roletadasorte.tech Open in urlscan Pro
2a02:4780:13:1587:0:32d7:fe7e:6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://roletadasorte.tech/
Submission: On July 03 via api (July 3rd 2024, 5:27:38 pm UTC) from US — Scanned from CH

Summary HTTP 86 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 21 IPs in 5 countries across 18 domains to perform 86 HTTP transactions. The main IP is 2a02:4780:13:1587:0:32d7:fe7e:6, located in São Paulo, Brazil and belongs to AS-HOSTINGER, CY. The main domain is roletadasorte.tech.
TLS certificate: Issued by WR1 on June 24th 2024. Valid for: 3 months.

This is the only time roletadasorte.tech was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a02:4780:13:... 2a02:4780:13:1587:0:32d7:fe7e:6	47583 (AS-HOSTINGER) (AS-HOSTINGER)
1	172.67.182.23 172.67.182.23	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:2280:1c1... 2404:2280:1c1:0:3::3fb	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
2	172.67.175.82 172.67.175.82	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	43.152.26.209 43.152.26.209	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
5	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 8	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
18	104.18.3.36 104.18.3.36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:1e1b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3032::ac43:ce17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 8	142.250.186.100 142.250.186.100	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
8	2a01:4a0:1338... 2a01:4a0:1338:28::c38a:ff12	201011 (CORE-BACK...) (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK)
7	2.16.238.16 2.16.238.16	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	195.138.255.24 195.138.255.24	201011 (CORE-BACK...) (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK)
86	21

1 2a02:4780:13:1587:0:32d7:fe7e:6 (São Paulo, Brazil)

ASN47583 (AS-HOSTINGER, CY)

roletadasorte.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.182.23 (United States)

ASN13335 (CLOUDFLARENET, US)

www.raspadinhajpx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:2280:1c1:0:3::3fb (Singapore)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

s2-11187.ap4r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.175.82 (United States)

ASN13335 (CLOUDFLARENET, US)

adscool.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 43.152.26.209 (Frankfurt am Main, Germany)

ASN139341 (ACE-AS-AP ACE, SG)

s1.kwai.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.181.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.18.3.36 (None, )

ASN13335 (CLOUDFLARENET, US)

imagedelivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:1e1b (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.prdredir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtg.prdredir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:ce17 (United States)

ASN13335 (CLOUDFLARENET, US)

cpxfonts.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.100 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

www.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a01:4a0:1338:28::c38a:ff12 (Germany)

ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE)

ads.mythad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.16.238.16 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-238-16.deploy.static.akamaitechnologies.com

ads.mythad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.138.255.24 (Germany)

ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE)

logsdk.kwai-pro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	imagedelivery.net imagedelivery.net — Cisco Umbrella Rank: 17204	291 KB
15	mythad.com ads.mythad.com — Cisco Umbrella Rank: 26219	4 KB
12	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 70 td.doubleclick.net — Cisco Umbrella Rank: 332	9 KB
8	google.ch www.google.ch — Cisco Umbrella Rank: 23976	1 KB
8	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 5	432 B
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	478 KB
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2355
3	prdredir.com scripts.prdredir.com — Cisco Umbrella Rank: 61000 rtg.prdredir.com — Cisco Umbrella Rank: 111278	2 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 204	84 KB
3	kwai.net s1.kwai.net — Cisco Umbrella Rank: 21860	49 KB
2	kwai-pro.com logsdk.kwai-pro.com — Cisco Umbrella Rank: 24693	476 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	4 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 133	3 KB
2	adscool.net adscool.net — Cisco Umbrella Rank: 127728	3 KB
1	cpxfonts.cc cpxfonts.cc	67 KB
1	ap4r.com s2-11187.ap4r.com	77 KB
1	raspadinhajpx.com www.raspadinhajpx.com	62 KB
1	roletadasorte.tech roletadasorte.tech	10 KB
86	18

	Domain	Requested by
18	imagedelivery.net	roletadasorte.tech
15	ads.mythad.com	s1.kwai.net s2-11187.ap4r.com
8	www.google.ch	roletadasorte.tech
8	www.google.com	2 redirects roletadasorte.tech
8	googleads.g.doubleclick.net	2 redirects roletadasorte.tech www.googletagmanager.com
5	www.googletagmanager.com	roletadasorte.tech
4	td.doubleclick.net	roletadasorte.tech
3	region1.google-analytics.com	www.googletagmanager.com
3	connect.facebook.net	roletadasorte.tech connect.facebook.net
3	s1.kwai.net	roletadasorte.tech s2-11187.ap4r.com
2	logsdk.kwai-pro.com	s2-11187.ap4r.com
2	www.facebook.com	roletadasorte.tech
2	rtg.prdredir.com	roletadasorte.tech
2	www.googleadservices.com	roletadasorte.tech www.googletagmanager.com
2	adscool.net	roletadasorte.tech
1	cpxfonts.cc	roletadasorte.tech
1	scripts.prdredir.com	roletadasorte.tech
1	s2-11187.ap4r.com	roletadasorte.tech
1	www.raspadinhajpx.com	roletadasorte.tech
1	roletadasorte.tech
86	20

This site contains links to these domains. Also see Links.

Domain
go.aff.7k-partners.com
ganhabet.tech

Subject Issuer	Validity	Valid
roletadasorte.tech WR1	`2024-06-24` - `2024-09-22`	3 months	crt.sh
raspadinhajpx.com WE1	`2024-06-14` - `2024-09-12`	3 months	crt.sh
*.ap4r.com GlobalSign GCC R3 DV TLS CA 2020	`2024-05-23` - `2025-06-24`	a year	crt.sh
adscool.net WE1	`2024-06-19` - `2024-09-17`	3 months	crt.sh
*.kwai.net GlobalSign RSA OV SSL CA 2018	`2023-10-26` - `2024-11-26`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-12` - `2024-07-11`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.googleadservices.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
imagedelivery.net E5	`2024-06-25` - `2024-09-23`	3 months	crt.sh
prdredir.com WE1	`2024-06-24` - `2024-09-22`	3 months	crt.sh
*.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
cpxfonts.cc E1	`2024-05-23` - `2024-08-21`	3 months	crt.sh
*.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google.ch WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.mythad.com GlobalSign GCC R3 DV TLS CA 2020	`2023-10-23` - `2024-11-23`	a year	crt.sh
*.kwai-pro.com GlobalSign GCC R3 DV TLS CA 2020	`2023-08-10` - `2024-09-10`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://roletadasorte.tech/
Frame ID: 7027B3130B578D7F60728F2ECEC68E5A
Requests: 75 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16462463912?random=1719522252016&cv=11&fst=1719522252016&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be46q0z89179982996za201zb9179982996&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1536&u_h=864&url=https%3A%2F%2Froletadasorte.tech%2Fraspadinha%2F&ref=https%3A%2F%2Froletadasorte.tech%2Fwp-admin%2Fpost.php%3Fpost%3D10%26action%3Dedit&hn=www.googleadservices.com&frm=0&tiba=Raspadinha%20-%20JPX&npa=0&pscdl=noapi&auid=947213365.1719520817&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1
Frame ID: 146DA0CB5B8A7E277EC75B6B2A4434CF
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16476086946?random=1719522252040&cv=11&fst=1719522252040&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45Pe46q0v9180674465z89179982996za201&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1536&u_h=864&url=https%3A%2F%2Froletadasorte.tech%2Fraspadinha%2F&ref=https%3A%2F%2Froletadasorte.tech%2Fwp-admin%2Fpost.php%3Fpost%3D10%26action%3Dedit&hn=www.googleadservices.com&frm=0&tiba=Raspadinha%20-%20JPX&npa=0&pscdl=noapi&auid=947213365.1719520817&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1
Frame ID: 32A28797B3593F79D06218CE18FB14FC
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16476086946?random=1719522252047&cv=11&fst=1719522252047&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45Pe46q0v9180674465z89179982996za201&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1536&u_h=864&url=https%3A%2F%2Froletadasorte.tech%2Fraspadinha%2F&ref=https%3A%2F%2Froletadasorte.tech%2Fwp-admin%2Fpost.php%3Fpost%3D10%26action%3Dedit&label=mxg8COuCyaAZEKLFtLA9&hn=www.googleadservices.com&frm=0&tiba=Raspadinha%20-%20JPX&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=947213365.1719520817&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&ct_cookie_present=0
Frame ID: CD4ED4994FDBD7024A36BDE569BFC9E9
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16476086946?random=1719522252068&cv=11&fst=1719522252068&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be46q0v9180674465z89179982996za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1536&u_h=864&url=https%3A%2F%2Froletadasorte.tech%2Fraspadinha%2F&ref=https%3A%2F%2Froletadasorte.tech%2Fwp-admin%2Fpost.php%3Fpost%3D10%26action%3Dedit&hn=www.googleadservices.com&frm=0&tiba=Raspadinha%20-%20JPX&npa=0&pscdl=noapi&auid=947213365.1719520817&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 3620E2B67AE56BCEA51AD076934CDD2D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Raspadinha - JPX

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

86
Requests

98 %
HTTPS

52 %
IPv6

18
Domains

20
Subdomains

21
IPs

5
Countries

1145 kB
Transfer

2945 kB
Size

11
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://go.aff.7k-partners.com/vfihopkm?utm_campaign=kwairaspadinha
Title: 10 rodadas grátis | Deposite R$20

Search URL Search Domain Scan URL

URL: https://ganhabet.tech/
Title: 60 rodadas grátis | Deposite R$100

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16476086946/?random=153870081&cv=11&fst=1720027652128&bg=ffffff&guid=ON&async=1&gtm=45be4710v9180674465z89179982996za201zb9179982996&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Froletadasorte.tech%2F&label=mxg8COuCyaAZEKLFtLA9&hn=www.googleadservices.com&frm=0&tiba=Raspadinha%20-%20JPX&value=0&npa=0&pscdl=noapi&auid=1340047835.1720027652&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&eitems=ChAI8O2TtAYQ1vHkqoThrbZkEh0ADSyhriFO-tyozkcbp8P_IrwrjSauQDjWBvB13A&pscrd=IhMItebvqbKLhwMVNhCiAx2qeQFUMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6G2h0dHBzOi8vcm9sZXRhZGFzb3J0ZS50ZWNoLw HTTP 302
https://www.google.com/pagead/1p-conversion/16476086946/?random=153870081&cv=11&fst=1720027652128&bg=ffffff&guid=ON&async=1&gtm=45be4710v9180674465z89179982996za201zb9179982996&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Froletadasorte.tech%2F&label=mxg8COuCyaAZEKLFtLA9&hn=www.googleadservices.com&frm=0&tiba=Raspadinha%20-%20JPX&value=0&npa=0&pscdl=noapi&auid=1340047835.1720027652&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMItebvqbKLhwMVNhCiAx2qeQFUMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6G2h0dHBzOi8vcm9sZXRhZGFzb3J0ZS50ZWNoLw&is_vtc=1&cid=CAQSKQDaQooLOjgsqM3GdADAzukiUNPQ0doxz1qeTZYIAuEURFXb2OVEFQUX&eitems=ChAI8O2TtAYQ1vHkqoThrbZkEh0ADSyhrm8TEm6WA8YaUiu2kKenmWz_9LpI313tSA&random=1993144720 HTTP 302
https://www.google.ch/pagead/1p-conversion/16476086946/?random=153870081&cv=11&fst=1720027652128&bg=ffffff&guid=ON&async=1&gtm=45be4710v9180674465z89179982996za201zb9179982996&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Froletadasorte.tech%2F&label=mxg8COuCyaAZEKLFtLA9&hn=www.googleadservices.com&frm=0&tiba=Raspadinha%20-%20JPX&value=0&npa=0&pscdl=noapi&auid=1340047835.1720027652&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMItebvqbKLhwMVNhCiAx2qeQFUMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6G2h0dHBzOi8vcm9sZXRhZGFzb3J0ZS50ZWNoLw&is_vtc=1&cid=CAQSKQDaQooLOjgsqM3GdADAzukiUNPQ0doxz1qeTZYIAuEURFXb2OVEFQUX&eitems=ChAI8O2TtAYQ1vHkqoThrbZkEh0ADSyhrm8TEm6WA8YaUiu2kKenmWz_9LpI313tSA&random=1993144720&ipr=y

Request Chain 70

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16476086946/?random=1984541528&cv=11&fst=1719522252047&bg=ffffff&guid=ON&async=1&gtm=45Pe46q0v9180674465z89179982996za201&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1536&u_h=864&url=https%3A%2F%2Froletadasorte.tech%2Fraspadinha%2F&ref=https%3A%2F%2Froletadasorte.tech%2Fwp-admin%2Fpost.php%3Fpost%3D10%26action%3Dedit&label=mxg8COuCyaAZEKLFtLA9&hn=www.googleadservices.com&frm=0&tiba=Raspadinha%20-%20JPX&value=0&npa=0&pscdl=noapi&auid=947213365.1719520817&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&eitems=ChAI8O2TtAYQ1vHkqoThrbZkEh0ADSyhrn8-6KzLLFIyU_mhL2BOkC-SQr1Q9GXPPw&pscrd=IhMI3OPvqbKLhwMVMweiAx2NXQ1lMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6G2h0dHBzOi8vcm9sZXRhZGFzb3J0ZS50ZWNoLw HTTP 302
https://www.google.com/pagead/1p-conversion/16476086946/?random=1984541528&cv=11&fst=1719522252047&bg=ffffff&guid=ON&async=1&gtm=45Pe46q0v9180674465z89179982996za201&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1536&u_h=864&url=https%3A%2F%2Froletadasorte.tech%2Fraspadinha%2F&ref=https%3A%2F%2Froletadasorte.tech%2Fwp-admin%2Fpost.php%3Fpost%3D10%26action%3Dedit&label=mxg8COuCyaAZEKLFtLA9&hn=www.googleadservices.com&frm=0&tiba=Raspadinha%20-%20JPX&value=0&npa=0&pscdl=noapi&auid=947213365.1719520817&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI3OPvqbKLhwMVMweiAx2NXQ1lMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6G2h0dHBzOi8vcm9sZXRhZGFzb3J0ZS50ZWNoLw&is_vtc=1&cid=CAQSKQDaQooLzQxtt9xyVN94TFAUr6jvRyRoay3VVpP121gxTK3iqQsxbsKA&eitems=ChAI8O2TtAYQ1vHkqoThrbZkEh0ADSyhrreOgSWX2ks0ZVIF8VB95DgYgdlSVhtoew&random=1885630868 HTTP 302
https://www.google.ch/pagead/1p-conversion/16476086946/?random=1984541528&cv=11&fst=1719522252047&bg=ffffff&guid=ON&async=1&gtm=45Pe46q0v9180674465z89179982996za201&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1536&u_h=864&url=https%3A%2F%2Froletadasorte.tech%2Fraspadinha%2F&ref=https%3A%2F%2Froletadasorte.tech%2Fwp-admin%2Fpost.php%3Fpost%3D10%26action%3Dedit&label=mxg8COuCyaAZEKLFtLA9&hn=www.googleadservices.com&frm=0&tiba=Raspadinha%20-%20JPX&value=0&npa=0&pscdl=noapi&auid=947213365.1719520817&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI3OPvqbKLhwMVMweiAx2NXQ1lMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6G2h0dHBzOi8vcm9sZXRhZGFzb3J0ZS50ZWNoLw&is_vtc=1&cid=CAQSKQDaQooLzQxtt9xyVN94TFAUr6jvRyRoay3VVpP121gxTK3iqQsxbsKA&eitems=ChAI8O2TtAYQ1vHkqoThrbZkEh0ADSyhrreOgSWX2ks0ZVIF8VB95DgYgdlSVhtoew&random=1885630868&ipr=y

86 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
roletadasorte.tech/ 26 KB
10 KB 706ms
221ms Document
text/html 2a02:4780:13:1587:0:32d7:fe7e:6
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://roletadasorte.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1587:0:32d7:fe7e:6 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/8.1.28

Resource Hash

7f4fcb7cc0195880466250ffa0f7ff9f5995db3bb4440b96bfd2b31006662b07

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Wed, 03 Jul 2024 17:27:31 GMT
etag: "31-1719522572;br"
link: <https://roletadasorte.tech/wp-json/>; rel="https://api.w.org/"
platform: hostinger
server: LiteSpeed
vary: Accept-Encoding
x-litespeed-cache: hit
x-powered-by: PHP/8.1.28

GET
H3 200 main.93b837f4.js Show response
www.raspadinhajpx.com/static/js/ 196 KB
62 KB 253ms
45ms Script
application/javascript 172.67.182.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.raspadinhajpx.com/static/js/main.93b837f4.js

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.182.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1604a6ded21e917720fad730538b069c6636774ea87a46de6919885df9f84f18

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 17:27:31 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 472403
content-disposition: inline; filename="main.93b837f4.js"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::n5mpv-1719555248655-87c1fd751f48
server: cloudflare
etag: W/"9628bd5b86cf176256cef30d9f9a01d5"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AwLYYAFG1fyl%2F11uJjUnwegGbBTwZGu201MTTswf7Gwli32FcQok28y7PTa%2FCMDYdpRP0M%2BqFyIKX74jbCnqlfCUnGpszz98qq2zUi7cch%2FwRzOflh2%2F1euCP8erwC8ucOV8At5vD0E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400, s-maxage=31536000, immutable
cf-ray: 89d896375b040d6e-MXP

GET
H2 200 core.8bd2ca4559d3f8cd.js Show response
s2-11187.ap4r.com/kos/s101/nlav11187/pixel/graySdk/ 291 KB
77 KB 855ms
290ms Script
application/javascript 2404:2280:1c1:0:3::3fb
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-11187.ap4r.com/kos/s101/nlav11187/pixel/graySdk/core.8bd2ca4559d3f8cd.js?sdkid=249401300364503&lib=kwaiq
Requested by: Host: roletadasorte.tech
URL: https://roletadasorte.tech/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2404:2280:1c1:0:3::3fb , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: a21102dc1ae4aa467f052f60ac51326e46e35ccd5de2e9489be63b4b358fc10f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ks-client-ip: 2a02:6ea0:d418:0:5b5::1
date: Tue, 25 Jun 2024 12:04:13 GMT
content-encoding: gzip
via: cache8.l2sg5[0,0,200-0,H], cache31.l2sg5[0,0], cache12.sg12[0,0,200-0,H], cache8.sg12[1,0]
x-oss-request-id: 667AB23D233A7F363217A0C8
content-md5: 4XZ4t4vSykVZ0/jNUFPwsg==
age: 710599
x-swift-cachetime: 31103943
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Tue, 25 Jun 2024 12:05:10 GMT
content-length: 78072
x-ks-cache: HIT From 2404:2280:1c1:0:3::3fb
x-oss-object-type: Normal
last-modified: Tue, 25 Jun 2024 11:59:31 GMT
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1719317053
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-oss-storage-class: Standard
timing-allow-origin: *
x-oss-hash-crc64ecma: 14604453638594700644
eagleid: a3b5519c17200276520911919e
x-oss-server-time: 27
expires: Thu, 25 Jul 2024 12:04:13 GMT

GET
H3 200 cassinopix Show response
adscool.net/pageview/ 0
643 B 322ms
124ms Script
text/javascript 172.67.175.82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adscool.net/pageview/cassinopix?usr=v1.3%3A19915882679%3A1719520816949%3A1719522252135&scr=1536x864%7C1536x824&scv=1536x703.2000122070312%7C0&pgh=roletadasorte.tech&pgl=%2Fraspadinha%2F&pgs=&pgr=https%3A%2F%2Froletadasorte.tech%2Fwp-admin%2Fpost.php%3Fpost%3D10%26action%3Dedit

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.175.82 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 17:27:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
status: 200 OK
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 1d2bb131-30cc-4a13-a39b-af949a6b375b
x-runtime: 0.003064
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W%2BALSZJTbMrbiRtZ7BBnUHT3NQ0pBSde73rycf0TRsslUZr1DbmxC3%2FtnN6%2BfJIsvYnQLZlgbXxgKfj6fMT%2FG6bbkwMwsZYj8i3Aab%2B%2FD1zjiUHoQZ3mFX%2BKLa9QBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 89d896375db16d7f-MUC

GET
H/1.1 200
OK events.js Show response
s1.kwai.net/kos/s101/nlav11187/pixel/ 10 KB
5 KB 868ms
27ms Script
application/javascript 43.152.26.209
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=249401300364503&lib=kwaiq
Requested by: Host: roletadasorte.tech
URL: https://roletadasorte.tech/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.209 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ks-client-ip: 149.88.27.84
Date: Tue, 18 Jun 2024 09:01:41 GMT
Content-Encoding: gzip
x-oss-request-id: 66714CF511351E33314585D0
X-Cache-Lookup: Cache Hit
Content-MD5: xdyEdfWuJAvRR0tEZ9nn2A==
kwaisign: NULL
Connection: keep-alive
Content-Length: 3744
X-Ks-Request-ID: 14017079161589540452
X-Ks-Cache: Hit from 43.152.26.209
x-oss-object-type: Normal
Last-Modified: Mon, 27 May 2024 02:52:15 GMT
Server: Lego Server
Etag: "C5DC8475F5AE240BD1474B4467D9E7D8"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control: no-cache
x-oss-storage-class: Standard
X-NWS-LOG-UUID: 14017079161589540452
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 13562747518461854989
x-oss-server-time: 19
Expires: Thu, 18 Jul 2024 09:01:41 GMT

GET
H3 200 cassinopix.js Show response
adscool.net/resources/content/ 5 KB
3 KB 422ms
225ms Script
text/javascript 172.67.175.82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adscool.net/resources/content/cassinopix.js

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.175.82 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2739c765df190fed486bca6a04b6e66c8d45ef2ba0fc253e8bb71b547c72375a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 17:27:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
status: 200 OK
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: f3f6044a-d30a-472c-a4ac-ad7e199da007
x-runtime: 0.001250
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"2739c765df190fed486bca6a04b6e66c"
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6JByQAwyak2Dtx6%2Fj1GgLqZ7nupqKDjtkwE%2F4PWHlK5EpNIcridt%2Bb%2BaKVEB1heRpvjVcLjj65MxwpHH3rUI5Jeif8Lo321O3QkjDIcZljRuU%2FOwPhm%2F7FR%2FwmFb%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 89d896375db46d7f-MUC

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 264 KB
91 KB 270ms
83ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-16462463912&l=dataLayer&cx=c

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b4bfb4129c0de802e513337f4928e8d947a98e7149a9fe475294b063a198beaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 17:27:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93471
x-xss-protection: 0
last-modified: Wed, 03 Jul 2024 16:07:56 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Jul 2024 17:27:31 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 260 KB
91 KB 243ms
56ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-16476086946&l=dataLayer&cx=c

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

45326602df13614b40a0dc61e002e2e5b5d603d784a095997a665926119e27a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 17:27:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92470
x-xss-protection: 0
last-modified: Wed, 03 Jul 2024 16:07:56 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Jul 2024 17:27:31 GMT

GET
H2 200 2025467541173891 Show response
connect.facebook.net/signals/config/ 60 KB
12 KB 487ms
301ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2025467541173891?v=2.9.159&r=stable&domain=roletadasorte.tech&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C39%2C33%2C134%2C14%2C48%2C180%2C179%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6cafcc7b0bd7d72362065801e10d477d18e6f3cfeeb8ae176bae0ebfe13007b6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 03 Jul 2024 17:27:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=30, rtx=0, c=69, mss=1208, tbw=63799, tp=-1, tpl=-1, uplat=270, ullat=0
pragma: public
x-fb-debug: qooyy1CPPljk/rPygMG/JrCyvTCxr90F5SLq+xppc2vxuqMXQ2n4lp+YFluHSN80/zX6sPzGfbL+VrdiX36Zjg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 222 KB
59 KB 213ms
27ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 03 Jul 2024 17:27:31 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58293
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=13, mss=1208, tbw=2804, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: csZDz+k/UgJLiVnfZQZve+s92EE155nP0RoYdM9y5MUnXAjhObIbC6BuFiG1Cay+5vI/LqQcMCXWf/m0I08AdQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
90 KB 249ms
63ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-NS9Q8JBN&l=dataLayer&cx=c

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2b02b7ba32ce0ca0064aaaeb68a1595ba2dbda99ceaadf177632d7553645b9d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 17:27:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92489
x-xss-protection: 0
last-modified: Wed, 03 Jul 2024 16:07:56 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Jul 2024 17:27:31 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 313 KB
104 KB 88ms
86ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MHLGQPNZSP&l=dataLayer&cx=c

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1bf5cb900b6980e4584c8effe0b51372d1d9aefb900f8df535b01f9d84b49e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 17:27:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 106403
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 03 Jul 2024 17:27:31 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 300 KB
101 KB 87ms
87ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M3JJ7Q83

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c20f254c2097a634af7ef18d293b26f61d88e345b886f4743ebf6c0fb0972c51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 17:27:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103573
x-xss-protection: 0
last-modified: Wed, 03 Jul 2024 16:07:56 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Jul 2024 17:27:31 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/16462463912/ 4 KB
1 KB 114ms
61ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16462463912/?random=1719522252016&cv=11&fst=1719522252016&bg=ffffff&guid=ON&async=1&gtm=45be46q0z89179982996za201zb9179982996&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1536&u_h=864&url=https%3A%2F%2Froletadasorte.tech%2Fraspadinha%2F&ref=https%3A%2F%2Froletadasorte.tech%2Fwp-admin%2Fpost.php%3Fpost%3D10%26action%3Dedit&hn=www.googleadservices.com&frm=0&tiba=Raspadinha%20-%20JPX&npa=0&pscdl=noapi&auid=947213365.1719520817&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

898916056ba33fd6c7232527cbf6efb5b011f284596d922212b50bcacff283a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 03 Jul 2024 17:27:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1467
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/16476086946/ 4 KB
1 KB 106ms
60ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16476086946/?random=1719522252040&cv=11&fst=1719522252040&bg=ffffff&guid=ON&async=1&gtm=45Pe46q0v9180674465z89179982996za201&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1536&u_h=864&url=https%3A%2F%2Froletadasorte.tech%2Fraspadinha%2F&ref=https%3A%2F%2Froletadasorte.tech%2Fwp-admin%2Fpost.php%3Fpost%3D10%26action%3Dedit&hn=www.googleadservices.com&frm=0&tiba=Raspadinha%20-%20JPX&npa=0&pscdl=noapi&auid=947213365.1719520817&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

69bbd9d7a373e215774bac8029a401d6bf985495732b5ca7abee75022bc18ed1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 03 Jul 2024 17:27:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1472
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/16476086946/ 3 KB
2 KB 734ms
68ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/16476086946/?random=1719522252047&cv=11&fst=1719522252047&bg=ffffff&guid=ON&async=1&gtm=45Pe46q0v9180674465z89179982996za201&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1536&u_h=864&url=https%3A%2F%2Froletadasorte.tech%2Fraspadinha%2F&ref=https%3A%2F%2Froletadasorte.tech%2Fwp-admin%2Fpost.php%3Fpost%3D10%26action%3Dedit&label=mxg8COuCyaAZEKLFtLA9&hn=www.googleadservices.com&frm=0&tiba=Raspadinha%20-%20JPX&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=947213365.1719520817&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&rfmt=3&fmt=4

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

a6302c6d8169ef9c2d79bfa42495fb9b8c667bf7ed918d6ce09ab205af1d3f68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 03 Jul 2024 17:27:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1716
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/16476086946/ 4 KB
1 KB 64ms
63ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16476086946/?random=1719522252068&cv=11&fst=1719522252068&bg=ffffff&guid=ON&async=1&gtm=45be46q0v9180674465z89179982996za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1536&u_h=864&url=https%3A%2F%2Froletadasorte.tech%2Fraspadinha%2F&ref=https%3A%2F%2Froletadasorte.tech%2Fwp-admin%2Fpost.php%3Fpost%3D10%26action%3Dedit&hn=www.googleadservices.com&frm=0&tiba=Raspadinha%20-%20JPX&npa=0&pscdl=noapi&auid=947213365.1719520817&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

4331dc58193909d2e8ae804f011b5e5eef5371ed3275161108b9ffac938e5ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 03 Jul 2024 17:27:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1487
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 public
imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/2d3eaddd-f3c3-4827-b47d-ed53fad39c00/ 21 KB
21 KB 79ms
41ms Image
image/avif 104.18.3.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/2d3eaddd-f3c3-4827-b47d-ed53fad39c00/public

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a9fe0f042fb3b7b3b01589154556394784f07193ab8bd24ef2064df61bf712a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=414+147 c=0+0 v=2024.6.0 l=21467
date: Wed, 03 Jul 2024 17:27:31 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 21467
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfJ1l1VOGpXXCXo2Ojyc5MT0EVfb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 89d8963648c3be90-ZRH

GET
H3 200 public
imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/88cabebe-7696-45fa-3bc6-f3caeebec500/ 3 KB
3 KB 73ms
35ms Image
image/avif 104.18.3.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/88cabebe-7696-45fa-3bc6-f3caeebec500/public

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfbae60e7a5c57e3695f67873dbef7d53501e08be5863e789c6544f92f099978

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=749+0 c=0+43 v=2024.6.0 l=2608
date: Wed, 03 Jul 2024 17:27:31 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 2608
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfGzXm-y7eCDDQbgR7-tOJIrA9fb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 89d8963648c0be90-ZRH

GET
H3 200 public
imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/3c458750-f7be-41a4-cb47-5415d4a92900/ 3 KB
3 KB 98ms
70ms Image
image/avif 104.18.3.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/3c458750-f7be-41a4-cb47-5415d4a92900/public

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ceda42c1fac0ac6d7bc5a2dd167a36d069fd17060ec16b6db0c932b55577f02d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=1267+0 c=0+0 v=2024.6.0 l=2599
date: Wed, 03 Jul 2024 17:27:31 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 2599
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfMVFGDdfEaoJ1hiT65Hjh-kMvfb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 89d8963648bdbe90-ZRH

GET
H3 200 public
imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/facc3f40-008a-4a31-df80-f7ebaccc8600/ 13 KB
13 KB 77ms
49ms Image
image/avif 104.18.3.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/facc3f40-008a-4a31-df80-f7ebaccc8600/public

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

905d243959b218e266d815433a7a3b2e2b88cdb892b943224d11f2aa3b37e171

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=19+84 c=0+0 v=2024.6.0 l=13180
date: Wed, 03 Jul 2024 17:27:31 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 13180
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfyKEuChKC_z50yNtbGslTPGUWfb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 89d8963648b8be90-ZRH

GET
H3 200 public
imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/4c30a653-0723-4e1e-2fe1-87dca8498600/ 3 KB
3 KB 94ms
73ms Image
image/avif 104.18.3.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/4c30a653-0723-4e1e-2fe1-87dca8498600/public

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2bfa2f60630636961f857ee99ce2b3a47ae23a508406bf2ede7e3d019b2ad6a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=22+0 c=0+44 v=2024.6.0 l=3185
date: Wed, 03 Jul 2024 17:27:31 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 3185
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfgz-V_sSypRJ2DkV4796b_73bfb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 89d8963648c6be90-ZRH

GET
H3 200 public
imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/27cbf316-d4fb-4ea6-3ad0-f0b6fcf0bf00/ 17 KB
12 KB 71ms
50ms Image
image/svg+xml 104.18.3.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/27cbf316-d4fb-4ea6-3ad0-f0b6fcf0bf00/public

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f909db16eec844b2212969552d208af8a0c69f2581844cb916e0981b29a9e907

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=533+0 c=0+22 v=2024.6.0 l=17019
date: Wed, 03 Jul 2024 17:27:31 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
cf-bgj: imgq:0,h2pri
server: cloudflare
content-encoding: gzip
etag: W/"cfh03e2MZ1gRW8sCWYSy59_CX1fb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
cf-ray: 89d8963648c8be90-ZRH
alt-svc: h3=":443"; ma=86400

GET
H3 200 public
imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/6cc4bf98-0995-449b-8583-5af493827900/ 8 KB
3 KB 54ms
34ms Image
image/svg+xml 104.18.3.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/6cc4bf98-0995-449b-8583-5af493827900/public

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb1c03f6853048e5b286da02005798edd2d8c83ba5cbd752196bdc9f6dfe2d42

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=525+0 c=0+0 v=2024.6.0 l=8361
date: Wed, 03 Jul 2024 17:27:31 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
cf-bgj: imgq:0,h2pri
server: cloudflare
content-encoding: gzip
etag: W/"cfoscBgLrCwiFiCUb0wx6zNIG5fb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
cf-ray: 89d8963648b3be90-ZRH
alt-svc: h3=":443"; ma=86400

GET
H2 200 pix_cassinopix.js Show response
scripts.prdredir.com/scripts/ 2 KB
1 KB 336ms
139ms Script
text/javascript 2606:4700::6812:1e1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.prdredir.com/scripts/pix_cassinopix.js
Requested by: Host: roletadasorte.tech
URL: https://roletadasorte.tech/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 448d305ad6e8d6b57c5e4d37afbf26c77bcf2c2548e1fe462772757ee6ccbbe1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-runtime: 0.008880
date: Wed, 03 Jul 2024 17:27:31 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"448d305ad6e8d6b57c5e4d37afbf26c7"
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 89d896376d046692-AMS
x-request-id: 0530b0a6-ed24-41f5-a9dd-5f158280d6fd

GET
H2 200 sync
rtg.prdredir.com/ 43 B
456 B 146ms
131ms Image
image/gif 2606:4700::6812:1e1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtg.prdredir.com/sync?ref=&lp=https%3A%2F%2Froletadasorte.tech%2F&sh=1200&sw=1600&date=1720027651878&fp=uid-3955477784.1984725629

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 17:27:32 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-transfer-encoding: binary
content-disposition: inline; filename="pixel.gif"
content-length: 43
x-xss-protection: 1; mode=block
x-request-id: a599a487-7166-41d9-934b-dffbf403051d
x-runtime: 0.002662
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache
cf-ray: 89d896388eb66692-AMS

GET
H/1.1 200
OK events.js Show response
s1.kwai.net/kos/s101/nlav11187/pixel/ 10 KB
5 KB 498ms
26ms Script
application/javascript 43.152.26.209
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkidx3d249401300364503x26libx3dkwaiq
Requested by: Host: roletadasorte.tech
URL: https://roletadasorte.tech/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.209 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ks-client-ip: 149.88.27.84
Date: Tue, 18 Jun 2024 09:01:41 GMT
Content-Encoding: gzip
x-oss-request-id: 66714CF511351E33314585D0
X-Cache-Lookup: Cache Hit
Content-MD5: xdyEdfWuJAvRR0tEZ9nn2A==
kwaisign: NULL
Connection: keep-alive
Content-Length: 3744
X-Ks-Request-ID: 9867922563625550479
X-Ks-Cache: Hit from 43.152.26.209
x-oss-object-type: Normal
Last-Modified: Mon, 27 May 2024 02:52:15 GMT
Server: Lego Server
Etag: "C5DC8475F5AE240BD1474B4467D9E7D8"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control: no-cache
x-oss-storage-class: Standard
X-NWS-LOG-UUID: 9867922563625550479
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 13562747518461854989
x-oss-server-time: 19
Expires: Thu, 18 Jul 2024 09:01:41 GMT

GET
H2 200 16462463912
td.doubleclick.net/td/rul/ Frame 146D 0
0 139ms
43ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/16462463912?random=1719522252016&cv=11&fst=1719522252016&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be46q0z89179982996za201zb9179982996&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1536&u_h=864&url=https%3A%2F%2Froletadasorte.tech%2Fraspadinha%2F&ref=https%3A%2F%2Froletadasorte.tech%2Fwp-admin%2Fpost.php%3Fpost%3D10%26action%3Dedit&hn=www.googleadservices.com&frm=0&tiba=Raspadinha%20-%20JPX&npa=0&pscdl=noapi&auid=947213365.1719520817&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://roletadasorte.tech/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jul 2024 17:27:31 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 16476086946
td.doubleclick.net/td/rul/ Frame 32A2 0
0 141ms
47ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/16476086946?random=1719522252040&cv=11&fst=1719522252040&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45Pe46q0v9180674465z89179982996za201&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1536&u_h=864&url=https%3A%2F%2Froletadasorte.tech%2Fraspadinha%2F&ref=https%3A%2F%2Froletadasorte.tech%2Fwp-admin%2Fpost.php%3Fpost%3D10%26action%3Dedit&hn=www.googleadservices.com&frm=0&tiba=Raspadinha%20-%20JPX&npa=0&pscdl=noapi&auid=947213365.1719520817&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://roletadasorte.tech/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jul 2024 17:27:31 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 16476086946
td.doubleclick.net/td/rul/ Frame CD4E 0
0 135ms
43ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/16476086946?random=1719522252047&cv=11&fst=1719522252047&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45Pe46q0v9180674465z89179982996za201&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1536&u_h=864&url=https%3A%2F%2Froletadasorte.tech%2Fraspadinha%2F&ref=https%3A%2F%2Froletadasorte.tech%2Fwp-admin%2Fpost.php%3Fpost%3D10%26action%3Dedit&label=mxg8COuCyaAZEKLFtLA9&hn=www.googleadservices.com&frm=0&tiba=Raspadinha%20-%20JPX&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=947213365.1719520817&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&ct_cookie_present=0

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://roletadasorte.tech/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jul 2024 17:27:31 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 16476086946
td.doubleclick.net/td/rul/ Frame 3620 0
0 136ms
45ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/16476086946?random=1719522252068&cv=11&fst=1719522252068&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be46q0v9180674465z89179982996za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1536&u_h=864&url=https%3A%2F%2Froletadasorte.tech%2Fraspadinha%2F&ref=https%3A%2F%2Froletadasorte.tech%2Fwp-admin%2Fpost.php%3Fpost%3D10%26action%3Dedit&hn=www.googleadservices.com&frm=0&tiba=Raspadinha%20-%20JPX&npa=0&pscdl=noapi&auid=947213365.1719520817&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://roletadasorte.tech/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jul 2024 17:27:31 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 public
imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/6fa11bd7-f975-43b2-5bdb-f78e986d9500/ 790 B
1 KB 31ms
31ms Image
image/avif 104.18.3.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/6fa11bd7-f975-43b2-5bdb-f78e986d9500/public

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

033f57b1988711b77adb74839715a8114c3b8b85bda300f93afca126e3624f78

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=1019+0 c=0+3 v=2024.6.0 l=790
date: Wed, 03 Jul 2024 17:27:31 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 790
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfpMcHrIkQpy0P4K-4T25Z_D1hfb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 89d896388c34be90-ZRH

GET
H3 200 public
imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/2c46deb5-7b4b-4354-9066-0d11ff768a00/ 62 KB
19 KB 152ms
132ms Image
image/svg+xml 104.18.3.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/2c46deb5-7b4b-4354-9066-0d11ff768a00/public

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

226b949408c1a224dc8e8389e5339b47e5ffcac13474518cd10646afe159e1c8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Origin: https://roletadasorte.tech
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=26+0 c=0+2 v=2024.6.0 l=63997
date: Wed, 03 Jul 2024 17:27:32 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: MISS
cf-bgj: imgq:0,h2pri
server: cloudflare
content-encoding: gzip
etag: W/"cfKuqYtpEaPNsicNwaspuvEVhIfb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
cf-ray: 89d89638a903babf-ZRH
alt-svc: h3=":443"; ma=86400

GET
H3 200 public
imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/c54ec8e9-cb27-4ac2-da3f-83b77ce7aa00/ 15 KB
15 KB 37ms
36ms Image
image/avif 104.18.3.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/c54ec8e9-cb27-4ac2-da3f-83b77ce7aa00/public

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e357996deabb5c5733ac0778cc2b345f4608de2bd2c93d0b7aacf4ca83e1889

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=614+506 c=0+0 v=2024.6.0 l=15070
date: Wed, 03 Jul 2024 17:27:31 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 15070
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfCVbL6f1cY6iGCv2iavVQAaGnfb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 89d896389c58be90-ZRH

GET
H3 200 public
imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/550d7024-ab5e-40d8-eb45-19b7c898f400/ 2 KB
2 KB 89ms
88ms Image
image/avif 104.18.3.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/550d7024-ab5e-40d8-eb45-19b7c898f400/public

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fbdcbaa13dd392379209693f29002738ceb97d0a5d3e85d980f84023b9622c3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=590+157 c=0+0 v=2024.6.0 l=2019
date: Wed, 03 Jul 2024 17:27:31 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 2019
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfHSOOpRM465EhgPDYhe_xYoXNfb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 89d896389c5abe90-ZRH

GET
H3 200 public
imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/6ef0d4f4-b087-485f-c951-55ff7a1fc200/ 30 KB
30 KB 51ms
51ms Image
image/avif 104.18.3.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/6ef0d4f4-b087-485f-c951-55ff7a1fc200/public

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff7e6cd21c3cfba074b1250a5bf5fe82781191860d0ffd3807aab71bc769bbdb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=1977+141 c=0+0 v=2024.6.0 l=30756
date: Wed, 03 Jul 2024 17:27:31 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 30756
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfmglsaF89NglnnCtHbouqNXPofb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 89d896389c5dbe90-ZRH

GET
H3 200 public
imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/d2b0899e-48ac-4c75-be8a-4445d54adf00/ 7 KB
7 KB 38ms
37ms Image
image/avif 104.18.3.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/d2b0899e-48ac-4c75-be8a-4445d54adf00/public

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

216a0e4f67c9e8fec5666defe0465bef497415d11060b0e3e82753139daff0bb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=19+130 c=0+0 v=2024.6.0 l=6798
date: Wed, 03 Jul 2024 17:27:31 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 6798
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf9XNBTxuW_eXMYPyqeegBr_4Cfb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 89d896389c60be90-ZRH

GET
H3 200 public
imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/da5ac9a3-4e44-4e00-b113-753020d06100/ 25 KB
25 KB 35ms
35ms Image
image/avif 104.18.3.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/da5ac9a3-4e44-4e00-b113-753020d06100/public

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9422841e630db29f4af7b39208e0ea4296183500f820b58c7b160c88ed8a89ef

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=475+129 c=0+0 v=2024.6.0 l=25407
date: Wed, 03 Jul 2024 17:27:31 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 25407
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfUvSc8xD4Hrkb0bPYSnPazOhlfb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 89d896389c62be90-ZRH

GET
H2 200 Gotham-Medium.otf
cpxfonts.cc/ 165 KB
67 KB 397ms
248ms Font
font/otf 2606:4700:3032::ac43:ce17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpxfonts.cc/Gotham-Medium.otf
Requested by: Host: roletadasorte.tech
URL: https://roletadasorte.tech/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:ce17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c583cf3a8e3887d7ae88a8a91aff3772782f8dbb87c13a97817fb23d54c7635c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Origin: https://roletadasorte.tech
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 17:27:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 20 May 2024 13:59:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"39b5ff14a54114e9ae92136578a0e2d3"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ItSy1RzR7pWbYemisMDJJueL3%2FwKGCQUL6cqpPQr0wks70LL6%2BWmI%2FYJRDkAryPtBE9PrJM%2B%2FnDwhfqUHaBm%2BJS6elXopJMkG51gsCEKtTygxonv7553LAPEipqIjxinnpW%2B49MjsMnnfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/otf
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89d896399cd11c81-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
www.google.com/pagead/1p-user-list/16476086946/ 42 B
64 B 103ms
42ms Image
image/gif 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/16476086946/?random=1719522252040&cv=11&fst=1719522000000&bg=ffffff&guid=ON&async=1&gtm=45Pe46q0v9180674465z89179982996za201&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1536&u_h=864&url=https%3A%2F%2Froletadasorte.tech%2Fraspadinha%2F&ref=https%3A%2F%2Froletadasorte.tech%2Fwp-admin%2Fpost.php%3Fpost%3D10%26action%3Dedit&hn=www.googleadservices.com&frm=0&tiba=Raspadinha%20-%20JPX&npa=0&pscdl=noapi&auid=947213365.1719520817&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLJUrKWNbIxyVgPea3_cG3nkAikTjP_A&random=1450529337&rmt_tld=0&ipr=y

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 03 Jul 2024 17:27:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ch/pagead/1p-user-list/16476086946/ 42 B
108 B 148ms
42ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/pagead/1p-user-list/16476086946/?random=1719522252040&cv=11&fst=1719522000000&bg=ffffff&guid=ON&async=1&gtm=45Pe46q0v9180674465z89179982996za201&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1536&u_h=864&url=https%3A%2F%2Froletadasorte.tech%2Fraspadinha%2F&ref=https%3A%2F%2Froletadasorte.tech%2Fwp-admin%2Fpost.php%3Fpost%3D10%26action%3Dedit&hn=www.googleadservices.com&frm=0&tiba=Raspadinha%20-%20JPX&npa=0&pscdl=noapi&auid=947213365.1719520817&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLJUrKWNbIxyVgPea3_cG3nkAikTjP_A&random=1450529337&rmt_tld=1&ipr=y

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 03 Jul 2024 17:27:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/16462463912/ 42 B
64 B 103ms
43ms Image
image/gif 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/16462463912/?random=1719522252016&cv=11&fst=1719522000000&bg=ffffff&guid=ON&async=1&gtm=45be46q0z89179982996za201zb9179982996&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1536&u_h=864&url=https%3A%2F%2Froletadasorte.tech%2Fraspadinha%2F&ref=https%3A%2F%2Froletadasorte.tech%2Fwp-admin%2Fpost.php%3Fpost%3D10%26action%3Dedit&hn=www.googleadservices.com&frm=0&tiba=Raspadinha%20-%20JPX&npa=0&pscdl=noapi&auid=947213365.1719520817&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLPgVJPg2BmDQjjH1wfmg7Yd5ZgSzmMQ&random=3569485117&rmt_tld=0&ipr=y

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 03 Jul 2024 17:27:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ch/pagead/1p-user-list/16462463912/ 42 B
455 B 147ms
41ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/pagead/1p-user-list/16462463912/?random=1719522252016&cv=11&fst=1719522000000&bg=ffffff&guid=ON&async=1&gtm=45be46q0z89179982996za201zb9179982996&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1536&u_h=864&url=https%3A%2F%2Froletadasorte.tech%2Fraspadinha%2F&ref=https%3A%2F%2Froletadasorte.tech%2Fwp-admin%2Fpost.php%3Fpost%3D10%26action%3Dedit&hn=www.googleadservices.com&frm=0&tiba=Raspadinha%20-%20JPX&npa=0&pscdl=noapi&auid=947213365.1719520817&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLPgVJPg2BmDQjjH1wfmg7Yd5ZgSzmMQ&random=3569485117&rmt_tld=1&ipr=y

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 03 Jul 2024 17:27:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 public
imagedelivery.net/yk8zmGj6AkRDIt7xkcMLzQ/d94ca012-94ec-4533-65e8-719e1f562500/ 32 KB
33 KB 71ms
71ms Image
image/avif 104.18.3.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/yk8zmGj6AkRDIt7xkcMLzQ/d94ca012-94ec-4533-65e8-719e1f562500/public

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f225bbf5d9cf2a682574248ffbb11d25845691373bf5960842164963b5b2ef8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=730+232 c=0+0 v=2024.5.3 l=33060
date: Wed, 03 Jul 2024 17:27:32 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 33060
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfrXNkUGWJxPawQfVEdaCzLduwfb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 89d896392d31be90-ZRH

GET
H3 200 public
imagedelivery.net/yk8zmGj6AkRDIt7xkcMLzQ/7b5d6245-ffca-4338-0d84-c0326cfef200/ 55 KB
55 KB 65ms
64ms Image
image/avif 104.18.3.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/yk8zmGj6AkRDIt7xkcMLzQ/7b5d6245-ffca-4338-0d84-c0326cfef200/public

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de0ff3a56dd18d97731814fdb656352c6a68b9a6d550073d8ec8964ed6a183bb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=1003+185 c=0+0 v=2024.5.3 l=55915
date: Wed, 03 Jul 2024 17:27:32 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 55915
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cftudOTg5sdYX4Lqo1gIIYMyDbfb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 89d896392d34be90-ZRH

GET
H3 200 public
imagedelivery.net/yk8zmGj6AkRDIt7xkcMLzQ/9782c17c-42ee-42e0-05ce-5a170fcd5500/ 43 KB
43 KB 60ms
60ms Image
image/avif 104.18.3.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/yk8zmGj6AkRDIt7xkcMLzQ/9782c17c-42ee-42e0-05ce-5a170fcd5500/public

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bebd465dbd357bce6c5e91bd2f1ffe28b6aeacd56394e1646740a9dba9b8f468

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=33+107 c=0+0 v=2024.5.3 l=43595
date: Wed, 03 Jul 2024 17:27:32 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 43595
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf2-hMu8E3Ot8QRUKbig70AQCyfb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 89d896392d36be90-ZRH

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/16476086946/ 3 KB
1 KB 62ms
62ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16476086946/?random=1720027652016&cv=11&fst=1720027652016&bg=ffffff&guid=ON&async=1&gtm=45Pe4710v9180674465z89179982996za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Froletadasorte.tech%2F&hn=www.googleadservices.com&frm=0&tiba=Raspadinha%20-%20JPX&npa=0&pscdl=noapi&auid=1340047835.1720027652&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-NS9Q8JBN&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

d1fbdb70637b5395b75e473a16cd9f7c7acf8decf8e8949e1e90de094c86a4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 03 Jul 2024 17:27:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1459
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 169ms
56ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MHLGQPNZSP&gtm=45je4710v9167589702z89179982996za200&_p=1720027651532&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250752&cid=1536883034.1720027652&ul=de-ch&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720027652&sct=1&seg=0&dl=https%3A%2F%2Froletadasorte.tech%2F&dt=Raspadinha%20-%20JPX&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1243&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MHLGQPNZSP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 03 Jul 2024 17:27:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://roletadasorte.tech
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 147ms
56ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MHLGQPNZSP&gtm=45je4710v9167589702za200&_p=1720027651532&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250752&cid=1536883034.1720027652&ul=de-ch&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1720027652&sct=1&seg=0&dl=https%3A%2F%2Froletadasorte.tech%2F&dt=Raspadinha%20-%20JPX&en=scroll&epn.percent_scrolled=90&_et=2&tfd=1265&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MHLGQPNZSP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 03 Jul 2024 17:27:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://roletadasorte.tech
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2025467541173891 Show response
connect.facebook.net/signals/config/ 60 KB
12 KB 204ms
204ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2025467541173891?v=2.9.160&r=stable&domain=roletadasorte.tech&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6cafcc7b0bd7d72362065801e10d477d18e6f3cfeeb8ae176bae0ebfe13007b6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 03 Jul 2024 17:27:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=0, c=82, mss=1208, tbw=76629, tp=-1, tpl=-1, uplat=179, ullat=0
pragma: public
x-fb-debug: JBL3YrM3iMccUm+g57ZWQZ94xZOdhAb6+JlS3eMeZis2ewaFRVmKAGdFoJ1kCkkPaAy2mloUsd1NByyyHVtScw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/16476086946/ 3 KB
1 KB 63ms
63ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16476086946/?random=1720027652122&cv=11&fst=1720027652122&bg=ffffff&guid=ON&async=1&gtm=45be4710v9180674465z89179982996za201zb9179982996&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Froletadasorte.tech%2F&hn=www.googleadservices.com&frm=0&tiba=Raspadinha%20-%20JPX&npa=0&pscdl=noapi&auid=1340047835.1720027652&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-16476086946&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

3e1d4bca6ad06d986e92e9bb8afd1155e9897073dfc238d51d6cac3510bcb361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 03 Jul 2024 17:27:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1443
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/16476086946/ 3 KB
2 KB 458ms
66ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/16476086946/?random=1720027652128&cv=11&fst=1720027652128&bg=ffffff&guid=ON&async=1&gtm=45be4710v9180674465z89179982996za201zb9179982996&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Froletadasorte.tech%2F&label=mxg8COuCyaAZEKLFtLA9&hn=www.googleadservices.com&frm=0&tiba=Raspadinha%20-%20JPX&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=1340047835.1720027652&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&capi=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-16476086946&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

1410d2b62a708b58fce26f31447bde1fa47c2c27815bee2d47efef3545a22d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 03 Jul 2024 17:27:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1652
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/16462463912/ 3 KB
1 KB 63ms
62ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16462463912/?random=1720027652151&cv=11&fst=1720027652151&bg=ffffff&guid=ON&async=1&gtm=45be4710z89179982996za201zb9179982996&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Froletadasorte.tech%2F&hn=www.googleadservices.com&frm=0&tiba=Raspadinha%20-%20JPX&npa=0&pscdl=noapi&auid=1340047835.1720027652&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-16462463912&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

a03a2ac45541bf252a522fa23ee5d3be0dd1c96c2115f6dc7f42940f2a7c3043

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 03 Jul 2024 17:27:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1436
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
rtg.prdredir.com/ 43 B
221 B 126ms
125ms Image
image/gif 2606:4700::6812:1e1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtg.prdredir.com/sync?ref=&lp=https%3A%2F%2Froletadasorte.tech%2F&sh=1200&sw=1600&date=1720027652158&fp=uid-3955477784.1984725629

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 17:27:32 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-transfer-encoding: binary
content-disposition: inline; filename="pixel.gif"
content-length: 43
x-xss-protection: 1; mode=block
x-request-id: f0238389-4637-4c50-814e-9d6a368df504
x-runtime: 0.001702
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache
cf-ray: 89d8963a18726692-AMS

GET
H3 200 /
www.google.com/pagead/1p-user-list/16476086946/ 42 B
64 B 41ms
39ms Image
image/gif 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/16476086946/?random=1719522252068&cv=11&fst=1719522000000&bg=ffffff&guid=ON&async=1&gtm=45be46q0v9180674465z89179982996za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1536&u_h=864&url=https%3A%2F%2Froletadasorte.tech%2Fraspadinha%2F&ref=https%3A%2F%2Froletadasorte.tech%2Fwp-admin%2Fpost.php%3Fpost%3D10%26action%3Dedit&hn=www.googleadservices.com&frm=0&tiba=Raspadinha%20-%20JPX&npa=0&pscdl=noapi&auid=947213365.1719520817&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLsEt1VsVEn8sAvbXeILjbPYFcfL7EEg&random=2741072407&rmt_tld=0&ipr=y

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 03 Jul 2024 17:27:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ch/pagead/1p-user-list/16476086946/ 42 B
108 B 42ms
40ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/pagead/1p-user-list/16476086946/?random=1719522252068&cv=11&fst=1719522000000&bg=ffffff&guid=ON&async=1&gtm=45be46q0v9180674465z89179982996za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1536&u_h=864&url=https%3A%2F%2Froletadasorte.tech%2Fraspadinha%2F&ref=https%3A%2F%2Froletadasorte.tech%2Fwp-admin%2Fpost.php%3Fpost%3D10%26action%3Dedit&hn=www.googleadservices.com&frm=0&tiba=Raspadinha%20-%20JPX&npa=0&pscdl=noapi&auid=947213365.1719520817&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLsEt1VsVEn8sAvbXeILjbPYFcfL7EEg&random=2741072407&rmt_tld=1&ipr=y

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 03 Jul 2024 17:27:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 79ms
25ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2025467541173891&ev=PageView&dl=https%3A%2F%2Froletadasorte.tech%2F&rl=&if=false&ts=1720027652186&sw=1600&sh=1200&v=2.9.160&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1720027652185.463572813432376660&ler=empty&cdl=API_unavailable&it=1720027652092&coo=false&tm=1&rqm=GET

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=10, mss=1208, tbw=2773, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 03 Jul 2024 17:27:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 205ms
151ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2025467541173891&ev=PageView&dl=https%3A%2F%2Froletadasorte.tech%2F&rl=&if=false&ts=1720027652186&sw=1600&sh=1200&v=2.9.160&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1720027652185.463572813432376660&ler=empty&cdl=API_unavailable&it=1720027652092&coo=false&tm=1&rqm=FGET

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x31f74722badc48b8","source_keys":["1","2"]},{"key_piece":"0xc4f284f02aa87e4d","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Wed, 03 Jul 2024 17:27:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7387462514802562693", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=10, mss=1208, tbw=3091, tp=-1, tpl=-1, uplat=124, ullat=0
pragma: no-cache
x-fb-debug: q8pj/5NFlFCGBWfypHEbpG84BvaUmMS8Bzzcs/uJkTVShjTASQ/KE7+lMkFTU4ZwexxCL3f5mpcVZThAAxtptQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7387462514802562693"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/16476086946/ 42 B
64 B 37ms
37ms Image
image/gif 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/16476086946/?random=1720027652016&cv=11&fst=1720026000000&bg=ffffff&guid=ON&async=1&gtm=45Pe4710v9180674465z89179982996za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Froletadasorte.tech%2F&hn=www.googleadservices.com&frm=0&tiba=Raspadinha%20-%20JPX&npa=0&pscdl=noapi&auid=1340047835.1720027652&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooL5KgDQaQhW4GdO1OUN-EMMnfBFLV0Fvgk9cKlSARCOTAQw3_e&random=864988664&rmt_tld=0&ipr=y

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 03 Jul 2024 17:27:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ch/pagead/1p-user-list/16476086946/ 42 B
108 B 38ms
38ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/pagead/1p-user-list/16476086946/?random=1720027652016&cv=11&fst=1720026000000&bg=ffffff&guid=ON&async=1&gtm=45Pe4710v9180674465z89179982996za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Froletadasorte.tech%2F&hn=www.googleadservices.com&frm=0&tiba=Raspadinha%20-%20JPX&npa=0&pscdl=noapi&auid=1340047835.1720027652&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooL5KgDQaQhW4GdO1OUN-EMMnfBFLV0Fvgk9cKlSARCOTAQw3_e&random=864988664&rmt_tld=1&ipr=y

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 03 Jul 2024 17:27:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/16476086946/ 42 B
64 B 37ms
37ms Image
image/gif 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/16476086946/?random=1720027652122&cv=11&fst=1720026000000&bg=ffffff&guid=ON&async=1&gtm=45be4710v9180674465z89179982996za201zb9179982996&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Froletadasorte.tech%2F&hn=www.googleadservices.com&frm=0&tiba=Raspadinha%20-%20JPX&npa=0&pscdl=noapi&auid=1340047835.1720027652&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLMCtJm6mUbD9VglQFQDlfA9tWlEfG3bWX6jphsBV7j7PWmtn3&random=418345289&rmt_tld=0&ipr=y

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 03 Jul 2024 17:27:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ch/pagead/1p-user-list/16476086946/ 42 B
108 B 38ms
37ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/pagead/1p-user-list/16476086946/?random=1720027652122&cv=11&fst=1720026000000&bg=ffffff&guid=ON&async=1&gtm=45be4710v9180674465z89179982996za201zb9179982996&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Froletadasorte.tech%2F&hn=www.googleadservices.com&frm=0&tiba=Raspadinha%20-%20JPX&npa=0&pscdl=noapi&auid=1340047835.1720027652&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLMCtJm6mUbD9VglQFQDlfA9tWlEfG3bWX6jphsBV7j7PWmtn3&random=418345289&rmt_tld=1&ipr=y

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 03 Jul 2024 17:27:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/16462463912/ 42 B
64 B 37ms
37ms Image
image/gif 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/16462463912/?random=1720027652151&cv=11&fst=1720026000000&bg=ffffff&guid=ON&async=1&gtm=45be4710z89179982996za201zb9179982996&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Froletadasorte.tech%2F&hn=www.googleadservices.com&frm=0&tiba=Raspadinha%20-%20JPX&npa=0&pscdl=noapi&auid=1340047835.1720027652&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLJ9KKSFASO-FNIE4z5y4uQB5OKeUnW3m6Gr1myC0b7UWGzefw&random=3800478494&rmt_tld=0&ipr=y

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 03 Jul 2024 17:27:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ch/pagead/1p-user-list/16462463912/ 42 B
64 B 36ms
35ms Image
image/gif 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/pagead/1p-user-list/16462463912/?random=1720027652151&cv=11&fst=1720026000000&bg=ffffff&guid=ON&async=1&gtm=45be4710z89179982996za201zb9179982996&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Froletadasorte.tech%2F&hn=www.googleadservices.com&frm=0&tiba=Raspadinha%20-%20JPX&npa=0&pscdl=noapi&auid=1340047835.1720027652&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLJ9KKSFASO-FNIE4z5y4uQB5OKeUnW3m6Gr1myC0b7UWGzefw&random=3800478494&rmt_tld=1&ipr=y

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 03 Jul 2024 17:27:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 getGrayInfo Show response
ads.mythad.com/rest/n/adintl/gray/ 278 B
392 B 273ms
205ms XHR
application/json 2a01:4a0:1338:28::c38a:ff12
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkidx3d249401300364503x26libx3dkwaiq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff12 , Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),
Reverse DNS
Software: /
Resource Hash: 5c9798630b09b6bab2f5311bb89a29cf74866058368e464914f25afe80191a60

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://roletadasorte.tech
date: Wed, 03 Jul 2024 17:27:32 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-length: 245
vary: Accept-Encoding
content-type: application/json;charset=UTF-8

POST
H3 200 getGrayInfo Show response
ads.mythad.com/rest/n/adintl/gray/ 274 B
258 B 228ms
189ms XHR
application/json 2.16.238.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=249401300364503&lib=kwaiq
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2.16.238.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2d9c1473c48c8d8b0d9a3e39040c3118e9610e53e7f2211b5813ad9a4cd45a21

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Wed, 03 Jul 2024 17:27:32 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://roletadasorte.tech
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 239
quic-version: 0x00000001

OPTIONS
H2 200 getGrayInfo
ads.mythad.com/rest/n/adintl/gray/ Frame 0
0 289ms
203ms Preflight 2a01:4a0:1338:28::c38a:ff12
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff12 , Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://roletadasorte.tech
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://roletadasorte.tech
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Wed, 03 Jul 2024 17:27:32 GMT

OPTIONS
H2 200 getGrayInfo
ads.mythad.com/rest/n/adintl/gray/ Frame 0
0 319ms
234ms Preflight 2a01:4a0:1338:28::c38a:ff12
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff12 , Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://roletadasorte.tech
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://roletadasorte.tech
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 0
date: Wed, 03 Jul 2024 17:27:32 GMT

POST
H2 200 getGrayInfo Show response
ads.mythad.com/rest/n/adintl/gray/ 274 B
474 B 289ms
219ms XHR
application/json 2a01:4a0:1338:28::c38a:ff12
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=249401300364503&lib=kwaiq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff12 , Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),
Reverse DNS
Software: /
Resource Hash: 18f059943360c365f953878833d889cb52bb184a16ba9f6d76291d230d004c61

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Wed, 03 Jul 2024 17:27:32 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://roletadasorte.tech
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 238

OPTIONS
H2 200 getGrayInfo
ads.mythad.com/rest/n/adintl/gray/ Frame 0
0 281ms
200ms Preflight 2a01:4a0:1338:28::c38a:ff12
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff12 , Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://roletadasorte.tech
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://roletadasorte.tech
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Wed, 03 Jul 2024 17:27:32 GMT

GET
H3

200

/
www.google.ch/pagead/1p-conversion/16476086946/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16476086946/?random=153870081&cv=11&fst=1720027652128&bg=ffffff&guid=ON&async=1&gtm=45be4710v9180674465z89179982996za201zb9179982996...
https://www.google.com/pagead/1p-conversion/16476086946/?random=153870081&cv=11&fst=1720027652128&bg=ffffff&guid=ON&async=1&gtm=45be4710v9180674465z89179982996za201zb9179982996&gcd=13l3l3l3l1&dma=0...
https://www.google.ch/pagead/1p-conversion/16476086946/?random=153870081&cv=11&fst=1720027652128&bg=ffffff&guid=ON&async=1&gtm=45be4710v9180674465z89179982996za201zb9179982996&gcd=13l3l3l3l1&dma=0&...

42 B
64 B

40ms
40ms

Image
image/gif

142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/pagead/1p-conversion/16476086946/?random=153870081&cv=11&fst=1720027652128&bg=ffffff&guid=ON&async=1&gtm=45be4710v9180674465z89179982996za201zb9179982996&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Froletadasorte.tech%2F&label=mxg8COuCyaAZEKLFtLA9&hn=www.googleadservices.com&frm=0&tiba=Raspadinha%20-%20JPX&value=0&npa=0&pscdl=noapi&auid=1340047835.1720027652&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMItebvqbKLhwMVNhCiAx2qeQFUMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6G2h0dHBzOi8vcm9sZXRhZGFzb3J0ZS50ZWNoLw&is_vtc=1&cid=CAQSKQDaQooLOjgsqM3GdADAzukiUNPQ0doxz1qeTZYIAuEURFXb2OVEFQUX&eitems=ChAI8O2TtAYQ1vHkqoThrbZkEh0ADSyhrm8TEm6WA8YaUiu2kKenmWz_9LpI313tSA&random=1993144720&ipr=y

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://roletadasorte.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jul 2024 17:27:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Jul 2024 17:27:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.ch/pagead/1p-conversion/16476086946/?random=153870081&cv=11&fst=1720027652128&bg=ffffff&guid=ON&async=1&gtm=45be4710v9180674465z89179982996za201zb9179982996&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Froletadasorte.tech%2F&label=mxg8COuCyaAZEKLFtLA9&hn=www.googleadservices.com&frm=0&tiba=Raspadinha%20-%20JPX&value=0&npa=0&pscdl=noapi&auid=1340047835.1720027652&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMItebvqbKLhwMVNhCiAx2qeQFUMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6G2h0dHBzOi8vcm9sZXRhZGFzb3J0ZS50ZWNoLw&is_vtc=1&cid=CAQSKQDaQooLOjgsqM3GdADAzukiUNPQ0doxz1qeTZYIAuEURFXb2OVEFQUX&eitems=ChAI8O2TtAYQ1vHkqoThrbZkEh0ADSyhrm8TEm6WA8YaUiu2kKenmWz_9LpI313tSA&random=1993144720&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.ch/pagead/1p-conversion/16476086946/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16476086946/?random=1984541528&cv=11&fst=1719522252047&bg=ffffff&guid=ON&async=1&gtm=45Pe46q0v9180674465z89179982996za201&gcd=13l3l3...
https://www.google.com/pagead/1p-conversion/16476086946/?random=1984541528&cv=11&fst=1719522252047&bg=ffffff&guid=ON&async=1&gtm=45Pe46q0v9180674465z89179982996za201&gcd=13l3l3l3l1&dma=0&tag_exp=0&...
https://www.google.ch/pagead/1p-conversion/16476086946/?random=1984541528&cv=11&fst=1719522252047&bg=ffffff&guid=ON&async=1&gtm=45Pe46q0v9180674465z89179982996za201&gcd=13l3l3l3l1&dma=0&tag_exp=0&u...

42 B
64 B

41ms
41ms

Image
image/gif

142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/pagead/1p-conversion/16476086946/?random=1984541528&cv=11&fst=1719522252047&bg=ffffff&guid=ON&async=1&gtm=45Pe46q0v9180674465z89179982996za201&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1536&u_h=864&url=https%3A%2F%2Froletadasorte.tech%2Fraspadinha%2F&ref=https%3A%2F%2Froletadasorte.tech%2Fwp-admin%2Fpost.php%3Fpost%3D10%26action%3Dedit&label=mxg8COuCyaAZEKLFtLA9&hn=www.googleadservices.com&frm=0&tiba=Raspadinha%20-%20JPX&value=0&npa=0&pscdl=noapi&auid=947213365.1719520817&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI3OPvqbKLhwMVMweiAx2NXQ1lMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6G2h0dHBzOi8vcm9sZXRhZGFzb3J0ZS50ZWNoLw&is_vtc=1&cid=CAQSKQDaQooLzQxtt9xyVN94TFAUr6jvRyRoay3VVpP121gxTK3iqQsxbsKA&eitems=ChAI8O2TtAYQ1vHkqoThrbZkEh0ADSyhrreOgSWX2ks0ZVIF8VB95DgYgdlSVhtoew&random=1885630868&ipr=y

Requested by

Host: roletadasorte.tech
URL: https://roletadasorte.tech/

Protocol

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://roletadasorte.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jul 2024 17:27:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Jul 2024 17:27:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.ch/pagead/1p-conversion/16476086946/?random=1984541528&cv=11&fst=1719522252047&bg=ffffff&guid=ON&async=1&gtm=45Pe46q0v9180674465z89179982996za201&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1536&u_h=864&url=https%3A%2F%2Froletadasorte.tech%2Fraspadinha%2F&ref=https%3A%2F%2Froletadasorte.tech%2Fwp-admin%2Fpost.php%3Fpost%3D10%26action%3Dedit&label=mxg8COuCyaAZEKLFtLA9&hn=www.googleadservices.com&frm=0&tiba=Raspadinha%20-%20JPX&value=0&npa=0&pscdl=noapi&auid=947213365.1719520817&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI3OPvqbKLhwMVMweiAx2NXQ1lMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6G2h0dHBzOi8vcm9sZXRhZGFzb3J0ZS50ZWNoLw&is_vtc=1&cid=CAQSKQDaQooLzQxtt9xyVN94TFAUr6jvRyRoay3VVpP121gxTK3iqQsxbsKA&eitems=ChAI8O2TtAYQ1vHkqoThrbZkEh0ADSyhrreOgSWX2ks0ZVIF8VB95DgYgdlSVhtoew&random=1885630868&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 radar Show response
logsdk.kwai-pro.com/rest/wd/common/log/collect/ 73 B
284 B 297ms
211ms XHR
text/plain 195.138.255.24
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL: https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by: Host: s2-11187.ap4r.com
URL: https://s2-11187.ap4r.com/kos/s101/nlav11187/pixel/graySdk/core.8bd2ca4559d3f8cd.js?sdkid=249401300364503&lib=kwaiq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.138.255.24 , Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),
Reverse DNS
Software: /
Resource Hash: f5c1a99c892fb13825b8bd01d598a0a60782c50d64ee253fc1ec768e990d4370

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://roletadasorte.tech
date: Wed, 03 Jul 2024 17:27:33 GMT
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 73
content-type: text/plain;charset=UTF-8

GET
H3 200 getPixelConfig Show response
ads.mythad.com/rest/n/adintl/ad/ 377 B
315 B 195ms
195ms XHR
application/json 2.16.238.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=249401300364503&pageId=pageId-1720027653056-7014194144516
Requested by: Host: s2-11187.ap4r.com
URL: https://s2-11187.ap4r.com/kos/s101/nlav11187/pixel/graySdk/core.8bd2ca4559d3f8cd.js?sdkid=249401300364503&lib=kwaiq
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2.16.238.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 46571290800af85e91c09effa404b46f75e0f690cdfa26ef9eb3e529bedb6021

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 17:27:33 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://roletadasorte.tech
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 295
quic-version: 0x00000001

POST
H2 200 radar Show response
logsdk.kwai-pro.com/rest/wd/common/log/collect/ 70 B
192 B 251ms
191ms XHR
text/plain 195.138.255.24
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL: https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by: Host: s2-11187.ap4r.com
URL: https://s2-11187.ap4r.com/kos/s101/nlav11187/pixel/graySdk/core.8bd2ca4559d3f8cd.js?sdkid=249401300364503&lib=kwaiq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.138.255.24 , Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),
Reverse DNS
Software: /
Resource Hash: f7ab05093b410779d481e23d899c244e1b7966a74bea7af0f92ec2b94d3d9a0c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://roletadasorte.tech
date: Wed, 03 Jul 2024 17:27:33 GMT
access-control-allow-credentials: true
content-length: 70
content-type: text/plain;charset=UTF-8

GET
H3 200 public
imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/f225ac03-9cd3-4c47-69b8-bd25c0a0d400/ 3 KB
2 KB 44ms
44ms Other
image/svg+xml 104.18.3.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://imagedelivery.net/lfSRFuvEHojPT-iMbdh4pw/f225ac03-9cd3-4c47-69b8-bd25c0a0d400/public

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8aea1009f837f2732fb74bbc58368be5e3c48b6f769f078b1d49e5f2b13e36b3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=20+0 c=0+0 v=2024.6.0 l=3282
date: Wed, 03 Jul 2024 17:27:33 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
cf-bgj: imgq:0,h2pri
server: cloudflare
content-encoding: gzip
etag: W/"cfngJleNrUTxUHzoBbhuClQXB6fb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
cf-ray: 89d8963fdfe8be90-ZRH
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK checkPixel.js Show response
s1.kwai.net/kos/s101/nlav11187/pixel/core/ 126 KB
40 KB 32ms
32ms Script
application/javascript 43.152.26.209
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/checkPixel.js?sdkid=249401300364503&lib=kwaiq
Requested by: Host: s2-11187.ap4r.com
URL: https://s2-11187.ap4r.com/kos/s101/nlav11187/pixel/graySdk/core.8bd2ca4559d3f8cd.js?sdkid=249401300364503&lib=kwaiq
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.209 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: a3a4b8a8111fe31596e204f6898e7d2e15ba5ee5bfe4542a3a208ddc96829951

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ks-client-ip: 149.88.27.84
Date: Thu, 13 Jun 2024 06:07:52 GMT
Content-Encoding: gzip
x-oss-request-id: 666A8CB817D7F33039910062
X-Cache-Lookup: Cache Hit
Content-MD5: AW9CEWCiJefwVj7zcti69w==
kwaisign: NULL
Connection: keep-alive
Content-Length: 39702
X-Ks-Request-ID: 7188340913518720210
X-Ks-Cache: Hit from 43.152.26.209
x-oss-object-type: Normal
Last-Modified: Mon, 27 May 2024 07:18:27 GMT
Server: Lego Server
Etag: "016F421160A225E7F0563EF372D8BAF7"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control: no-cache
x-oss-storage-class: Standard
X-NWS-LOG-UUID: 7188340913518720210
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 11760214008123873659
x-oss-server-time: 61
Expires: Sat, 13 Jul 2024 06:07:52 GMT

POST
H3 200 api Show response
ads.mythad.com/log/common/co/ 2 KB
995 B 196ms
195ms XHR
application/json 2.16.238.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/log/common/co/api
Requested by: Host: s2-11187.ap4r.com
URL: https://s2-11187.ap4r.com/kos/s101/nlav11187/pixel/graySdk/core.8bd2ca4559d3f8cd.js?sdkid=249401300364503&lib=kwaiq
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2.16.238.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 72ac236f0d5e5e93483ddfd5ee089f2aa2e986b09029d159719c14f03fc90f00

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Wed, 03 Jul 2024 17:27:33 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://roletadasorte.tech
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 976
quic-version: 0x00000001

POST
H3 200 api Show response
ads.mythad.com/log/common/co/ 2 KB
1001 B 502ms
501ms XHR
application/json 2.16.238.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/log/common/co/api
Requested by: Host: s2-11187.ap4r.com
URL: https://s2-11187.ap4r.com/kos/s101/nlav11187/pixel/graySdk/core.8bd2ca4559d3f8cd.js?sdkid=249401300364503&lib=kwaiq
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2.16.238.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f203c45f8a1a4813793a57aef1be94ddec4a5cb923fc97eb598e75c505895c38

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Wed, 03 Jul 2024 17:27:33 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://roletadasorte.tech
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 982
quic-version: 0x00000001

POST
H3 200 api Show response
ads.mythad.com/log/common/co/ 2 KB
993 B 523ms
522ms XHR
application/json 2.16.238.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/log/common/co/api
Requested by: Host: s2-11187.ap4r.com
URL: https://s2-11187.ap4r.com/kos/s101/nlav11187/pixel/graySdk/core.8bd2ca4559d3f8cd.js?sdkid=249401300364503&lib=kwaiq
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2.16.238.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8c933fcb76e28c9ede1af9221184e033834ef19ae71c10dba4cbb8436edbaa6b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Wed, 03 Jul 2024 17:27:33 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://roletadasorte.tech
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 974
quic-version: 0x00000001

OPTIONS
H2 200 api
ads.mythad.com/log/common/co/ Frame 0
0 192ms
191ms Preflight 2a01:4a0:1338:28::c38a:ff12
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/log/common/co/api
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff12 , Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://roletadasorte.tech
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://roletadasorte.tech
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Wed, 03 Jul 2024 17:27:33 GMT

OPTIONS
H2 200 api
ads.mythad.com/log/common/co/ Frame 0
0 213ms
213ms Preflight 2a01:4a0:1338:28::c38a:ff12
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/log/common/co/api
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff12 , Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://roletadasorte.tech
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://roletadasorte.tech
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Wed, 03 Jul 2024 17:27:33 GMT

OPTIONS
H2 200 api
ads.mythad.com/log/common/co/ Frame 0
0 193ms
193ms Preflight 2a01:4a0:1338:28::c38a:ff12
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/log/common/co/api
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff12 , Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://roletadasorte.tech
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://roletadasorte.tech
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Wed, 03 Jul 2024 17:27:33 GMT

OPTIONS
H3 200 checkPixelCompress
ads.mythad.com/rest/n/adintl/ad/ Frame 0
0 190ms
190ms Preflight 2.16.238.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/rest/n/adintl/ad/checkPixelCompress
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2.16.238.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://roletadasorte.tech
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://roletadasorte.tech
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 0
date: Wed, 03 Jul 2024 17:27:33 GMT
quic-version: 0x00000001

POST
H3 200 checkPixelCompress Show response
ads.mythad.com/rest/n/adintl/ad/ 145 B
164 B 700ms
648ms XHR
application/json 2.16.238.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/rest/n/adintl/ad/checkPixelCompress
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/checkPixel.js?sdkid=249401300364503&lib=kwaiq
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2.16.238.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bb01cc7b67eb5373c86d5d524ff273ef3bfb55fc2e6cd0ba62be49ef1c3b84ae

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Wed, 03 Jul 2024 17:27:34 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://roletadasorte.tech
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 145
quic-version: 0x00000001

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 56ms
55ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MHLGQPNZSP&gtm=45je4710v9167589702z89179982996za200&_p=1720027651532&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250752&cid=1536883034.1720027652&ul=de-ch&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1720027652&sct=1&seg=1&dl=https%3A%2F%2Froletadasorte.tech%2F&dt=Raspadinha%20-%20JPX&en=page_view&_et=1&tfd=6265&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MHLGQPNZSP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://roletadasorte.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 03 Jul 2024 17:27:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://roletadasorte.tech
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
roletadasorte.tech/	1970-01-21 06:32:43	Name: __user_id Value: uid-3955477784.1984725629
.roletadasorte.tech/	1970-01-20 23:56:43	Name: _gcl_au Value: 1.1.1340047835.1720027652
.roletadasorte.tech/	1970-01-21 07:23:07	Name: _ga Value: GA1.1.1536883034.1720027652
.roletadasorte.tech/	1970-01-21 07:23:07	Name: _ga_MHLGQPNZSP Value: GS1.1.1720027652.1.1.1720027652.0.0.0
.doubleclick.net/	1970-01-21 07:23:07	Name: IDE Value: AHWqTUnJxGpLfKQ59bHkdaVnmJ5jDqDGeyx47N98h8Xv0z7Y9SCRWM3Yqx-AEOEx
roletadasorte.tech/	1970-01-21 06:32:43	Name: __visitor_id Value: v1.3:12836958842:1720027652159:1720027652161
.roletadasorte.tech/	1970-01-20 23:56:43	Name: _fbp Value: fb.1.1720027652185.463572813432376660
roletadasorte.tech/	1970-01-21 06:32:43	Name: _did Value: web_555078681C0D907C
.mythad.com/	1970-01-21 07:23:07	Name: kwai_ckid Value: 1720027653155_7848963683124004
.roletadasorte.tech/	1970-01-21 06:32:43	Name: kwai_uuid Value: dedce72838685592ca643dd143538cb4
.roletadasorte.tech/	1970-01-20 21:48:34	Name: _k_cp Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://roletadasorte.tech/(Line 76) Message: Origin trial controlled feature not enabled: 'join-ad-interest-group'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.mythad.com
adscool.net
connect.facebook.net
cpxfonts.cc
googleads.g.doubleclick.net
imagedelivery.net
logsdk.kwai-pro.com
region1.google-analytics.com
roletadasorte.tech
rtg.prdredir.com
s1.kwai.net
s2-11187.ap4r.com
scripts.prdredir.com
td.doubleclick.net
www.facebook.com
www.google.ch
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.raspadinhajpx.com
104.18.3.36
142.250.181.226
142.250.185.227
142.250.186.100
142.250.186.34
172.67.175.82
172.67.182.23
195.138.255.24
2.16.238.16
2001:4860:4802:34::36
2404:2280:1c1:0:3::3fb
2606:4700:3032::ac43:ce17
2606:4700::6812:1e1b
2a00:1450:4001:810::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::2008
2a01:4a0:1338:28::c38a:ff12
2a02:4780:13:1587:0:32d7:fe7e:6
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
43.152.26.209
033f57b1988711b77adb74839715a8114c3b8b85bda300f93afca126e3624f78
1410d2b62a708b58fce26f31447bde1fa47c2c27815bee2d47efef3545a22d0a
1604a6ded21e917720fad730538b069c6636774ea87a46de6919885df9f84f18
18f059943360c365f953878833d889cb52bb184a16ba9f6d76291d230d004c61
1bf5cb900b6980e4584c8effe0b51372d1d9aefb900f8df535b01f9d84b49e34
1fbdcbaa13dd392379209693f29002738ceb97d0a5d3e85d980f84023b9622c3
216a0e4f67c9e8fec5666defe0465bef497415d11060b0e3e82753139daff0bb
226b949408c1a224dc8e8389e5339b47e5ffcac13474518cd10646afe159e1c8
2739c765df190fed486bca6a04b6e66c8d45ef2ba0fc253e8bb71b547c72375a
273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3
2b02b7ba32ce0ca0064aaaeb68a1595ba2dbda99ceaadf177632d7553645b9d8
2d9c1473c48c8d8b0d9a3e39040c3118e9610e53e7f2211b5813ad9a4cd45a21
2e357996deabb5c5733ac0778cc2b345f4608de2bd2c93d0b7aacf4ca83e1889
3e1d4bca6ad06d986e92e9bb8afd1155e9897073dfc238d51d6cac3510bcb361
3f225bbf5d9cf2a682574248ffbb11d25845691373bf5960842164963b5b2ef8
4331dc58193909d2e8ae804f011b5e5eef5371ed3275161108b9ffac938e5ac4
448d305ad6e8d6b57c5e4d37afbf26c77bcf2c2548e1fe462772757ee6ccbbe1
45326602df13614b40a0dc61e002e2e5b5d603d784a095997a665926119e27a2
46571290800af85e91c09effa404b46f75e0f690cdfa26ef9eb3e529bedb6021
5c9798630b09b6bab2f5311bb89a29cf74866058368e464914f25afe80191a60
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
69bbd9d7a373e215774bac8029a401d6bf985495732b5ca7abee75022bc18ed1
6cafcc7b0bd7d72362065801e10d477d18e6f3cfeeb8ae176bae0ebfe13007b6
72ac236f0d5e5e93483ddfd5ee089f2aa2e986b09029d159719c14f03fc90f00
7a9fe0f042fb3b7b3b01589154556394784f07193ab8bd24ef2064df61bf712a
7f4fcb7cc0195880466250ffa0f7ff9f5995db3bb4440b96bfd2b31006662b07
898916056ba33fd6c7232527cbf6efb5b011f284596d922212b50bcacff283a4
8aea1009f837f2732fb74bbc58368be5e3c48b6f769f078b1d49e5f2b13e36b3
8c933fcb76e28c9ede1af9221184e033834ef19ae71c10dba4cbb8436edbaa6b
905d243959b218e266d815433a7a3b2e2b88cdb892b943224d11f2aa3b37e171
9422841e630db29f4af7b39208e0ea4296183500f820b58c7b160c88ed8a89ef
a03a2ac45541bf252a522fa23ee5d3be0dd1c96c2115f6dc7f42940f2a7c3043
a21102dc1ae4aa467f052f60ac51326e46e35ccd5de2e9489be63b4b358fc10f
a3a4b8a8111fe31596e204f6898e7d2e15ba5ee5bfe4542a3a208ddc96829951
a6302c6d8169ef9c2d79bfa42495fb9b8c667bf7ed918d6ce09ab205af1d3f68
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b4bfb4129c0de802e513337f4928e8d947a98e7149a9fe475294b063a198beaa
bb01cc7b67eb5373c86d5d524ff273ef3bfb55fc2e6cd0ba62be49ef1c3b84ae
bebd465dbd357bce6c5e91bd2f1ffe28b6aeacd56394e1646740a9dba9b8f468
c20f254c2097a634af7ef18d293b26f61d88e345b886f4743ebf6c0fb0972c51
c2bfa2f60630636961f857ee99ce2b3a47ae23a508406bf2ede7e3d019b2ad6a
c583cf3a8e3887d7ae88a8a91aff3772782f8dbb87c13a97817fb23d54c7635c
ceda42c1fac0ac6d7bc5a2dd167a36d069fd17060ec16b6db0c932b55577f02d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1fbdb70637b5395b75e473a16cd9f7c7acf8decf8e8949e1e90de094c86a4e1
de0ff3a56dd18d97731814fdb656352c6a68b9a6d550073d8ec8964ed6a183bb
dfbae60e7a5c57e3695f67873dbef7d53501e08be5863e789c6544f92f099978
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f203c45f8a1a4813793a57aef1be94ddec4a5cb923fc97eb598e75c505895c38
f5c1a99c892fb13825b8bd01d598a0a60782c50d64ee253fc1ec768e990d4370
f7ab05093b410779d481e23d899c244e1b7966a74bea7af0f92ec2b94d3d9a0c
f909db16eec844b2212969552d208af8a0c69f2581844cb916e0981b29a9e907
fb1c03f6853048e5b286da02005798edd2d8c83ba5cbd752196bdc9f6dfe2d42
ff7e6cd21c3cfba074b1250a5bf5fe82781191860d0ffd3807aab71bc769bbdb

roletadasorte.tech Open in urlscan Pro 2a02:4780:13:1587:0:32d7:fe7e:6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

86 Requests

98 %HTTPS

52 %IPv6

18 Domains

20 Subdomains

21 IPs

5 Countries

1145 kBTransfer

2945 kBSize

11 Cookies

2 Outgoing links

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

roletadasorte.tech Open in urlscan Pro
2a02:4780:13:1587:0:32d7:fe7e:6 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

98 %
HTTPS

52 %
IPv6

18
Domains

20
Subdomains

21
IPs

5
Countries

1145 kB
Transfer

2945 kB
Size

11
Cookies

86 HTTP transactions
0 data transactions