sortevirtual.site Open in urlscan Pro
2606:4700:3032::6815:397e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sortevirtual.site/
Effective URL:
https://sortevirtual.site/
Submission Tags: suspect
Submission: On November 16 via api (November 16th 2024, 5:09:44 pm UTC) from BR — Scanned from DE

Summary HTTP 47 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 15 domains to perform 47 HTTP transactions. The main IP is 2606:4700:3032::6815:397e, located in United States and belongs to CLOUDFLARENET, US. The main domain is sortevirtual.site.
TLS certificate: Issued by WE1 on November 15th 2024. Valid for: 3 months.

This is the only time sortevirtual.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	2606:4700:303... 2606:4700:3032::6815:397e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3035::ac43:c532	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700:20:... 2606:4700:20::681a:773	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
4	2606:4700:10:... 2606:4700:10::6816:3bb5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	3.76.21.131 3.76.21.131	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0d::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
47	19

10 2606:4700:3032::6815:397e (United States)

ASN13335 (CLOUDFLARENET, US)

sortevirtual.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::ac43:c532 (United States)

ASN13335 (CLOUDFLARENET, US)

rsms.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:773 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.rd.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:3bb5 (United States)

ASN13335 (CLOUDFLARENET, US)

eu-assets.i.posthog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.76.21.131 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-76-21-131.eu-central-1.compute.amazonaws.com

eu.i.posthog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0d::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:cb (United States)

ASN13335 (CLOUDFLARENET, US)

fbapi.rifa.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	sortevirtual.site sortevirtual.site	584 KB
7	posthog.com eu-assets.i.posthog.com — Cisco Umbrella Rank: 66351 eu.i.posthog.com — Cisco Umbrella Rank: 26682	108 KB
5	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110	196 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	326 KB
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 389 ep2.adtrafficquality.google — Cisco Umbrella Rank: 403	19 KB
3	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 4108
3	rd.app cdn.rd.app	4 MB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	213 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	75 KB
2	rsms.me rsms.me — Cisco Umbrella Rank: 8761	115 KB
1	rifa.digital fbapi.rifa.digital
1	google.de www.google.de — Cisco Umbrella Rank: 10745	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 135	555 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	915 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	17 KB
47	15

	Domain	Requested by
10	sortevirtual.site	sortevirtual.site
5	pagead2.googlesyndication.com	sortevirtual.site pagead2.googlesyndication.com
4	eu-assets.i.posthog.com	sortevirtual.site eu-assets.i.posthog.com
4	www.googletagmanager.com	sortevirtual.site www.googletagmanager.com
3	eu.i.posthog.com	eu-assets.i.posthog.com
3	cdn.rd.app	sortevirtual.site
2	ep2.adtrafficquality.google	pagead2.googlesyndication.com ep2.adtrafficquality.google
2	www.facebook.com	sortevirtual.site
2	region1.analytics.google.com	www.googletagmanager.com
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	rsms.me	sortevirtual.site rsms.me
1	ep1.adtrafficquality.google	pagead2.googlesyndication.com
1	fbapi.rifa.digital	www.googletagmanager.com
1	www.google.de	sortevirtual.site
1	stats.g.doubleclick.net	www.googletagmanager.com
1	www.google.com	www.googletagmanager.com
1	fonts.googleapis.com	sortevirtual.site
1	cdnjs.cloudflare.com	sortevirtual.site
47	18

This site contains no links.

Subject Issuer	Validity	Valid
sortevirtual.site WE1	`2024-11-15` - `2025-02-13`	3 months	crt.sh
rsms.me WE1	`2024-10-19` - `2025-01-17`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
cdn.rd.app WE1	`2024-10-28` - `2025-01-27`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.i.posthog.com WE1	`2024-10-05` - `2025-01-03`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-25` - `2024-11-23`	3 months	crt.sh
*.google.de WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
rifa.digital WE1	`2024-11-14` - `2025-02-12`	3 months	crt.sh
adtrafficquality.google WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://sortevirtual.site/
Frame ID: FB7E470C1B92DA157DF1756C5F8137C4
Requests: 43 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fsortevirtual.site
Frame ID: 0225630689466ACC0B56CBD649707317
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20241112/r20190131/zrt_lookup_fy2021.html
Frame ID: F941361C92DEF591E725A075E4865BAE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-2984742400813413&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1731776979&plat=2%3A16777216%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fsortevirtual.site%2F&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&itsi=-1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1731776979034&bpp=3&bdt=207&idt=147&shv=r20241112&mjsv=m202411120101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=6449505217812&frm=20&pv=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088669%2C31088895%2C95331833%2C95344190%2C95345967%2C95340253%2C95340255&oid=2&pvsid=3687844189018475&tmod=182998349&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=180
Frame ID: D41C0702D222AF707522CAA51440F8CA
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: C8AF00724494F11CAF0F9F9BF3194477
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

null | Rifa Digital

Page URL History Show full URLs

http://sortevirtual.site/ HTTP 307
https://sortevirtual.site/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

47
Requests

98 %
HTTPS

94 %
IPv6

15
Domains

18
Subdomains

19
IPs

3
Countries

5688 kB
Transfer

8023 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sortevirtual.site/ HTTP 307
https://sortevirtual.site/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
sortevirtual.site/
Redirect Chain

http://sortevirtual.site/
https://sortevirtual.site/

43 KB
14 KB

290ms
243ms

Document
text/html

2606:4700:3032::6815:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sortevirtual.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:397e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60842c151759e4208b79421824eb06f0c9a9acb017a5d7a3c6f56afe70dfc142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8e391703d86c9191-FRA
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Sat, 16 Nov 2024 17:09:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bEWBPaLHv1dvuqG3XlDM%2BMVYW%2FC6xu7UTmhZB7DSnkVs%2FTcI43uHxqotfbcnx2YbL%2BN%2F4JwCCGkRDjeaKVOYSMKeuDoqUvMlLc2XmeincmN5XRcnesOT5BR8UEX0EMkX8HYn9kcupnZeHeH6q2eLPA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=19600&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4152&recv_bytes=4384&delivery_rate=620&cwnd=12000&unsent_bytes=0&cid=6127fe42be5a1dbe&ts=249&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding X-Inertia
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Location: https://sortevirtual.site/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 inter.css
rsms.me/inter/ 11 KB
2 KB 63ms
32ms Stylesheet
text/css 2606:4700:3035::ac43:c532
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/inter.css
Requested by: Host: sortevirtual.site
URL: https://sortevirtual.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c532 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46d01c7807f64a24c1b2853b756ef15f3a2facdf4a9f066eaf5d39c0c9935441

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://sortevirtual.site/

Response headers

x-fastly-request-id: 33a1e943a4b7f903ed94a4c852cb5b459214b6fb
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6737eec5-2ce9"
age: 119
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JlWkZ%2F76nn%2FYHiywoAbFlXE%2FLA6Hhg2L0MVGNw%2FYa8yrIRRsUu2wPDCzetZHxtTZQusxvaK2suz07GSoFNEbvq%2BQqq3TWDXvq6A2DEW9Ht6GP6fjQXNESZyL8gpyzdsg9Dgufuoc"}],"group":"cf-nel","max_age":604800}
x-github-request-id: 17DD:24AB4C:299B110:2A8AFBD:6737EF81
expires: Sat, 16 Nov 2024 01:14:01 GMT
x-proxy-cache: MISS
alt-svc: h3=":443"; ma=86400
x-cache: HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=21035&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4079&recv_bytes=4179&delivery_rate=128147&cwnd=12000&unsent_bytes=0&cid=b00060fb0f6968f2&ts=39&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 16 Nov 2024 17:09:38 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-eddf8230043-FRA
x-cache-hits: 1
last-modified: Sat, 16 Nov 2024 01:00:53 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1731719157.156826,VS0,VE1
via: 1.1 varnish
cf-ray: 8e391705fa762bfa-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1305
x-origin-cache: HIT
server: cloudflare

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/ 99 KB
17 KB 60ms
34ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/all.min.css

Requested by

Host: sortevirtual.site
URL: https://sortevirtual.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5e8e8eb22e2eaf1ad02370c22c63c04774ab0b83b4329d5945333750814bb2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://sortevirtual.site/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "62deef96-4324"
age: 252430
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SJxspE7o%2F4l8EAy9TpAD6qU%2BErJNQASMyCyrB5vkIzJYqW2HGHjHNlxl2QU3d5n1Ey87WLBlWcNR64OAJCmTZM5jACnvE%2BwjUTpzNILzwF33vIpWqCU8jdXOB1s4HgQRQ%2Fvbk921kw9m0rlGgzGK27fe"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 17:09:38 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 16 Nov 2024 17:09:38 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 25 Jul 2022 19:31:34 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e391705e8f23648-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17188
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
915 B 86ms
33ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lexend:wght@400;500&display=swap

Requested by

Host: sortevirtual.site
URL: https://sortevirtual.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3577db7d75aa8af02db92d2fca7ed44fd34b1195f6cf6c71328f95c539eb6a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://sortevirtual.site/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 16 Nov 2024 17:09:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 17:09:38 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
52 KB 83ms
42ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2984742400813413

Requested by

Host: sortevirtual.site
URL: https://sortevirtual.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

433be56e2fa69f5cb676b38e03777401992fb1fbf2228ffe7bdc449819740323

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin: https://sortevirtual.site
Referer: https://sortevirtual.site/

Response headers

content-encoding: br
etag: 16091176825409591195
x-content-type-options: nosniff
expires: Sat, 16 Nov 2024 17:09:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sat, 16 Nov 2024 17:09:38 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53444
x-xss-protection: 0
server: cafe

GET
H3 200 app-C2Rkk2Fc.css
sortevirtual.site/build/assets/ 13 KB
3 KB 232ms
230ms Stylesheet
text/css 2606:4700:3032::6815:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sortevirtual.site/build/assets/app-C2Rkk2Fc.css

Requested by

Host: sortevirtual.site
URL: https://sortevirtual.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:397e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4522082cba4909ad4b9a81e3b657c4c243f2e62f6dd5556d1a7b1a72caff6405

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://sortevirtual.site/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"67361467-3241"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8XCfezTqzIrAyuI%2BeWLwAWyLCmJORqfTaOemE7kkguLIenmE2Uwz8qND9YRp3bp5stD1lJ79RgPFGnguUkk9dDtKlT%2F7wnogWg46%2BFkW39Bx7qciJiTC8YH2wm%2B77odqHhSQq%2BX6VtEdtFBmiE3Q0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20003&sent=27&recv=21&lost=0&retrans=0&sent_bytes=18716&recv_bytes=7374&delivery_rate=667164&cwnd=13200&unsent_bytes=0&cid=6127fe42be5a1dbe&ts=544&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 16 Nov 2024 17:09:39 GMT
content-type: text/css
last-modified: Thu, 14 Nov 2024 15:16:55 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e391705ca779191-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 app-BNxgb9Nk.css
sortevirtual.site/build/assets/ 114 KB
18 KB 308ms
306ms Stylesheet
text/css 2606:4700:3032::6815:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sortevirtual.site/build/assets/app-BNxgb9Nk.css

Requested by

Host: sortevirtual.site
URL: https://sortevirtual.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:397e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f2c7f65c0c9edd68df1cd5eca9f9eb174aee3939713ee5342e4394b100daea2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://sortevirtual.site/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"67361467-1c87a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dW37wqudiF8N3%2B3jYeZnQWHv9YKTn5YhGIWkqyB3nEyLfcNjxBSM5svMspmpQlJGDbgka%2F1nx4TBikq1G4FY9nZAiLJGqSYaDvpt4%2FUZ84cl3dC4Ltt3kXeJM4bWMffF8%2FPuT27QOpe49PiJaS1AYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19945&sent=30&recv=23&lost=0&retrans=0&sent_bytes=21556&recv_bytes=7461&delivery_rate=12431&cwnd=13200&unsent_bytes=0&cid=6127fe42be5a1dbe&ts=619&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 16 Nov 2024 17:09:39 GMT
content-type: text/css
last-modified: Thu, 14 Nov 2024 15:16:55 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e391705ca799191-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 app-YSWgxx9t.js Show response
sortevirtual.site/build/assets/ 345 KB
125 KB 399ms
398ms Script
application/javascript 2606:4700:3032::6815:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sortevirtual.site/build/assets/app-YSWgxx9t.js

Requested by

Host: sortevirtual.site
URL: https://sortevirtual.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:397e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b28d1a88bd3b88cd0e8f433746dc9f4b1c9dd6d368b0e0f88c7eb777104aa5db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin: https://sortevirtual.site
Referer: https://sortevirtual.site/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"67361467-565f4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kaa89yE89KPqrg04lo%2BhQvJ8FD6LPah5uyZaep8Atp4iqfbN7evLJmgD2S8GAvD6VuXeW3WfA0aRIhiNgJlNRP2BoEH2prLfLLMy5nJrW50fWHHLnX3x2YD5V9E4aqDzdgyNZwMMhYm1fcgGTKV3JQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20074&sent=46&recv=31&lost=0&retrans=0&sent_bytes=40267&recv_bytes=7805&delivery_rate=558166&cwnd=20400&unsent_bytes=0&cid=6127fe42be5a1dbe&ts=710&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 16 Nov 2024 17:09:39 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 14 Nov 2024 15:16:55 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e391705ca7a9191-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 395944717317069644597.png
cdn.rd.app/logos/ 36 KB
37 KB 609ms
543ms Image
image/png 2606:4700:20::681a:773
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.rd.app/logos/395944717317069644597.png
Requested by: Host: sortevirtual.site
URL: https://sortevirtual.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:773 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a1351c8cad88eaa60b9408b981d67b7d69042e7f849388ee2f3b953a3a7133d

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://sortevirtual.site/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "1a02ca8acf659bd5a204290a0600fa2e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8u784hIv5RhgBA8AOtiRW9qR%2FrqPjrxdXVmq74mBtC87xgFdTYmBzUBHANzL8Z7ku5CsqB4WnoGqAG3q9GDL%2B3DRSrbOXvY69XX2pqWpYMxU%2FYJo67F4XBNLseJlvqRq2ZTWU7H6EbA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e3917062d1e3683-FRA
accept-ranges: bytes
server-timing: cfL4;desc="?proto=TCP&rtt=24765&sent=3303&recv=918&lost=0&retrans=5&sent_bytes=4329875&recv_bytes=2534&delivery_rate=264042&cwnd=2108&unsent_bytes=0&cid=b4b8959f23dad0eb&ts=551&x=0"
content-length: 37310
date: Sat, 16 Nov 2024 17:09:39 GMT
content-type: image/png
last-modified: Fri, 15 Nov 2024 21:42:44 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 kit-churrasco-no-valor-de-40000-17317054700452.jpg
cdn.rd.app/raffles/ 527 KB
528 KB 243ms
177ms Image
image/jpeg 2606:4700:20::681a:773
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.rd.app/raffles/kit-churrasco-no-valor-de-40000-17317054700452.jpg
Requested by: Host: sortevirtual.site
URL: https://sortevirtual.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:773 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc2ecd840b78df10afa97e80d5e61b31534a8df1193d49173f1a9abda6dca3cd

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://sortevirtual.site/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "c5b37b5b7aae7b2bb38d26afb763bbc9"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z5xzUJU99ZW5%2FjPWGokHoPhPuPkxDfPFww47zcgr3rWeW7Jsjb7mYXW5x7C1LkDM3Lj0pqJUmDPLcvsJUgoWoCqNMb0RBV7TnCwGn0VN09RdNmQVwK7J6iMmCBKtNKjzHlLHh158vyg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e3917062d223683-FRA
accept-ranges: bytes
server-timing: cfL4;desc="?proto=TCP&rtt=19114&sent=8&recv=14&lost=0&retrans=0&sent_bytes=3989&recv_bytes=2462&delivery_rate=206896&cwnd=254&unsent_bytes=0&cid=b4b8959f23dad0eb&ts=185&x=0"
content-length: 539658
date: Sat, 16 Nov 2024 17:09:39 GMT
content-type: image/jpeg
last-modified: Fri, 15 Nov 2024 21:17:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 rifa-ftc-play-1000-em-premio-e-muito-mais-17317083576166.jpg
cdn.rd.app/raffles/ 4 MB
4 MB 194ms
192ms Image
image/jpeg 2606:4700:20::681a:773
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.rd.app/raffles/rifa-ftc-play-1000-em-premio-e-muito-mais-17317083576166.jpg
Requested by: Host: sortevirtual.site
URL: https://sortevirtual.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:773 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 311f72fb1c4009c73427344476f3d17f744ae49be7f5930cbe2e9e206d791a66

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://sortevirtual.site/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "7c959b4401a58dce0b859ce06721d86e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qFKATXg3CaxxiPsHosJr4%2FRhtpAxRzxBwD65QyRgDz3O16DBE38Ldz4da7yX0C%2BAK%2B0Pgj29KssKGFxwQD59IpyYDqgJiWF%2BRH9pjYho%2FgQixxdwJwFM51cEj7MDY49NvLbqRnUkjCs%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e3917065d433683-FRA
accept-ranges: bytes
server-timing: cfL4;desc="?proto=TCP&rtt=19304&sent=116&recv=23&lost=0&retrans=0&sent_bytes=132245&recv_bytes=2534&delivery_rate=3582675&cwnd=257&unsent_bytes=31872&cid=b4b8959f23dad0eb&ts=220&x=0"
content-length: 3764351
date: Sat, 16 Nov 2024 17:09:39 GMT
content-type: image/jpeg
last-modified: Fri, 15 Nov 2024 22:05:58 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 295 KB
102 KB 93ms
42ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MDPCFZ7

Requested by

Host: sortevirtual.site
URL: https://sortevirtual.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e754aff81df3c0c7790796eae1c82f49566cdedbe467d536e4c459fbd6054361

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://sortevirtual.site/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sat, 16 Nov 2024 17:09:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 17:09:38 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 16 Nov 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 103739
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 array.js Show response
eu-assets.i.posthog.com/static/ 167 KB
59 KB 117ms
61ms Script
text/javascript 2606:4700:10::6816:3bb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-assets.i.posthog.com/static/array.js

Requested by

Host: sortevirtual.site
URL: https://sortevirtual.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3bb5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

432b7e667063ce9fa3b07c878c13bd75b558a2ce3c5a7da601b7789b0d3978aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin: https://sortevirtual.site
Referer: https://sortevirtual.site/

Response headers

cache-control: public, max-age=300
cross-origin-opener-policy: same-origin
content-encoding: gzip
x-envoy-upstream-service-time: 4
cf-cache-status: MISS
referrer-policy: same-origin
x-content-type-options: nosniff
cf-ray: 8e391706a8f23a9c-FRA
access-control-allow-origin: *
date: Sat, 16 Nov 2024 17:09:39 GMT
content-type: text/javascript; charset="utf-8"
last-modified: Sat, 16 Nov 2024 15:31:47 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411120101/ 434 KB
144 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2984742400813413&plah=sortevirtual.site

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2984742400813413

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d41e304b8252a041c29d0f321192b393e9a5132a078ea4fe485c21af12baf04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://sortevirtual.site/

Response headers

content-encoding: br
etag: 3829471937607261013
x-content-type-options: nosniff
expires: Sat, 16 Nov 2024 17:09:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sat, 16 Nov 2024 17:09:39 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 147416
x-xss-protection: 0
server: cafe

POST
H2 200 / Show response
eu.i.posthog.com/decide/ 879 B
840 B 108ms
40ms XHR
application/json 3.76.21.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.i.posthog.com/decide/?v=3&ip=1&_=1731776979058&ver=1.186.0&compression=base64

Requested by

Host: eu-assets.i.posthog.com
URL: https://eu-assets.i.posthog.com/static/array.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.76.21.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-76-21-131.eu-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

ee3d955f736977f40f23efaa2085a389169f2e6d387a36b2d0d96c2c297d2738

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type: application/x-www-form-urlencoded
Referer: https://sortevirtual.site/

Response headers

cross-origin-opener-policy: same-origin
content-encoding: gzip
x-envoy-upstream-service-time: 7
access-control-allow-credentials: true
x-content-type-options: nosniff
referrer-policy: same-origin
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://sortevirtual.site
date: Sat, 16 Nov 2024 17:09:39 GMT
content-type: application/json
vary: Accept-Encoding
server: envoy
access-control-allow-headers: X-Requested-With,Content-Type

POST
H2 200 / Show response
eu.i.posthog.com/e/ 13 B
404 B 82ms
29ms XHR
application/json 3.76.21.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.i.posthog.com/e/?ip=1&_=1731776979071&ver=1.186.0&compression=gzip-js

Requested by

Host: eu-assets.i.posthog.com
URL: https://eu-assets.i.posthog.com/static/array.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.76.21.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-76-21-131.eu-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type: text/plain
Referer: https://sortevirtual.site/

Response headers

cross-origin-opener-policy: same-origin
content-encoding: gzip
x-envoy-upstream-service-time: 5
access-control-allow-credentials: true
x-content-type-options: nosniff
referrer-policy: same-origin
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://sortevirtual.site
date: Sat, 16 Nov 2024 17:09:39 GMT
content-type: application/json
vary: Accept-Encoding
server: envoy
access-control-allow-headers: X-Requested-With,Content-Type

POST
H3 200 collect
www.google.com/ccm/ 0
0 76ms
31ms Ping
text/plain 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fsortevirtual.site%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=329086301.1731776979&auid=1184508573.1731776979&npa=1&gtm=45He4bc0v857888618za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855&tft=1731776979091&tfd=621&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDPCFZ7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://sortevirtual.site/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 404 KB
131 KB 50ms
50ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KHYBPRP9RF&l=dataLayer&cx=c&gtm=45He4bc0v857888618za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDPCFZ7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1e5e17a9118b254adf7a52451a50f839a4e0b51d0118fcb76c022553e3d7af44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://sortevirtual.site/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 16 Nov 2024 17:09:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 17:09:39 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 133591
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 59ms
21ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDPCFZ7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-c2FNutyl' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://sortevirtual.site/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 16 Nov 2024 17:09:39 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-c2FNutyl' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=23, mss=1232, tbw=4448, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: nXiMXx043mmFNHXnkOKU/482fYjZAqadopQ2cuhpBlN1VEbfZd26FY1DlH9WQ28nyuFaAdf/OieU5tS0in6qNQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62152
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 263 KB
93 KB 44ms
42ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-10846468162&l=dataLayer&cx=c&gtm=45He4bc0v857888618za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDPCFZ7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

942574bd865625ec99201a2a20ce5024e0a7296a931c1fa85adc5c0c2804c14d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://sortevirtual.site/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Sat, 16 Nov 2024 17:09:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 17:09:39 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 16 Nov 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 95040
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 0225 0
0 74ms
28ms Document
text/html 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fsortevirtual.site

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDPCFZ7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Sat, 16 Nov 2024 17:09:39 GMT
expires: Sun, 16 Nov 2025 17:09:39 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Inter-Medium.woff2
rsms.me/inter/font-files/ 112 KB
113 KB 69ms
38ms Font
font/woff2 2606:4700:3035::ac43:c532
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/font-files/Inter-Medium.woff2?v=4.1
Requested by: Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c532 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ff3e94614e1493eb556314fd247ae6c4a85a7783b4cc86be539940cf83f2a48

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin: https://sortevirtual.site
Referer: https://rsms.me/inter/inter.css

Response headers

x-fastly-request-id: df83deb84e25a2b11d931ac17ff73f4bb97e4d94
cf-cache-status: MISS
etag: "6737eec5-1beac"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eplGetRO43SI3UBV3HiEVqWEbGjWJOeuz%2B21iz1NWlAVn9J%2ByXV0jIenpB3W4YEjjicpa9aKTkTuCdInYyBkfIyBPAOCAzxxg1Kt0Hk51AER7oco6eYpgXSS5f92WWOB2xpbCaRm"}],"group":"cf-nel","max_age":604800}
x-github-request-id: E029:23E25F:2A1F0DC:2B0F11D:6737EF8A
expires: Sat, 16 Nov 2024 01:14:04 GMT
x-proxy-cache: HIT
alt-svc: h3=":443"; ma=86400
x-cache: HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=27052&sent=9&recv=6&lost=0&retrans=0&sent_bytes=2157&recv_bytes=3988&delivery_rate=48344&cwnd=12000&unsent_bytes=0&cid=e92885cc5d4479ee&ts=48&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 16 Nov 2024 17:09:39 GMT
content-type: font/woff2
x-served-by: cache-fra-eddf8230138-FRA
x-cache-hits: 1
last-modified: Sat, 16 Nov 2024 01:00:53 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1731776979.222223,VS0,VE2
via: 1.1 varnish
cf-ray: 8e3917081eb39274-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 114348
x-origin-cache: HIT
server: cloudflare

GET
H2 200 recorder.js Show response
eu-assets.i.posthog.com/static/ 111 KB
39 KB 47ms
47ms Script
text/javascript 2606:4700:10::6816:3bb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-assets.i.posthog.com/static/recorder.js?v=1.186.0

Requested by

Host: eu-assets.i.posthog.com
URL: https://eu-assets.i.posthog.com/static/array.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3bb5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fa1e3af2fa00664b4c281aa53f63b158f68e3a4d1c1f548d16e15612e003470

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin: https://sortevirtual.site
Referer: https://sortevirtual.site/

Response headers

cache-control: public, max-age=300
cross-origin-opener-policy: same-origin
content-encoding: gzip
x-envoy-upstream-service-time: 4
cf-cache-status: MISS
referrer-policy: same-origin
x-content-type-options: nosniff
cf-ray: 8e391707e9e23a9c-FRA
access-control-allow-origin: *
date: Sat, 16 Nov 2024 17:09:39 GMT
content-type: text/javascript; charset="utf-8"
last-modified: Sat, 16 Nov 2024 15:31:47 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 dead-clicks-autocapture.js Show response
eu-assets.i.posthog.com/static/ 13 KB
5 KB 44ms
43ms Script
text/javascript 2606:4700:10::6816:3bb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-assets.i.posthog.com/static/dead-clicks-autocapture.js?v=1.186.0

Requested by

Host: eu-assets.i.posthog.com
URL: https://eu-assets.i.posthog.com/static/array.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3bb5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a2abdff4a9cb6cb5aee55c768e024c038bc9163f9957a54aaa126bb50babd45

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin: https://sortevirtual.site
Referer: https://sortevirtual.site/

Response headers

cache-control: public, max-age=14400
cross-origin-opener-policy: same-origin
content-encoding: gzip
x-envoy-upstream-service-time: 3
cf-cache-status: MISS
referrer-policy: same-origin
x-content-type-options: nosniff
cf-ray: 8e391707e9e33a9c-FRA
access-control-allow-origin: *
date: Sat, 16 Nov 2024 17:09:39 GMT
content-type: text/javascript; charset="utf-8"
last-modified: Sat, 16 Nov 2024 15:31:47 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 web-vitals.js Show response
eu-assets.i.posthog.com/static/ 10 KB
4 KB 43ms
43ms Script
text/javascript 2606:4700:10::6816:3bb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-assets.i.posthog.com/static/web-vitals.js?v=1.186.0

Requested by

Host: eu-assets.i.posthog.com
URL: https://eu-assets.i.posthog.com/static/array.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3bb5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ceb1bed3e9c4b48e00a920fe2c02e2f2682239f48271c10b4c289845a371bd09

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin: https://sortevirtual.site
Referer: https://sortevirtual.site/

Response headers

cache-control: public, max-age=300
cross-origin-opener-policy: same-origin
content-encoding: gzip
x-envoy-upstream-service-time: 4
cf-cache-status: MISS
referrer-policy: same-origin
x-content-type-options: nosniff
cf-ray: 8e391707e9e63a9c-FRA
access-control-allow-origin: *
date: Sat, 16 Nov 2024 17:09:39 GMT
content-type: text/javascript; charset="utf-8"
last-modified: Sat, 16 Nov 2024 15:31:47 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20241112/r20190131/ Frame F941 0
0 72ms
22ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20241112/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2984742400813413&plah=sortevirtual.site

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sortevirtual.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

age: 12491
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4134
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 16 Nov 2024 13:41:28 GMT
etag: 4475648825157136472
expires: Sat, 30 Nov 2024 13:41:28 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&cls=px-4%20bg-white%20h-%5B48px%5D%20sm%3Ah-%5B64px%5D%20min-w-full%20fixed&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: sortevirtual.site
URL: https://sortevirtual.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://sortevirtual.site/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Sat, 16 Nov 2024 17:09:39 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame D41C 0
0 102ms
72ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-2984742400813413&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1731776979&plat=2%3A16777216%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fsortevirtual.site%2F&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&itsi=-1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1731776979034&bpp=3&bdt=207&idt=147&shv=r20241112&mjsv=m202411120101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=6449505217812&frm=20&pv=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088669%2C31088895%2C95331833%2C95344190%2C95345967%2C95340253%2C95340255&oid=2&pvsid=3687844189018475&tmod=182998349&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=180

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sortevirtual.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 16 Nov 2024 17:09:39 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 619464952447923 Show response
connect.facebook.net/signals/config/ 69 KB
14 KB 180ms
179ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/619464952447923?v=2.9.177&r=stable&domain=sortevirtual.site&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

20d10e2eef04dbe75754c6d72c76bbb19b06104ece2b3fded53527ca2073eda0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-hPeejogU' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://sortevirtual.site/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 16 Nov 2024 17:09:39 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-hPeejogU' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=77, mss=1232, tbw=70974, tp=67, tpl=0, uplat=158, ullat=0
pragma: public
x-fb-debug: HQIhP88Ob1PEpaHaXOIS/7cSdoHcUmimA7kwar5FY/Ueld6rqG1Ktrx6eOUuur8MZTgz4ZvCx/7A2cr+nCTjdw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 80ms
30ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-KHYBPRP9RF&gtm=45je4bc0v875720306z8857888618za200zb857888618&_p=1731776978918&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067554~102067808~102077855&cid=848716099.1731776979&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731776979&sct=1&seg=0&dl=https%3A%2F%2Fsortevirtual.site%2F&dt=null%20%7C%20Rifa%20Digital&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=802
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KHYBPRP9RF&l=dataLayer&cx=c&gtm=45He4bc0v857888618za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://sortevirtual.site/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://sortevirtual.site
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 17:09:39 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
555 B 88ms
30ms Ping
text/plain 2a00:1450:400c:c0d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KHYBPRP9RF&cid=848716099.1731776979&gtm=45je4bc0v875720306z8857888618za200zb857888618&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067554~102067808~102077855
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KHYBPRP9RF&l=dataLayer&cx=c&gtm=45He4bc0v857888618za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://sortevirtual.site/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://sortevirtual.site
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 17:09:39 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 72ms
28ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-KHYBPRP9RF&gtm=45je4bc0v875720306z8857888618za200zb857888618&_p=1731776978918&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067554~102067808~102077855&cid=848716099.1731776979&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAC&_s=2&sid=1731776979&sct=1&seg=1&dl=https%3A%2F%2Fsortevirtual.site%2F&dt=null%20%7C%20Rifa%20Digital&en=page_view&_et=2&tfd=809
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KHYBPRP9RF&l=dataLayer&cx=c&gtm=45He4bc0v857888618za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://sortevirtual.site/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://sortevirtual.site
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 17:09:39 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 84ms
54ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KHYBPRP9RF&cid=848716099.1731776979&gtm=45je4bc0v875720306z8857888618za200zb857888618&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067554~102067808~102077855&tag_exp=101925629~102067554~102067808~102077855&z=301661256

Requested by

Host: sortevirtual.site
URL: https://sortevirtual.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://sortevirtual.site/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 16 Nov 2024 17:09:39 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 404 collect
fbapi.rifa.digital/g/ 0
0 315ms
251ms Fetch
text/html 2606:4700:20::681a:cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fbapi.rifa.digital/g/collect?v=2&tid=G-KHYBPRP9RF&gtm=45je4bc0v875720306z8857888618za200zb857888618&_p=1731776978918&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067554~102067808~102077855&cid=848716099.1731776979&ul=de-de&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1731776979&sct=1&seg=1&dl=https%3A%2F%2Fsortevirtual.site%2F&dt=null%20%7C%20Rifa%20Digital&en=PageView&ep.event_id=1731776979094.917104.1&_et=1&tfd=827
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KHYBPRP9RF&l=dataLayer&cx=c&gtm=45He4bc0v857888618za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://sortevirtual.site/

Response headers

GET
H3 200 UserProfile-EX79Sskk.js Show response
sortevirtual.site/build/assets/ 7 KB
3 KB 226ms
225ms Script
application/javascript 2606:4700:3032::6815:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sortevirtual.site/build/assets/UserProfile-EX79Sskk.js

Requested by

Host: sortevirtual.site
URL: https://sortevirtual.site/build/assets/app-YSWgxx9t.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:397e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c7f336d1017bcd79c96a620edfc614086adb5cde09f92356ec004884731691b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin: https://sortevirtual.site
Referer

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"67361467-1c6a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pGgSRg7o5C0DvYHTi8qDpVk%2FE0uooojZhEgp6gDZqDHixvQsyhz2QZMLPyArMIcFXV3%2FUOhdfEHL2ZMN6AMum%2Bb1eM7nmXwg3bs2LJ9oSu7DNLRWLFC7mg02YIlDDVE3f9OJ7uhsDFzx%2F0XhMBuprw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20388&sent=168&recv=72&lost=0&retrans=0&sent_bytes=179705&recv_bytes=13967&delivery_rate=1886092&cwnd=68400&unsent_bytes=0&cid=6127fe42be5a1dbe&ts=1105&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 16 Nov 2024 17:09:39 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 14 Nov 2024 15:16:55 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e3917095da19191-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 Tooltip-DvseSDDU.js Show response
sortevirtual.site/build/assets/ 16 KB
7 KB 222ms
221ms Script
application/javascript 2606:4700:3032::6815:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sortevirtual.site/build/assets/Tooltip-DvseSDDU.js

Requested by

Host: sortevirtual.site
URL: https://sortevirtual.site/build/assets/app-YSWgxx9t.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:397e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

774b309d89523ba02fc288cfffc73d78ed78ec9ecf55d3348a9b406e059c6c83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin: https://sortevirtual.site
Referer

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"67361467-4075"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DkU7BoHvU%2BI9ETbz%2BaORajUe7fDtXoFgAdEdm81Y%2F9%2BCsETYE2QXhSMcjhxBQ0tDv9dEvjDWw%2FgdQEfS3CnwBGwYIs8a2Xopl1CAqL44Bey6hDIiS54yhoa4%2BYeB7Jq%2BdbMrDoAZtrzLPF2P%2FG6s%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20388&sent=161&recv=72&lost=0&retrans=0&sent_bytes=172312&recv_bytes=13967&delivery_rate=1886092&cwnd=68400&unsent_bytes=0&cid=6127fe42be5a1dbe&ts=1102&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 16 Nov 2024 17:09:39 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 14 Nov 2024 15:16:55 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e3917095da29191-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 _plugin-vue_export-helper-DlAUqK2U.js Show response
sortevirtual.site/build/assets/ 91 B
811 B 233ms
232ms Script
application/javascript 2606:4700:3032::6815:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sortevirtual.site/build/assets/_plugin-vue_export-helper-DlAUqK2U.js

Requested by

Host: sortevirtual.site
URL: https://sortevirtual.site/build/assets/app-YSWgxx9t.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:397e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb85b0f263dbe24e857338301c0627076592e9f1f1a5662929f86d2c126444aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin: https://sortevirtual.site
Referer

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"67361467-5b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kvbC4Oaxyri0uwn39Ci45DLZr8WGhNHDtgzZMlx%2F0mTDDKNz43bsjxz1nweCBBNmgBBzUpdk2GV1IIQOfhyzy4Z%2F4CZl2yq2JjFmAhi4h3BCt6QamcTr3ZiE6MeciMHztDOYjSOi%2Bi1Mng3pISDMUA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20388&sent=171&recv=72&lost=0&retrans=0&sent_bytes=182991&recv_bytes=13967&delivery_rate=1886092&cwnd=68400&unsent_bytes=0&cid=6127fe42be5a1dbe&ts=1113&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 16 Nov 2024 17:09:39 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 14 Nov 2024 15:16:55 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e3917095da49191-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 ArrowRightIcon-DC4F8di6.js Show response
sortevirtual.site/build/assets/ 448 B
1 KB 213ms
212ms Script
application/javascript 2606:4700:3032::6815:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sortevirtual.site/build/assets/ArrowRightIcon-DC4F8di6.js

Requested by

Host: sortevirtual.site
URL: https://sortevirtual.site/build/assets/app-YSWgxx9t.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:397e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c98d60333047d02906ac1723e15fbba3b1962e4827bd7c5246ad973d8f4829c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin: https://sortevirtual.site
Referer

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"67361467-1c0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DEqHb8VPd7abx6rI0Ngcg%2BkAuUeu%2BBx6BpqATcc04zKe2%2BJKMhBlRB4PtifZ%2FSVnZwRrhvo7NzjssN1iorYdVMcwvMbdQVAh6KGPz9KRY2LHyrOmxMS9ZQlff5zdtfuBGr1KC%2FNHFH2aJpWb%2FYQctg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20388&sent=160&recv=72&lost=0&retrans=0&sent_bytes=171258&recv_bytes=13967&delivery_rate=1886092&cwnd=68400&unsent_bytes=0&cid=6127fe42be5a1dbe&ts=1093&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 16 Nov 2024 17:09:39 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 14 Nov 2024 15:16:55 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e3917095da59191-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 51ms
21ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=619464952447923&ev=PageView&dl=https%3A%2F%2Fsortevirtual.site%2F&rl=&if=false&ts=1731776979430&sw=1600&sh=1200&v=2.9.177&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1731776979427.284889169869088081&ler=empty&cdl=API_unavailable&it=1731776979235&coo=false&eid=1731776979094.917104.1&tm=1&chmd=&chpv=&chfv=undefined&rqm=GET

Requested by

Host: sortevirtual.site
URL: https://sortevirtual.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://sortevirtual.site/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=23, mss=1232, tbw=4498, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sat, 16 Nov 2024 17:09:39 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
197 B 176ms
147ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=619464952447923&ev=PageView&dl=https%3A%2F%2Fsortevirtual.site%2F&rl=&if=false&ts=1731776979430&sw=1600&sh=1200&v=2.9.177&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1731776979427.284889169869088081&ler=empty&cdl=API_unavailable&it=1731776979235&coo=false&eid=1731776979094.917104.1&tm=1&chmd=&chpv=&chfv=undefined&rqm=FGET

Requested by

Host: sortevirtual.site
URL: https://sortevirtual.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://sortevirtual.site/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 16 Nov 2024 17:09:39 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: NkigGFdMIRrG1IMwoIJswd/AjHT3IPLg6V6ySe9eeCLGJCpQwFylZ4HU26w0TOJ8lmCL+2/B4VBhNiKeaVKTBw==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=23, mss=1232, tbw=4866, tp=13, tpl=0, uplat=125, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 76ms
38ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241112&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

efc918636c959f54a0f162b57d00c8473a2a3a7682480759f7ba2844c620e951

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://sortevirtual.site/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 12853
date: Sat, 16 Nov 2024 17:09:39 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 favicon2.png
sortevirtual.site/images/ 412 KB
413 KB 411ms
411ms Other
image/png 2606:4700:3032::6815:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sortevirtual.site/images/favicon2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:397e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4beab007326b210349e30a05dc28160e8e058f840f8be41b8e3650dd6e11761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://sortevirtual.site/

Response headers

cf-cache-status: MISS
etag: "6554350b-66f24"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kmB19gI%2BYhiS0KynzPX8B4tb4xp%2F3gzJWptku5BAqaQjxoQ0x9DSP%2F6U204Hoo8OPQRT%2Fb1v3z5IzJ2UsczXrQbdbWGGnQKXSX9fdEtdBtb1CfLjCQE3Oe9PM4rr6AVSd7iaF6Dn51zogIisy6y8UA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20401&sent=174&recv=76&lost=0&retrans=0&sent_bytes=183874&recv_bytes=15307&delivery_rate=58147&cwnd=68400&unsent_bytes=0&cid=6127fe42be5a1dbe&ts=1593&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 16 Nov 2024 17:09:40 GMT
content-type: image/png
last-modified: Wed, 15 Nov 2023 03:03:39 GMT
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e39170b3fc69191-FRA
accept-ranges: bytes
content-length: 421668
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 101ms
37ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://sortevirtual.site/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Sat, 16 Nov 2024 17:09:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 17:09:39 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame C8AF 0
0 68ms
22ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sortevirtual.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

accept-ranges: bytes
age: 976
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 16 Nov 2024 16:53:23 GMT
expires: Sat, 16 Nov 2024 17:43:23 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 favicon2.png
sortevirtual.site/images/ 412 KB
0 0ms
0ms Other
image/png 2606:4700:3032::6815:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sortevirtual.site/images/favicon2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:397e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4beab007326b210349e30a05dc28160e8e058f840f8be41b8e3650dd6e11761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://sortevirtual.site/

Response headers

cf-cache-status: MISS
etag: "6554350b-66f24"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kmB19gI%2BYhiS0KynzPX8B4tb4xp%2F3gzJWptku5BAqaQjxoQ0x9DSP%2F6U204Hoo8OPQRT%2Fb1v3z5IzJ2UsczXrQbdbWGGnQKXSX9fdEtdBtb1CfLjCQE3Oe9PM4rr6AVSd7iaF6Dn51zogIisy6y8UA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20401&sent=174&recv=76&lost=0&retrans=0&sent_bytes=183874&recv_bytes=15307&delivery_rate=58147&cwnd=68400&unsent_bytes=0&cid=6127fe42be5a1dbe&ts=1593&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 16 Nov 2024 17:09:40 GMT
content-type: image/png
last-modified: Wed, 15 Nov 2023 03:03:39 GMT
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e39170b3fc69191-FRA
accept-ranges: bytes
content-length: 421668
x-xss-protection: 1; mode=block
server: cloudflare

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

POST
H2 200 / Show response
eu.i.posthog.com/s/ 15 B
246 B 523ms
496ms XHR
application/json 3.76.21.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.i.posthog.com/s/?ip=1&_=1731776982058&ver=1.186.0&compression=gzip-js
Requested by: Host: eu-assets.i.posthog.com
URL: https://eu-assets.i.posthog.com/static/array.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.76.21.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-76-21-131.eu-central-1.compute.amazonaws.com
Software: envoy /
Resource Hash: 0c40bafcfdc8adc6db63a6a5bfdb3dd5201798e6163fc674dc2fcbdb2a4134f1

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type: text/plain
Referer: https://sortevirtual.site/

Response headers

x-envoy-upstream-service-time: 449
access-control-allow-credentials: true
access-control-allow-origin: https://sortevirtual.site
content-length: 15
date: Sat, 16 Nov 2024 17:09:42 GMT
content-type: application/json
vary: origin, access-control-request-method, access-control-request-headers
server: envoy

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241112&jk=3687844189018475&bg=!KyilKGfNAAY7_TBtG_07ADQBe5WfOFCIrf0ikhHw4HcHqw6iEQ8NcKGCZDKncTmhVn1RvC_vbvNO5cgn7ATluwU2NsymAgAAACdSAAAAA2gBB34ANW2lRoVQesBe3f531FeXlwQ5V3doJ3iTwFMB2S7o-LOa2iuBrozoONrMEzrQDaua77ByCjYlmQKxCjgLJtxLmTkkvpIlEXjuVyLY-ozByxZj3TrXYrEJZv8cGBHOOMQ4NiWDTiLnyBcV-OuSXv5BKNOgimjHv1psyUCfd9JW9LdlMlgqNlqspVMrJVoMkjoZTILxcK0NPtrw-VmDdjPQtz3tT9yDU5AHa6uvbiRi8OqP69jcV7KAsPYr41l8hpcnaIff6w10M0sni1yFS0BTeGVTpHDpunJmcyycL20zW6YQZrc952TfKju3a1tgP-tULnKp08iTu94ZBn8L55G1s70AEfNY0disiAHBVobXNxG3QZZzp8wEXvKXF6-MKtnZXOoiWCM8ulZnUO2yZ2d8Cl883wn2j7h8r6qa5lLdVJHNIvKFMgrZotBepD6BUrjuGMTuVLZ-a8JKvV2W-Lt75kVCuZYCalGLhuzRkK53yKsuuWN8Ghj8IN-1zi5ogxeBOI-BUeeAHKGkmMLuAkeKcWcIiyuC4ljpvPZ0OZV7bb-ShhcEJcbeq5L8zxzxnihHWOlljBK42bkUfpxo8ZMsJ-rf3e9nDlWr_PTOQX1InSr98s2_FqoEJKuEpy1ryILc1xFdPIdbnrQykeZi4giLxsXALSKlQ7QknYGrLxAfLBQB39ShBGWKAAkSYkOvF9dBF3bu9WgzOm17OOLOD0XKvN31y25kXlxzghkAK6QCBFlFI9SiEU1mL0tA1Pu4Rg60hv3ZYJsNxHQCRlBgz1nbXf7j5Fe7vq9mtDNVuz18tzUbOk8RqYoECMLlMqNnotD4XBc9VLjdL9mqYa-Cn1kKh1hWopHkIzKRIM8t_TcT5oYIXBXEYAaR8rqVQE5b5_mqYRBwn0BdUiWAvoSYB2jKD9QPCK03n676g9bOQXcAlc3Q5i0kFYjQtcoxpKB9Zqs2_vnW0vKYT9r1YHN_ATbQtEetZpQpquWbPGk

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sortevirtual.site/	1970-01-21 01:03:25	Name: XSRF-TOKEN Value: eyJpdiI6IlpKQ2t5UUdmaS9uVFNTMUlESjg5V3c9PSIsInZhbHVlIjoiU1Z0T25OS3VMeU4zMXpqZ3RSb3ZjN3JMWWRqYWlCdGRzNEp0VCtqdmtyRXg0Z0crQzBFWitGcExpTmZMLzBIQnVGSU9oOFZvTEJFK0FtU3dsd3RlZHpTcGNYcVJMbFJXSno2T1hmYU56d2RtNkpuRkpBeGFCYnR6YitobVRzMTMiLCJtYWMiOiI5YmIwNjgyMjdhYWM4YTA1OWE0Njg2YmM3YjhkZWQwZDQwNWViZGZiZDFkOWM5NmI0YzcxM2Q2YWNlYjY1MWI4IiwidGFnIjoiIn0%3D
sortevirtual.site/	1970-01-21 01:03:25	Name: rifadigital_session Value: eyJpdiI6InE5VDdVWUJRK0lja1RjRFAxSlhiQ0E9PSIsInZhbHVlIjoiV1VOZXVJcGlUTFJoTWw1VHAzWkZtOHhXZGxhYlhGWnRoRjBwUkhLYzV6dFQ2a283WlVQMHZxWTlzMHlUajlGc2psRThDV2FvVW16b28rWWdVSkJIR1JFVWVhckx4Y201bFlSQ08xRlNNZGFmU2ZvVVNjT2VObUZMT3U2OWFtbEoiLCJtYWMiOiIyYjQyMTNmNjA0MmU0MWRjMDBiMWQyODBiN2YxZmQ0Mzc4ODVmN2IwYjdjOGRjZjBlZjkxMmU3YWIwMGY1ZGViIiwidGFnIjoiIn0%3D
.sortevirtual.site/	1970-01-21 03:12:32	Name: _gcl_au Value: 1.1.1184508573.1731776979
.sortevirtual.site/	1970-01-21 09:48:32	Name: ph_phc_vBKqgIUzffRzg1OtSIiw28APh2WKRr0I5NWWDxVgGsc_posthog Value: %7B%22distinct_id%22%3A%22019335f3-a071-7511-a0f1-1b6ad3293c1a%22%2C%22%24sesid%22%3A%5B1731776979172%2C%22019335f3-a070-7067-b0a5-41b037e9775d%22%2C1731776979056%5D%7D
.sortevirtual.site/	1970-01-21 10:38:56	Name: _ga Value: GA1.1.848716099.1731776979
.sortevirtual.site/	1970-01-21 10:38:56	Name: _ga_KHYBPRP9RF Value: GS1.1.1731776979.1.1.1731776979.60.0.0
.sortevirtual.site/	1970-01-21 03:12:32	Name: _fbp Value: fb.1.1731776979427.284889169869088081

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://fbapi.rifa.digital/g/collect?v=2&tid=G-KHYBPRP9RF&gtm=45je4bc0v875720306z8857888618za200zb857888618&_p=1731776978918&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067554~102067808~102077855&cid=848716099.1731776979&ul=de-de&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1731776979&sct=1&seg=1&dl=https%3A%2F%2Fsortevirtual.site%2F&dt=null%20%7C%20Rifa%20Digital&en=PageView&ep.event_id=1731776979094.917104.1&_et=1&tfd=827 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.rd.app
cdnjs.cloudflare.com
connect.facebook.net
ep1.adtrafficquality.google
ep2.adtrafficquality.google
eu-assets.i.posthog.com
eu.i.posthog.com
fbapi.rifa.digital
fonts.googleapis.com
pagead2.googlesyndication.com
region1.analytics.google.com
rsms.me
sortevirtual.site
stats.g.doubleclick.net
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
ep1.adtrafficquality.google
2001:4860:4802:34::36
2606:4700:10::6816:3bb5
2606:4700:20::681a:773
2606:4700:20::681a:cb
2606:4700:3032::6815:397e
2606:4700:3035::ac43:c532
2606:4700::6811:190e
2a00:1450:4001:800::2002
2a00:1450:4001:800::200a
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:827::2008
2a00:1450:4001:829::2004
2a00:1450:4001:831::2002
2a00:1450:400c:c0d::9a
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.76.21.131
0c40bafcfdc8adc6db63a6a5bfdb3dd5201798e6163fc674dc2fcbdb2a4134f1
0ff3e94614e1493eb556314fd247ae6c4a85a7783b4cc86be539940cf83f2a48
1c98d60333047d02906ac1723e15fbba3b1962e4827bd7c5246ad973d8f4829c
1d41e304b8252a041c29d0f321192b393e9a5132a078ea4fe485c21af12baf04
1e5e17a9118b254adf7a52451a50f839a4e0b51d0118fcb76c022553e3d7af44
1f2c7f65c0c9edd68df1cd5eca9f9eb174aee3939713ee5342e4394b100daea2
20d10e2eef04dbe75754c6d72c76bbb19b06104ece2b3fded53527ca2073eda0
311f72fb1c4009c73427344476f3d17f744ae49be7f5930cbe2e9e206d791a66
432b7e667063ce9fa3b07c878c13bd75b558a2ce3c5a7da601b7789b0d3978aa
433be56e2fa69f5cb676b38e03777401992fb1fbf2228ffe7bdc449819740323
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
4522082cba4909ad4b9a81e3b657c4c243f2e62f6dd5556d1a7b1a72caff6405
46d01c7807f64a24c1b2853b756ef15f3a2facdf4a9f066eaf5d39c0c9935441
4c7f336d1017bcd79c96a620edfc614086adb5cde09f92356ec004884731691b
60842c151759e4208b79421824eb06f0c9a9acb017a5d7a3c6f56afe70dfc142
774b309d89523ba02fc288cfffc73d78ed78ec9ecf55d3348a9b406e059c6c83
7a1351c8cad88eaa60b9408b981d67b7d69042e7f849388ee2f3b953a3a7133d
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
8a2abdff4a9cb6cb5aee55c768e024c038bc9163f9957a54aaa126bb50babd45
8fa1e3af2fa00664b4c281aa53f63b158f68e3a4d1c1f548d16e15612e003470
942574bd865625ec99201a2a20ce5024e0a7296a931c1fa85adc5c0c2804c14d
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b28d1a88bd3b88cd0e8f433746dc9f4b1c9dd6d368b0e0f88c7eb777104aa5db
b4beab007326b210349e30a05dc28160e8e058f840f8be41b8e3650dd6e11761
c5e8e8eb22e2eaf1ad02370c22c63c04774ab0b83b4329d5945333750814bb2f
cb85b0f263dbe24e857338301c0627076592e9f1f1a5662929f86d2c126444aa
ceb1bed3e9c4b48e00a920fe2c02e2f2682239f48271c10b4c289845a371bd09
dc2ecd840b78df10afa97e80d5e61b31534a8df1193d49173f1a9abda6dca3cd
e3577db7d75aa8af02db92d2fca7ed44fd34b1195f6cf6c71328f95c539eb6a4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e754aff81df3c0c7790796eae1c82f49566cdedbe467d536e4c459fbd6054361
ee3d955f736977f40f23efaa2085a389169f2e6d387a36b2d0d96c2c297d2738
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc918636c959f54a0f162b57d00c8473a2a3a7682480759f7ba2844c620e951
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

sortevirtual.site Open in urlscan Pro 2606:4700:3032::6815:397e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

98 %HTTPS

94 %IPv6

15 Domains

18 Subdomains

19 IPs

3 Countries

5688 kBTransfer

8023 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sortevirtual.site Open in urlscan Pro
2606:4700:3032::6815:397e Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

98 %
HTTPS

94 %
IPv6

15
Domains

18
Subdomains

19
IPs

3
Countries

5688 kB
Transfer

8023 kB
Size

7
Cookies

47 HTTP transactions
0 data transactions