urlscan.io logo urlscan.io
SecurityTrails logo

ft.xn--premiosuberdadepresso-21b.com.br Open in urlscan Pro Puny
ft.premiosuberdadepressão.com.br IDN
2a02:4780:13:1536:0:12c9:afd7:2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ft.xn--premiosuberdadepresso-21b.com.br/
Effective URL: https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
Submission: On September 09 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 11 domains to perform 39 HTTP transactions. The main IP is 2a02:4780:13:1536:0:12c9:afd7:2, located in São Paulo, Brazil and belongs to AS-HOSTINGER, CY. The main domain is ft.xn--premiosuberdadepresso-21b.com.br.
TLS certificate: Issued by R10 on August 22nd 2024. Valid for: 3 months.
This is the only time ft.xn--premiosuberdadepresso-21b.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 18 2a02:4780:13:... 47583 (AS-HOSTINGER)
3 2a04:4e42:200... 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 52.21.144.157 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
3 3.33.182.45 16509 (AMAZON-02)
1 23.223.209.54 20940 (AKAMAI-ASN1)
2 2a03:2880:f11... 32934 (FACEBOOK)
2 108.139.29.88 16509 (AMAZON-02)
1 108.138.115.182 16509 (AMAZON-02)
1 3.171.139.110 16509 (AMAZON-02)
39 13
18    2a02:4780:13:1536:0:12c9:afd7:2 (São Paulo, Brazil)

ASN47583 (AS-HOSTINGER, CY)
ft.xn--premiosuberdadepresso-21b.com.br
3    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    52.21.144.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-144-157.compute-1.amazonaws.com
api.mercadopago.com
1    2607:f8b0:4006:80f::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    3.33.182.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: a35f64fceb718ad27.awsglobalaccelerator.com
www.mercadolibre.com
1    23.223.209.54 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-223-209-54.deploy.static.akamaitechnologies.com
http2.mlstatic.com
2    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    108.139.29.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-88.jfk50.r.cloudfront.net
events.mercadopago.com
1    108.138.115.182 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-115-182.jfk50.r.cloudfront.net
api.mercadolibre.com
1    3.171.139.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-171-139-110.jfk52.r.cloudfront.net
www.mercadopago.com.br
Apex Domain
Subdomains		 Transfer
18 xn--premiosuberdadepresso-21b.com.br
ft.xn--premiosuberdadepresso-21b.com.br
720 KB
4 mercadolibre.com
www.mercadolibre.com — Cisco Umbrella Rank: 35642
api.mercadolibre.com — Cisco Umbrella Rank: 17736
3 KB
4 mercadopago.com
api.mercadopago.com — Cisco Umbrella Rank: 28281
events.mercadopago.com — Cisco Umbrella Rank: 241829
15 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
115 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
3 KB
2 gstatic.com
fonts.gstatic.com
73 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
70 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
44 KB
1 mercadopago.com.br
www.mercadopago.com.br — Cisco Umbrella Rank: 203251
2 KB
1 mlstatic.com
http2.mlstatic.com — Cisco Umbrella Rank: 21937
10 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
39 11
Domain Requested by
18 ft.xn--premiosuberdadepresso-21b.com.br 1 redirects ft.xn--premiosuberdadepresso-21b.com.br
3 www.mercadolibre.com ft.xn--premiosuberdadepresso-21b.com.br
3 cdn.jsdelivr.net ft.xn--premiosuberdadepresso-21b.com.br
cdn.jsdelivr.net
2 events.mercadopago.com http2.mlstatic.com
2 www.facebook.com ft.xn--premiosuberdadepresso-21b.com.br
2 fonts.gstatic.com fonts.googleapis.com
2 api.mercadopago.com ft.xn--premiosuberdadepresso-21b.com.br
2 connect.facebook.net ft.xn--premiosuberdadepresso-21b.com.br
connect.facebook.net
2 cdnjs.cloudflare.com ft.xn--premiosuberdadepresso-21b.com.br
cdnjs.cloudflare.com
1 www.mercadopago.com.br
1 api.mercadolibre.com http2.mlstatic.com
1 http2.mlstatic.com ft.xn--premiosuberdadepresso-21b.com.br
1 fonts.googleapis.com ft.xn--premiosuberdadepresso-21b.com.br
39 13
Subject Issuer Validity Valid
ft.xn--premiosuberdadepresso-21b.com.br
R10		 2024-08-22 -
2024-11-20		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
cdnjs.cloudflare.com
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-06-18 -
2024-09-16		 3 months crt.sh
api.mercadopago.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-14 -
2025-02-13		 a year crt.sh
upload.video.google.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.mercadolibre.com
Amazon RSA 2048 M02		 2023-12-06 -
2025-01-04		 a year crt.sh
*.mlstatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-11 -
2025-02-11		 a year crt.sh
*.mercadopago.com
Amazon RSA 2048 M02		 2023-12-07 -
2025-01-04		 a year crt.sh
www.mercadopago.com.br
Amazon RSA 2048 M02		 2023-12-25 -
2025-01-22		 a year crt.sh

This page contains 2 frames:

Primary Page: https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
Frame ID: 9BA236F89C12C3A0426DB5A1B6379370
Requests: 37 HTTP requests in this frame

Frame: https://www.mercadolibre.com/jms/lgz/background?dps=armor.95f8f7263037f77060a1ca6ec8c09254fb9c0baa4a0a1a0c139f7f72d67c792a55b3a228496b65efc1926ed000cfce1de0192438d7cf1b7042eb3e3378c1b8ccb8624b583aa50cd3497c5dfb1f56af80e12dd63d506c2619b8543623bbcbca48.0d2461caae26b0a2ae5272a3ba7edb13
Frame ID: 3EC6B1BACF35ED171228B914B4DCBF0A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Uberda de pressão IPHONE 15 PRO MAX OU 6.000 NA CONTA

Page URL History Show full URLs

  1. https://ft.xn--premiosuberdadepresso-21b.com.br/ HTTP 302
    https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

39
Requests

100 %
HTTPS

54 %
IPv6

11
Domains

13
Subdomains

13
IPs

2
Countries

1055 kB
Transfer

2322 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ft.xn--premiosuberdadepresso-21b.com.br/ HTTP 302
    https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request iphone-15-pro-max-ou-6000-na-conta
ft.xn--premiosuberdadepresso-21b.com.br/sorteio/
Redirect Chain
  • https://ft.xn--premiosuberdadepresso-21b.com.br/
  • https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
79 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:13:1536:0:12c9:afd7:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.4.33
Resource Hash
3985943c4a2071144c29ae1634ccdc9c0b4755ad4ff745f21873a452062374fd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, private
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Mon, 09 Sep 2024 14:06:17 GMT
panel
hpanel
platform
hostinger
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.4.33

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Mon, 09 Sep 2024 14:06:16 GMT
location
https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
panel
hpanel
platform
hostinger
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/ 		79 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css
Requested by
Host: ft.xn--premiosuberdadepresso-21b.com.br
URL: https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
af35cc6aba34e5005de77099dfa72d4c1a7715d28ddcec343f48031dc8cb08bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ft.xn--premiosuberdadepresso-21b.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 09 Sep 2024 14:06:17 GMT
x-content-type-options
nosniff
content-encoding
br
age
2969485
x-jsd-version
1.8.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
10209
x-served-by
cache-fra-etou8220090-FRA, cache-lga21929-LGA
x-jsd-version-type
version
etag
W/"13a7e-T26mnA4DQx/6Ggl6RUU7WzskbYs"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.3.0/css/ 		100 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.3.0/css/all.min.css
Requested by
Host: ft.xn--premiosuberdadepresso-21b.com.br
URL: https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff8510712984ac3ccf08c022b8e8963d556c34ddacdd963f36c99735c8f42057
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://ft.xn--premiosuberdadepresso-21b.com.br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 14:06:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
313246
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
18765
last-modified
Tue, 07 Feb 2023 20:06:12 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"63e2af34-494d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8u0PNIDaIPWpqnza4zsi3MqDzcztpLlRpxaM4Cdwjfg44pp98zOLHUW4n0h0e1lgIAaMfty2pAa27IJa7bVDOlJpLiElEHZugxjp6OkBexi4VcN6OTzVc98UghnCq%2B5euNUHWMrnwBIBhMTP37zIFMFp"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8c07bceeac3e42a0-EWR
expires
Sat, 30 Aug 2025 14:06:17 GMT
bootstrap.min.css
ft.xn--premiosuberdadepresso-21b.com.br/css/ 		227 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ft.xn--premiosuberdadepresso-21b.com.br/css/bootstrap.min.css
Requested by
Host: ft.xn--premiosuberdadepresso-21b.com.br
URL: https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:13:1536:0:12c9:afd7:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
3017df4a76db5f01c2b99b603d88b03106df13bcfe18e67b7c13c2341d3a67df
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 14:06:17 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 24 Apr 2024 17:39:10 GMT
server
LiteSpeed
panel
hpanel
etag
"38df4-662943be-e71025cfb12357d7;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
27173
expires
Mon, 16 Sep 2024 14:06:17 GMT
jquery.min.js
ft.xn--premiosuberdadepresso-21b.com.br/css/ 		94 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ft.xn--premiosuberdadepresso-21b.com.br/css/jquery.min.js
Requested by
Host: ft.xn--premiosuberdadepresso-21b.com.br
URL: https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:13:1536:0:12c9:afd7:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 14:06:17 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 24 Apr 2024 17:39:10 GMT
server
LiteSpeed
panel
hpanel
etag
"176f8-662943be-a39546670ff7add4;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
32129
expires
Mon, 16 Sep 2024 14:06:17 GMT
anime.min.js
ft.xn--premiosuberdadepresso-21b.com.br/css/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ft.xn--premiosuberdadepresso-21b.com.br/css/anime.min.js
Requested by
Host: ft.xn--premiosuberdadepresso-21b.com.br
URL: https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:13:1536:0:12c9:afd7:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7813f21ffc8ab5a9c4808a33cae9e6234b4ab3b14245a8900bdd62879642077c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 14:06:17 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 24 Apr 2024 17:39:10 GMT
server
LiteSpeed
panel
hpanel
etag
"2be1-662943be-83d908b2468111b7;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
4748
expires
Mon, 16 Sep 2024 14:06:17 GMT
fotorama.css
ft.xn--premiosuberdadepresso-21b.com.br/css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ft.xn--premiosuberdadepresso-21b.com.br/css/fotorama.css
Requested by
Host: ft.xn--premiosuberdadepresso-21b.com.br
URL: https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:13:1536:0:12c9:afd7:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
4f9fd83d65a6ad09005ec3e12537a23beb340cd017fce8749e138bfeb530da68
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 14:06:17 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 24 Apr 2024 17:39:10 GMT
server
LiteSpeed
panel
hpanel
etag
"3b25-662943be-3fbd6b75b9af75f7;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
2596
expires
Mon, 16 Sep 2024 14:06:17 GMT
fotorama.js
ft.xn--premiosuberdadepresso-21b.com.br/css/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ft.xn--premiosuberdadepresso-21b.com.br/css/fotorama.js
Requested by
Host: ft.xn--premiosuberdadepresso-21b.com.br
URL: https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:13:1536:0:12c9:afd7:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
dfaff480d3d69518a9293729aeb2d9c8c651d4bf6f1a38d1d64afab8566ed817
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 14:06:17 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 24 Apr 2024 17:39:10 GMT
server
LiteSpeed
panel
hpanel
etag
"9800-662943be-ececbf8a0716a884;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
15720
expires
Mon, 16 Sep 2024 14:06:17 GMT
v2.js
ft.xn--premiosuberdadepresso-21b.com.br/js/ 		467 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ft.xn--premiosuberdadepresso-21b.com.br/js/v2.js
Requested by
Host: ft.xn--premiosuberdadepresso-21b.com.br
URL: https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:13:1536:0:12c9:afd7:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
8d338376f80183ce1dfb166535f61498ef2403368414d781afcaefa4ecaa0adc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 14:06:17 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 24 Apr 2024 17:39:11 GMT
server
LiteSpeed
panel
hpanel
etag
"74c97-662943bf-eff8c09608cd9018;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
134988
expires
Mon, 16 Sep 2024 14:06:17 GMT
tema.css
ft.xn--premiosuberdadepresso-21b.com.br/css/ 		3 KB
957 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ft.xn--premiosuberdadepresso-21b.com.br/css/tema.css
Requested by
Host: ft.xn--premiosuberdadepresso-21b.com.br
URL: https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:13:1536:0:12c9:afd7:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
0024a342336d9a24872eb8058eb870e339d3c0bcd4798c35192bc2e3067d0bb7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 14:06:17 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 24 Apr 2024 17:39:10 GMT
server
LiteSpeed
panel
hpanel
etag
"c98-662943be-5baa8522936d4604;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
904
expires
Mon, 16 Sep 2024 14:06:17 GMT
663258d844078.png
ft.xn--premiosuberdadepresso-21b.com.br/products/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ft.xn--premiosuberdadepresso-21b.com.br/products/663258d844078.png
Requested by
Host: ft.xn--premiosuberdadepresso-21b.com.br
URL: https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:13:1536:0:12c9:afd7:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
a6ad75329c9db12d5ce76c1809f6322d4452db44b32afb1c09fe49cb4d363df9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 14:06:17 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 01 May 2024 14:59:36 GMT
server
LiteSpeed
panel
hpanel
etag
"3a9f-663258d8-2852acd3006640e9;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
15007
expires
Mon, 16 Sep 2024 14:06:17 GMT
0663258c231a6f.jpg
ft.xn--premiosuberdadepresso-21b.com.br/products/ 		179 KB
179 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ft.xn--premiosuberdadepresso-21b.com.br/products/0663258c231a6f.jpg
Requested by
Host: ft.xn--premiosuberdadepresso-21b.com.br
URL: https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:13:1536:0:12c9:afd7:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
c0a61004e42a27eaf5a9190fe5d743440ac98c20685a38e8e9fd7cece8f08565
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 14:06:17 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 01 May 2024 14:59:14 GMT
server
LiteSpeed
panel
hpanel
etag
"2cc01-663258c2-9e37dc356ae1532a;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
183297
expires
Mon, 16 Sep 2024 14:06:17 GMT
1663258c239904.jpg
ft.xn--premiosuberdadepresso-21b.com.br/products/ 		198 KB
198 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ft.xn--premiosuberdadepresso-21b.com.br/products/1663258c239904.jpg
Requested by
Host: ft.xn--premiosuberdadepresso-21b.com.br
URL: https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:13:1536:0:12c9:afd7:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
521f8bfddccaa63b3e71ee5ea66fc76e31c203246734d49cd07e44daf8ee9475
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 14:06:18 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 01 May 2024 14:59:14 GMT
server
LiteSpeed
panel
hpanel
etag
"318d5-663258c2-ff516b7f5ff8121d;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
202965
expires
Mon, 16 Sep 2024 14:06:18 GMT
instagram.png
ft.xn--premiosuberdadepresso-21b.com.br/icon/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ft.xn--premiosuberdadepresso-21b.com.br/icon/instagram.png
Requested by
Host: ft.xn--premiosuberdadepresso-21b.com.br
URL: https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:13:1536:0:12c9:afd7:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
9be8bb290ed088e209d997378e24a6a17cf98e4f512ba8f4522149b9370f5f12
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 14:06:18 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 24 Apr 2024 17:39:11 GMT
server
LiteSpeed
panel
hpanel
etag
"186a-662943bf-ea464dbe2c0da40f;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
6250
expires
Mon, 16 Sep 2024 14:06:18 GMT
whatsapp.png
ft.xn--premiosuberdadepresso-21b.com.br/icon/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ft.xn--premiosuberdadepresso-21b.com.br/icon/whatsapp.png
Requested by
Host: ft.xn--premiosuberdadepresso-21b.com.br
URL: https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:13:1536:0:12c9:afd7:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
8b23b11cc41935432a9b5b63273513d98bc418a64294d42611877ec4cdf73015
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 14:06:18 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 24 Apr 2024 17:39:11 GMT
server
LiteSpeed
panel
hpanel
etag
"1c47-662943bf-26200ff51925b1e7;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
7239
expires
Mon, 16 Sep 2024 14:06:18 GMT
bootstrap.bundle.min.js
ft.xn--premiosuberdadepresso-21b.com.br/js/ 		79 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ft.xn--premiosuberdadepresso-21b.com.br/js/bootstrap.bundle.min.js
Requested by
Host: ft.xn--premiosuberdadepresso-21b.com.br
URL: https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:13:1536:0:12c9:afd7:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
061f0b1ea79e6e2ca24f4603e55d3e909f7471ba0b279cdb6dea40554106c6a2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 14:06:18 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 24 Apr 2024 17:39:11 GMT
server
LiteSpeed
panel
hpanel
etag
"13ad7-662943bf-8b524245240733d6;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
22318
expires
Mon, 16 Sep 2024 14:06:18 GMT
sweetalert2@11.js
ft.xn--premiosuberdadepresso-21b.com.br/js/ 		75 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ft.xn--premiosuberdadepresso-21b.com.br/js/sweetalert2@11.js
Requested by
Host: ft.xn--premiosuberdadepresso-21b.com.br
URL: https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:13:1536:0:12c9:afd7:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
c64ca6069ef4a8c4879c89cb1170d66f7e29c8e37cb0118c0354bce2f4082f1e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 14:06:18 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 24 Apr 2024 17:39:11 GMT
server
LiteSpeed
panel
hpanel
etag
"12b28-662943bf-cdd44ec46f2371b3;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
19317
expires
Mon, 16 Sep 2024 14:06:18 GMT
jquery.mask.min.js
cdn.jsdelivr.net/npm/jquery-mask-plugin@1.14.16/dist/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/jquery-mask-plugin@1.14.16/dist/jquery.mask.min.js
Requested by
Host: ft.xn--premiosuberdadepresso-21b.com.br
URL: https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ft.xn--premiosuberdadepresso-21b.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 09 Sep 2024 14:06:18 GMT
x-content-type-options
nosniff
content-encoding
br
age
2033120
x-jsd-version
1.14.16
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3598
x-served-by
cache-fra-etou8220107-FRA, cache-lga21929-LGA
x-jsd-version-type
version
etag
W/"2087-+5g67NOUDo67/l50yAmc7pIjyVc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
66294b9ebb347.png
ft.xn--premiosuberdadepresso-21b.com.br/products/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ft.xn--premiosuberdadepresso-21b.com.br/products/66294b9ebb347.png
Requested by
Host: ft.xn--premiosuberdadepresso-21b.com.br
URL: https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:13:1536:0:12c9:afd7:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
e9874a0499296c68a4d0c655a5fa02e90b998e8156e5c82e37cbddca2fbeeef0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 14:06:18 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 24 Apr 2024 18:12:46 GMT
server
LiteSpeed
panel
hpanel
etag
"972d-66294b9e-66a10d23ce034894;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
38701
expires
Mon, 16 Sep 2024 14:06:18 GMT
fbevents.js
connect.facebook.net/en_US/ 		225 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ft.xn--premiosuberdadepresso-21b.com.br
URL: https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://ft.xn--premiosuberdadepresso-21b.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 09 Sep 2024 14:06:18 GMT
document-policy
force-load-at-top
x-fb-server-load
42
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58953
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=7, rtx=0, c=23, mss=1232, tbw=4313, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
ah0s4IMoeVIUUO+R5Bx8va88WY0nuWmJBUYwelUNdOa0PrSOGpG9+nlN19BKw81CTSfbjdsL6fVxMg/RfBhO3Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
search
api.mercadopago.com/v1/payment_methods/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mercadopago.com/v1/payment_methods/search?public_key=APP_USR-cdadd940-37fd-4ff9-b725-bd6846f7300b&locale=pt-br&js_version=2.0.0&referer=https%3A%2F%2Fft.xn--premiosuberdadepresso-21b.com.br&marketplace=NONE&status=active&product_id=BTR2N61O1F60OR8RLSGG&limit=1&public_key=APP_USR-cdadd940-37fd-4ff9-b725-bd6846f7300b
Requested by
Host: ft.xn--premiosuberdadepresso-21b.com.br
URL: https://ft.xn--premiosuberdadepresso-21b.com.br/js/v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.21.144.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-144-157.compute-1.amazonaws.com
Software
/
Resource Hash
cb9c573dc3e65184b1ac9acbc59d6f02d313adafc907f81992adae6befa2b05d
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ft.xn--premiosuberdadepresso-21b.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 14:06:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=16070400; includeSubDomains; preload
x-application-version
1.431.0
x-method-response
search
content-length
630
x-xss-protection
1; mode=block
x-request-id
1b6a8472-1e26-4599-b5d2-6455f7b495ff
x-application-name
payment-methods-read-v2
cache-status
miss
vary
Accept-Encoding
access-control-allow-methods
PUT, GET, POST, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ft.xn--premiosuberdadepresso-21b.com.br
cache-control
max-age=120, stale-while-revalidate=60, stale-if-error=240
access-control-max-age
86400
timing-allow-origin
*
access-control-allow-headers
Content-Type
widgets
api.mercadopago.com/v1/devices/ 		42 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mercadopago.com/v1/devices/widgets?public_key=APP_USR-cdadd940-37fd-4ff9-b725-bd6846f7300b&locale=pt-br&js_version=2.0.0&referer=https%3A%2F%2Fft.xn--premiosuberdadepresso-21b.com.br
Requested by
Host: ft.xn--premiosuberdadepresso-21b.com.br
URL: https://ft.xn--premiosuberdadepresso-21b.com.br/js/v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.21.144.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-144-157.compute-1.amazonaws.com
Software
/
Resource Hash
f5d1a01bac91934eb17df5fc05c9dcc01ab6941e9ef7c208675987757daa9f37
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ft.xn--premiosuberdadepresso-21b.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 09 Sep 2024 14:06:18 GMT
strict-transport-security
max-age=16070400; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
x-b3-traceid
74960347fe9c0a2e
x-transaction-name
public_get_session_widget
x-xss-protection
1; mode=block
x-source-ip
5.181.234.134
x-request-id
8630bf1c-8e97-4e80-bbd5-25262b8935e0
x-trace-digest-41
fYKl/yQ7qXxncG+t+XJu4/miF1g/1kPtOth2iBoYumT2/eTS89vaxzqWLJ26RQa13gnIRiR5ELMTtF1amtamO9+tAvyoebdppBvDf+/wSwu0xLCImitI5X40fkvr2kyGalfjs6Vh5yxyPDurSgIrcw==
vary
Accept-Encoding, origin
access-control-allow-methods
PUT, GET, POST, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://ft.xn--premiosuberdadepresso-21b.com.br
cache-control
max-age=0, private, no-store, no-cache, must-revalidate
x-b3-spanid
74960347fe9c0a2e
access-control-allow-credentials
true
x-b3-sampled
0
timing-allow-origin
*
access-control-allow-headers
Content-Type
access-control-max-age
86400
css2
fonts.googleapis.com/ 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,opsz,wght@0,6..12,200;0,6..12,300;0,6..12,400;0,6..12,500;0,6..12,600;0,6..12,700;1,6..12,800&display=swap
Requested by
Host: ft.xn--premiosuberdadepresso-21b.com.br
URL: https://ft.xn--premiosuberdadepresso-21b.com.br/css/tema.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c76f5c473d7564fb36a4ecf6d4254f9b2c8935465fae48446692fdf7742b174f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ft.xn--premiosuberdadepresso-21b.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 09 Sep 2024 14:06:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 09 Sep 2024 14:06:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 09 Sep 2024 14:06:18 GMT
405751155700738
connect.facebook.net/signals/config/ 		64 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/405751155700738?v=2.9.167&r=stable&domain=ft.xn--premiosuberdadepresso-21b.com.br&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4f93a769c6d9bcdebef136c88196eae26fb4285d3a56ff4d3f39e2fe814d2db3
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://ft.xn--premiosuberdadepresso-21b.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 09 Sep 2024 14:06:18 GMT
document-policy
force-load-at-top
x-fb-server-load
51
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=10, rtx=0, c=40, mss=1232, tbw=66953, tp=62, tpl=0, uplat=107, ullat=0
pragma
public
x-fb-debug
7FU7t0YQNxQmrqRxY+f1fzlv8XEnXxmlsOOJQL67I+IQZIdZfqa7Aufxw+tlP8bm6zu2Zb1bHDD+c1XPS5qgrg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/fonts/ 		100 KB
101 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/fonts/bootstrap-icons.woff2?524846017b983fc8ded9325d94ed40f3
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c874e14c63db86c4c5318c77cb557fce7036645edc7d690dcc1d23b389631b13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css
Origin
https://ft.xn--premiosuberdadepresso-21b.com.br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 09 Sep 2024 14:06:18 GMT
x-content-type-options
nosniff
age
3483372
x-jsd-version
1.8.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
102536
x-served-by
cache-fra-eddf8230061-FRA, cache-lga21951-LGA
x-jsd-version-type
version
etag
W/"19088-HKXox9L7jp1grRof6ypG6Ywkij0"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
pe0AMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfUVwoNnq4CLz0_kJ3xzA.woff2
fonts.gstatic.com/s/nunitosans/v15/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v15/pe0AMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfUVwoNnq4CLz0_kJ3xzA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,opsz,wght@0,6..12,200;0,6..12,300;0,6..12,400;0,6..12,500;0,6..12,600;0,6..12,700;1,6..12,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b218d5d23b8b9eca42a36a017a184d7fb56e724200bfb21e765dbdcdf23bfc17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ft.xn--premiosuberdadepresso-21b.com.br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 04:42:21 GMT
x-content-type-options
nosniff
age
293037
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49832
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 00:50:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Sep 2025 04:42:21 GMT
fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.3.0/webfonts/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.3.0/webfonts/fa-regular-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.3.0/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ba24c4138c4c3cfe694a8fc8943b8ce21b9bfbb14edcb290b8654fcaa365d6b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.3.0/css/all.min.css
Origin
https://ft.xn--premiosuberdadepresso-21b.com.br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 14:06:18 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2220299
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
24840
last-modified
Tue, 07 Feb 2023 20:06:13 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"63e2af35-6108"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ivOeaPR8k7c8yqk5R7iz6rHhAITpM92DfRGk0fh0Zb4BjMWgyxao89mnMF1fhq4B9cyRz3q7dC3fBss5wj2jGoEG4HUY4%2Fm8PlyqoSGR9dlCRuRfW2jRSIjO3GDFtD1U7NUEd%2FE5uKJpLHKArT0n1kil"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8c07bcf5aeda42a0-EWR
expires
Sat, 30 Aug 2025 14:06:18 GMT
pe0RMImSLYBIv1o4X1M8cce4OdVisMz5nZRqy6cmmmU3t3NeCAAFOvV9SNjrwlNwjM6W3Y6K5eM2d-laLQ.woff2
fonts.gstatic.com/s/nunitosans/v15/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v15/pe0RMImSLYBIv1o4X1M8cce4OdVisMz5nZRqy6cmmmU3t3NeCAAFOvV9SNjrwlNwjM6W3Y6K5eM2d-laLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,opsz,wght@0,6..12,200;0,6..12,300;0,6..12,400;0,6..12,500;0,6..12,600;0,6..12,700;1,6..12,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca6b6a57ba8b64c2494437a09d0fb56ac71c56157f8c127cdbf5ed669facd196
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ft.xn--premiosuberdadepresso-21b.com.br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 14:06:18 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24176
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 01:01:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Sep 2025 14:06:18 GMT
etid
www.mercadolibre.com/jms/lgz/background/ 		0
911 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.mercadolibre.com/jms/lgz/background/etid
Requested by
Host: ft.xn--premiosuberdadepresso-21b.com.br
URL: https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.182.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a35f64fceb718ad27.awsglobalaccelerator.com
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ft.xn--premiosuberdadepresso-21b.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-meli-trace-site
UNKNOWN
date
Mon, 09 Sep 2024 14:06:18 GMT
x-content-type-options
nosniff
x-d2id
ac54b335-a890-4899-9851-8948fad9c475
x-b3-traceid
cacb858390f446ca
x-envoy-upstream-service-time
1
x-trace-digest-50
Nmr3aSfvdLqPUyt2W4jJd2NzWSom+OhEjjxYEbUxk70VLc2k94zwxvTmA2wWMFkVCMMzrd8mV8d/cQcHFBbp7g+eq7XSWJQEBrRVMKdrolLYyMwabz9yC5nT9r2TmgQkX0Yk/cjY9zjMBz2hlU5jKAh3xjOqNJ9IZKum3OXswgyyrGa7YAg8wBa7X0QpLuHS8ow8YVBjTVHoILDHAN2HXEyz/2PS2372Jdl9h8djvE4ZCNEKlR+6ZZg98pkQzI11
content-length
0
x-meli-trace-platform
/web/desktop
x-request-id
ac54b335-a890-4899-9851-8948fad9c475
x-source-ip
5.181.234.134
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
Tengine
etag
dddda423-2555-4b1e-aead-cf4ed2640ab0-1725890778684
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
private, must-revalidate, proxy-revalidate
x-b3-spanid
cacb858390f446ca
x-b3-sampled
0
x-meli-trace-bu
mercadolibre
x-request-device-id
ac54b335-a890-4899-9851-8948fad9c475
js
http2.mlstatic.com/storage/event-metrics-sdk/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://http2.mlstatic.com/storage/event-metrics-sdk/js
Requested by
Host: ft.xn--premiosuberdadepresso-21b.com.br
URL: https://ft.xn--premiosuberdadepresso-21b.com.br/js/v2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.223.209.54 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-223-209-54.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
deadc06d96555df449720e2ee2a9e963a2984320feb5ec9148aeb0f22de62521
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ft.xn--premiosuberdadepresso-21b.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
x-d2id
7466ffc2-cf75-44a1-bfdd-d9728dbfabd7
x-cdn
a
date
Mon, 09 Sep 2024 14:06:19 GMT
x-dns-prefetch-control
off
x-envoy-upstream-service-time
6
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
9097
x-xss-protection
1; mode=block
x-request-id
7466ffc2-cf75-44a1-bfdd-d9728dbfabd7
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 29 Jun 2021 13:43:22 GMT
server
Tengine
etag
W/"5e01-17a58029490"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400, must-revalidate
vary
Accept-Encoding
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Content-Type
akamai-amd-bc-debug
[a=23.215.187.54,b=252490573,c=p,d=1718249062,h=200,k=1,l=2,n=US_NJ_SECAUCUS,o=20940,r=3,p=24065]
x-request-device-id
7466ffc2-cf75-44a1-bfdd-d9728dbfabd7
expires
86400
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=405751155700738&ev=PageView&dl=https%3A%2F%2Fft.xn--premiosuberdadepresso-21b.com.br%2Fsorteio%2Fiphone-15-pro-max-ou-6000-na-conta&rl=&if=false&ts=1725890778713&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.2.1725890778705.705992962817403693&ler=empty&cdl=API_unavailable&it=1725890778288&coo=false&rqm=GET
Requested by
Host: ft.xn--premiosuberdadepresso-21b.com.br
URL: https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ft.xn--premiosuberdadepresso-21b.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=4, rtx=1, c=10, mss=1328, tbw=2795, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 09 Sep 2024 14:06:18 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=405751155700738&ev=PageView&dl=https%3A%2F%2Fft.xn--premiosuberdadepresso-21b.com.br%2Fsorteio%2Fiphone-15-pro-max-ou-6000-na-conta&rl=&if=false&ts=1725890778713&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.2.1725890778705.705992962817403693&ler=empty&cdl=API_unavailable&it=1725890778288&coo=false&rqm=FGET
Requested by
Host: ft.xn--premiosuberdadepresso-21b.com.br
URL: https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://ft.xn--premiosuberdadepresso-21b.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Mon, 09 Sep 2024 14:06:18 GMT
document-policy
force-load-at-top
x-fb-server-load
50
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7412644448908134558", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=3, c=1, mss=1328, tbw=3112, tp=-1, tpl=-1, uplat=94, ullat=0
pragma
no-cache
x-fb-debug
HpkOwqnsFZpSdAXL2J8OewkAMwleT7+wjs6l9SVvxLPnivJwtaLoZoBBMRQ1HrDaqKoWssMrLpjusfrXHFQxnQ==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7412644448908134558"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
traffic-light
events.mercadopago.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.mercadopago.com/v2/traffic-light
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-88.jfk50.r.cloudfront.net
Software
Tengine /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-flow-starter,x-request-id
Access-Control-Request-Method
POST
Origin
https://ft.xn--premiosuberdadepresso-21b.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, X-Flow-Starter, X-Request-Id
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Mon, 09 Sep 2024 14:06:19 GMT
referrer-policy
no-referrer-when-downgrade
server
Tengine
via
1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront)
x-amz-cf-id
Kuyqb6iNp4JKnSsKcdcJaUheK1saXQShOzxDx8KdEzWbhvBPgwh7gQ==
x-amz-cf-pop
JFK50-P2
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-d2id
2aa9a9e7-a599-4041-8847-9d60380bf8b2
x-envoy-upstream-service-time
4
x-request-device-id
2aa9a9e7-a599-4041-8847-9d60380bf8b2
x-request-id
2aa9a9e7-a599-4041-8847-9d60380bf8b2
x-xss-protection
1; mode=block
traffic-light
events.mercadopago.com/v2/ 		135 B
849 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.mercadopago.com/v2/traffic-light
Requested by
Host: http2.mlstatic.com
URL: https://http2.mlstatic.com/storage/event-metrics-sdk/js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-88.jfk50.r.cloudfront.net
Software
Tengine /
Resource Hash
92df31cb891784ee93c213651e5ae5b2a877956ccd30fa9cec47e5aad4b0b46d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ft.xn--premiosuberdadepresso-21b.com.br/
x-flow-starter
true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
x-request-id
e5e599d6-725d-4ec3-b9e6-0fdeb1dc9895
Content-Type
application/json

Response headers

date
Mon, 09 Sep 2024 14:06:19 GMT
via
1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-d2id
35e047b5-0fbb-466a-baaa-644234633ad9
x-amz-cf-pop
JFK50-P2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
4
alt-svc
h3=":443"; ma=86400
content-length
135
x-xss-protection
1; mode=block
x-request-id
35e047b5-0fbb-466a-baaa-644234633ad9
referrer-policy
no-referrer-when-downgrade
server
Tengine
access-control-allow-methods
POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Content-Type, X-Flow-Starter, X-Request-Id
x-amz-cf-id
3pkmHH4m2oHChLJqs00Xt7AjU5SqnQkJyyJWZ3OhH6yNMDGkS_qBgQ==
x-request-device-id
35e047b5-0fbb-466a-baaa-644234633ad9
tracks
api.mercadolibre.com/ 		73 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mercadolibre.com/tracks
Requested by
Host: http2.mlstatic.com
URL: https://http2.mlstatic.com/storage/event-metrics-sdk/js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.115.182 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-115-182.jfk50.r.cloudfront.net
Software
/
Resource Hash
ddf4fe07c7be0695b2c8671b921ae6705a404a94b2c5132816ad6a282d6f31aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ft.xn--premiosuberdadepresso-21b.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 09 Sep 2024 14:06:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 16fbe6f2baa3fcc1563be742e6d45f20.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
x-request-id
5fa2ccb2-3989-4cb9-bc06-23ae06cfc37c
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ft.xn--premiosuberdadepresso-21b.com.br
access-control-allow-methods
PUT, GET, POST, DELETE, OPTIONS
access-control-max-age
86400
access-control-allow-headers
Content-Type
x-amz-cf-id
0VSNCvcjqBXHb_riTZ6XhFHkIfs-cMSEtvPmwmPrK7XnlYcBB0D4Vg==
armor.95f8f7263037f77060a1ca6ec8c09254fb9c0baa4a0a1a0c139f7f72d67c792a55b3a228496b65efc1926ed000cfce1de0192438d7cf1b7042eb3e3378c1b8ccb8624b583aa50cd3497c5dfb1f56af80e12dd63d506c2619b8543623bbcbca4...
www.mercadolibre.com/jms/lgz/background/session/ 		78 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mercadolibre.com/jms/lgz/background/session/armor.95f8f7263037f77060a1ca6ec8c09254fb9c0baa4a0a1a0c139f7f72d67c792a55b3a228496b65efc1926ed000cfce1de0192438d7cf1b7042eb3e3378c1b8ccb8624b583aa50cd3497c5dfb1f56af80e12dd63d506c2619b8543623bbcbca48.0d2461caae26b0a2ae5272a3ba7edb13?background=armor.95f8f7263037f77060a1ca6ec8c09254fb9c0baa4a0a1a0c139f7f72d67c792a55b3a228496b65efc1926ed000cfce1de0192438d7cf1b7042eb3e3378c1b8ccb8624b583aa50cd3497c5dfb1f56af80e12dd63d506c2619b8543623bbcbca48.0d2461caae26b0a2ae5272a3ba7edb13&message=eyJqc190eXBlIjoianNfY29va2llIiwidmFsdWUiOiJ4In0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.182.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a35f64fceb718ad27.awsglobalaccelerator.com
Software
Tengine /
Resource Hash
1a5bb92d3a4f3d6c5260b0cebc7fd5fc9da5afc7dbba4716771abbb64922fcce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ft.xn--premiosuberdadepresso-21b.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-meli-trace-site
UNKNOWN
date
Mon, 09 Sep 2024 14:06:19 GMT
x-content-type-options
nosniff
x-d2id
5ae5fcf6-4d13-4ba6-a3ca-d44c1233cea1
x-b3-traceid
1a449b3d56ef41cd
x-transaction-name
save_js_profiling
x-envoy-upstream-service-time
9
content-length
78
x-meli-trace-platform
/web/desktop
x-request-id
5ae5fcf6-4d13-4ba6-a3ca-d44c1233cea1
x-source-ip
5.181.234.134
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
Tengine
content-type
image/svg+xml
cache-control
max-age=0, private, no-store, no-cache, must-revalidate
x-b3-spanid
1a449b3d56ef41cd
x-b3-sampled
0
x-trace-digest-84
PtmlbaDdDdrT9PwN0kd9Sv5WjJK2YCOjdRVwR4XS36IaQIM1Wk5zDLZIbAkEghky05RhvbnOOlWX32ph3YjlRX0rcGcZmyu10EqSGOZUThT0YqXcavukFBqgZE4c39kXbcDOVW7oFuNmN4AuEs7NHndpGfw65Jh7vpxxwxV9ZHEwvxg4Kpl8wPbqtEajjC+1KGNzJatctYmIWMnH5K5Ccm0y2upXB3khrU4Xrjf0JyDrjE9XfhS1MaL+k18DD3jx
x-meli-trace-bu
mercadolibre
x-request-device-id
5ae5fcf6-4d13-4ba6-a3ca-d44c1233cea1
armor.95f8f7263037f77060a1ca6ec8c09254fb9c0baa4a0a1a0c139f7f72d67c792a55b3a228496b65efc1926ed000cfce1de0192438d7cf1b7042eb3e3378c1b8ccb8624b583aa50cd3497c5dfb1f56af80e12dd63d506c2619b8543623bbcbca4...
www.mercadopago.com.br/jms/lgz/background/session/ 		78 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mercadopago.com.br/jms/lgz/background/session/armor.95f8f7263037f77060a1ca6ec8c09254fb9c0baa4a0a1a0c139f7f72d67c792a55b3a228496b65efc1926ed000cfce1de0192438d7cf1b7042eb3e3378c1b8ccb8624b583aa50cd3497c5dfb1f56af80e12dd63d506c2619b8543623bbcbca48.0d2461caae26b0a2ae5272a3ba7edb13?background=armor.95f8f7263037f77060a1ca6ec8c09254fb9c0baa4a0a1a0c139f7f72d67c792a55b3a228496b65efc1926ed000cfce1de0192438d7cf1b7042eb3e3378c1b8ccb8624b583aa50cd3497c5dfb1f56af80e12dd63d506c2619b8543623bbcbca48.0d2461caae26b0a2ae5272a3ba7edb13&message=eyJhZF9ibG9jayI6ZmFsc2UsImNhbnZhcyI6ImIzZjM2MWY2ODQxYzEwNmU3YzJlNjYwMjk1OGI0NjJmIiwiY29ubmVjdGlvbiI6eyJkb3dubGluayI6IjEwIiwicnR0IjpudWxsLCJ0eXBlIjoiNGcifSwiY29va2llX2VuYWJsZWQiOnRydWUsImRldmljZV9tZW1vcnkiOjgsImRvX25vdF90cmFjayI6bnVsbCwiZXRhZyI6ImRkZGRhNDIzLTI1NTUtNGIxZS1hZWFkLWNmNGVkMjY0MGFiMC0xNzI1ODkwNzc4Njg0IiwiZm9udHMiOnsib3MiOjI5MTQsIm90aGVyX29zIjoiW10iLCJub3Rfb3MiOjEwODg3Mjc4MTd9LCJoYXJkd2FyZV9jb25jdXJyZW5jeSI6MTYsImhpc3RvcnkiOjIsImluY29nbml0byI6ZmFsc2UsImlzX21zaG9wcyI6ZmFsc2UsImpzX3R5cGUiOiJqc19oYXNoIiwibGFuZyI6ImVuLVVTIiwibGFuZ3VhZ2VzIjpbImVuLVVTIiwiZW4iXSwibGl0ZXJhbF9jb2xvcnMiOi05NDg4MDg1NzEsImxvY2FsX3N0b3JhZ2UiOnRydWUsIm1hdGhfbnVtYmVyIjoxMTAyMy4zODc0MDYxNTA5NCwib3Blbl9kYXRhYmFzZSI6ZmFsc2UsInBpeGVsX3JhdGlvIjoxLCJwbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsIndlYmdsIjp7ImltYWdlIjoiZmQzODAwNTViNTBmNGJmZjQ2NGE1ZmQyZjEyNmQ3N2YiLCJyZXBvcnQiOiI2ZmRjNmY1NGYxMGM4NzFkOGI3MjgxNTFiOGZmOTk1MiIsInZlbmRvciI6IkludGVsIEluYy4iLCJyZW5kZXJlciI6IkludGVsIElyaXMgT3BlbkdMIEVuZ2luZSJ9LCJwbHVnaW5zIjp7fSwicmVzb2x1dGlvbiI6IjEyMDB4MTYwMHgyNCIsInNjcmVlbiI6eyJvcmllbnRhdGlvbiI6MCwidHlwZSI6ImxhbmRzY2FwZS1wcmltYXJ5IiwiYXZhaWxfaGVpZ2h0IjoxMjAwLCJhdmFpbF9sZWZ0IjowLCJhdmFpbF90b3AiOjAsImF2YWlsX3dpZHRoIjoxNjAwfSwic2Vzc2lvbl9zdG9yYWdlIjp0cnVlLCJ0aW1lIjp7ImNhbnZhcyI6NjksIndlYmdsIjoxMjIsInVzZXJmb250cyI6MjQsImJyb3dzZXJwbHVnaW5zIjowLCJwbHVnaW5zIjo0LCJpbnN0YWxsZWRmb250cyI6MTQsImhhc2giOjI1MSwidG90YWwiOjI1MX0sInRpbWVfYmFzZWRfZnAiOjAuMDk5OTk5OTA0NjMyNTY4MzYsInRpbWVfem9uZV9uYW1lIjoiUGFjaWZpYy9Ib25vbHVsdSIsInRpbWVfem9uZV9vZmZzZXQiOjYwMCwidG91Y2hfcG9pbnRzIjowLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTI4LjAuMC4wIFNhZmFyaS81MzcuMzYiLCJ2ZW5kb3IiOiJHb29nbGUgSW5jLiIsIndpbmRvd19zaXplIjp7ImlubmVyIjoiMTIwMHgxNjAwIiwib3V0ZXIiOiIxMjg1eDE2MDAifSwid2ViZHJpdmVyIjpmYWxzZSwiaW5zdGFsbGVkX2ZvbnRzIjpbXSwiaW5zdGFsbGVkX3BsdWdpbnMiOlsiUERGIFZpZXdlcjo6UG9ydGFibGUgRG9jdW1lbnQgRm9ybWF0OjphcHBsaWNhdGlvbi9wZGZ%2BcGRmLHRleHQvcGRmfnBkZiIsIkNocm9tZSBQREYgVmlld2VyOjpQb3J0YWJsZSBEb2N1bWVudCBGb3JtYXQ6OmFwcGxpY2F0aW9uL3BkZn5wZGYsdGV4dC9wZGZ%2BcGRmIiwiQ2hyb21pdW0gUERGIFZpZXdlcjo6UG9ydGFibGUgRG9jdW1lbnQgRm9ybWF0OjphcHBsaWNhdGlvbi9wZGZ%2BcGRmLHRleHQvcGRmfnBkZiIsIk1pY3Jvc29mdCBFZGdlIFBERiBWaWV3ZXI6OlBvcnRhYmxlIERvY3VtZW50IEZvcm1hdDo6YXBwbGljYXRpb24vcGRmfnBkZix0ZXh0L3BkZn5wZGYiLCJXZWJLaXQgYnVpbHQtaW4gUERGOjpQb3J0YWJsZSBEb2N1bWVudCBGb3JtYXQ6OmFwcGxpY2F0aW9uL3BkZn5wZGYsdGV4dC9wZGZ%2BcGRmIl0sImxpZ2h0X3ZlcnNpb24iOmZhbHNlLCJyZWZlcmVyIjpudWxsLCJ3ZWJjYW0iOnRydWUsInNlbmRfdGltZSI6MCwiaGFzX3Nlc3Npb25faWQiOnRydWV9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-110.jfk52.r.cloudfront.net
Software
/
Resource Hash
1a5bb92d3a4f3d6c5260b0cebc7fd5fc9da5afc7dbba4716771abbb64922fcce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ft.xn--premiosuberdadepresso-21b.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-meli-trace-site
MLB
date
Mon, 09 Sep 2024 14:06:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-d2id
d417f7bc-c854-40c2-ba3f-590cef1b4473
via
1.1 faa1f1cd9e8aec6c42fd30b6d46e49f4.cloudfront.net (CloudFront)
x-b3-traceid
539768fbd649a559
x-amz-cf-pop
JFK52-P8
x-cache
Miss from cloudfront
x-trace-digest-59
Iidc2WF3nPDOpRz3LxkgRKEHJaQvZNUUq6qyI4w12UjdYmZv3208LVqstaGxC3Pm2+sgbGJA+hwXtMsN8BuBsiKVma961QOGlvtmqhDkVwJgW8j6iix8K6/6gaGlNDn5rhq2B126ovk4tvGewpGzv3QQzKWepiLixbxUbw/5IY6FYI+oVlti37ze5JMNWPXo4Dnu3iOt94dZhcDFJo3bqc4qIpwqR7lC+gZe9bsVxisj5StQPTxISxBY7bQaKL+x
x-transaction-name
save_js_profiling
alt-svc
h3=":443"; ma=86400
content-length
78
x-meli-trace-platform
/web/desktop
x-source-ip
5.181.234.134
x-request-id
d417f7bc-c854-40c2-ba3f-590cef1b4473
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
content-type
image/svg+xml
cache-control
max-age=0, private, no-store, no-cache, must-revalidate
x-b3-spanid
539768fbd649a559
x-b3-sampled
0
x-meli-trace-bu
mercadopago
x-amz-cf-id
K19bnV5ZnBDr5ijotbMGf0e7y2zvnhyhobDuU-_9N_O1a4glGDyXnA==
x-request-device-id
d417f7bc-c854-40c2-ba3f-590cef1b4473
background
www.mercadolibre.com/jms/lgz/ Frame 3EC6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mercadolibre.com/jms/lgz/background?dps=armor.95f8f7263037f77060a1ca6ec8c09254fb9c0baa4a0a1a0c139f7f72d67c792a55b3a228496b65efc1926ed000cfce1de0192438d7cf1b7042eb3e3378c1b8ccb8624b583aa50cd3497c5dfb1f56af80e12dd63d506c2619b8543623bbcbca48.0d2461caae26b0a2ae5272a3ba7edb13
Requested by
Host: ft.xn--premiosuberdadepresso-21b.com.br
URL: https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.182.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a35f64fceb718ad27.awsglobalaccelerator.com
Software
Tengine /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ft.xn--premiosuberdadepresso-21b.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
content-length
8601
content-type
text/html
date
Mon, 09 Sep 2024 14:06:19 GMT
referrer-policy
no-referrer-when-downgrade
server
Tengine
x-b3-sampled
0
x-b3-spanid
0a791f2b027b1b09
x-b3-traceid
0a791f2b027b1b09
x-content-type-options
nosniff
x-d2id
6de85682-70e6-471b-b03a-21d252b03722
x-envoy-upstream-service-time
1
x-meli-trace-bu
mercadolibre
x-meli-trace-platform
/web/desktop
x-meli-trace-site
UNKNOWN
x-request-device-id
6de85682-70e6-471b-b03a-21d252b03722
x-request-id
6de85682-70e6-471b-b03a-21d252b03722
x-source-ip
5.181.234.134
x-trace-digest-84
o9RAHZpt7N6Ub5boQsFh4+tDAHX2oCPPHSbdmpsO5YiStcyvGQUZBmjTByYJpHiWmaJ+ADBr6mrjIU67+j8O7LKAw7tEmp1t1QU35tV5RIHHpSG9JFOxyhncDqPxa3gAO6Gi4EP4NlRt70EwmlicGcULXA9B0tHJFGi6CAdhZ4eorhClbi62mEfVPZ/ApnC2p34Vy7KpkihgOAcEf58tSFnLXNK1mvRUrtX78+9OQahKsZ3h7+kfwm2/9dPh68ZF
x-transaction-name
cross_domain_profiler
x-xss-protection
1; mode=block
66294b9ebb347.png
ft.xn--premiosuberdadepresso-21b.com.br/products/ 		38 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://ft.xn--premiosuberdadepresso-21b.com.br/products/66294b9ebb347.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:13:1536:0:12c9:afd7:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
e9874a0499296c68a4d0c655a5fa02e90b998e8156e5c82e37cbddca2fbeeef0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://ft.xn--premiosuberdadepresso-21b.com.br/sorteio/iphone-15-pro-max-ou-6000-na-conta
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 14:06:18 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 24 Apr 2024 18:12:46 GMT
server
LiteSpeed
panel
hpanel
etag
"972d-66294b9e-66a10d23ce034894;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
38701
expires
Mon, 16 Sep 2024 14:06:18 GMT

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery object| $jscomp$this function| anime string| fotoramaVersion function| fbq function| _fbq function| MercadoPago function| openModal function| openModal1 function| validarQtd function| validaMaxMin function| addQtd string| qtd function| getqtd function| numerosAleatorio number| total string| totalFomat string| fromatPrice object| a function| detectWebcam function| getEtag function| getUrlEtag function| isPrivateMode function| t function| x function| createIframe function| getSrcIframe function| getLiteralColors function| getTimeBasedFp function| getModesArray function| getModesMatrix function| get_bot_detection_url object| mousePositions object| count function| setupDetection function| detectBot string| mlbp_etag object| x64h object| mlbp object| armor.95f8f7263037f77060a1ca6ec8c09254fb9c0baa4a0a1a0c139f7f72d67c792a55b3a228496b65efc1926ed000cfce1de0192438d7cf1b7042eb3e3378c1b8ccb8624b583aa50cd3497c5dfb1f56af80e12dd63d506c2619b8543623bbcbca48.0d2461caae26b0a2ae5272a3ba7edb13 string| mlbp_literal_colors string| mode number| mlbp_time_based_fp function| wdm function| selectFazendinha function| selectRaffles object| startDate object| endDate object| $day object| $hour object| $minute object| $second object| $debug number| timer function| update number| tempo function| startCountdown string| horaImprimivel boolean| mlbp_webcam number| refInterval function| changeSlide function| showNumbers function| showNumbersFazendinha object| elementExists number| uidEvent object| bootstrap function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal object| $jscomp function| validateEmail function| validateFormpgmt object| jQuery11130344527384917503 object| platform object| dp string| msg

9 Cookies

Domain/Path Name / Value
ft.xn--premiosuberdadepresso-21b.com.br/ Name: XSRF-TOKEN
Value: eyJpdiI6ImxDQTBCeUZrV2M3OVVOTTlsSmo3eHc9PSIsInZhbHVlIjoiZDBtSUNobXJWbnFXbkJtR20wZHNYR0VSVlN6b0hpVWlTN1VqXC9jWEt6WmJFcHNMdm5QSFQ5Sjc1UFdHQXcxOGEiLCJtYWMiOiJmZWQ3MWQ1N2NhZGU1YWZjYTVhOWQyMzZjYmMzYTBkZWQxOGQ3ZTA4N2ZiNWU4Y2ZkOTQyZjFiZmU4MTY4NjZkIn0%3D
ft.xn--premiosuberdadepresso-21b.com.br/ Name: premiocerto_session
Value: eyJpdiI6ImF0Um52WkQ3bHMyclwva3VOVjZYUDdBPT0iLCJ2YWx1ZSI6Iml4aVQyRE5DUXhrME1JMDVUZ2dhK1VlTHMrM0VzT0tGTEJDZXcwMnR2NFRIc29NQVgrd2pWRThmY3J6ekt4NmMiLCJtYWMiOiI3YzZhMzNjMzA5NjljNWE4Y2Y4Mzc3ODA3YzQ0NWRjMDEzYTFhOGY4NTdhNjU4NDAwYjNlODdlZTIwYmUzZjY4In0%3D
.xn--premiosuberdadepresso-21b.com.br/ Name: _fbp
Value: fb.2.1725890778705.705992962817403693
.mercadolibre.com/ Name: dsid
Value: ed845c4c-fafe-4ed7-a56b-0885711e925f-1725890779426
.mercadolibre.com/ Name: edsid
Value: 9f9086c2-a108-464b-89c5-5689a031c332-1725890779426
.mercadolibre.com/ Name: _d2id
Value: 6de85682-70e6-471b-b03a-21d252b03722-n
.mercadopago.com.br/ Name: _d2id
Value: d417f7bc-c854-40c2-ba3f-590cef1b4473-n
www.mercadopago.com.br/ Name: p_dsid
Value: e6779821-4688-4343-9744-579a5c99d553-1725890779446
www.mercadopago.com.br/ Name: p_edsid
Value: 45582d62-b5df-4fbc-b7ed-be42d107e5be-1725890779446

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.mercadolibre.com
api.mercadopago.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
events.mercadopago.com
fonts.googleapis.com
fonts.gstatic.com
ft.xn--premiosuberdadepresso-21b.com.br
http2.mlstatic.com
www.facebook.com
www.mercadolibre.com
www.mercadopago.com.br
108.138.115.182
108.139.29.88
23.223.209.54
2606:4700::6811:180e
2607:f8b0:4006:80f::200a
2607:f8b0:4006:820::2003
2a02:4780:13:1536:0:12c9:afd7:2
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:200::485
3.171.139.110
3.33.182.45
52.21.144.157
0024a342336d9a24872eb8058eb870e339d3c0bcd4798c35192bc2e3067d0bb7
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
061f0b1ea79e6e2ca24f4603e55d3e909f7471ba0b279cdb6dea40554106c6a2
1a5bb92d3a4f3d6c5260b0cebc7fd5fc9da5afc7dbba4716771abbb64922fcce
2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995
3017df4a76db5f01c2b99b603d88b03106df13bcfe18e67b7c13c2341d3a67df
3985943c4a2071144c29ae1634ccdc9c0b4755ad4ff745f21873a452062374fd
4f93a769c6d9bcdebef136c88196eae26fb4285d3a56ff4d3f39e2fe814d2db3
4f9fd83d65a6ad09005ec3e12537a23beb340cd017fce8749e138bfeb530da68
521f8bfddccaa63b3e71ee5ea66fc76e31c203246734d49cd07e44daf8ee9475
7813f21ffc8ab5a9c4808a33cae9e6234b4ab3b14245a8900bdd62879642077c
7ba24c4138c4c3cfe694a8fc8943b8ce21b9bfbb14edcb290b8654fcaa365d6b
8b23b11cc41935432a9b5b63273513d98bc418a64294d42611877ec4cdf73015
8d338376f80183ce1dfb166535f61498ef2403368414d781afcaefa4ecaa0adc
92df31cb891784ee93c213651e5ae5b2a877956ccd30fa9cec47e5aad4b0b46d
9be8bb290ed088e209d997378e24a6a17cf98e4f512ba8f4522149b9370f5f12
a6ad75329c9db12d5ce76c1809f6322d4452db44b32afb1c09fe49cb4d363df9
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
af35cc6aba34e5005de77099dfa72d4c1a7715d28ddcec343f48031dc8cb08bc
b218d5d23b8b9eca42a36a017a184d7fb56e724200bfb21e765dbdcdf23bfc17
c0a61004e42a27eaf5a9190fe5d743440ac98c20685a38e8e9fd7cece8f08565
c64ca6069ef4a8c4879c89cb1170d66f7e29c8e37cb0118c0354bce2f4082f1e
c76f5c473d7564fb36a4ecf6d4254f9b2c8935465fae48446692fdf7742b174f
c874e14c63db86c4c5318c77cb557fce7036645edc7d690dcc1d23b389631b13
ca6b6a57ba8b64c2494437a09d0fb56ac71c56157f8c127cdbf5ed669facd196
cb9c573dc3e65184b1ac9acbc59d6f02d313adafc907f81992adae6befa2b05d
ddf4fe07c7be0695b2c8671b921ae6705a404a94b2c5132816ad6a282d6f31aa
deadc06d96555df449720e2ee2a9e963a2984320feb5ec9148aeb0f22de62521
dfaff480d3d69518a9293729aeb2d9c8c651d4bf6f1a38d1d64afab8566ed817
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9874a0499296c68a4d0c655a5fa02e90b998e8156e5c82e37cbddca2fbeeef0
f5d1a01bac91934eb17df5fc05c9dcc01ab6941e9ef7c208675987757daa9f37
ff8510712984ac3ccf08c022b8e8963d556c34ddacdd963f36c99735c8f42057