wwwljpremiacoescombr.org Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://wwwljpremiacoescombr.org/
Submission: On November 22 via api (November 22nd 2024, 12:40:12 am UTC) from BE — Scanned from NL

Summary HTTP 51 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 15 domains to perform 51 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is wwwljpremiacoescombr.org.
TLS certificate: Issued by WE1 on November 14th 2024. Valid for: 3 months.

This is the only time wwwljpremiacoescombr.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.67.197.50 172.67.197.50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
4	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
4	2606:4700:10:... 2606:4700:10::6816:3bb5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
3	52.28.41.34 52.28.41.34	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.164 142.250.186.164	15169 (GOOGLE) (GOOGLE)
2	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:44de	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.240.253.35 157.240.253.35	32934 (FACEBOOK) (FACEBOOK)
1	172.217.23.110 172.217.23.110	15169 (GOOGLE) (GOOGLE)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
51	20

14 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

wwwljpremiacoescombr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.197.50 (United States)

ASN13335 (CLOUDFLARENET, US)

rsms.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:3bb5 (United States)

ASN13335 (CLOUDFLARENET, US)

eu-assets.i.posthog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.28.41.34 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-41-34.eu-central-1.compute.amazonaws.com

eu.i.posthog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:44de (United States)

ASN13335 (CLOUDFLARENET, US)

fbapi.rifa.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.110 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f110.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	wwwljpremiacoescombr.org wwwljpremiacoescombr.org	584 KB
7	posthog.com eu-assets.i.posthog.com — Cisco Umbrella Rank: 66351 eu.i.posthog.com — Cisco Umbrella Rank: 26682	110 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	328 KB
4	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110	196 KB
4	rsms.me rsms.me — Cisco Umbrella Rank: 8761	338 KB
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 389 ep2.adtrafficquality.google — Cisco Umbrella Rank: 403	20 KB
3	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 4108
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	212 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	74 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 79
1	rifa.digital fbapi.rifa.digital
1	google.nl www.google.nl — Cisco Umbrella Rank: 12293	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 135	551 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	952 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	17 KB
51	15

	Domain	Requested by
14	wwwljpremiacoescombr.org	wwwljpremiacoescombr.org
4	eu-assets.i.posthog.com	wwwljpremiacoescombr.org eu-assets.i.posthog.com
4	www.googletagmanager.com	wwwljpremiacoescombr.org www.googletagmanager.com
4	pagead2.googlesyndication.com	wwwljpremiacoescombr.org pagead2.googlesyndication.com
4	rsms.me	wwwljpremiacoescombr.org rsms.me
3	eu.i.posthog.com	eu-assets.i.posthog.com
2	ep2.adtrafficquality.google	pagead2.googlesyndication.com ep2.adtrafficquality.google
2	www.facebook.com	wwwljpremiacoescombr.org
2	region1.analytics.google.com	www.googletagmanager.com
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	www.youtube.com	wwwljpremiacoescombr.org
1	ep1.adtrafficquality.google	pagead2.googlesyndication.com
1	fbapi.rifa.digital	www.googletagmanager.com
1	www.google.nl	wwwljpremiacoescombr.org
1	stats.g.doubleclick.net	www.googletagmanager.com
1	www.google.com	www.googletagmanager.com
1	fonts.googleapis.com	wwwljpremiacoescombr.org
1	cdnjs.cloudflare.com	wwwljpremiacoescombr.org
51	18

This site contains no links.

Subject Issuer	Validity	Valid
wwwljpremiacoescombr.org WE1	`2024-11-14` - `2025-02-12`	3 months	crt.sh
rsms.me WE1	`2024-10-19` - `2025-01-17`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.i.posthog.com E5	`2024-11-20` - `2025-02-18`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-01` - `2024-11-30`	3 months	crt.sh
*.google.nl WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
rifa.digital WE1	`2024-11-14` - `2025-02-12`	3 months	crt.sh
adtrafficquality.google WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://wwwljpremiacoescombr.org/
Frame ID: EB90013A6B8A5FBACFBBDCA144030D52
Requests: 45 HTTP requests in this frame

Frame: https://www.youtube.com/embed/DUeCvF7e2_o
Frame ID: 26751BB99FB140FA9044BD6A10E43B66
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fwwwljpremiacoescombr.org
Frame ID: BF99BF4471A37AC573424E56E615E046
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html
Frame ID: 23BC48993973DDF432AB8C1BFA61792E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-2984742400813413&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1732236007&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fwwwljpremiacoescombr.org%2F&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&itsi=-1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732236007539&bpp=5&bdt=228&idt=236&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=1387612510265&frm=20&pv=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42533202%2C31088961%2C95345967%2C95347756&oid=2&pvsid=45103190971023&tmod=142209365&uas=0&nvt=1&fsapi=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=253
Frame ID: F8D4A45336316C5190A94AB5605499DD
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/DUeCvF7e2_o
Frame ID: B4121DD99F7056C3CEC29BD317665F89
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: C96B4CB2DDE713C3BBF0FE494B7B0437
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Termine a configuração do seu dominio | Rifa Digital

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

51
Requests

98 %
HTTPS

47 %
IPv6

15
Domains

18
Subdomains

20
IPs

5
Countries

1670 kB
Transfer

4002 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
wwwljpremiacoescombr.org/ 40 KB
13 KB 295ms
240ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wwwljpremiacoescombr.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a8398521dc1db8333f0b29c9c48690e112e3af37e75620b432aed29e17fb14c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8e64ddc3ce4e0e18-AMS
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Fri, 22 Nov 2024 00:40:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FKlC323Qyv3bLEAc7HeSBxLncL2IqXZN1cIt234ZPnPeMoYzAGdtrb49%2FUhZuo9esYHLYa1wrfuoQOhB7sQ%2B8BTPJgGoCMBseT3LUE0NB6GqDof3Qt1E%2Fn2kOo%2FqpPRArfy7LHk5PHM5Bu4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=22439&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4171&recv_bytes=4492&delivery_rate=460&cwnd=12000&unsent_bytes=0&cid=194aafbe92867e1c&ts=269&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding X-Inertia
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H3 200 inter.css
rsms.me/inter/ 11 KB
2 KB 57ms
29ms Stylesheet
text/css 172.67.197.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/inter.css
Requested by: Host: wwwljpremiacoescombr.org
URL: https://wwwljpremiacoescombr.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.197.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46d01c7807f64a24c1b2853b756ef15f3a2facdf4a9f066eaf5d39c0c9935441

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wwwljpremiacoescombr.org/

Response headers

x-fastly-request-id: e7a6fecf8454a7b082a5bf697bc4e77bc845d12c
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6737eec5-2ce9"
age: 432
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pzGi9vMzunZDBxL5sQ6I6LWsoebQ%2F6yqj6uLiNH2tz3D2fZClSGqWoGM0%2BIF1RblRZDBCWYZzQyfR3UzhOSZLEZptIBiHszR1shEvuPdE69PtlMBPmRI8cex"}],"group":"cf-nel","max_age":604800}
x-github-request-id: F246:6B5FF:291D16B:2A0B8EC:6737EF89
expires: Tue, 19 Nov 2024 05:40:55 GMT
x-proxy-cache: MISS
alt-svc: h3=":443"; ma=86400
x-cache: HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=14663&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4102&recv_bytes=4272&delivery_rate=198787&cwnd=12000&unsent_bytes=0&cid=c7e03fd37cabaa9e&ts=30&x=1", cfHdrFlush;dur=0
date: Fri, 22 Nov 2024 00:40:07 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-ams21075-AMS
x-cache-hits: 1
last-modified: Sat, 16 Nov 2024 01:00:53 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1731719315.265205,VS0,VE1
via: 1.1 varnish
cf-ray: 8e64ddc5ff5866ae-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1305
x-origin-cache: HIT
server: cloudflare

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/ 99 KB
17 KB 76ms
28ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/all.min.css

Requested by

Host: wwwljpremiacoescombr.org
URL: https://wwwljpremiacoescombr.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5e8e8eb22e2eaf1ad02370c22c63c04774ab0b83b4329d5945333750814bb2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wwwljpremiacoescombr.org/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "62deef96-4324"
age: 712085
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MHXaltR9QEtybnJHg6UQbd3O%2Bb2%2FNx9TKd2lXzqwFe%2FxQD8%2B%2FnJ%2B3acCRNKtqGtWKvBhgmFk3byEMc1rINedQb1jWwCRjbUtAAXEICsuYFCT2cL1gpWI%2FP0T4sftChHvgEC%2BDIhy"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 12 Nov 2025 00:40:07 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 22 Nov 2024 00:40:07 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 25 Jul 2022 19:31:34 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e64ddc6199a796f-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17188
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
952 B 100ms
29ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lexend:wght@400;500&display=swap

Requested by

Host: wwwljpremiacoescombr.org
URL: https://wwwljpremiacoescombr.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8e9f799d8c76ced82ee22877e96636ebabf5f69f4e1f16c3bcb15fcbb26b38d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wwwljpremiacoescombr.org/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 22 Nov 2024 00:40:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 00:40:07 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 22 Nov 2024 00:40:07 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
52 KB 80ms
38ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2984742400813413

Requested by

Host: wwwljpremiacoescombr.org
URL: https://wwwljpremiacoescombr.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

4fbe9145d14d2d7b8b58fe2c733c10c5c26769d1bf1648a95be6b57a6a282807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://wwwljpremiacoescombr.org
Referer: https://wwwljpremiacoescombr.org/

Response headers

content-encoding: br
etag: 5303326182031185460
x-content-type-options: nosniff
expires: Fri, 22 Nov 2024 00:40:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Fri, 22 Nov 2024 00:40:07 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53369
x-xss-protection: 0
server: cafe

GET
H3 200 app-C2Rkk2Fc.css
wwwljpremiacoescombr.org/build/assets/ 13 KB
3 KB 206ms
205ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wwwljpremiacoescombr.org/build/assets/app-C2Rkk2Fc.css

Requested by

Host: wwwljpremiacoescombr.org
URL: https://wwwljpremiacoescombr.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4522082cba4909ad4b9a81e3b657c4c243f2e62f6dd5556d1a7b1a72caff6405

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wwwljpremiacoescombr.org/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"673fa307-3241"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FK0nNuVgWElhXpIs7ZKiDmhEpKIJYUSkPcoFtFMIx2DqH2YWYrsb7L8vm829ZyOabi0s2k4gZIQZQQhLbYaUmF7jZ%2FUaKXa0TRf3gQ28cbCm0OvbS2dfsjauRY7iBQp3KX7pt4DqgxmFtyE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19545&sent=27&recv=20&lost=0&retrans=0&sent_bytes=18123&recv_bytes=7562&delivery_rate=820349&cwnd=13200&unsent_bytes=0&cid=194aafbe92867e1c&ts=556&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 22 Nov 2024 00:40:07 GMT
content-type: text/css
last-modified: Thu, 21 Nov 2024 21:15:51 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e64ddc5d81a0e18-AMS
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 app-BNxgb9Nk.css
wwwljpremiacoescombr.org/build/assets/ 114 KB
18 KB 316ms
315ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wwwljpremiacoescombr.org/build/assets/app-BNxgb9Nk.css

Requested by

Host: wwwljpremiacoescombr.org
URL: https://wwwljpremiacoescombr.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f2c7f65c0c9edd68df1cd5eca9f9eb174aee3939713ee5342e4394b100daea2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wwwljpremiacoescombr.org/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"673fa307-1c87a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z6p2fiDpb%2BP2evmng6HGpLEPQ%2FSlHC6j74DhNNJ%2Bqdf69c8%2BzdH87nJkm0u8id%2BQmM0nef1QNJbSV9yKyE%2Bd%2FtucRrGU3OcWf6U2wBqR7ffVt56YJCEF5eXLxtquV3whaI7BFeCkw31nRxU%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18332&sent=30&recv=22&lost=0&retrans=0&sent_bytes=20949&recv_bytes=7649&delivery_rate=14316&cwnd=13200&unsent_bytes=0&cid=194aafbe92867e1c&ts=648&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 22 Nov 2024 00:40:07 GMT
content-type: text/css
last-modified: Thu, 21 Nov 2024 21:15:51 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e64ddc5d81c0e18-AMS
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 app-CzHf1Ydo.js Show response
wwwljpremiacoescombr.org/build/assets/ 346 KB
125 KB 324ms
323ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wwwljpremiacoescombr.org/build/assets/app-CzHf1Ydo.js

Requested by

Host: wwwljpremiacoescombr.org
URL: https://wwwljpremiacoescombr.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c3d99d9b999b821ab1859acbd6d3ebab4cb776a9910892ccfb761ff8cecf52a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://wwwljpremiacoescombr.org
Referer: https://wwwljpremiacoescombr.org/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"673fa307-5677a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bx%2Bt%2BlXo7Z9xsmoZPFxHM3yomfZnCErEg3NYgEa7K6MIFGlAqAhHhQm%2FJaAE4leskw9jtW1KbgOwuvp0bbnvTu%2B5pVfeafsRUEoc%2B%2BXAkQ0Cqob4lAI3lX1FEWVNBJU%2FY1pettT7G2wwvQ8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18332&sent=41&recv=22&lost=0&retrans=0&sent_bytes=34149&recv_bytes=7649&delivery_rate=14316&cwnd=13200&unsent_bytes=0&cid=194aafbe92867e1c&ts=663&x=1", cfExtPri, cfHdrFlush;dur=9
date: Fri, 22 Nov 2024 00:40:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 21 Nov 2024 21:15:51 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e64ddc5d81e0e18-AMS
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 297 KB
103 KB 102ms
42ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MDPCFZ7

Requested by

Host: wwwljpremiacoescombr.org
URL: https://wwwljpremiacoescombr.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7fb34ea186b86228ca027368b20419a2b765e9745ad113ebd48c01886982e7eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wwwljpremiacoescombr.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Fri, 22 Nov 2024 00:40:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 00:40:07 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 22 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 104266
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 array.js Show response
eu-assets.i.posthog.com/static/ 168 KB
60 KB 110ms
61ms Script
text/javascript 2606:4700:10::6816:3bb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-assets.i.posthog.com/static/array.js

Requested by

Host: wwwljpremiacoescombr.org
URL: https://wwwljpremiacoescombr.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3bb5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b71073b126a4aafc6306d341b54b6dbff006084478784b3d9da1bf9eaf24124

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://wwwljpremiacoescombr.org
Referer: https://wwwljpremiacoescombr.org/

Response headers

cache-control: public, max-age=300
cross-origin-opener-policy: same-origin
content-encoding: gzip
x-envoy-upstream-service-time: 3
cf-cache-status: MISS
referrer-policy: same-origin
x-content-type-options: nosniff
cf-ray: 8e64ddc6c9f06702-AMS
access-control-allow-origin: *
date: Fri, 22 Nov 2024 00:40:07 GMT
content-type: text/javascript; charset="utf-8"
last-modified: Thu, 21 Nov 2024 21:42:59 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 DUeCvF7e2_o
www.youtube.com/embed/ Frame 2675 0
0 160ms
103ms Document
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/DUeCvF7e2_o

Requested by

Host: wwwljpremiacoescombr.org
URL: https://wwwljpremiacoescombr.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wwwljpremiacoescombr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Nov 2024 00:40:07 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/ 434 KB
144 KB 80ms
79ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2984742400813413&plah=wwwljpremiacoescombr.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2984742400813413

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

b0e04ff4b77e311fb5fae9270aa7036f4c9fde258ea57f519816e46e86f3b6bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wwwljpremiacoescombr.org/

Response headers

content-encoding: br
etag: 13499071411308872701
x-content-type-options: nosniff
expires: Fri, 22 Nov 2024 00:40:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Fri, 22 Nov 2024 00:40:07 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 147668
x-xss-protection: 0
server: cafe

POST
H2 200 / Show response
eu.i.posthog.com/decide/ 879 B
845 B 121ms
36ms XHR
application/json 52.28.41.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.i.posthog.com/decide/?v=3&ip=1&_=1732236007558&ver=1.187.2&compression=base64

Requested by

Host: eu-assets.i.posthog.com
URL: https://eu-assets.i.posthog.com/static/array.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.41.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-41-34.eu-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

ee3d955f736977f40f23efaa2085a389169f2e6d387a36b2d0d96c2c297d2738

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://wwwljpremiacoescombr.org/

Response headers

cross-origin-opener-policy: same-origin
content-encoding: gzip
x-envoy-upstream-service-time: 5
access-control-allow-credentials: true
x-content-type-options: nosniff
referrer-policy: same-origin
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://wwwljpremiacoescombr.org
date: Fri, 22 Nov 2024 00:40:07 GMT
content-type: application/json
vary: Accept-Encoding
server: envoy
access-control-allow-headers: X-Requested-With,Content-Type

POST
H2 200 / Show response
eu.i.posthog.com/e/ 13 B
409 B 109ms
35ms XHR
application/json 52.28.41.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.i.posthog.com/e/?ip=1&_=1732236007567&ver=1.187.2&compression=gzip-js

Requested by

Host: eu-assets.i.posthog.com
URL: https://eu-assets.i.posthog.com/static/array.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.41.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-41-34.eu-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://wwwljpremiacoescombr.org/

Response headers

cross-origin-opener-policy: same-origin
content-encoding: gzip
x-envoy-upstream-service-time: 3
access-control-allow-credentials: true
x-content-type-options: nosniff
referrer-policy: same-origin
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://wwwljpremiacoescombr.org
date: Fri, 22 Nov 2024 00:40:07 GMT
content-type: application/json
vary: Accept-Encoding
server: envoy
access-control-allow-headers: X-Requested-With,Content-Type

POST
H3 200 collect
www.google.com/ccm/ 0
0 113ms
57ms Ping
text/plain 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwwwljpremiacoescombr.org%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1512745615.1732236008&auid=1821038402.1732236008&npa=1&gtm=45He4bk0v857888618za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732236007599&tfd=659&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDPCFZ7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wwwljpremiacoescombr.org/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 409 KB
132 KB 102ms
101ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KHYBPRP9RF&l=dataLayer&cx=c&gtm=45He4bk0v857888618za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDPCFZ7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c7772950cafce943e2eb27c3f46e1a74bf80ba396a600ad6529473e1f8ebad9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wwwljpremiacoescombr.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 22 Nov 2024 00:40:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 00:40:07 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 134689
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 66ms
39ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDPCFZ7

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-FwQdX2U5' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wwwljpremiacoescombr.org/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 22 Nov 2024 00:40:07 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-FwQdX2U5' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=23, mss=1232, tbw=4459, tp=9, tpl=0, uplat=7, ullat=-1
pragma: public
x-fb-debug: EzqHR2vuCF5WPqHWAHJDEsVMB+SfrILLno+cNZd76jTAwu4BVxvLnHoYWh2Aa77i4H/tyMu+X9ygdhhVsFv+fw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62107
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 265 KB
94 KB 42ms
41ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-10846468162&l=dataLayer&cx=c&gtm=45He4bk0v857888618za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDPCFZ7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2af67064ad5b39baa36269673d9f7bcc791b229db5b75d2d95910102304b5bdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wwwljpremiacoescombr.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Fri, 22 Nov 2024 00:40:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 00:40:07 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 22 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 95671
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame BF99 0
0 114ms
31ms Document
text/html 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fwwwljpremiacoescombr.org

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDPCFZ7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Nov 2024 00:40:07 GMT
expires: Sat, 22 Nov 2025 00:40:07 GMT
last-modified: Tue, 19 Nov 2024 10:38:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Inter-Bold.woff2
rsms.me/inter/font-files/ 112 KB
113 KB 146ms
107ms Font
font/woff2 172.67.197.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/font-files/Inter-Bold.woff2?v=4.1
Requested by: Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.197.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa888127b6da015b65569f0351f3b5c391ad928904951f1c20e9f8462a8d95ea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://wwwljpremiacoescombr.org
Referer: https://rsms.me/inter/inter.css

Response headers

x-fastly-request-id: 5f0781c897b9d6a79f1fc62d5596caadd06215fa
cf-cache-status: MISS
etag: "6737eec5-1c098"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oxe2Xtewn11uzy6UoWBbHuo%2Fdv0VHULLkfQFpd8c7TWhrSvKwrpJwY%2Bsgf%2Fxh4Ekg74rre9XttLjW%2FVxXW7iHQ9UGWkhFdm31F1KCTEb1WOp2tq4HASCp4k0"}],"group":"cf-nel","max_age":604800}
x-github-request-id: 39C5:1D8C4D:28157AA:29050DC:6737EF7D
expires: Sat, 16 Nov 2024 01:13:57 GMT
x-proxy-cache: MISS
alt-svc: h3=":443"; ma=86400
x-cache: HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=31985&sent=18&recv=8&lost=0&retrans=0&sent_bytes=13527&recv_bytes=4745&delivery_rate=44583&cwnd=12000&unsent_bytes=0&cid=db5ab539df810a48&ts=53&x=1", cfHdrFlush;dur=11
date: Fri, 22 Nov 2024 00:40:07 GMT
content-type: font/woff2
x-served-by: cache-ams2100123-AMS
x-cache-hits: 10
last-modified: Sat, 16 Nov 2024 01:00:53 GMT
vary: Accept-Encoding
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1732236008.716114,VS0,VE0
via: 1.1 varnish
cf-ray: 8e64ddc82fbe93be-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 114840
x-origin-cache: HIT
server: cloudflare

GET
H3 200 Inter-SemiBold.woff2
rsms.me/inter/font-files/ 112 KB
113 KB 159ms
120ms Font
font/woff2 172.67.197.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/font-files/Inter-SemiBold.woff2?v=4.1
Requested by: Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.197.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cb7103e4e605989afebc03d989c79201e54b21b5183db33981f70db9178a301

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://wwwljpremiacoescombr.org
Referer: https://rsms.me/inter/inter.css

Response headers

x-fastly-request-id: 7277630b172fbf86d29682d5f511c04fda8c154b
cf-cache-status: MISS
etag: "6737eec5-1c07c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G9mdxlu9FlhHwHEVBHTA3hB5BUBelJJKipxd1GYEYuLUaD1RetZUCWbdNoq15SvbVk%2Fo6WzSSr4GmGFI2DX1a%2FyR5yKeoHQmwmb%2BAQ6s7Ni3QmHJeIYlt%2FGd"}],"group":"cf-nel","max_age":604800}
x-github-request-id: C44F:0DA4:26D0130:27B3138:6737EF7E
expires: Sat, 16 Nov 2024 01:13:58 GMT
x-proxy-cache: MISS
alt-svc: h3=":443"; ma=86400
x-cache: HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=31985&sent=18&recv=8&lost=0&retrans=0&sent_bytes=13527&recv_bytes=4745&delivery_rate=44583&cwnd=12000&unsent_bytes=0&cid=db5ab539df810a48&ts=50&x=1", cfHdrFlush;dur=14
date: Fri, 22 Nov 2024 00:40:07 GMT
content-type: font/woff2
x-served-by: cache-ams21059-AMS
x-cache-hits: 2
last-modified: Sat, 16 Nov 2024 01:00:53 GMT
vary: Accept-Encoding
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1732236008.713165,VS0,VE1
via: 1.1 varnish
cf-ray: 8e64ddc82fc093be-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 114812
x-origin-cache: HIT
server: cloudflare

GET
H3 200 Inter-Regular.woff2
rsms.me/inter/font-files/ 109 KB
110 KB 77ms
38ms Font
font/woff2 172.67.197.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/font-files/Inter-Regular.woff2?v=4.1
Requested by: Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.197.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e06f6b1bc553aaea4e4668023ed0ab0a147129c3107f511bc7d03d361b0ae085

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://wwwljpremiacoescombr.org
Referer: https://rsms.me/inter/inter.css

Response headers

x-fastly-request-id: 485e2c9592f6a3f85642256570c72c5a585cb16b
cf-cache-status: MISS
etag: "6737eec5-1b2a4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b4FRjakVsx54FUfuWXWyZ8WTPt8oWSa0%2Bb%2FuwkEOpgJEsrV2iIB4dIkbbum%2Bed4CpOql21g%2Bk5O7PkWjMftdY35QHeZOwPlWvFk6%2BKhCh2DucAwnS4oA%2FrqY"}],"group":"cf-nel","max_age":604800}
x-github-request-id: 2C23:1B9A27:F4EABD:FA3C07:673C182E
expires: Tue, 19 Nov 2024 04:56:38 GMT
x-proxy-cache: MISS
alt-svc: h3=":443"; ma=86400
x-cache: HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=31985&sent=8&recv=8&lost=0&retrans=0&sent_bytes=2109&recv_bytes=4745&delivery_rate=44583&cwnd=12000&unsent_bytes=0&cid=db5ab539df810a48&ts=49&x=1", cfHdrFlush;dur=0
date: Fri, 22 Nov 2024 00:40:07 GMT
content-type: font/woff2
x-served-by: cache-ams21034-AMS
x-cache-hits: 1
last-modified: Sat, 16 Nov 2024 01:00:53 GMT
vary: Accept-Encoding
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1732236008.711676,VS0,VE1
via: 1.1 varnish
cf-ray: 8e64ddc82fbc93be-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 111268
x-origin-cache: HIT
server: cloudflare

GET
H2 200 recorder.js Show response
eu-assets.i.posthog.com/static/ 112 KB
40 KB 48ms
48ms Script
text/javascript 2606:4700:10::6816:3bb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-assets.i.posthog.com/static/recorder.js?v=1.187.2

Requested by

Host: eu-assets.i.posthog.com
URL: https://eu-assets.i.posthog.com/static/array.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3bb5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afc72bdec113f06f37718a40edc82437c5a96451e577cc8aad43760745b3cacb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://wwwljpremiacoescombr.org
Referer: https://wwwljpremiacoescombr.org/

Response headers

cache-control: public, max-age=300
cross-origin-opener-policy: same-origin
content-encoding: gzip
x-envoy-upstream-service-time: 5
cf-cache-status: MISS
referrer-policy: same-origin
x-content-type-options: nosniff
cf-ray: 8e64ddc81b5d6702-AMS
access-control-allow-origin: *
date: Fri, 22 Nov 2024 00:40:07 GMT
content-type: text/javascript; charset="utf-8"
last-modified: Thu, 21 Nov 2024 21:43:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 dead-clicks-autocapture.js Show response
eu-assets.i.posthog.com/static/ 14 KB
5 KB 45ms
45ms Script
text/javascript 2606:4700:10::6816:3bb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-assets.i.posthog.com/static/dead-clicks-autocapture.js?v=1.187.2

Requested by

Host: eu-assets.i.posthog.com
URL: https://eu-assets.i.posthog.com/static/array.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3bb5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c62e6218f00a4db5bd39907eeb26feb4e7360ab2dfb1c80ca2b98cf35837709b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://wwwljpremiacoescombr.org
Referer: https://wwwljpremiacoescombr.org/

Response headers

cache-control: public, max-age=14400
cross-origin-opener-policy: same-origin
content-encoding: gzip
x-envoy-upstream-service-time: 3
cf-cache-status: MISS
referrer-policy: same-origin
x-content-type-options: nosniff
cf-ray: 8e64ddc81b616702-AMS
access-control-allow-origin: *
date: Fri, 22 Nov 2024 00:40:07 GMT
content-type: text/javascript; charset="utf-8"
last-modified: Thu, 21 Nov 2024 21:43:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 web-vitals.js Show response
eu-assets.i.posthog.com/static/ 10 KB
4 KB 52ms
52ms Script
text/javascript 2606:4700:10::6816:3bb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-assets.i.posthog.com/static/web-vitals.js?v=1.187.2

Requested by

Host: eu-assets.i.posthog.com
URL: https://eu-assets.i.posthog.com/static/array.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3bb5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42af26efa2e810e819a88fef919fcf3c239f6f5133a6afb2e8305fc8f0ac7c56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://wwwljpremiacoescombr.org
Referer: https://wwwljpremiacoescombr.org/

Response headers

cache-control: public, max-age=300
cross-origin-opener-policy: same-origin
content-encoding: gzip
x-envoy-upstream-service-time: 12
cf-cache-status: MISS
referrer-policy: same-origin
x-content-type-options: nosniff
cf-ray: 8e64ddc81b636702-AMS
access-control-allow-origin: *
date: Fri, 22 Nov 2024 00:40:07 GMT
content-type: text/javascript; charset="utf-8"
last-modified: Thu, 21 Nov 2024 21:42:59 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20241120/r20190131/ Frame 23BC 0
0 64ms
21ms Document
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2984742400813413&plah=wwwljpremiacoescombr.org

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wwwljpremiacoescombr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 19121
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4128
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Nov 2024 19:21:26 GMT
etag: 17661348622971093804
expires: Thu, 05 Dec 2024 19:21:26 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame F8D4 0
0 78ms
44ms Document
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-2984742400813413&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1732236007&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fwwwljpremiacoescombr.org%2F&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&itsi=-1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732236007539&bpp=5&bdt=228&idt=236&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=1387612510265&frm=20&pv=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42533202%2C31088961%2C95345967%2C95347756&oid=2&pvsid=45103190971023&tmod=142209365&uas=0&nvt=1&fsapi=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=253

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wwwljpremiacoescombr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Nov 2024 00:40:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 619464952447923 Show response
connect.facebook.net/signals/config/ 68 KB
13 KB 101ms
99ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/619464952447923?v=2.9.176&r=stable&domain=wwwljpremiacoescombr.org&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

fc03ae7a756aa96275a66739b9736fa2446e2585afb2010f61579f488d9c7694

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-kLWc7jFb' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wwwljpremiacoescombr.org/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 22 Nov 2024 00:40:07 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-kLWc7jFb' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=1, c=58, mss=1232, tbw=70347, tp=65, tpl=1, uplat=69, ullat=0
pragma: public
x-fb-debug: r8BBx5wR6C0cFF1ve+7BidvrghCp8lorusRbQSJjIMB7tx8EjklBj9gszPFG1uuIDCsPk44r36wQn7gyusr5CQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 273ms
19ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-KHYBPRP9RF&gtm=45je4bk0v875720306z8857888618za200zb857888618&_p=1732236007420&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1658169977.1732236008&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732236007&sct=1&seg=0&dl=https%3A%2F%2Fwwwljpremiacoescombr.org%2F&dt=Termine%20a%20configura%C3%A7%C3%A3o%20do%20seu%20dominio%20%7C%20Rifa%20Digital&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1069
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KHYBPRP9RF&l=dataLayer&cx=c&gtm=45He4bk0v857888618za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wwwljpremiacoescombr.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://wwwljpremiacoescombr.org
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 00:40:08 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
551 B 318ms
30ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KHYBPRP9RF&cid=1658169977.1732236008&gtm=45je4bk0v875720306z8857888618za200zb857888618&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KHYBPRP9RF&l=dataLayer&cx=c&gtm=45He4bk0v857888618za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wwwljpremiacoescombr.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://wwwljpremiacoescombr.org
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 00:40:08 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 263ms
18ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-KHYBPRP9RF&gtm=45je4bk0v875720306z8857888618za200zb857888618&_p=1732236007420&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1658169977.1732236008&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAC&_s=2&sid=1732236007&sct=1&seg=1&dl=https%3A%2F%2Fwwwljpremiacoescombr.org%2F&dt=Termine%20a%20configura%C3%A7%C3%A3o%20do%20seu%20dominio%20%7C%20Rifa%20Digital&en=page_view&_et=3&tfd=1079
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KHYBPRP9RF&l=dataLayer&cx=c&gtm=45He4bk0v857888618za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wwwljpremiacoescombr.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://wwwljpremiacoescombr.org
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 00:40:08 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 304ms
39ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KHYBPRP9RF&cid=1658169977.1732236008&gtm=45je4bk0v875720306z8857888618za200zb857888618&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=305022717

Requested by

Host: wwwljpremiacoescombr.org
URL: https://wwwljpremiacoescombr.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wwwljpremiacoescombr.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 22 Nov 2024 00:40:08 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 ConfigDomain-BPmJPfL5.js Show response
wwwljpremiacoescombr.org/build/assets/ 3 KB
2 KB 205ms
204ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wwwljpremiacoescombr.org/build/assets/ConfigDomain-BPmJPfL5.js

Requested by

Host: wwwljpremiacoescombr.org
URL: https://wwwljpremiacoescombr.org/build/assets/app-CzHf1Ydo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdcaa0ff4d8215fb64f09912a77536cbdd75afdbccd23b0f6df0b420e4f497c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://wwwljpremiacoescombr.org
Referer

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"673fa307-aa8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hFuN1H0ra%2B0zY2M7glMqPL3%2FBUOkZ9t7loOsFkN7Oj1L6P5nKJhznxuIzI5uT32MNDjXBZQ1YvR3bee2z%2FiCF5vjqfqnjeSE1jqjCy6H%2BvJ1hURq%2FAosU5MbRNfekxfu9E6kZ2VY9zhw21U%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16958&sent=165&recv=76&lost=2&retrans=3&sent_bytes=172465&recv_bytes=19053&delivery_rate=932081&cwnd=28440&unsent_bytes=0&cid=194aafbe92867e1c&ts=1297&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 22 Nov 2024 00:40:08 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 21 Nov 2024 21:15:51 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e64ddca6c490e18-AMS
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 _plugin-vue_export-helper-DlAUqK2U.js Show response
wwwljpremiacoescombr.org/build/assets/ 91 B
804 B 209ms
208ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wwwljpremiacoescombr.org/build/assets/_plugin-vue_export-helper-DlAUqK2U.js

Requested by

Host: wwwljpremiacoescombr.org
URL: https://wwwljpremiacoescombr.org/build/assets/app-CzHf1Ydo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb85b0f263dbe24e857338301c0627076592e9f1f1a5662929f86d2c126444aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://wwwljpremiacoescombr.org
Referer

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"673fa307-5b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5NTLGEN2E78MJDlDkeV4v6sPRwOw4AaP4TTT8HHum1iPFw4OCBaIHyZwmOPQAiayIr%2BH%2FykWiiOe3kos44LI9Tm%2BsDE1DTfwcoTsvPdxoSLfkgwLmM%2Bv8sWNw4XDdZy5nFe6Dc0XbPkTyC0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16958&sent=169&recv=76&lost=2&retrans=3&sent_bytes=175837&recv_bytes=19053&delivery_rate=932081&cwnd=28440&unsent_bytes=0&cid=194aafbe92867e1c&ts=1301&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 22 Nov 2024 00:40:08 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 21 Nov 2024 21:15:51 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e64ddca6c4a0e18-AMS
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 disclosure-BvKh53JN.js Show response
wwwljpremiacoescombr.org/build/assets/ 3 KB
2 KB 210ms
209ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wwwljpremiacoescombr.org/build/assets/disclosure-BvKh53JN.js

Requested by

Host: wwwljpremiacoescombr.org
URL: https://wwwljpremiacoescombr.org/build/assets/app-CzHf1Ydo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f12393e066e911ebb09e69eeee7e140c818be7cc5491dac3d95ca9673fc7d755

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://wwwljpremiacoescombr.org
Referer

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"673fa307-dbe"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vhHv%2BSyD0neLOpUPHyX4bHbO5y0eq2KLNQCrgY0fq8LJklSSprvS%2BRSMHu%2Bz8QKnpkSIcbGt4UJu%2FQ4uW%2FQpvZyi2hv2pgLFx92UwURiloFXcvw%2Bypi8R8nS8%2BG%2FlKN9zAnSvantb3yB2Ek%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16958&sent=171&recv=76&lost=2&retrans=3&sent_bytes=176688&recv_bytes=19053&delivery_rate=932081&cwnd=28440&unsent_bytes=0&cid=194aafbe92867e1c&ts=1302&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 22 Nov 2024 00:40:08 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 21 Nov 2024 21:15:51 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e64ddca6c4d0e18-AMS
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 keyboard-Q8AjaqiF.js Show response
wwwljpremiacoescombr.org/build/assets/ 4 KB
2 KB 216ms
215ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wwwljpremiacoescombr.org/build/assets/keyboard-Q8AjaqiF.js

Requested by

Host: wwwljpremiacoescombr.org
URL: https://wwwljpremiacoescombr.org/build/assets/app-CzHf1Ydo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06cdc28fc18225f761d0e7490e85081880157eb593edf8563592dadbb37a66d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://wwwljpremiacoescombr.org
Referer

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"673fa307-e55"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sYtCltH4xGTxg5JdWA4HPL%2F48JRWEJklB%2F12fVpIH2ThDivrOECUuNHGmBBkAcV70jfPkSXfvLkdeSfK7vYnouaKKRE6SReTDa%2FWHfmvesSMP2J5APJ5ml8y7vUNiKqSFfkM7xiNJFKl1Ow%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16958&sent=178&recv=76&lost=2&retrans=3&sent_bytes=182868&recv_bytes=19053&delivery_rate=932081&cwnd=28440&unsent_bytes=0&cid=194aafbe92867e1c&ts=1308&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 22 Nov 2024 00:40:08 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 21 Nov 2024 21:15:51 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e64ddca6c4e0e18-AMS
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 use-resolve-button-type-b36grUzT.js Show response
wwwljpremiacoescombr.org/build/assets/ 455 B
1006 B 215ms
214ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wwwljpremiacoescombr.org/build/assets/use-resolve-button-type-b36grUzT.js

Requested by

Host: wwwljpremiacoescombr.org
URL: https://wwwljpremiacoescombr.org/build/assets/app-CzHf1Ydo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d93c964ba76fcbb6dada9d7a8e1b6b42f397bb0a223eddfa397d8ec94ccb1eb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://wwwljpremiacoescombr.org
Referer

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"673fa307-1c7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h2a7XE4iXSJ1ur5c3YqNUka6Cy7yA4wBDBKgMWzQHzSJ8serya2ps7hfc1MS5yhC3KtwnjUjGqhHICBFGQa%2BDdWLR98UCVSp9lnoSEX66hKmSCVB9pPKxd%2FpV7%2Br0l%2FMScGFmKTsZJPWAB4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16958&sent=177&recv=76&lost=2&retrans=3&sent_bytes=181839&recv_bytes=19053&delivery_rate=932081&cwnd=28440&unsent_bytes=0&cid=194aafbe92867e1c&ts=1307&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 22 Nov 2024 00:40:08 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 21 Nov 2024 21:15:51 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e64ddca6c500e18-AMS
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 WhatsappFloat-DkDAwz2g.js Show response
wwwljpremiacoescombr.org/build/assets/ 1 KB
1 KB 209ms
208ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wwwljpremiacoescombr.org/build/assets/WhatsappFloat-DkDAwz2g.js

Requested by

Host: wwwljpremiacoescombr.org
URL: https://wwwljpremiacoescombr.org/build/assets/app-CzHf1Ydo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37208f655e0f74f9d0d389b429107c2eb322bb599a2d16fbc6cb9ecb3a2fe3cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://wwwljpremiacoescombr.org
Referer

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"673fa307-408"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9v%2BCW70QfsWBZKmTuuncolbT2vIw72GzCtCHEnP%2Ff%2BeGeeICQ6AafJlX8Qf0FaDCL6dBrNTb1Iy%2BUbmSfZ8zvxIpFdCGffp0Wve0IUiY2%2B1uMOupc%2BWzblo0NoFUbhwOBDR04JOxfFoCEzQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16958&sent=173&recv=76&lost=2&retrans=3&sent_bytes=178842&recv_bytes=19053&delivery_rate=932081&cwnd=28440&unsent_bytes=0&cid=194aafbe92867e1c&ts=1302&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 22 Nov 2024 00:40:08 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 21 Nov 2024 21:15:51 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e64ddca6c510e18-AMS
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 WhatsappIcon-CgossBmv.js Show response
wwwljpremiacoescombr.org/build/assets/ 1 KB
2 KB 209ms
208ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wwwljpremiacoescombr.org/build/assets/WhatsappIcon-CgossBmv.js

Requested by

Host: wwwljpremiacoescombr.org
URL: https://wwwljpremiacoescombr.org/build/assets/app-CzHf1Ydo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0732ce9f4dfcccebd9e96f0848f4d4f72657fd1e5f79717e951453a109d49f52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://wwwljpremiacoescombr.org
Referer

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"673fa307-5a8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dJ0jMCwfSA14EB5dcgwyLeID%2BzWIQkG9oIW4FagIFpEdOkmSO8WFJfKJXt1%2Bl7YUNcWC6DMFBqYbD7KT0zcFlWgW3yvP59x7qOB3u5m4LdGYhqr%2FpkAg6sx8W%2FNMiNfRnrjK1QSPszhvk6A%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16958&sent=175&recv=76&lost=2&retrans=3&sent_bytes=180240&recv_bytes=19053&delivery_rate=932081&cwnd=28440&unsent_bytes=0&cid=194aafbe92867e1c&ts=1302&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 22 Nov 2024 00:40:08 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 21 Nov 2024 21:15:51 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e64ddca6c520e18-AMS
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 Modal-BigV914i.js Show response
wwwljpremiacoescombr.org/build/assets/ 675 B
1 KB 204ms
204ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wwwljpremiacoescombr.org/build/assets/Modal-BigV914i.js

Requested by

Host: wwwljpremiacoescombr.org
URL: https://wwwljpremiacoescombr.org/build/assets/app-CzHf1Ydo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51993f732c8dd5c959620855c75f2fb5407ffca6b70fb99e95aeecf81399d5b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://wwwljpremiacoescombr.org
Referer

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"673fa307-2a3"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OVbacRIpAwtKAXNvfCFA%2B5%2FZdaprhaJf96N3mk1sRlclRgRqgqgKfyEfRErbFYIia8QQm6Vt8HDuEVKyuvCVRQbsJ%2Fbx%2FrNN5maAcMAitCpJaFZRBh%2BvTr9CJGTVuF6jFnK7p61dPWnI0Bw%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16958&sent=167&recv=76&lost=2&retrans=3&sent_bytes=174608&recv_bytes=19053&delivery_rate=932081&cwnd=28440&unsent_bytes=0&cid=194aafbe92867e1c&ts=1298&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 22 Nov 2024 00:40:08 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 21 Nov 2024 21:15:51 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e64ddca6c530e18-AMS
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 404 collect
fbapi.rifa.digital/g/ 0
0 483ms
269ms Fetch
text/html 2606:4700:20::ac43:44de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fbapi.rifa.digital/g/collect?v=2&tid=G-KHYBPRP9RF&gtm=45je4bk0v875720306z8857888618za200zb857888618&_p=1732236007420&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1658169977.1732236008&ul=nl-nl&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1732236007&sct=1&seg=1&dl=https%3A%2F%2Fwwwljpremiacoescombr.org%2F&dt=Termine%20a%20configura%C3%A7%C3%A3o%20do%20seu%20dominio%20%7C%20Rifa%20Digital&en=PageView&ep.event_id=1732236007605.859326.1&_et=1&tfd=1145
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KHYBPRP9RF&l=dataLayer&cx=c&gtm=45He4bk0v857888618za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wwwljpremiacoescombr.org/

Response headers

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 208ms
20ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=619464952447923&ev=PageView&dl=https%3A%2F%2Fwwwljpremiacoescombr.org%2F&rl=&if=false&ts=1732236008092&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1732236008091.81796660210563131&ler=empty&cdl=API_unavailable&it=1732236007815&coo=false&eid=1732236007605.859326.1&tm=1&rqm=GET

Requested by

Host: wwwljpremiacoescombr.org
URL: https://wwwljpremiacoescombr.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wwwljpremiacoescombr.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=23, mss=1232, tbw=4619, tp=12, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 22 Nov 2024 00:40:08 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
193 B 385ms
196ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=619464952447923&ev=PageView&dl=https%3A%2F%2Fwwwljpremiacoescombr.org%2F&rl=&if=false&ts=1732236008092&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1732236008091.81796660210563131&ler=empty&cdl=API_unavailable&it=1732236007815&coo=false&eid=1732236007605.859326.1&tm=1&rqm=FGET

Requested by

Host: wwwljpremiacoescombr.org
URL: https://wwwljpremiacoescombr.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wwwljpremiacoescombr.org/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7439897004759853141"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 22 Nov 2024 00:40:08 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: nBTBubytCAhrtzX0uQZaRIaoFSXaCX04UruA60qEg0V5jkMWfFwSw5Vn5oPUvzW5n8Deycs8tD9WI6PGiMGSJw==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7439897004759853141", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=23, mss=1232, tbw=5035, tp=16, tpl=0, uplat=165, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 DUeCvF7e2_o
www.youtube.com/embed/ Frame B412 0
0 72ms
71ms Document
text/html 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/DUeCvF7e2_o

Requested by

Host: wwwljpremiacoescombr.org
URL: https://wwwljpremiacoescombr.org/build/assets/app-CzHf1Ydo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f110.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wwwljpremiacoescombr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Nov 2024 00:40:08 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 70ms
35ms XHR
application/json 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241120&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

c663d946290657e82b49e5caa9a43e7acd4c4001961d70a902d0331dd5501280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wwwljpremiacoescombr.org/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13361
date: Fri, 22 Nov 2024 00:40:08 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 favicon2.png
wwwljpremiacoescombr.org/images/ 412 KB
413 KB 396ms
396ms Other
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wwwljpremiacoescombr.org/images/favicon2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4beab007326b210349e30a05dc28160e8e058f840f8be41b8e3650dd6e11761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wwwljpremiacoescombr.org/

Response headers

cf-cache-status: MISS
etag: "6554350b-66f24"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hi8khN7U6zayKl6GSDb6M9fMliNbvNIs2okm%2FrRyKMXHPV7eeChOGDwuduv%2B0zntWANM3TZf%2By%2F82YU%2BbtPM94D1jhs30S6da8zfwQ1KthMQ6UN38hwc4iwo0o%2BIoegPPw3cqdV6d51dpvM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16852&sent=182&recv=80&lost=2&retrans=3&sent_bytes=185480&recv_bytes=20429&delivery_rate=63882&cwnd=28440&unsent_bytes=0&cid=194aafbe92867e1c&ts=2312&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 22 Nov 2024 00:40:09 GMT
content-type: image/png
last-modified: Wed, 15 Nov 2023 03:03:39 GMT
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e64ddcf89610e18-AMS
accept-ranges: bytes
content-length: 421668
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 217ms
41ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wwwljpremiacoescombr.org/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Fri, 22 Nov 2024 00:40:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 00:40:09 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame C96B 0
0 84ms
30ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wwwljpremiacoescombr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 831
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Nov 2024 00:26:18 GMT
expires: Fri, 22 Nov 2024 01:16:18 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 favicon2.png
wwwljpremiacoescombr.org/images/ 412 KB
0 4ms
4ms Other
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wwwljpremiacoescombr.org/images/favicon2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4beab007326b210349e30a05dc28160e8e058f840f8be41b8e3650dd6e11761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wwwljpremiacoescombr.org/

Response headers

cf-cache-status: MISS
etag: "6554350b-66f24"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hi8khN7U6zayKl6GSDb6M9fMliNbvNIs2okm%2FrRyKMXHPV7eeChOGDwuduv%2B0zntWANM3TZf%2By%2F82YU%2BbtPM94D1jhs30S6da8zfwQ1KthMQ6UN38hwc4iwo0o%2BIoegPPw3cqdV6d51dpvM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16852&sent=182&recv=80&lost=2&retrans=3&sent_bytes=185480&recv_bytes=20429&delivery_rate=63882&cwnd=28440&unsent_bytes=0&cid=194aafbe92867e1c&ts=2312&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 22 Nov 2024 00:40:09 GMT
content-type: image/png
last-modified: Wed, 15 Nov 2023 03:03:39 GMT
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e64ddcf89610e18-AMS
accept-ranges: bytes
content-length: 421668
x-xss-protection: 1; mode=block
server: cloudflare

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

POST
H2 200 / Show response
eu.i.posthog.com/s/ 15 B
250 B 598ms
543ms XHR
application/json 52.28.41.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.i.posthog.com/s/?ip=1&_=1732236010558&ver=1.187.2&compression=gzip-js
Requested by: Host: eu-assets.i.posthog.com
URL: https://eu-assets.i.posthog.com/static/array.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.41.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-41-34.eu-central-1.compute.amazonaws.com
Software: envoy /
Resource Hash: 0c40bafcfdc8adc6db63a6a5bfdb3dd5201798e6163fc674dc2fcbdb2a4134f1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://wwwljpremiacoescombr.org/

Response headers

x-envoy-upstream-service-time: 521
access-control-allow-credentials: true
access-control-allow-origin: https://wwwljpremiacoescombr.org
content-length: 15
date: Fri, 22 Nov 2024 00:40:11 GMT
content-type: application/json
vary: origin, access-control-request-method, access-control-request-headers
server: envoy

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241120&jk=45103190971023&bg=!MTKlMn3NAAaIaF9IqGg7ADQBe5WfODkrSBmAI-UF_SzKKL7gLAlLABAuSsZcfdF8dF6TtiKyb6G4S3mJnx8m-7Lr7-nTAgAAALxSAAAACWgBB34ANoWpuY8HJZCCpY9z409R9HV8h1YnXv6LLUaKSKxqTVGHtEbOF_7ViMVN0_VCQifzWuOUb580t5kCqq_oabHqI4ug-Ic3FU52XFL_zRmI-G2TGvg3YYo3-ELuGJ81OLE0lFlkdVUHQL1TyGKKPr6pD8byh23pGpf_KHNCXXSGrwkR_jWb0IoZ4uv_LJu7BIk0Mu4SlAC1KGhX3xAmOgZ16Sy68AoCjMo1bKEzBleIWKtFJ2okuUcSlNMnjBaB04Lxlo31D_90f7Si5uTBPmshKuaeSl3Ez5X14xqLxPbo3Fo8EMwsRhAuWSzcXhdFPU5y2Pxlv2cWLbGTkkLu2X8-5DnP0BdPxma8rJuoDRwtjUZhLfIBOY9H7wLCjyzSdOydZexaNf5RuK4KfulE2hDImg-XYYzpgk1iZ3iQx__RhEvypSEue58VS6Ms5ZCN14jLTXSNGKqQ14zlbqTVudDn_G0i3gITka-CpuOn8IijB-rig-ex3oDvVscHtL91qq46fp-8_qrRYumXYc91mUcauw71EHVZoh9MwrwyGZEAXW2DaaQgbw4w_4exQ06neokn-kiyeVeWDMUSkiF2sGNf6HSnMVVeEzGZ7GEPGAZWOCCtT4Iv4SqZMdRl7r71nQQ7yaJAYCYQDrhJIzYiwWJvPEbUAf05roPlM2sfTxROn1Ge-RJzHoouI5nhxqnFJBffpBSeS4H5KjlYLTWfA_rlZyCVwiKXY-dpdBXux_dlFHrfSQGgH3MVpoh-tJzyTn29jh_JjTMCHGZK8cZnRD3CFQtGBvqqnB2B7xbw5QjceZwKvStpq-jVZz60fSN-UvLSuOfpktiiU0ED1h8l6YRXpGHxvssj870ROMq2NivY4o34TecbxCDsutTildWIVQ9J3A1WX7vklggqGgL1Rfe-1WrXajWlJ3MYhw8PuQq1pUxTGSMT6OziydbybUFsVyWDc2aOGtr_1WayRmFOYaVjbtP12qw

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
wwwljpremiacoescombr.org/	1970-01-21 01:11:04	Name: XSRF-TOKEN Value: eyJpdiI6ImVKbjFac0oxUE8yOXpvY1VmQVo5cUE9PSIsInZhbHVlIjoieG5BdEllS25JTVNOekxldWNqNHlUK200cE1rMmxCWVFxc2hJMEJwUnJKS251bGd6YVVQVXZrUzF1dm5KU1BQZzIveUFMMnRhaFJ3T2UxcUs3cjM3V295aktFOUxjS1RaaUZuK0VyTTN4QmtzWlhhbndOcjY0NkpFZXFMN053S3IiLCJtYWMiOiI2OGIwMjE2NTVmMjgwNGE0NWJjMjA3OTE5YjgyOGE4NTk3OTg1OGMwMmYyZGU3OWEyNWMzNjg5Zjg3MGJhY2RhIiwidGFnIjoiIn0%3D
wwwljpremiacoescombr.org/	1970-01-21 01:11:04	Name: rifadigital_session Value: eyJpdiI6InBaN1ZIdlBobkRZNnU2NzZsRExRTGc9PSIsInZhbHVlIjoiQnhzSHVKQ0hOYUh0c3lMZFBUdG1yNnA4VkZ2YzZsQkdwcVlMTnlZTUFsMnErZDh0Z2orM2pHYzV5bDZlRjBlL1g2RzFhd0tNak5oMjhEVUhJY3FsYUJ3TzFXTGFINHU2bVR0RGtlNnlPeFFxUjJabi9HTVRTNnZyVmNRWk5RY1IiLCJtYWMiOiJkMzc3NDlmYmYzZDgwYmU4NjE1MDk5MTQ0ZjNmZDkwMzIzMzZiYTNiYTRhNzk4MjJkYzZmZDEyNTdmZmZhNTEzIiwidGFnIjoiIn0%3D
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: EK_BfoHMmfs
.youtube.com/	1970-01-21 05:29:48	Name: VISITOR_INFO1_LIVE Value: MNHyCXkHsBk
.youtube.com/	1970-01-21 05:29:48	Name: VISITOR_PRIVACY_METADATA Value: CgJOTBIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgIA%3D%3D
.wwwljpremiacoescombr.org/	1970-01-21 03:20:12	Name: _gcl_au Value: 1.1.1821038402.1732236008
.wwwljpremiacoescombr.org/	1970-01-21 09:56:12	Name: ph_phc_vBKqgIUzffRzg1OtSIiw28APh2WKRr0I5NWWDxVgGsc_posthog Value: %7B%22distinct_id%22%3A%220193514f-d885-7c57-84d8-8d2be58a1d33%22%2C%22%24sesid%22%3A%5B1732236007685%2C%220193514f-d884-711e-94e0-91480d0136cc%22%2C1732236007556%5D%7D
.wwwljpremiacoescombr.org/	1970-01-21 10:46:36	Name: _ga Value: GA1.1.1658169977.1732236008
.wwwljpremiacoescombr.org/	1970-01-21 10:46:36	Name: _ga_KHYBPRP9RF Value: GS1.1.1732236007.1.1.1732236008.59.0.0
.wwwljpremiacoescombr.org/	1970-01-21 03:20:12	Name: _fbp Value: fb.1.1732236008091.81796660210563131

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://fbapi.rifa.digital/g/collect?v=2&tid=G-KHYBPRP9RF&gtm=45je4bk0v875720306z8857888618za200zb857888618&_p=1732236007420&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1658169977.1732236008&ul=nl-nl&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1732236007&sct=1&seg=1&dl=https%3A%2F%2Fwwwljpremiacoescombr.org%2F&dt=Termine%20a%20configura%C3%A7%C3%A3o%20do%20seu%20dominio%20%7C%20Rifa%20Digital&en=PageView&ep.event_id=1732236007605.859326.1&_et=1&tfd=1145 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
connect.facebook.net
ep1.adtrafficquality.google
ep2.adtrafficquality.google
eu-assets.i.posthog.com
eu.i.posthog.com
fbapi.rifa.digital
fonts.googleapis.com
pagead2.googlesyndication.com
region1.analytics.google.com
rsms.me
stats.g.doubleclick.net
www.facebook.com
www.google.com
www.google.nl
www.googletagmanager.com
www.youtube.com
wwwljpremiacoescombr.org
ep1.adtrafficquality.google
104.17.25.14
142.250.186.164
157.240.253.1
157.240.253.35
172.217.23.110
172.67.197.50
188.114.97.3
2001:4860:4802:32::36
216.58.206.34
216.58.212.162
2606:4700:10::6816:3bb5
2606:4700:20::ac43:44de
2a00:1450:4001:802::200e
2a00:1450:4001:80e::200a
2a00:1450:4001:811::2003
2a00:1450:4001:830::2008
2a00:1450:4001:831::2001
2a00:1450:400c:c00::9c
52.28.41.34
06cdc28fc18225f761d0e7490e85081880157eb593edf8563592dadbb37a66d2
0732ce9f4dfcccebd9e96f0848f4d4f72657fd1e5f79717e951453a109d49f52
0c40bafcfdc8adc6db63a6a5bfdb3dd5201798e6163fc674dc2fcbdb2a4134f1
1f2c7f65c0c9edd68df1cd5eca9f9eb174aee3939713ee5342e4394b100daea2
2a8398521dc1db8333f0b29c9c48690e112e3af37e75620b432aed29e17fb14c
2af67064ad5b39baa36269673d9f7bcc791b229db5b75d2d95910102304b5bdd
2b71073b126a4aafc6306d341b54b6dbff006084478784b3d9da1bf9eaf24124
37208f655e0f74f9d0d389b429107c2eb322bb599a2d16fbc6cb9ecb3a2fe3cf
42af26efa2e810e819a88fef919fcf3c239f6f5133a6afb2e8305fc8f0ac7c56
4522082cba4909ad4b9a81e3b657c4c243f2e62f6dd5556d1a7b1a72caff6405
46d01c7807f64a24c1b2853b756ef15f3a2facdf4a9f066eaf5d39c0c9935441
4fbe9145d14d2d7b8b58fe2c733c10c5c26769d1bf1648a95be6b57a6a282807
51993f732c8dd5c959620855c75f2fb5407ffca6b70fb99e95aeecf81399d5b6
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
5c3d99d9b999b821ab1859acbd6d3ebab4cb776a9910892ccfb761ff8cecf52a
5cb7103e4e605989afebc03d989c79201e54b21b5183db33981f70db9178a301
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
7fb34ea186b86228ca027368b20419a2b765e9745ad113ebd48c01886982e7eb
8e9f799d8c76ced82ee22877e96636ebabf5f69f4e1f16c3bcb15fcbb26b38d7
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
afc72bdec113f06f37718a40edc82437c5a96451e577cc8aad43760745b3cacb
b0e04ff4b77e311fb5fae9270aa7036f4c9fde258ea57f519816e46e86f3b6bc
b4beab007326b210349e30a05dc28160e8e058f840f8be41b8e3650dd6e11761
bdcaa0ff4d8215fb64f09912a77536cbdd75afdbccd23b0f6df0b420e4f497c7
c5e8e8eb22e2eaf1ad02370c22c63c04774ab0b83b4329d5945333750814bb2f
c62e6218f00a4db5bd39907eeb26feb4e7360ab2dfb1c80ca2b98cf35837709b
c663d946290657e82b49e5caa9a43e7acd4c4001961d70a902d0331dd5501280
c7772950cafce943e2eb27c3f46e1a74bf80ba396a600ad6529473e1f8ebad9d
cb85b0f263dbe24e857338301c0627076592e9f1f1a5662929f86d2c126444aa
d93c964ba76fcbb6dada9d7a8e1b6b42f397bb0a223eddfa397d8ec94ccb1eb9
e06f6b1bc553aaea4e4668023ed0ab0a147129c3107f511bc7d03d361b0ae085
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee3d955f736977f40f23efaa2085a389169f2e6d387a36b2d0d96c2c297d2738
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f12393e066e911ebb09e69eeee7e140c818be7cc5491dac3d95ca9673fc7d755
fa888127b6da015b65569f0351f3b5c391ad928904951f1c20e9f8462a8d95ea
fc03ae7a756aa96275a66739b9736fa2446e2585afb2010f61579f488d9c7694
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

wwwljpremiacoescombr.org Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

51 Requests

98 %HTTPS

47 %IPv6

15 Domains

18 Subdomains

20 IPs

5 Countries

1670 kBTransfer

4002 kBSize

10 Cookies

0 Outgoing links

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

wwwljpremiacoescombr.org Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

98 %
HTTPS

47 %
IPv6

15
Domains

18
Subdomains

20
IPs

5
Countries

1670 kB
Transfer

4002 kB
Size

10
Cookies

51 HTTP transactions
0 data transactions