hmpremoldados.online Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hmpremoldados.online/
Effective URL:
https://hmpremoldados.online/
Submission Tags: suspect
Submission: On August 27 via api (August 27th 2024, 1:34:06 pm UTC) from BR — Scanned from NL

Summary HTTP 31 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 12 domains to perform 31 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is hmpremoldados.online.
TLS certificate: Issued by WE1 on August 26th 2024. Valid for: 3 months.

This is the only time hmpremoldados.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8 9	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	76.76.21.21 76.76.21.21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:400... 2a04:4e42:400::720	54113 (FASTLY) (FASTLY)
4	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
4	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
1	65.9.86.81 65.9.86.81	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:29:1... 2620:1ec:29:1::72	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1d::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	52.152.143.207 52.152.143.207	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
31	13

9 2a06:98c1:3121::3 (United States) 8 redirects

ASN13335 (CLOUDFLARENET, US)

hmpremoldados.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 76.76.21.21 (Walnut, United States)

ASN16509 (AMAZON-02, US)

rifei.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::720 (United States)

ASN54113 (FASTLY, US)

rifei.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.86.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-81.ams1.r.cloudfront.net

cdn.rifei.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:29:1::72 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1d::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.si	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.152.143.207 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

o.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	hmpremoldados.online 8 redirects hmpremoldados.online	13 KB
8	rifei.com.br rifei.com.br	127 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	4 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	75 KB
3	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 1114 o.clarity.ms — Cisco Umbrella Rank: 12757	28 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	293 KB
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3773
2	imgix.net rifei.imgix.net	74 KB
1	google.si www.google.si — Cisco Umbrella Rank: 20991	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 252	257 B
1	rifei.co cdn.rifei.co	2 KB
1	gstatic.com fonts.gstatic.com	48 KB
31	12

	Domain	Requested by
9	hmpremoldados.online	8 redirects
8	rifei.com.br	hmpremoldados.online
4	www.facebook.com	hmpremoldados.online
4	connect.facebook.net	hmpremoldados.online connect.facebook.net www.googletagmanager.com
3	www.googletagmanager.com	hmpremoldados.online www.googletagmanager.com
2	region1.analytics.google.com	www.googletagmanager.com
2	www.clarity.ms	hmpremoldados.online www.clarity.ms
2	rifei.imgix.net	hmpremoldados.online
1	o.clarity.ms	www.clarity.ms
1	www.google.si
1	stats.g.doubleclick.net	www.googletagmanager.com
1	cdn.rifei.co
1	fonts.gstatic.com	hmpremoldados.online
31	13

This site contains links to these domains. Also see Links.

Domain
rifei.com.br

Subject Issuer	Validity	Valid
hmpremoldados.online WE1	`2024-08-26` - `2024-11-24`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-12-07` - `2025-01-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-05` - `2024-09-03`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
rifei.com.br Amazon RSA 2048 M02	`2023-12-23` - `2025-01-21`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.si WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://hmpremoldados.online/
Frame ID: 4B71A7695DE7824B621C651B06F069E2
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Campanhas | HM premoldados

Page URL History Show full URLs

http://hmpremoldados.online/ HTTP 307
https://hmpremoldados.online/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

31
Requests

74 %
HTTPS

69 %
IPv6

12
Domains

13
Subdomains

13
IPs

3
Countries

661 kB
Transfer

2022 kB
Size

4
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://rifei.com.br/ajuda/outros/termos-de-uso
Title: Termos de uso

Search URL Search Domain Scan URL

URL: https://rifei.com.br/ajuda/outros/politica-de-privacidade
Title: Política de privacidade

Search URL Search Domain Scan URL

URL: https://rifei.com.br/?utm_source=footer&utm_medium=profile&utm_campaign=446159
Title: Rifei

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hmpremoldados.online/ HTTP 307
https://hmpremoldados.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://hmpremoldados.online/_next/static/css/d05bfb1745c8d69d.css HTTP 302
https://rifei.com.br/_next/static/css/d05bfb1745c8d69d.css

Request Chain 1

https://hmpremoldados.online/_next/static/chunks/webpack-4a2024d990a62354.js HTTP 302
https://rifei.com.br/_next/static/chunks/webpack-4a2024d990a62354.js

Request Chain 2

https://hmpremoldados.online/_next/static/chunks/framework-4ed89e9640adfb9e.js HTTP 302
https://rifei.com.br/_next/static/chunks/framework-4ed89e9640adfb9e.js

Request Chain 3

https://hmpremoldados.online/_next/static/chunks/main-77dba4523bde2cd9.js HTTP 302
https://rifei.com.br/_next/static/chunks/main-77dba4523bde2cd9.js

Request Chain 4

https://hmpremoldados.online/_next/static/chunks/pages/_app-2e7af36098f80402.js HTTP 302
https://rifei.com.br/_next/static/chunks/pages/_app-2e7af36098f80402.js

Request Chain 5

https://hmpremoldados.online/_next/static/chunks/pages/campanhas/%5Busername%5D-964f8e4292cbe641.js HTTP 302
https://rifei.com.br/_next/static/chunks/pages/campanhas/%5Busername%5D-964f8e4292cbe641.js

Request Chain 6

https://hmpremoldados.online/_next/static/7HzjbqvkXX0rVwScs6h0y/_buildManifest.js HTTP 302
https://rifei.com.br/_next/static/7HzjbqvkXX0rVwScs6h0y/_buildManifest.js

Request Chain 7

https://hmpremoldados.online/_next/static/7HzjbqvkXX0rVwScs6h0y/_ssgManifest.js HTTP 302
https://rifei.com.br/_next/static/7HzjbqvkXX0rVwScs6h0y/_ssgManifest.js

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
hmpremoldados.online/
Redirect Chain

http://hmpremoldados.online/
https://hmpremoldados.online/

40 KB
9 KB

294ms
231ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hmpremoldados.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

64149dcf258e9d745f989cd3e94b3c486d00ac03ff5b393f961600bc2ec894a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

age: 86
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8b9c6fae8e3fd22e-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 27 Aug 2024 13:33:57 GMT
expires: 10
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5EDh9Kw9tE3GuFl6JP1AFXcjR%2B4xu9RItXtalHllLbOScLohz6o%2BOxZsetCuM%2F87cqUT5Z1Cl24pTyrkWeh5j9Xur8V3b05piYwd0Hep8mp47HuVAv7ypI8apIqGEXqw2VIAGeNsbiYtxCUBk9AxSHJkPA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000
x-matched-path: /campanhas/[username]
x-powered-by: Next.js
x-vercel-cache: STALE
x-vercel-id: iad1::iad1::qltkt-1724765637037-0c2f3595aabb

Redirect headers

Location: https://hmpremoldados.online/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2

200

d05bfb1745c8d69d.css
rifei.com.br/_next/static/css/
Redirect Chain

https://hmpremoldados.online/_next/static/css/d05bfb1745c8d69d.css
https://rifei.com.br/_next/static/css/d05bfb1745c8d69d.css

13 KB
3 KB

499ms
83ms

Stylesheet
text/css

76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rifei.com.br/_next/static/css/d05bfb1745c8d69d.css

Requested by

Host: hmpremoldados.online
URL: https://hmpremoldados.online/

Protocol

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

25c040dc39c301dde47947833df184603b5b723634433c94a1e1f4933229f23f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://hmpremoldados.online/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Tue, 27 Aug 2024 13:33:57 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::x6d97-1724765637764-afb92f3be16f
age: 128378
x-matched-path: /_next/static/css/d05bfb1745c8d69d.css
etag: W/"9ec9c7203de9f9ea1343e3e9362886b6"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="d05bfb1745c8d69d.css"

Redirect headers

date: Tue, 27 Aug 2024 13:33:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OKjfNHYK9xReYB8J9DgOBrZAL5E0xN%2FLYATfl%2B%2F3EeK%2F5b3Z8gGsD62a6pS4v8yqmtBjcd4dtp6k9oY8Rid0zKYhlAO1zKIHpmnW6mAehdH2InI5kkAAV2PVKr3K%2Fs9YwipcoSXxylX2r%2BmFlUiscmLHVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
location: https://rifei.com.br/_next/static/css/d05bfb1745c8d69d.css
cache-control: public, max-age=14400, s-maxage=10, stale-while-revalidate=59
cf-ray: 8b9c6fb01a5dd22e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 73
expires: 10

GET
H2

200

webpack-4a2024d990a62354.js Show response
rifei.com.br/_next/static/chunks/
Redirect Chain

https://hmpremoldados.online/_next/static/chunks/webpack-4a2024d990a62354.js
https://rifei.com.br/_next/static/chunks/webpack-4a2024d990a62354.js

3 KB
1 KB

454ms
36ms

Script
application/javascript

76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rifei.com.br/_next/static/chunks/webpack-4a2024d990a62354.js

Requested by

Host: hmpremoldados.online
URL: https://hmpremoldados.online/

Protocol

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

c97e8d6b8e9cf4cc0a55b7057ee4ca50eb0b1681326a1638cc62182a8d977cf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://hmpremoldados.online/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Tue, 27 Aug 2024 13:33:57 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::24tjh-1724765637763-5adbdaf54045
age: 128378
x-matched-path: /_next/static/chunks/webpack-4a2024d990a62354.js
etag: W/"32e13b685bc1bcbe92310b3fbf55d9fe"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="webpack-4a2024d990a62354.js"

Redirect headers

date: Tue, 27 Aug 2024 13:33:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jp1g6zz4Nv9JAlGNrpuKiYZgLDYCOtWmFCBqMg98%2BzOLx6tIBg%2BK2NnnOpoCkkOkvw07vbNgOpG5nRmqXdVUcw5iX11Qg1X5mzZI%2F1rPCgu8EimJFoqRe%2Fhhe2Uk0PFrM1KWnJPyD6dBwdVMnx03hjfU8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
location: https://rifei.com.br/_next/static/chunks/webpack-4a2024d990a62354.js
cache-control: public, max-age=14400, s-maxage=10, stale-while-revalidate=59
cf-ray: 8b9c6fb01a60d22e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 83
expires: 10

GET
H2

200

framework-4ed89e9640adfb9e.js Show response
rifei.com.br/_next/static/chunks/
Redirect Chain

https://hmpremoldados.online/_next/static/chunks/framework-4ed89e9640adfb9e.js
https://rifei.com.br/_next/static/chunks/framework-4ed89e9640adfb9e.js

138 KB
46 KB

441ms
36ms

Script
application/javascript

76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rifei.com.br/_next/static/chunks/framework-4ed89e9640adfb9e.js

Requested by

Host: hmpremoldados.online
URL: https://hmpremoldados.online/

Protocol

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

8b219e2882c6c3918baca761cc2f4b4212b90d1664a43608155b1200013939ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://hmpremoldados.online/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Tue, 27 Aug 2024 13:33:57 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::jb4mm-1724765637763-c7b9eb85079e
age: 128378
x-matched-path: /_next/static/chunks/framework-4ed89e9640adfb9e.js
etag: W/"559e777379007506d17e0a4e7f608a51"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="framework-4ed89e9640adfb9e.js"

Redirect headers

date: Tue, 27 Aug 2024 13:33:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1lPlRxE2AuwPF%2BC8UzM%2F2r7c4vcljCESv1YYgJRO3T6AAt4rtkcQszCEDb4WLDQ4ziiblYwvQsEZpVgpyb7fs46OQTqKWzvAVo1e9sojc6rjmN97ZdqnZPag35iLldwdSLIj3q9WPOUr6GcQNd%2BsKccDNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
location: https://rifei.com.br/_next/static/chunks/framework-4ed89e9640adfb9e.js
cache-control: public, max-age=14400, s-maxage=10, stale-while-revalidate=59
cf-ray: 8b9c6fb03aebd22e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 85
expires: 10

GET
H2

200

main-77dba4523bde2cd9.js Show response
rifei.com.br/_next/static/chunks/
Redirect Chain

https://hmpremoldados.online/_next/static/chunks/main-77dba4523bde2cd9.js
https://rifei.com.br/_next/static/chunks/main-77dba4523bde2cd9.js

107 KB
33 KB

428ms
37ms

Script
application/javascript

76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rifei.com.br/_next/static/chunks/main-77dba4523bde2cd9.js

Requested by

Host: hmpremoldados.online
URL: https://hmpremoldados.online/

Protocol

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

2173bd65c63829e208246246e5ef3550430f5e6d43a9e661fd18ea5a98ae7f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://hmpremoldados.online/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Tue, 27 Aug 2024 13:33:57 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::w8pzx-1724765637763-6be4a667e429
age: 128378
x-matched-path: /_next/static/chunks/main-77dba4523bde2cd9.js
etag: W/"bc80df5eed88901a544181ecc212d797"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="main-77dba4523bde2cd9.js"

Redirect headers

date: Tue, 27 Aug 2024 13:33:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GXEVGcrAHFksKvXBkO9HKBLeYb0ncJA%2B7aTP3oezgsIO6bnGFE5dnKi%2BoIoqiuPXBgTBahirAsChDqW4PWTzdtlo34ovTE9tjYTmzimRJduIEqdhrGjTYBuI78RwOjHRIUla22OpfNx04qWmbwfVbt3FYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
location: https://rifei.com.br/_next/static/chunks/main-77dba4523bde2cd9.js
cache-control: public, max-age=14400, s-maxage=10, stale-while-revalidate=59
cf-ray: 8b9c6fb03aeed22e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 80
expires: 10

GET
H2

200

_app-2e7af36098f80402.js Show response
rifei.com.br/_next/static/chunks/pages/
Redirect Chain

https://hmpremoldados.online/_next/static/chunks/pages/_app-2e7af36098f80402.js
https://rifei.com.br/_next/static/chunks/pages/_app-2e7af36098f80402.js

67 KB
26 KB

463ms
66ms

Script
application/javascript

76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rifei.com.br/_next/static/chunks/pages/_app-2e7af36098f80402.js

Requested by

Host: hmpremoldados.online
URL: https://hmpremoldados.online/

Protocol

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e7f54285d870324e17e438cec2a30bad0840095c36956ef433088b2c3d8e21b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://hmpremoldados.online/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Tue, 27 Aug 2024 13:33:57 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::qkm24-1724765637763-4cc9a070023d
age: 128378
x-matched-path: /_next/static/chunks/pages/_app-2e7af36098f80402.js
etag: W/"62211647e121629a192b7dfd99c5b897"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_app-2e7af36098f80402.js"

Redirect headers

date: Tue, 27 Aug 2024 13:33:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pkl1%2B58Cy7j%2BRdRidrlsJZZ542q%2FJzILTcG3Bo33yTkKIHNhulcQ06oT8uIzaMX%2FMWP3T0KpCZ6NtTgjOR47H5ysn3o79OhgQL1Qcl%2BuPqHclozBM0f%2B5fvrMH9pI1%2Bku7sZQb2jU0F3Yw0N%2FKnufJ51eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
location: https://rifei.com.br/_next/static/chunks/pages/_app-2e7af36098f80402.js
cache-control: public, max-age=14400, s-maxage=10, stale-while-revalidate=59
cf-ray: 8b9c6fb03af0d22e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 86
expires: 10

GET
H2

200

%5Busername%5D-964f8e4292cbe641.js Show response
rifei.com.br/_next/static/chunks/pages/campanhas/
Redirect Chain

https://hmpremoldados.online/_next/static/chunks/pages/campanhas/%5Busername%5D-964f8e4292cbe641.js
https://rifei.com.br/_next/static/chunks/pages/campanhas/%5Busername%5D-964f8e4292cbe641.js

57 KB
15 KB

457ms
62ms

Script
application/javascript

76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rifei.com.br/_next/static/chunks/pages/campanhas/%5Busername%5D-964f8e4292cbe641.js

Requested by

Host: hmpremoldados.online
URL: https://hmpremoldados.online/

Protocol

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

caa1e3f2ae2e75cff978cbeae06aa093d40b2d5ae7349f24527590d70967b6aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://hmpremoldados.online/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Tue, 27 Aug 2024 13:33:57 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::rlwbb-1724765637764-1b3ad1c2831c
age: 125107
x-matched-path: /_next/static/chunks/pages/campanhas/%5Busername%5D-964f8e4292cbe641.js
etag: W/"78ce04b5cdb1b350bdf2e3bcf65208cc"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="[username]-964f8e4292cbe641.js"

Redirect headers

date: Tue, 27 Aug 2024 13:33:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ucZK3LhtUpavjnyjqW23zG5z66X67VqBAUOlin4qZr46E%2FaLbjGzuv3N0ZbFlnPtxZt%2FfI3fv2WBz6y9ViqUKTYLLNMSWDmOXkFgBnhKOwiXONmbX8pW2y2%2FsZE%2FrTefmvsnU7YYf9uf8VofS9IFjS%2Freg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
location: https://rifei.com.br/_next/static/chunks/pages/campanhas/%5Busername%5D-964f8e4292cbe641.js
cache-control: public, max-age=14400, s-maxage=10, stale-while-revalidate=59
cf-ray: 8b9c6fb03af2d22e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 106
expires: 10

GET
H2

200

_buildManifest.js Show response
rifei.com.br/_next/static/7HzjbqvkXX0rVwScs6h0y/
Redirect Chain

https://hmpremoldados.online/_next/static/7HzjbqvkXX0rVwScs6h0y/_buildManifest.js
https://rifei.com.br/_next/static/7HzjbqvkXX0rVwScs6h0y/_buildManifest.js

4 KB
1 KB

471ms
83ms

Script
application/javascript

76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rifei.com.br/_next/static/7HzjbqvkXX0rVwScs6h0y/_buildManifest.js

Requested by

Host: hmpremoldados.online
URL: https://hmpremoldados.online/

Protocol

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

49a95d128ac841cc44f30b6504182158b1521d9e4b25fcf5dcb298120280cace

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://hmpremoldados.online/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Tue, 27 Aug 2024 13:33:57 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::n72dj-1724765637765-8da4f85cc2dd
age: 128378
x-matched-path: /_next/static/7HzjbqvkXX0rVwScs6h0y/_buildManifest.js
etag: W/"822bd9f4b8545c6cd7a7a9fa9cf54b6d"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_buildManifest.js"

Redirect headers

date: Tue, 27 Aug 2024 13:33:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5A8TPUbDpWP4fvqdRgt5RKQPmCZL8oEcK7or2frUh5acJgr9dm5iWOWbwTyuHqYZBzWjKwGFddGmVmj0g6gc0eeWDn41Lj94%2Fq4JsLnEciCXEcQVejz1k7kf2sf%2FLZl8jMtwBPRBz3z%2BMdB2gUKsALEPfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
location: https://rifei.com.br/_next/static/7HzjbqvkXX0rVwScs6h0y/_buildManifest.js
cache-control: public, max-age=14400, s-maxage=10, stale-while-revalidate=59
cf-ray: 8b9c6fb03af6d22e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 88
expires: 10

GET
H2

200

_ssgManifest.js Show response
rifei.com.br/_next/static/7HzjbqvkXX0rVwScs6h0y/
Redirect Chain

https://hmpremoldados.online/_next/static/7HzjbqvkXX0rVwScs6h0y/_ssgManifest.js
https://rifei.com.br/_next/static/7HzjbqvkXX0rVwScs6h0y/_ssgManifest.js

412 B
724 B

440ms
36ms

Script
application/javascript

76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rifei.com.br/_next/static/7HzjbqvkXX0rVwScs6h0y/_ssgManifest.js

Requested by

Host: hmpremoldados.online
URL: https://hmpremoldados.online/

Protocol

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

18e014bc1193d100a5ff1bbbc1a5b87c7dc02892b3b5da95f11f39ecf7915700

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://hmpremoldados.online/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Tue, 27 Aug 2024 13:33:57 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::ndqkl-1724765637763-6d5595a65786
age: 128378
x-matched-path: /_next/static/7HzjbqvkXX0rVwScs6h0y/_ssgManifest.js
etag: "22901dcb274b1afe45fbca2175dd485e"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_ssgManifest.js"
accept-ranges: bytes
content-length: 412

Redirect headers

date: Tue, 27 Aug 2024 13:33:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pQgtg5yWkCXjeXJ0ZLgmGoWYWBO296vGzgoW6gM1RHh2zk1bmGO4T%2FTyTjL37BvtwjYl1ehBS6qdapU%2F%2FfXRNyFHSk4uSkobPe9MNRZWqiKYfEu8HYpT9XzK9pGNP5ZWyAWL1XS%2BvYvs60ck%2Bj1UOTiOew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
location: https://rifei.com.br/_next/static/7HzjbqvkXX0rVwScs6h0y/_ssgManifest.js
cache-control: public, max-age=14400, s-maxage=10, stale-while-revalidate=59
cf-ray: 8b9c6fb03af9d22e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 86
expires: 10

GET
H2 200 UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0Q5nw.woff2
fonts.gstatic.com/s/inter/v18/ 47 KB
48 KB 95ms
23ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0Q5nw.woff2

Requested by

Host: hmpremoldados.online
URL: https://hmpremoldados.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c88db2401bef7e1203e0933cc5525a0f81863bfd076756db12acea5596f089ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hmpremoldados.online/
Origin: https://hmpremoldados.online
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Mon, 26 Aug 2024 23:09:53 GMT
x-content-type-options: nosniff
age: 51844
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48556
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:44:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Aug 2025 23:09:53 GMT

GET
H2 200 cm0b1f5560nrjwbjxfjjt2afm.jpeg
rifei.imgix.net/uploads/logos/ 11 KB
11 KB 223ms
89ms Image
image/png 2a04:4e42:400::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rifei.imgix.net/uploads/logos/cm0b1f5560nrjwbjxfjjt2afm.jpeg?h=100&fit=max&q=90

Requested by

Host: hmpremoldados.online
URL: https://hmpremoldados.online/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

f9dc97f511ca9ba83938f082707e6f98c2547d29a38f0e9bd319158e16551c2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hmpremoldados.online/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Tue, 27 Aug 2024 13:33:58 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Aug 2024 17:10:28 GMT
server: imgix
age: 73409
x-cache: HIT, HIT, MISS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: 1d2096ab4c39ff752b6d858f905360ddd9c15b3f
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 10971
x-served-by: cache-chi-klot8100169-CHI, cache-fra-etou8220096-FRA, cache-mad2200127-MAD

GET
H2 200 cm0b7s10m2i1owbjxadou6t06.jpeg
rifei.imgix.net/uploads/images/ 63 KB
63 KB 224ms
90ms Image
image/avif 2a04:4e42:400::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rifei.imgix.net/uploads/images/cm0b7s10m2i1owbjxadou6t06.jpeg?w=984&fit=max&q=70&auto=format,compress

Requested by

Host: hmpremoldados.online
URL: https://hmpremoldados.online/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

de5b60ef934b3b49f8641a37755cb415ab9dd46968daebb4f04f6b61a631443c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hmpremoldados.online/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Tue, 27 Aug 2024 13:33:58 GMT
x-content-type-options: nosniff
age: 73059
x-cache: HIT, HIT, MISS
x-imgix-id: 60b8c4d627e42c2d9118d6a0437a361d12f1d5e3
cross-origin-resource-policy: cross-origin
content-length: 64335
x-served-by: cache-chi-klot8100071-CHI, cache-fra-etou8220120-FRA, cache-mad2200127-MAD
last-modified: Mon, 26 Aug 2024 17:16:18 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 71ms
22ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: hmpremoldados.online
URL: https://hmpremoldados.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

82adafd2815d9ca49a6771392b15c4c7683f0490a8825ead54dd2d2594d44c62

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://hmpremoldados.online/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 27 Aug 2024 13:33:57 GMT
document-policy: force-load-at-top
x-fb-server-load: 37
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58912
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=23, mss=1232, tbw=4293, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: Zj5iO6GZlPM5hdcKjasuDgRmpaHy6mh0efnB8cOaXcuKT+0v4CFWT+lfvUg+WJ5LtDzOkSPr3TXdiTGhp0N3gA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
x-fb-optimizer: 1
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 796656588771068 Show response
connect.facebook.net/signals/config/ 73 KB
15 KB 140ms
139ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/796656588771068?v=2.9.165&r=stable&domain=hmpremoldados.online&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

649f892ddd86ed8cba6f12eaf1c28d96461f53544d1ee96c65a5cac69ced8d1b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://hmpremoldados.online/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 27 Aug 2024 13:33:58 GMT
document-policy: force-load-at-top
x-fb-server-load: 40
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=68, mss=1232, tbw=66869, tp=62, tpl=0, uplat=118, ullat=0
pragma: public
x-fb-debug: rPuE2f8/EfnG4yongDsjVfjQe6DAFFJ5nIqS41qs18HJhUr4eBP7hLYBVtsJ1bQrEg9VJVpy97UWM7mPQ7QINw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 91ms
19ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=796656588771068&ev=PageView&dl=https%3A%2F%2Fhmpremoldados.online%2F&rl=&if=false&ts=1724765638206&sw=1600&sh=1200&v=2.9.165&r=stable&ec=0&o=12318&fbp=fb.1.1724765638203.599302468218363569&cs_est=true&ler=empty&cdl=API_unavailable&it=1724765638049&coo=false&chmd=&chpv=&chfv=undefined&rqm=GET

Requested by

Host: hmpremoldados.online
URL: https://hmpremoldados.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hmpremoldados.online/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=10, mss=1297, tbw=2826, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Aug 2024 13:33:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 130ms
59ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=796656588771068&ev=PageView&dl=https%3A%2F%2Fhmpremoldados.online%2F&rl=&if=false&ts=1724765638206&sw=1600&sh=1200&v=2.9.165&r=stable&ec=0&o=12318&fbp=fb.1.1724765638203.599302468218363569&cs_est=true&ler=empty&cdl=API_unavailable&it=1724765638049&coo=false&chmd=&chpv=&chfv=undefined&rqm=FGET

Requested by

Host: hmpremoldados.online
URL: https://hmpremoldados.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://hmpremoldados.online/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Tue, 27 Aug 2024 13:33:58 GMT
document-policy: force-load-at-top
x-fb-server-load: 47
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=14, mss=1297, tbw=3144, tp=-1, tpl=-1, uplat=37, ullat=0
pragma: no-cache
x-fb-debug: vhcrPXP+PjqPMJoioo51PNqUqA3FL5fJ/N8SeGoslCbdsr9xahziDs1d3iAvScM2vAQqHm/o3iuogA+h5Vm6ZA==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 272 KB
95 KB 96ms
41ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MSHWDFZ

Requested by

Host: hmpremoldados.online
URL: https://hmpremoldados.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1de78213cc0a68336f41af677c02156ac1890ac5748ecdf17a72284d2367d83b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://hmpremoldados.online/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Tue, 27 Aug 2024 13:33:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97098
x-xss-protection: 0
last-modified: Tue, 27 Aug 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 27 Aug 2024 13:33:58 GMT

GET
H2 200 cm0b1fl7t0cu6gljr7gofe2ui.png
cdn.rifei.co/uploads/favicons/ 2 KB
2 KB 89ms
31ms Other
application/octet-stream 65.9.86.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rifei.co/uploads/favicons/cm0b1fl7t0cu6gljr7gofe2ui.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-86-81.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b0d78c11f2ca42713874a9b9aeeaf444a3dbcc48223377f17bcb8b57ea600ce

Request headers

Referer: https://hmpremoldados.online/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Tue, 27 Aug 2024 12:31:07 GMT
via: 1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
last-modified: Mon, 26 Aug 2024 13:32:26 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-C1
age: 3772
etag: "1b8c1f1f49ed631795951ce60488f8e2"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/octet-stream
accept-ranges: bytes
content-length: 1874
x-amz-cf-id: vDV8mFrr2mXY9xIN3IocxNwSQXIMBH5WM85A2zdiaqN1bDYC2L4Hfg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 319 KB
106 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9VKB6NHRWL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSHWDFZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bc3e02056f242e4bdf2ee82dba981e35eb27380accddf61a8130b71e8c2531af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://hmpremoldados.online/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Tue, 27 Aug 2024 13:33:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 107927
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 27 Aug 2024 13:33:58 GMT

GET
H3 200 6365538940125955 Show response
connect.facebook.net/signals/config/ 23 KB
3 KB 104ms
104ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/6365538940125955?v=2.9.165&r=stable&domain=hmpremoldados.online&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C196%2C195%2C197%2C202%2C203%2C204%2C200%2C192%2C128%2C130%2C159%2C191%2C193%2C119%2C153%2C141%2C147%2C185%2C186%2C125%2C228%2C113%2C123%2C124%2C229%2C161%2C116%2C231%2C162%2C132%2C120%2C150%2C144

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

1fe713050da18a20f7dec1cc8cbb78e1d6423d8cdc7a924ec0724cf4b7ebc82e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://hmpremoldados.online/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 27 Aug 2024 13:33:58 GMT
document-policy: force-load-at-top
x-fb-server-load: 63
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=81, mss=1232, tbw=83678, tp=78, tpl=0, uplat=82, ullat=0
pragma: public
x-fb-debug: wl1Ux2ZwxSNwQNAG91bLh5ouaXgqpSXK2x+CRdUHjvS9Il7WG5/ymnW64cVOqRhUxMoWgfDgJZV9Vf6VoHkSeQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
0 0ms
0ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSHWDFZ

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

82adafd2815d9ca49a6771392b15c4c7683f0490a8825ead54dd2d2594d44c62

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://hmpremoldados.online/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 27 Aug 2024 13:33:57 GMT
document-policy: force-load-at-top
x-fb-server-load: 37
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58912
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=23, mss=1232, tbw=4293, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: Zj5iO6GZlPM5hdcKjasuDgRmpaHy6mh0efnB8cOaXcuKT+0v4CFWT+lfvUg+WJ5LtDzOkSPr3TXdiTGhp0N3gA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
x-fb-optimizer: 1
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 9xf9l33c3l Show response
www.clarity.ms/tag/ 501 B
758 B 276ms
187ms Script
application/x-javascript 2620:1ec:29:1::72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/9xf9l33c3l?ref=gtm2
Requested by: Host: hmpremoldados.online
URL: https://hmpremoldados.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f54edb5eb2354ff3cd10e738e11882b6fe3d3b74c2c41a226c67e2514632fde1

Request headers

Referer: https://hmpremoldados.online/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
date: Tue, 27 Aug 2024 13:33:58 GMT
x-azure-ref: 20240827T133358Z-r15b8bc659bglnsvwydg767ps400000002p0000000003xez
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 501
expires: -1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 269 KB
92 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-318619293

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSHWDFZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b38b3c76882270d76a1186288e302e4ac91b00e99bc75a325b358a785e14f181

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://hmpremoldados.online/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Tue, 27 Aug 2024 13:33:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94601
x-xss-protection: 0
last-modified: Tue, 27 Aug 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 27 Aug 2024 13:33:58 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 82ms
27ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-9VKB6NHRWL&gtm=45je48q0v892395409z8889155623za200zb889155623&_p=1724765638340&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=325323309.1724765639&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724765638&sct=1&seg=0&dl=https%3A%2F%2Fhmpremoldados.online%2F&dt=Campanhas%20%7C%20HM%20premoldados&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1851
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9VKB6NHRWL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://hmpremoldados.online/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

pragma: no-cache
date: Tue, 27 Aug 2024 13:33:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hmpremoldados.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 110ms
25ms Ping
text/plain 2a00:1450:400c:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-9VKB6NHRWL&cid=325323309.1724765639&gtm=45je48q0v892395409z8889155623za200zb889155623&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9VKB6NHRWL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hmpremoldados.online/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

pragma: no-cache
date: Tue, 27 Aug 2024 13:33:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hmpremoldados.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.si/ads/ 42 B
408 B 140ms
57ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.si/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9VKB6NHRWL&cid=325323309.1724765639&gtm=45je48q0v892395409z8889155623za200zb889155623&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=79691653

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hmpremoldados.online/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

pragma: no-cache
date: Tue, 27 Aug 2024 13:33:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 29ms
26ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=6365538940125955&ev=PageView&dl=https%3A%2F%2Fhmpremoldados.online%2F&rl=&if=false&ts=1724765638679&cd[fbp]=fb.1.1724765638203.599302468218363569&sw=1600&sh=1200&ud[cn]=885036a0da3dff3c3e05bc79bf49382b12bc5098514ed57ce0875aba1aa2c40d&v=2.9.165&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1724765638203.599302468218363569&ler=empty&cdl=API_unavailable&it=1724765638049&coo=false&eid=1724765638509.977280.1&tm=1&chmd=&chpv=&chfv=undefined&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hmpremoldados.online/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=10, mss=1297, tbw=6419, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Aug 2024 13:33:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
278 B 66ms
64ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=6365538940125955&ev=PageView&dl=https%3A%2F%2Fhmpremoldados.online%2F&rl=&if=false&ts=1724765638679&cd[fbp]=fb.1.1724765638203.599302468218363569&sw=1600&sh=1200&ud[cn]=885036a0da3dff3c3e05bc79bf49382b12bc5098514ed57ce0875aba1aa2c40d&v=2.9.165&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1724765638203.599302468218363569&ler=empty&cdl=API_unavailable&it=1724765638049&coo=false&eid=1724765638509.977280.1&tm=1&chmd=&chpv=&chfv=undefined&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://hmpremoldados.online/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Tue, 27 Aug 2024 13:33:58 GMT
document-policy: force-load-at-top
x-fb-server-load: 31
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=10, mss=1297, tbw=6565, tp=-1, tpl=-1, uplat=33, ullat=0
pragma: no-cache
x-fb-debug: 6YGKMP2o7LUzeGT7YT21qkC9RElMNYfeKzqzeZv98k8uedJdMYua2ogdqXG+eQgD4iyGSwV0YDWECSvJHoY5VQ==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.45/ 64 KB
27 KB 48ms
47ms Script
application/javascript 2620:1ec:29:1::72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.45/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/9xf9l33c3l?ref=gtm2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 264532af47b2cfb6620970592478c442a0cd429beccead9d062ff5a91284dc15

Request headers

Referer: https://hmpremoldados.online/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Tue, 27 Aug 2024 13:33:58 GMT
content-encoding: br
last-modified: Sun, 25 Aug 2024 09:53:41 GMT
etag: W/"0x8DCC4EBCCD5C176"
vary: Accept-Encoding
x-azure-ref: 20240827T133358Z-r15b8bc659bglnsvwydg767ps400000002p0000000003xfb
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 0ea381b7-701e-004c-6cbf-f7beeb000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
284 B 324ms
121ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.45/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://hmpremoldados.online/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

Access-Control-Allow-Origin: https://hmpremoldados.online
Date: Tue, 27 Aug 2024 13:33:59 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 24ms
23ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-9VKB6NHRWL&gtm=45je48q0v892395409za200zb889155623&_p=1724765638340&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=325323309.1724765639&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1724765638&sct=1&seg=0&dl=https%3A%2F%2Fhmpremoldados.online%2F&dt=Campanhas%20%7C%20HM%20premoldados&en=scroll&epn.percent_scrolled=90&_et=10&tfd=6863
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9VKB6NHRWL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://hmpremoldados.online/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

pragma: no-cache
date: Tue, 27 Aug 2024 13:34:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hmpremoldados.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hmpremoldados.online/	1970-01-21 01:15:41	Name: _fbp Value: fb.1.1724765638203.599302468218363569
.hmpremoldados.online/	1970-01-21 01:15:41	Name: _gcl_au Value: 1.1.1509408366.1724765639
.hmpremoldados.online/	1970-01-21 08:42:05	Name: _ga Value: GA1.1.325323309.1724765639
.hmpremoldados.online/	1970-01-21 08:42:05	Name: _ga_9VKB6NHRWL Value: GS1.1.1724765638.1.0.1724765638.60.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.rifei.co
connect.facebook.net
fonts.gstatic.com
hmpremoldados.online
o.clarity.ms
region1.analytics.google.com
rifei.com.br
rifei.imgix.net
stats.g.doubleclick.net
www.clarity.ms
www.facebook.com
www.google.si
www.googletagmanager.com
157.240.253.1
2001:4860:4802:32::36
2620:1ec:29:1::72
2a00:1450:4001:81d::2008
2a00:1450:4001:829::2003
2a00:1450:4001:831::2003
2a00:1450:400c:c1d::9a
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:400::720
2a06:98c1:3121::3
52.152.143.207
65.9.86.81
76.76.21.21
18e014bc1193d100a5ff1bbbc1a5b87c7dc02892b3b5da95f11f39ecf7915700
1de78213cc0a68336f41af677c02156ac1890ac5748ecdf17a72284d2367d83b
1fe713050da18a20f7dec1cc8cbb78e1d6423d8cdc7a924ec0724cf4b7ebc82e
2173bd65c63829e208246246e5ef3550430f5e6d43a9e661fd18ea5a98ae7f97
25c040dc39c301dde47947833df184603b5b723634433c94a1e1f4933229f23f
264532af47b2cfb6620970592478c442a0cd429beccead9d062ff5a91284dc15
49a95d128ac841cc44f30b6504182158b1521d9e4b25fcf5dcb298120280cace
4b0d78c11f2ca42713874a9b9aeeaf444a3dbcc48223377f17bcb8b57ea600ce
64149dcf258e9d745f989cd3e94b3c486d00ac03ff5b393f961600bc2ec894a9
649f892ddd86ed8cba6f12eaf1c28d96461f53544d1ee96c65a5cac69ced8d1b
82adafd2815d9ca49a6771392b15c4c7683f0490a8825ead54dd2d2594d44c62
8b219e2882c6c3918baca761cc2f4b4212b90d1664a43608155b1200013939ca
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b38b3c76882270d76a1186288e302e4ac91b00e99bc75a325b358a785e14f181
bc3e02056f242e4bdf2ee82dba981e35eb27380accddf61a8130b71e8c2531af
c88db2401bef7e1203e0933cc5525a0f81863bfd076756db12acea5596f089ec
c97e8d6b8e9cf4cc0a55b7057ee4ca50eb0b1681326a1638cc62182a8d977cf9
caa1e3f2ae2e75cff978cbeae06aa093d40b2d5ae7349f24527590d70967b6aa
de5b60ef934b3b49f8641a37755cb415ab9dd46968daebb4f04f6b61a631443c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f54285d870324e17e438cec2a30bad0840095c36956ef433088b2c3d8e21b6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f54edb5eb2354ff3cd10e738e11882b6fe3d3b74c2c41a226c67e2514632fde1
f9dc97f511ca9ba83938f082707e6f98c2547d29a38f0e9bd319158e16551c2d

hmpremoldados.online Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

31 Requests

74 %HTTPS

69 %IPv6

12 Domains

13 Subdomains

13 IPs

3 Countries

661 kBTransfer

2022 kBSize

4 Cookies

3 Outgoing links

Page URL History

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hmpremoldados.online Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

74 %
HTTPS

69 %
IPv6

12
Domains

13
Subdomains

13
IPs

3
Countries

661 kB
Transfer

2022 kB
Size

4
Cookies

31 HTTP transactions
0 data transactions