A3o%20Pr%C3%AAmios%20%7C%20Rifa%20Digital&p=https%3A%2F%2Fpretaopremios.online%2F&r=&lt=2017&evt=pageLoad&sv=1&rn=318080

Requested by

Host: pretaopremios.online
URL: https://pretaopremios.online/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0001.a-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pretaopremios.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 16 Dec 2023 23:29:22 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2A72AF6EFCC745698D4FC37B5EDAED27 Ref B: NYCEDGE1621 Ref C: 2023-12-16T23:29:22Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
92 KB 52ms
51ms Script
application/javascript 142.251.40.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KHYBPRP9RF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDPCFZ7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

1bf45b5c781f33a2bb80281e8511cd05daf287c6dc5572048998553366e07557

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pretaopremios.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 23:29:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93776
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 16 Dec 2023 23:29:22 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 94ms
28ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDPCFZ7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pretaopremios.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 16 Dec 2023 23:29:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: aPaCjxQ5UXomchqb8EHirUdr4Ota/cwsZv1AedP6LHsbB99hWfoOmmbTRYMnWBkkqcctYkWtVYy9ShlN7yoZJQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10846468162/ 2 KB
1 KB 49ms
48ms Script
text/javascript 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10846468162/?random=1702769362879&cv=11&fst=1702769362879&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v857888618&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpretaopremios.online%2F&hn=www.googleadservices.com&frm=0&tiba=Pret%C3%A3o%20Pr%C3%AAmios%20%7C%20Rifa%20Digital&auid=2098620042.1702769363&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDPCFZ7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

3bae186185f2f7c970dc1ed1e8594647070ce2dcd2f2775cf130e0afa68d6f5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pretaopremios.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Dec 2023 23:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1250
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DBC9 603 B
370 B 50ms
49ms Document
text/html 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2984742400813413&output=html&adk=1812271804&adf=3025194257&lmt=1702769362&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpretaopremios.online%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702769362365&bpp=196&bdt=260&idt=539&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4375247805408&frm=20&pv=2&ga_vid=1414585269.1702769363&ga_sid=1702769363&ga_hid=1014634940&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C95320884&oid=2&pvsid=2187452357457730&tmod=498734193&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=614

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pretaopremios.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 16 Dec 2023 23:29:23 GMT
expires: Sat, 16 Dec 2023 23:29:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 53ms
52ms Image
image/gif 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&cls=px-4%20bg-white%20h-%5B48px%5D%20sm%3Ah-%5B64px%5D%20min-w-full%20fixed&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: pretaopremios.online
URL: https://pretaopremios.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pretaopremios.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Dec 2023 23:29:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 343034858 Show response
www.clarity.ms/tag/uet/ 829 B
1 KB 419ms
54ms Script
application/x-javascript 13.107.213.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/343034858
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/343034858.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.213.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 63a1876344604a2b7d21d83a3699b298590bc7c64665045f87048b8b1433bd53

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pretaopremios.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: -1
date: Sat, 16 Dec 2023 23:29:23 GMT
x-azure-ref: 20231216T232923Z-nvfxhfftmp5p71g7yd0krs99sn0000000850000000002w6p
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 829
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 /
www.google.com/pagead/1p-user-list/10846468162/ 42 B
455 B 107ms
44ms Image
image/gif 142.250.65.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10846468162/?random=1702769362879&cv=11&fst=1702767600000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v857888618&u_w=1600&u_h=1200&url=https%3A%2F%2Fpretaopremios.online%2F&frm=0&tiba=Pret%C3%A3o%20Pr%C3%AAmios%20%7C%20Rifa%20Digital&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_aH3e1xq8YbSdjmMQeWHdfaFnHqs1Hg&random=3668408980&rmt_tld=0&ipr=y

Requested by

Host: pretaopremios.online
URL: https://pretaopremios.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.228 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pretaopremios.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Dec 2023 23:29:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
248 B 104ms
39ms Ping
text/plain 216.239.32.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-KHYBPRP9RF&gtm=45je3bt0v875720306z8857888618&_p=1702769362551&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1414585269.1702769363&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702769363&sct=1&seg=0&dl=https%3A%2F%2Fpretaopremios.online%2F&dt=Pret%C3%A3o%20Pr%C3%AAmios%20%7C%20Rifa%20Digital&en=page_view&_fv=1&_ss=1&tfd=2403
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KHYBPRP9RF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pretaopremios.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Dec 2023 23:29:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pretaopremios.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 1276ms
37ms Ping
text/plain 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KHYBPRP9RF&cid=1414585269.1702769363&gtm=45je3bt0v875720306z8857888618&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KHYBPRP9RF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bi-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pretaopremios.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Dec 2023 23:29:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pretaopremios.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 78ms
40ms Ping
text/plain 216.239.32.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-KHYBPRP9RF&gtm=45je3bt0v875720306z8857888618&_p=1702769362551&gcd=11l1l1l1l1&dma=0&cid=1414585269.1702769363&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAC&_s=2&sid=1702769363&sct=1&seg=1&dl=https%3A%2F%2Fpretaopremios.online%2F&dt=Pret%C3%A3o%20Pr%C3%AAmios%20%7C%20Rifa%20Digital&en=page_view&_et=15&tfd=2431
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KHYBPRP9RF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pretaopremios.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Dec 2023 23:29:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pretaopremios.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 404 collect
fbapi.rifa.digital/g/ 0
0 189ms
99ms Ping
text/html 104.26.1.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fbapi.rifa.digital/g/collect?v=2&tid=G-KHYBPRP9RF&gtm=45je3bt0v875720306z8857888618&_p=1702769362551&gcd=11l1l1l1l1&dma=0&cid=1414585269.1702769363&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1702769363&sct=1&seg=1&dl=https%3A%2F%2Fpretaopremios.online%2F&dt=Pret%C3%A3o%20Pr%C3%AAmios%20%7C%20Rifa%20Digital&en=PageView&ep.event_id=1702769362875.123232.1&_et=3&tfd=2454
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KHYBPRP9RF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.1.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pretaopremios.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 619464952447923 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 82ms
81ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/619464952447923?v=2.9.138&r=stable&domain=pretaopremios.online

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

c7993151d618ae732637b8e0fd335133fb18720222ad0250ba2fbec39a5d9b76

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pretaopremios.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 16 Dec 2023 23:29:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: v9BRVG+EWjEM7LcyvVI3GKhlPUO40JUDRIED4rlC4F7iTItKEN8KbMJv5+8/gjvMLU2woZNOaiGCSz4Xvx8CVA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sdk-BQH70437VSRID.json Show response
static.userguiding.com/media/ 6 KB
2 KB 98ms
61ms XHR
application/json 172.67.70.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.userguiding.com/media/sdk-BQH70437VSRID.json

Requested by

Host: static.userguiding.com
URL: https://static.userguiding.com/media/user-guiding-BQH70437VSRID-embedded.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.70.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

2b644186fb5f207328e618c578febfdeed0550b5f65b4ceb29c569e7ed94c5c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://pretaopremios.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 23:29:23 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
last-modified: Fri, 08 Dec 2023 16:02:01 GMT
server: cloudflare
etag: W/"166e-18c4a2a16e5"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ttBVzaljVUL0B%2B1rc6YqWQCrZfSS%2BfjIFKw2k2FXWaWuxiroS%2BkSwlXUUtZMZrgFVfZeURxelPWj4hY05MBmVfWWiWVltv3ikT8XjY3hlYQwlClFoXdSUsmNWq7QQlPq8csQzkfQmRw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
x-sent: true
x-timestamp: 1702769363328
cache-control: public, max-age=0
x-robots-tag: noindex,nofollow
cf-ray: 836ab54898ae4bc1-BUF

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 352ms
33ms Image
text/plain 31.13.71.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=619464952447923&ev=PageView&dl=https%3A%2F%2Fpretaopremios.online%2F&rl=&if=false&ts=1702769363283&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1702769363281.594726486&ler=empty&it=1702769363179&coo=false&eid=1702769362875.123232.1&tm=1&rqm=GET

Requested by

Host: pretaopremios.online
URL: https://pretaopremios.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-lga3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pretaopremios.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 16 Dec 2023 23:29:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.20/ 60 KB
25 KB 50ms
49ms Script
application/javascript 13.107.213.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.20/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/343034858
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.213.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pretaopremios.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 23:29:23 GMT
content-encoding: br
last-modified: Wed, 13 Dec 2023 19:57:52 GMT
etag: W/"0x8DBFC15CAB825ED"
vary: Accept-Encoding
x-azure-ref: 20231216T232923Z-nvfxhfftmp5p71g7yd0krs99sn0000000850000000002w6y
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 60df519e-a01e-002d-384c-2e9da8000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
300 B 163ms
78ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://pretaopremios.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://pretaopremios.online
Date: Sat, 16 Dec 2023 23:29:23 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 56ms
55ms XHR
application/json 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

83dbcdea981192ac8328224e8d36a13b6e02cc2fcef8b54481ec032ece258bff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pretaopremios.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 23:29:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12081
x-xss-protection: 0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A2F6A6BB425347A9A8304F8F46C00377&RedC=c.clarity.ms&MXFR=38DD5486DE7D60A8072F476FDA7D6E39
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A2F6A6BB425347A9A8304F8F46C00377&MUID=3ADEE8FDEF7666881A50FB14EEA26758

42 B
464 B

38ms
36ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A2F6A6BB425347A9A8304F8F46C00377&MUID=3ADEE8FDEF7666881A50FB14EEA26758
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pretaopremios.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Dec 2023 23:29:24 GMT
last-modified: Tue, 12 Dec 2023 19:03:29 GMT
server: Microsoft-IIS/10.0
etag: "e8d91e42d2dda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 16 Dec 2023 23:29:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 41E07566A6564EE8A55EC373DE90A7E5 Ref B: NYCEDGE1621 Ref C: 2023-12-16T23:29:24Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A2F6A6BB425347A9A8304F8F46C00377&MUID=3ADEE8FDEF7666881A50FB14EEA26758
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 147ms
71ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pretaopremios.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 23:29:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 16 Dec 2023 23:29:23 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4BBA 13 KB
5 KB 183ms
25ms Document
text/html 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pretaopremios.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 101341
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Dec 2023 19:20:23 GMT
expires: Sat, 14 Dec 2024 19:20:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9307 829 B
982 B 202ms
45ms Document
text/html 142.250.65.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.228 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f4.1e100.net

Software

GSE /

Resource Hash

4162e0a9c2cbf4606c4b056c87b1ea92e352d664f662198b9bd186efd8342629

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-e-FdICeRkDwLle8ZoloqKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pretaopremios.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-e-FdICeRkDwLle8ZoloqKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 16 Dec 2023 23:29:24 GMT
expires: Sat, 16 Dec 2023 23:29:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 4BBA 39 KB
15 KB 25ms
24ms Script
text/javascript 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 20:09:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 15 Dec 2024 20:09:04 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9307 0
0 53ms
52ms Image
text/html 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=2187452357457730&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s81-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4BBA 0
10 B 27ms
26ms Image
text/plain 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?EyFpTw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s74-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 23:29:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
300 B 36ms
35ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://pretaopremios.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://pretaopremios.online
Date: Sat, 16 Dec 2023 23:29:24 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 55ms
54ms Image
text/html 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=2187452357457730&bg=!bG-lbyDNAAY3kmNgF5I7ADQBe5WfOKcWOgVuNwDqAthRl4w3CMHwtAuLaxZJcvutKn0I43luA9P4g8LHoiCl-XJHUiHaAgAAAOxSAAAABGgBB5kC8AEHkz4K7peoDL0nYppkjtpNEIK9MGOomqrEJM8m4nUWKGDbZ0ubIeNRUJlUZ6irPiy_pkUuIR6SzRuu1e_YBI4jNVqvBJ-_K44J_8uNEdwGYTIizGjA4cgMjadJH5fjr5raTDDw17ItNArSgjn-rCRLEU812GUvUs6lqiWbuXZeWqEoHMC6zn33ikcC3XMK9VlDHDENAb2h2eAq-ct8eHJPZTGnYFjhupRMSq3FejjCFGbULi7zp5qGp0CK_wtVKEhxUM6694P1fYwqYMz18yPEYBNbhCeLUQw4BsNlTv1roA2BwNgE6Z980Ij58bvTvcDV0ZcIzm6DLjaK6_B-FAu8UV6JuDsV-Do_Ah-oHIaQdriMzpaGym51QPoAAnXQ_oBt2NXofkV0iFyQ-I3vS-PbxJ11EpfJA4gVQVpeRzUWhMAR8MJ88nTGm0WvhvuxNh5CjlHCnzpUs3-7hSSGPYK_QX3LfqZc357_4GmeTldWFUtmkc6-_NQRBGNLIq48DA5umq-EommIPpXoMUIeF9LJBlbIliN3P0kVuXLrmYvgC2LQFWvLcyt076FYewj4YsZ048lsIO7DTfcsqsoJlIA8EvjeH34m5iq7M-pv6QPfVedoQA8D2J9UkHX-0TxaJbTw-KX8oxPj4aQf_vBPZ3EfiAoxTPdDw8zgafHUChgUmaW8Pc6MdLTyFlHmo5YkUqb29WjS6zYhZ9A6JuOprlS7CEfbEPkl27uJwe-l-tuuJuxuES1YUdo8Cf4trLHaJSmowYkAP8ervCIrvvvuGyu_dRWkQof7swHFPG2RJdvgsY0P538GwDjc4VAVLalyKySYmtblAu2VinvPF68199uKsDAftNbq84YrbXxxgJJIucycYxV_7-AODPzs6oyNi0ag8nIX1aPUiPJkuSXcdaxjl3CLStKa2S4a1O5-oT09rqX-_P9g8K5KU0G89Z7wnVOb03hhIJswpq1I7PgGve5erRZ4IBACyUG0pVSMsDLp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s81-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pretaopremios.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
300 B 33ms
32ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://pretaopremios.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://pretaopremios.online
Date: Sat, 16 Dec 2023 23:29:26 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 43ms
42ms Ping
text/plain 216.239.32.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-KHYBPRP9RF&gtm=45je3bt0v875720306&_p=1702769362551&gcd=11l1l1l1l1&dma=0&cid=1414585269.1702769363&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=4&sid=1702769363&sct=1&seg=1&dl=https%3A%2F%2Fpretaopremios.online%2F&dt=Pret%C3%A3o%20Pr%C3%AAmios%20%7C%20Rifa%20Digital&en=scroll&epn.percent_scrolled=90&_et=18&tfd=7454
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KHYBPRP9RF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pretaopremios.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Dec 2023 23:29:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pretaopremios.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pretaopremios.online/	1970-01-20 16:59:58	Name: XSRF-TOKEN Value: eyJpdiI6IngvbEFZc1NCY05SZFRNVGErMEdzMVE9PSIsInZhbHVlIjoiV1NGeCtjTzZDeG5HSWUxQWh6eUFLYVhHSDFIUlM5c0hmdVp6Q2FvRERCTU0zUU5UNWhuTklDV2NldnRTa1gwWHp2RXR6YVBuMVlsbTJMSmtOOGRxUlcxQTVZM1NGbTlNUDFENUZtcEhMRWJHSUJDZSszUjBZV1plekpRUGpRanQiLCJtYWMiOiI0YjFjN2U1ZWRkMzgyOTZmYTFlODdmMThlMDc1Y2M1OTVhYzg2OTQ0NTJjMmZhNmVlOGQwNmYyMTQ0ZWFkMjc3IiwidGFnIjoiIn0%3D
pretaopremios.online/	1970-01-20 16:59:58	Name: rifadigital_session Value: eyJpdiI6IkYzNDlkeXRoZ3ZmWUppOTN1QWhXYnc9PSIsInZhbHVlIjoiV2VNc1F4b0tTcVhkU0sydVF3Vm9XNVpic0pMakZ5Vjd0THZYZzhSdzF2SEpRQXhSNmt3SG1rdHRMK2hXQzFLbHA2OEJyZ1BicjR3YmUya0pjcjdqeGUvc1cvMitBcnFEdmhpV1Axbi9FM25zZ2xmVWpsbnJZNDdUWVdRMmVnUFUiLCJtYWMiOiJhOGU3MWUxZGQ3NTMwMzQ2ODhjOGI5MTQ1ZjBmZmY0ODM1ZDFmM2FkZTQxOGE2N2Q0MDU4YWI4N2VjM2NmNDYyIiwidGFnIjoiIn0%3D
.pretaopremios.online/	1970-01-20 17:00:55	Name: _uetsid Value: f19239c09c6a11ee86990fd74de3968a
.pretaopremios.online/	1970-01-21 02:21:05	Name: _uetvid Value: f1929bb09c6a11ee9f724f84d6cda5d7
.pretaopremios.online/	1970-01-20 19:09:05	Name: _gcl_au Value: 1.1.2098620042.1702769363
.bing.com/	1970-01-21 02:21:05	Name: MUID Value: 3ADEE8FDEF7666881A50FB14EEA26758
.bat.bing.com/	1970-01-20 17:09:34	Name: MR Value: 0
.doubleclick.net/	1970-01-21 02:35:29	Name: IDE Value: AHWqTUloznJOAeejtN4tRSs0nqoDWc1c_X0KAA6e9Yi4njv_lwrixxPgFkVL91MBgNc
.pretaopremios.online/	1970-01-21 02:35:29	Name: _ga Value: GA1.1.1414585269.1702769363
.pretaopremios.online/	1970-01-21 02:35:29	Name: _ga_KHYBPRP9RF Value: GS1.1.1702769363.1.1.1702769363.60.0.0
.pretaopremios.online/	1970-01-20 19:09:05	Name: _fbp Value: fb.1.1702769363281.594726486
www.clarity.ms/	1970-01-21 01:45:05	Name: CLID Value: d339c142e000497bb711da95ab7d3f96.20231216.20241215
.pretaopremios.online/	1970-01-21 01:45:05	Name: _clck Value: kheltl%7C2%7Cfhl%7C0%7C1445
.pretaopremios.online/	1970-01-20 17:00:55	Name: _clsk Value: 1czbl96%7C1702769363776%7C1%7C1%7Cw.clarity.ms%2Fcollect
.c.bing.com/	1970-01-20 17:09:34	Name: MR Value: 0
.c.bing.com/	1970-01-21 02:21:05	Name: SRM_B Value: 3ADEE8FDEF7666881A50FB14EEA26758
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 02:21:05	Name: MUID Value: 3ADEE8FDEF7666881A50FB14EEA26758
.c.clarity.ms/	1970-01-20 17:09:34	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 16:59:29	Name: ANONCHK Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://fbapi.rifa.digital/g/collect?v=2&tid=G-KHYBPRP9RF&gtm=45je3bt0v875720306z8857888618&_p=1702769362551&gcd=11l1l1l1l1&dma=0&cid=1414585269.1702769363&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1702769363&sct=1&seg=1&dl=https%3A%2F%2Fpretaopremios.online%2F&dt=Pret%C3%A3o%20Pr%C3%AAmios%20%7C%20Rifa%20Digital&en=PageView&ep.event_id=1702769362875.123232.1&_et=3&tfd=2454 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.everlionllc.com
cdnjs.cloudflare.com
connect.facebook.net
fbapi.rifa.digital
fonts.googleapis.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
pretaopremios.online
rsms.me
static.userguiding.com
stats.g.doubleclick.net
tpc.googlesyndication.com
w.clarity.ms
www.clarity.ms
www.facebook.com
www.google.com
www.googletagmanager.com
104.17.24.14
104.21.234.234
104.21.56.239
104.26.1.203
13.107.213.40
142.250.176.202
142.250.65.228
142.250.81.225
142.251.32.98
142.251.40.162
142.251.40.168
172.253.63.154
172.67.188.47
172.67.214.18
172.67.70.147
20.110.205.119
204.79.197.200
216.239.32.181
23.96.124.156
31.13.71.36
31.13.71.7
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1bf45b5c781f33a2bb80281e8511cd05daf287c6dc5572048998553366e07557
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
2b644186fb5f207328e618c578febfdeed0550b5f65b4ceb29c569e7ed94c5c8
3217a3a9068d2ab79b3d1796fef60013820d6a71ebe6f38fd8372f07e1a27b15
32f5b132c8231d24e41ab0c518c03db2378606ba4283cedb252631f6e2531c6f
3bae186185f2f7c970dc1ed1e8594647070ce2dcd2f2775cf130e0afa68d6f5a
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
4162e0a9c2cbf4606c4b056c87b1ea92e352d664f662198b9bd186efd8342629
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59f677f648c121c678302673699a3141bb320ba3a1b5ceef0c6e84a2ef922045
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
606dac08d6818415e4827885b7cf99ef9c002161e23bee1282a4e57a194f496e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63a1876344604a2b7d21d83a3699b298590bc7c64665045f87048b8b1433bd53
83dbcdea981192ac8328224e8d36a13b6e02cc2fcef8b54481ec032ece258bff
8458f8afa67b5691c1fcbe51607a2dafb53a9839e48131c608a186b65415d96d
845ab042b2f85c538238613f372866f50d511e7e064844b352eef38c3acf7237
8bcbec5351bf56ecef1f3f9b4b9bac370b2bd008f11f3f181259bafc6d283139
8e52a861dc26ff4608c50bd7ff89b65d0d6216a2afe7b47ce5d84544811ca400
8f53a375130a9dcc33b79b95d8e58d5ec02d92e70aac3ef70e17083dda50a7d0
8fedfb7def1421aa9d58d1732be7164e33eec27b9c87193e010b9ddaa67b6a18
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
c5e8e8eb22e2eaf1ad02370c22c63c04774ab0b83b4329d5945333750814bb2f
c7993151d618ae732637b8e0fd335133fb18720222ad0250ba2fbec39a5d9b76
c964033868df1d79bb0546aa59e93e8ba938a9425f045e8e7f0477cac9da36f6
caae5aa1610a81be2cd82e5c7d65dc96c1535e5fef2afce626f91dcfebc4ad01
cb38ffe0bf7323c1814575cac3492f267a7c1c4f21448623c7fce619be74f2eb
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
cd2417f716d9986f0b86c1e5485674a85d2bcad3c38e589862b515145c228e4d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

pretaopremios.online Open in urlscan Pro 172.67.188.47 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

98 %HTTPS

0 %IPv6

15 Domains

21 Subdomains

20 IPs

2 Countries

1952 kBTransfer

6501 kBSize

20 Cookies

0 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pretaopremios.online Open in urlscan Pro
172.67.188.47 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

98 %
HTTPS

0 %
IPv6

15
Domains

21
Subdomains

20
IPs

2
Countries

1952 kB
Transfer

6501 kB
Size

20
Cookies

46 HTTP transactions
0 data transactions