urlscan.io logo urlscan.io
SecurityTrails logo

www.sorteioamigosecretoapp.com Open in urlscan Pro
199.36.158.100  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://sorteioamigosecretoapp.com/resultado/?code=U2FsdGVkX1+1FRi4bZ8C9/SR2PQZvKPIyw9Bh9SZ3AI=
Effective URL: https://www.sorteioamigosecretoapp.com/result?code=U2FsdGVkX1+1FRi4bZ8C9/SR2PQZvKPIyw9Bh9SZ3AI=
Submission: On December 10 via api from CH — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 6 countries across 19 domains to perform 38 HTTP transactions. The main IP is 199.36.158.100, located in United States and belongs to FASTLY, US. The main domain is www.sorteioamigosecretoapp.com.
TLS certificate: Issued by WR3 on October 25th 2024. Valid for: 3 months.
This is the only time www.sorteioamigosecretoapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 8 199.36.158.100 54113 (FASTLY)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
1 104.17.25.14 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.21.48.1 13335 (CLOUDFLAR...)
1 2.19.126.76 20940 (AKAMAI-AS...)
1 2a02:2638:3::c 44788 (ASN-CRITE...)
1 51.89.9.251 16276 (OVH OVH SAS)
2 2620:116:800d... 16509 (AMAZON-02)
1 54.72.95.184 16509 (AMAZON-02)
1 54.220.180.23 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 216.58.206.67 15169 (GOOGLE)
2 2a02:26f0:350... 20940 (AKAMAI-AS...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
1 185.89.210.141 29990 (ASN-APPNEX)
1 15.197.193.217 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.229.232.169 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
2 162.19.138.119 16276 (OVH OVH SAS)
1 141.95.98.65 16276 (OVH OVH SAS)
38 25
8    199.36.158.100 (United States)

ASN54113 (FASTLY, US)
sorteioamigosecretoapp.com
www.sorteioamigosecretoapp.com
4    2606:4700:10::6816:3fe3 (United States)

ASN13335 (CLOUDFLARENET, US)
ads.themoneytizer.com
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    104.21.48.1 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.themoneytizer.fr
1    2.19.126.76 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a2-19-126-76.deploy.static.akamaitechnologies.com
ced.sascdn.com
1    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
gum.criteo.com
1    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH OVH SAS, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
2    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    54.72.95.184 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-95-184.eu-west-1.compute.amazonaws.com
p.cpx.to
1    54.220.180.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-180-23.eu-west-1.compute.amazonaws.com
adtrack.adleadevent.com
2    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    216.58.206.67 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f3.1e100.net
fonts.gstatic.com
2    2a02:26f0:3500:2b::17cf:d259 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
ced-ns.sascdn.com
2    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firebase.googleapis.com
2    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firebaseinstallations.googleapis.com
1    2600:9000:223c:6200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    185.89.210.141 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    54.229.232.169 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-232-169.eu-west-1.compute.amazonaws.com
s.cpx.to
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
1    141.95.98.65 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3216659.ip-141-95-98.eu
lb.eu-1-id5-sync.com
Apex Domain
Subdomains		 Transfer
8 sorteioamigosecretoapp.com
sorteioamigosecretoapp.com
www.sorteioamigosecretoapp.com
12 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
firebase.googleapis.com — Cisco Umbrella Rank: 3887
firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 590
2 KB
4 themoneytizer.com
ads.themoneytizer.com — Cisco Umbrella Rank: 62237
49 KB
3 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1004
id5-sync.com — Cisco Umbrella Rank: 533
30 KB
3 gstatic.com
www.gstatic.com
fonts.gstatic.com
63 KB
3 sascdn.com
ced.sascdn.com — Cisco Umbrella Rank: 14400
ced-ns.sascdn.com — Cisco Umbrella Rank: 3127
26 KB
2 cpx.to
p.cpx.to — Cisco Umbrella Rank: 12366
s.cpx.to — Cisco Umbrella Rank: 11765
6 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1536
pixel.quantserve.com — Cisco Umbrella Rank: 1059
10 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 946
302 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3353
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
97 KB
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 377
432 B
1 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 281
712 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1552
1 KB
1 adleadevent.com
adtrack.adleadevent.com — Cisco Umbrella Rank: 61026
859 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 712
1 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 450
739 B
1 themoneytizer.fr
cdn.themoneytizer.fr — Cisco Umbrella Rank: 75577
1 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
5 KB
38 19
Domain Requested by
7 www.sorteioamigosecretoapp.com 2 redirects www.sorteioamigosecretoapp.com
4 ads.themoneytizer.com www.sorteioamigosecretoapp.com
2 id5-sync.com cdn.id5-sync.com
2 firebaseinstallations.googleapis.com www.gstatic.com
2 firebase.googleapis.com www.gstatic.com
2 ced-ns.sascdn.com ced.sascdn.com
ced-ns.sascdn.com
2 www.gstatic.com www.sorteioamigosecretoapp.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 region1.google-analytics.com www.googletagmanager.com
1 s.cpx.to p.cpx.to
1 www.googletagmanager.com www.gstatic.com
1 cdn.id5-sync.com ced.sascdn.com
1 pixel.quantserve.com www.sorteioamigosecretoapp.com
1 match.adsrvr.org p.cpx.to
1 ib.adnxs.com p.cpx.to
1 rules.quantcount.com secure.quantserve.com
1 fonts.gstatic.com fonts.googleapis.com
1 adtrack.adleadevent.com ads.themoneytizer.com
1 p.cpx.to ads.themoneytizer.com
1 secure.quantserve.com ads.themoneytizer.com
1 onetag-sys.com ads.themoneytizer.com
1 gum.criteo.com ads.themoneytizer.com
1 ced.sascdn.com ads.themoneytizer.com
1 cdn.themoneytizer.fr ads.themoneytizer.com
1 fonts.googleapis.com www.sorteioamigosecretoapp.com
1 cdnjs.cloudflare.com www.sorteioamigosecretoapp.com
1 sorteioamigosecretoapp.com 1 redirects
38 27

This site contains links to these domains. Also see Links.

Domain
dopansearor.com
play.google.com
apps.apple.com
Subject Issuer Validity Valid
qrtreat.com
WR3		 2024-10-25 -
2025-01-23		 3 months crt.sh
ads.themoneytizer.com
WE1		 2024-11-03 -
2025-02-01		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-11-26 -
2025-02-24		 3 months crt.sh
upload.video.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
themoneytizer.fr
WE1		 2024-11-18 -
2025-02-16		 3 months crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-07-16 -
2025-07-16		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-12-03 -
2025-03-03		 3 months crt.sh
*.onetag-sys.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-23 -
2025-01-29		 a year crt.sh
quantserve.com
R11		 2024-10-22 -
2025-01-20		 3 months crt.sh
p.cpx.to
Amazon RSA 2048 M03		 2024-04-24 -
2025-05-23		 a year crt.sh
*.adleadevent.com
Amazon RSA 2048 M02		 2024-05-27 -
2025-06-26		 a year crt.sh
*.gstatic.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2024-04-23 -
2025-05-25		 a year crt.sh
id5-sync.com
WE1		 2024-11-28 -
2025-02-26		 3 months crt.sh
*.google-analytics.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
s.cpx.to
Amazon RSA 2048 M02		 2024-04-24 -
2025-05-23		 a year crt.sh
eu-1-id5-sync.com
R11		 2024-11-11 -
2025-02-09		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.sorteioamigosecretoapp.com/result?code=U2FsdGVkX1+1FRi4bZ8C9/SR2PQZvKPIyw9Bh9SZ3AI=
Frame ID: 6C4A260E31FE0DFB44428B4AB1227739
Requests: 34 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1733871459703
Frame ID: B00C70441B0A1F0E0B572A1DDFAB8EF6
Requests: 1 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/js/assets/topics_frame.html
Frame ID: B814221ECFEA2C538B5BB43A10DA8761
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Result | Draw Secret Santa App

Page URL History Show full URLs

  1. https://sorteioamigosecretoapp.com/resultado/?code=U2FsdGVkX1+1FRi4bZ8C9/SR2PQZvKPIyw9Bh9SZ3AI= HTTP 301
    https://www.sorteioamigosecretoapp.com/resultado/?code=U2FsdGVkX1+1FRi4bZ8C9/SR2PQZvKPIyw9Bh9SZ3AI= HTTP 301
    https://www.sorteioamigosecretoapp.com/result.html?code=U2FsdGVkX1+1FRi4bZ8C9/SR2PQZvKPIyw9Bh9SZ3AI= HTTP 301
    https://www.sorteioamigosecretoapp.com/result?code=U2FsdGVkX1+1FRi4bZ8C9/SR2PQZvKPIyw9Bh9SZ3AI= Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Page Statistics

38
Requests

100 %
HTTPS

48 %
IPv6

19
Domains

27
Subdomains

25
IPs

6
Countries

304 kB
Transfer

1097 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sorteioamigosecretoapp.com/resultado/?code=U2FsdGVkX1+1FRi4bZ8C9/SR2PQZvKPIyw9Bh9SZ3AI= HTTP 301
    https://www.sorteioamigosecretoapp.com/resultado/?code=U2FsdGVkX1+1FRi4bZ8C9/SR2PQZvKPIyw9Bh9SZ3AI= HTTP 301
    https://www.sorteioamigosecretoapp.com/result.html?code=U2FsdGVkX1+1FRi4bZ8C9/SR2PQZvKPIyw9Bh9SZ3AI= HTTP 301
    https://www.sorteioamigosecretoapp.com/result?code=U2FsdGVkX1+1FRi4bZ8C9/SR2PQZvKPIyw9Bh9SZ3AI= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request result
www.sorteioamigosecretoapp.com/
Redirect Chain
  • https://sorteioamigosecretoapp.com/resultado/?code=U2FsdGVkX1+1FRi4bZ8C9/SR2PQZvKPIyw9Bh9SZ3AI=
  • https://www.sorteioamigosecretoapp.com/resultado/?code=U2FsdGVkX1+1FRi4bZ8C9/SR2PQZvKPIyw9Bh9SZ3AI=
  • https://www.sorteioamigosecretoapp.com/result.html?code=U2FsdGVkX1+1FRi4bZ8C9/SR2PQZvKPIyw9Bh9SZ3AI=
  • https://www.sorteioamigosecretoapp.com/result?code=U2FsdGVkX1+1FRi4bZ8C9/SR2PQZvKPIyw9Bh9SZ3AI=
9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sorteioamigosecretoapp.com/result?code=U2FsdGVkX1+1FRi4bZ8C9/SR2PQZvKPIyw9Bh9SZ3AI=
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d325cc9773bc833e86b980d2f1dc289aedee3571f64ca8a8b8c535ee327b1c8e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
public, max-age=60, s-maxage=120
content-encoding
br
content-length
1949
content-type
text/html; charset=utf-8
date
Tue, 10 Dec 2024 22:57:39 GMT
etag
"42814aed30245f38476feb7aabc6c925aff442b28bd6791ff505c22b08832bc9-br"
last-modified
Tue, 26 Nov 2024 23:03:17 GMT
strict-transport-security
max-age=31556926
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-etou8220096-FRA
x-timer
S1733871459.494963,VS0,VE31

Redirect headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
public, max-age=60, s-maxage=120
content-length
72
content-type
text/plain; charset=utf-8
date
Tue, 10 Dec 2024 22:57:39 GMT
location
/result?code=U2FsdGVkX1+1FRi4bZ8C9/SR2PQZvKPIyw9Bh9SZ3AI=
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-etou8220055-FRA
x-timer
S1733871459.441990,VS0,VE22
result.css
www.sorteioamigosecretoapp.com/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sorteioamigosecretoapp.com/result.css
Requested by
Host: www.sorteioamigosecretoapp.com
URL: https://www.sorteioamigosecretoapp.com/result?code=U2FsdGVkX1+1FRi4bZ8C9/SR2PQZvKPIyw9Bh9SZ3AI=
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fef77c467e926c9ad8e3c63581ac65f0a064e581e933b0371f22906b81d3bdd7
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.sorteioamigosecretoapp.com/result?code=U2FsdGVkX1+1FRi4bZ8C9/SR2PQZvKPIyw9Bh9SZ3AI=

Response headers

strict-transport-security
max-age=31556926
cache-control
public, max-age=60, s-maxage=120
content-encoding
br
etag
"b3b5c5163d24d21e5ec3da679dc1a819c1e4c5295ff03e98d84945f4a8b81702-br"
x-timer
S1733871460.559287,VS0,VE1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
content-length
2370
date
Tue, 10 Dec 2024 22:57:39 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 26 Nov 2024 23:03:17 GMT
x-served-by
cache-fra-etou8220096-FRA
x-cache-hits
0
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
gen.js
ads.themoneytizer.com/s/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=1
Requested by
Host: www.sorteioamigosecretoapp.com
URL: https://www.sorteioamigosecretoapp.com/result?code=U2FsdGVkX1+1FRi4bZ8C9/SR2PQZvKPIyw9Bh9SZ3AI=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3fe3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.17
Resource Hash
3dd4f53067dd0f0bd875bcf7acebfb72e908b5329da8f19ab48fbbe4aa10daa5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.sorteioamigosecretoapp.com/

Response headers

server
cloudflare
cache-control
max-age=259200
content-encoding
br
cf-cache-status
HIT
age
64650
cf-ray
8f00d5cedf0b3604-FRA
apigw-requestid
CjyiEiy-DoEEMlg=
date
Tue, 10 Dec 2024 22:57:39 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/8.2.17
vary
Accept-Encoding
last-modified
Tue, 10 Dec 2024 05:00:09 GMT
requestform.js
ads.themoneytizer.com/s/ 		182 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=86327&formatId=1
Requested by
Host: www.sorteioamigosecretoapp.com
URL: https://www.sorteioamigosecretoapp.com/result?code=U2FsdGVkX1+1FRi4bZ8C9/SR2PQZvKPIyw9Bh9SZ3AI=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3fe3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.17
Resource Hash
486af9ea55affad9f0abeed41d25f6ca1394a8f1deca8d7812376855be34bf09

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.sorteioamigosecretoapp.com/

Response headers

server
cloudflare
cache-control
max-age=259200
content-encoding
br
cf-cache-status
HIT
age
62627
cf-ray
8f00d5cedf083604-FRA
apigw-requestid
CjyiNjytDoEEJ8g=
date
Tue, 10 Dec 2024 22:57:39 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/8.2.17
vary
Accept-Encoding
last-modified
Tue, 10 Dec 2024 05:00:11 GMT
giftbox-icon.webp
www.sorteioamigosecretoapp.com/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sorteioamigosecretoapp.com/images/giftbox-icon.webp
Requested by
Host: www.sorteioamigosecretoapp.com
URL: https://www.sorteioamigosecretoapp.com/result?code=U2FsdGVkX1+1FRi4bZ8C9/SR2PQZvKPIyw9Bh9SZ3AI=
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8a4d5b895642f439db1199079e8da57d2a2e04c764c32433ace6a5d48be6a36e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.sorteioamigosecretoapp.com/result?code=U2FsdGVkX1+1FRi4bZ8C9/SR2PQZvKPIyw9Bh9SZ3AI=

Response headers

strict-transport-security
max-age=31556926
cache-control
public, max-age=60, s-maxage=120
etag
"cafdcdc376ff9a8b3b0e0dac1d1463e7daf8f90dbeb94cde602a8c6d06a76b4d"
x-timer
S1733871460.559672,VS0,VE2
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
content-length
2474
date
Tue, 10 Dec 2024 22:57:39 GMT
content-type
image/webp
last-modified
Tue, 26 Nov 2024 23:03:17 GMT
x-served-by
cache-fra-etou8220096-FRA
x-cache-hits
0
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
gen.js
ads.themoneytizer.com/s/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=28
Requested by
Host: www.sorteioamigosecretoapp.com
URL: https://www.sorteioamigosecretoapp.com/result?code=U2FsdGVkX1+1FRi4bZ8C9/SR2PQZvKPIyw9Bh9SZ3AI=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3fe3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.17
Resource Hash
3dd4f53067dd0f0bd875bcf7acebfb72e908b5329da8f19ab48fbbe4aa10daa5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.sorteioamigosecretoapp.com/

Response headers

server
cloudflare
cache-control
max-age=259200
content-encoding
br
cf-cache-status
HIT
age
64649
cf-ray
8f00d5cedf0c3604-FRA
apigw-requestid
CjyiAilljoEEJ0w=
date
Tue, 10 Dec 2024 22:57:39 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/8.2.17
vary
Accept-Encoding
last-modified
Tue, 10 Dec 2024 05:00:10 GMT
requestform.js
ads.themoneytizer.com/s/ 		182 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=86327&formatId=28
Requested by
Host: www.sorteioamigosecretoapp.com
URL: https://www.sorteioamigosecretoapp.com/result?code=U2FsdGVkX1+1FRi4bZ8C9/SR2PQZvKPIyw9Bh9SZ3AI=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3fe3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.17
Resource Hash
df3095716f3aff6a2545822cd6ad6ffdd849b3d71eb9e2ce96e4042dbbeb0ea7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.sorteioamigosecretoapp.com/

Response headers

server
cloudflare
cache-control
max-age=259200
content-encoding
br
cf-cache-status
HIT
age
63273
cf-ray
8f00d5cedf0e3604-FRA
apigw-requestid
CjyiNggxDoEEPJg=
date
Tue, 10 Dec 2024 22:57:39 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/8.2.17
vary
Accept-Encoding
last-modified
Tue, 10 Dec 2024 05:00:10 GMT
aes.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js
Requested by
Host: www.sorteioamigosecretoapp.com
URL: https://www.sorteioamigosecretoapp.com/result?code=U2FsdGVkX1+1FRi4bZ8C9/SR2PQZvKPIyw9Bh9SZ3AI=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.sorteioamigosecretoapp.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03e2d-3430"
age
1026669
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ayRkp90NiUfHcpQlJ3zBR%2FFzKMNQ18iEt0WtRfKETcmXTTGlvg5eJrgSMBvXvm78cjnOmZPwyoomGER5CEOhlhILAc4N7BQlRHyBRf6lDza1Caxh%2FwjDvmsgMjSCXCo05Gm%2BSvL0"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 30 Nov 2025 22:57:39 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 10 Dec 2024 22:57:39 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:09:17 GMT
vary
Accept-Encoding
priority
u=2,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f00d5ce7f13bbfc-ZRH
accept-ranges
bytes
access-control-allow-origin
*
content-length
4256
server
cloudflare
result.js
www.sorteioamigosecretoapp.com/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sorteioamigosecretoapp.com/result.js
Requested by
Host: www.sorteioamigosecretoapp.com
URL: https://www.sorteioamigosecretoapp.com/result?code=U2FsdGVkX1+1FRi4bZ8C9/SR2PQZvKPIyw9Bh9SZ3AI=
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
13a200ffd0b0b9649df1004c0644647fbb321402e3997fa18b8508b2e1960405
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.sorteioamigosecretoapp.com/result?code=U2FsdGVkX1+1FRi4bZ8C9/SR2PQZvKPIyw9Bh9SZ3AI=

Response headers

strict-transport-security
max-age=31556926
cache-control
public, max-age=60, s-maxage=120
content-encoding
br
etag
"b67ac930e5aa6cba94d1a4262230f1cf2268e8b967f826f649470f3675a53783-br"
x-timer
S1733871460.568261,VS0,VE1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
content-length
1133
date
Tue, 10 Dec 2024 22:57:39 GMT
content-type
text/javascript; charset=utf-8
last-modified
Tue, 26 Nov 2024 23:03:17 GMT
x-served-by
cache-fra-etou8220096-FRA
x-cache-hits
0
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
css2
fonts.googleapis.com/ 		6 KB
1017 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Quicksand:wght@300;400;500;600;700&display=swap
Requested by
Host: www.sorteioamigosecretoapp.com
URL: https://www.sorteioamigosecretoapp.com/result.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98098e8753bc9cc6406e308e570530996569228e87d7d9529279f9f46147be87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.sorteioamigosecretoapp.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 10 Dec 2024 22:57:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 22:57:39 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 10 Dec 2024 21:05:48 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
lib_adagio.js
cdn.themoneytizer.fr/ads/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.themoneytizer.fr/ads/lib_adagio.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=86327&formatId=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1a3214e6ad4fe4355c5b99490b2e66ed2331ae65f8d7bdb8a864552c4532dfb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.sorteioamigosecretoapp.com/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"f2ae4810b618b8843df5265f6320f1a4"
x-amz-version-id
qvYhA6q9SmHJElAJ4hWBgTd.Ag0_5M8x
age
1099213
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aUU729w2bEppCW1%2Bc8w6fGSu5mEwc%2BMdUWYXq7Es17fsiX39IwT4f6BDuoVD1spcV93xO4giANjwdhmQUvgkoR1WLoxdJwu2HX8F5I4nsyDwZIuUvedmWTzDiz0WdTAcEJ%2FtnZql1g%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
date
Tue, 10 Dec 2024 22:57:39 GMT
content-type
application/javascript
last-modified
Wed, 05 Jun 2024 18:28:25 GMT
vary
Accept-Encoding
x-amz-id-2
HiSPcSQoqKDfydimaIdlJbOGRFd+PgmySbp3Cd2B+aGagSuF9cL/Ov9/K7qdadfs0z+SdK4OLqY=
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=2678400
x-amz-request-id
0MDG9NKNQ98GQM39
cf-ray
8f00d5cf7fded36c-FRA
server
cloudflare
x-amz-server-side-encryption
AES256
smart.js
ced.sascdn.com/tag/1097/ 		64 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced.sascdn.com/tag/1097/smart.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=86327&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.126.76 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-19-126-76.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3d266df27fb9f13f447eeebcdbb6a5816297f17a219bd2efb3c715eea96556c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.sorteioamigosecretoapp.com/

Response headers

Cache-Control
public, max-age=7200
Content-Encoding
gzip
Connection
keep-alive
Expires
Wed, 11 Dec 2024 00:57:39 GMT
Content-Length
22575
Date
Tue, 10 Dec 2024 22:57:39 GMT
Content-Type
application/javascript; charset=UTF-8
Vary
Accept-Encoding
sync
gum.criteo.com/ 		49 B
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=86327&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.sorteioamigosecretoapp.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
private, max-age=3600
content-encoding
gzip
server-processing-duration-in-ticks
330941
expires
60
date
Tue, 10 Dec 2024 22:57:39 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
Kestrel
/
onetag-sys.com/usync/ Frame B00C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1733871459703
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=86327&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.sorteioamigosecretoapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=86327&formatId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f43c3efc0e4cd7ad886134a73546a826f85848d9a15ab89c47a9dc40a0bbac85

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.sorteioamigosecretoapp.com/

Response headers

cache-control
private, max-age=604800
content-encoding
gzip
etag
"mLYq618hJoRcW1Crupr2OQ=="
expires
Tue, 17 Dec 2024 22:57:39 GMT
accept-ranges
bytes
date
Tue, 10 Dec 2024 22:57:39 GMT
content-type
application/javascript
vary
Accept-Encoding
px.js
p.cpx.to/p/12771/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/12771/px.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=86327&formatId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.95.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-95-184.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
62694d39a96ebcadccda146237754a9d7c930d178425bc5f6131fcae605a5e3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.sorteioamigosecretoapp.com/

Response headers

cache-control
public, max-age=2419200
content-length
6258
date
Tue, 10 Dec 2024 22:57:39 GMT
content-type
application/javascript; charset=UTF-8
mailNotification.php
adtrack.adleadevent.com/ 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adtrack.adleadevent.com/mailNotification.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=86327&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.180.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-180-23.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.sorteioamigosecretoapp.com/

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0, no-cache="set-cookie"
Content-Encoding
gzip
Pragma
no-cache
Connection
keep-alive
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin
*
Content-Length
20
Date
Tue, 10 Dec 2024 22:57:39 GMT
Content-Type
application/x-javascript
Last-Modified
Tue, 10 Dec 2024 22:57:39 GMT
Server
Apache
Vary
Accept-Encoding
firebase-app.js
www.gstatic.com/firebasejs/9.1.2/ 		58 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/9.1.2/firebase-app.js
Requested by
Host: www.sorteioamigosecretoapp.com
URL: https://www.sorteioamigosecretoapp.com/result?code=U2FsdGVkX1+1FRi4bZ8C9/SR2PQZvKPIyw9Bh9SZ3AI=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a47f836b52ab899e2879deb1005a48c20ba2f313464e4f1938e57a172add5dae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.sorteioamigosecretoapp.com
Referer
https://www.sorteioamigosecretoapp.com/

Response headers

content-encoding
gzip
age
78566
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 01:08:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 01:08:13 GMT
last-modified
Thu, 07 Oct 2021 20:24:27 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges
bytes
access-control-allow-origin
*
content-length
12999
x-xss-protection
0
server
sffe
firebase-analytics.js
www.gstatic.com/firebasejs/9.1.2/ 		104 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/9.1.2/firebase-analytics.js
Requested by
Host: www.sorteioamigosecretoapp.com
URL: https://www.sorteioamigosecretoapp.com/result?code=U2FsdGVkX1+1FRi4bZ8C9/SR2PQZvKPIyw9Bh9SZ3AI=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a7361597716d7139c58f54e3c3147ce74debc4736d74c25eeb3519c24a6cd57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.sorteioamigosecretoapp.com
Referer
https://www.sorteioamigosecretoapp.com/

Response headers

content-encoding
gzip
age
375383
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options
nosniff
expires
Sat, 06 Dec 2025 14:41:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 14:41:16 GMT
last-modified
Thu, 07 Oct 2021 20:24:35 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges
bytes
access-control-allow-origin
*
content-length
22766
x-xss-protection
0
server
sffe
6xKtdSZaM9iE8KbpRA_hK1QN.woff2
fonts.gstatic.com/s/quicksand/v31/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v31/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Quicksand:wght@300;400;500;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f3.1e100.net
Software
sffe /
Resource Hash
5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.sorteioamigosecretoapp.com
Referer
https://fonts.googleapis.com/

Response headers

age
43679
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 10:49:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 10:49:40 GMT
last-modified
Wed, 13 Sep 2023 23:22:14 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
28064
x-xss-protection
0
server
sffe
topics.js
ced-ns.sascdn.com/diff/js/modules/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/modules/topics.js
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:2b::17cf:d259 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
af005746e99b6b5e3721759fc55588fddcb000a054990ad799ea309adffa5a04

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.sorteioamigosecretoapp.com/

Response headers

Cache-Control
max-age=86400
Content-Encoding
gzip
ETag
"b5228c416b8e80db61b64afe15dbdd77:1727944397.510969"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3341
Date
Tue, 10 Dec 2024 22:57:39 GMT
Content-Type
application/x-javascript
Last-Modified
Thu, 03 Oct 2024 08:30:16 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:270847626900:web:bcc76fe3eed919b50dae81/ 		327 B
407 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:270847626900:web:bcc76fe3eed919b50dae81/webConfig
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/9.1.2/firebase-analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0e8a10313c505ced1219a8ac81396007ab65c1c3067c52a8a6224448df0f5aa9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-goog-api-key
AIzaSyAamUbDjiBpyf5rwhB1NS_JZreqyci2R4c
Referer
https://www.sorteioamigosecretoapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept
application/json

Response headers

cache-control
private
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
https://www.sorteioamigosecretoapp.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
218
date
Tue, 10 Dec 2024 22:57:39 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
ESF
x-frame-options
SAMEORIGIN
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:270847626900:web:bcc76fe3eed919b50dae81/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:270847626900:web:bcc76fe3eed919b50dae81/webConfig
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-api-key
Access-Control-Request-Method
GET
Origin
https://www.sorteioamigosecretoapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.sorteioamigosecretoapp.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 10 Dec 2024 22:57:39 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/sorteioamigosecretoweb/ 		625 B
672 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/sorteioamigosecretoweb/installations
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/9.1.2/firebase-analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9ae09dbef1c1f00a727c1b05590ae2edd5c51dcd7631c56007d560a365ba8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-goog-api-key
AIzaSyAamUbDjiBpyf5rwhB1NS_JZreqyci2R4c
Referer
https://www.sorteioamigosecretoapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept
application/json
content-type
application/json

Response headers

access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
https://www.sorteioamigosecretoapp.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
489
date
Tue, 10 Dec 2024 22:57:40 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
ESF
x-frame-options
SAMEORIGIN
installations
firebaseinstallations.googleapis.com/v1/projects/sorteioamigosecretoweb/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/sorteioamigosecretoweb/installations
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key
Access-Control-Request-Method
POST
Origin
https://www.sorteioamigosecretoapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.sorteioamigosecretoapp.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 10 Dec 2024 22:57:39 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:6200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.sorteioamigosecretoapp.com/

Response headers

content-encoding
gzip
etag
W/"1f431dc94c1f033d6666f0fe637e2d7b"
age
1475
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
PGZM8REs79rxP9jwvjZ2MudT6ZT6hOPuh3vGlX0Vu9bi5TPkbMiSPQ==
date
Tue, 10 Dec 2024 22:33:05 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 13 Oct 2022 22:35:53 GMT
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
via
1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
getuidj
ib.adnxs.com/ 		11 B
712 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12771/px.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.sorteioamigosecretoapp.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
82.199.134.164; 82.199.134.164; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://www.sorteioamigosecretoapp.com
an-x-request-uuid
6b46e8cb-3dd1-4c0d-874a-5d23e83967cb
content-length
11
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 10 Dec 2024 22:57:39 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
rid
match.adsrvr.org/track/ 		63 B
432 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=0fkciot&fmt=json
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12771/px.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
4d40569cd7b56803ca5edf8513edef8ba1390e421ff7c6112af8210350bdefd6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.sorteioamigosecretoapp.com/

Response headers

cache-control
private
content-encoding
gzip
access-control-allow-credentials
true
expires
Thu, 09 Jan 2025 22:57:40 GMT
access-control-allow-origin
https://www.sorteioamigosecretoapp.com
date
Tue, 10 Dec 2024 22:57:40 GMT
content-type
application/json
vary
Origin, Accept-Encoding
server
Kestrel
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
pixel;r=1618977394;labels=Categories.technologyandcomputing;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fwww.sorteioamigosecretoapp.com%2Fresult%3Fcode%3DU2FsdGVkX1%2B1FRi4bZ8C9%2FSR2PQZvKPIyw9Bh9SZ3AI...
pixel.quantserve.com/ 		43 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1618977394;labels=Categories.technologyandcomputing;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fwww.sorteioamigosecretoapp.com%2Fresult%3Fcode%3DU2FsdGVkX1%2B1FRi4bZ8C9%2FSR2PQZvKPIyw9Bh9SZ3AI%3D;ns=0;ce=1;qjs=1;qv=6cdb9339-20241109062824;ref=;dst=1;et=1733871459956;tzo=-60;ogl=;ses=305ec5e3-8047-4e32-826a-822cf333a35e;d=sorteioamigosecretoapp.com;uht=2;fpan=1;fpa=P0-1357051532-1733871459957;pbc=;gdpr=0;mdl=
Requested by
Host: www.sorteioamigosecretoapp.com
URL: https://www.sorteioamigosecretoapp.com/result?code=U2FsdGVkX1+1FRi4bZ8C9/SR2PQZvKPIyw9Bh9SZ3AI=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
013042932688da7c3b9af64ecfffb3c3e8ef3aaa0881d57c192df167f1b2a9b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.sorteioamigosecretoapp.com/

Response headers

strict-transport-security
max-age=86400
cache-control
private, no-cache, no-store, proxy-revalidate
pragma
no-cache
expires
Fri, 04 Aug 1978 12:00:00 GMT
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
date
Tue, 10 Dec 2024 22:57:39 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[{"label":["K0JYi78fXq1otUId/akXtQ=="],"pcode":["p-6Fv0cGNfc_bw8"]}],"trigger_data":"1"}]}
content-type
image/gif
topics_frame.html
ced-ns.sascdn.com/diff/js/assets/ Frame B814 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/assets/topics_frame.html
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/js/modules/topics.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:2b::17cf:d259 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash

Request headers

Referer
https://www.sorteioamigosecretoapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=86400
Connection
keep-alive
Content-Encoding
gzip
Content-Length
154
Content-Type
text/html
Date
Tue, 10 Dec 2024 22:57:40 GMT
ETag
"f0d2e72b7a1131e32549d3713c834900:1715760824.259072"
Last-Modified
Wed, 15 May 2024 08:11:55 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
id5-api.js
cdn.id5-sync.com/api/1.0/ 		100 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04c7f536471e1a16bb37c13fb4959de30d7e897ba4f6d66335b3c25d26289616
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.sorteioamigosecretoapp.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"4d852428cba0ba1a5108520745060d6e"
age
647
expires
Tue, 10 Dec 2024 23:57:40 GMT
date
Tue, 10 Dec 2024 22:57:40 GMT
content-type
text/javascript;charset=utf-8
last-modified
Wed, 04 Dec 2024 13:37:28 GMT
vary
Accept-Encoding
x-amz-id-2
qcl8qkMr2asDo+u2986p5XIzzxFMk9heSSn+iebFxNJt8iiHRycdo0shbxkz7/qnFwvCO5JGeMkKr5yV/ufLLw==
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=3600
x-amz-request-id
ZKBD3CPQ6P271SX3
cf-ray
8f00d5d15b78bba1-FRA
server
cloudflare
x-amz-server-side-encryption
AES256
js
www.googletagmanager.com/gtag/ 		278 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-5S1M1BNWSV
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/9.1.2/firebase-analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d7fd098078910f12bba7a2b6c6a6a563457083910f656051ecb04088a8fe1532
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.sorteioamigosecretoapp.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 10 Dec 2024 22:57:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 22:57:40 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
98818
x-xss-protection
0
server
Google Tag Manager
fire.js
s.cpx.to/ 		0
192 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=12771&url=https%3A%2F%2Fwww.sorteioamigosecretoapp.com%2Fresult%3Fcode%3DU2FsdGVkX1%2B1FRi4bZ8C9%2FSR2PQZvKPIyw9Bh9SZ3AI%3D&hn_ver=87&fid=b859ac8f-3640-43b1-b063-96c913419cd1
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12771/px.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.232.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-232-169.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.sorteioamigosecretoapp.com/

Response headers

access-control-allow-credentials
true
expires
Tue, 10 Dec 2024 22:57:40 GMT
access-control-allow-origin
https://www.sorteioamigosecretoapp.com
content-length
0
p3p
CP="NOI DEV ADM"
date
Tue, 10 Dec 2024 22:57:40 GMT
vary
Origin
x-discarded
true
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-5S1M1BNWSV&gtm=45je4c90h1v884396326za200&_p=1733871460020&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485&_fid=dJSVQ6XrhRYhbtXOpeDl6J&cid=33064301.1733871460&ul=de-ch&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1733871460&sct=1&seg=0&dl=https%3A%2F%2Fwww.sorteioamigosecretoapp.com%2Fresult%3Fcode%3DU2FsdGVkX1%2B1FRi4bZ8C9%2FSR2PQZvKPIyw9Bh9SZ3AI%3D&dt=Result%20%7C%20Draw%20Secret%20Santa%20App&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.origin=firebase&tfd=2420
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-5S1M1BNWSV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.sorteioamigosecretoapp.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.sorteioamigosecretoapp.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 22:57:40 GMT
content-type
text/plain
server
Golfe2
favicon.ico
www.sorteioamigosecretoapp.com/images/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.sorteioamigosecretoapp.com/images/favicon.ico
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6a485a9e29340e2dba0d14a57f649667460f6ef3f265b7b78109b465b57d3612
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.sorteioamigosecretoapp.com/result?code=U2FsdGVkX1+1FRi4bZ8C9/SR2PQZvKPIyw9Bh9SZ3AI=

Response headers

strict-transport-security
max-age=31556926
cache-control
public, max-age=60, s-maxage=120
content-encoding
br
etag
"5195fb29ef8233b77c6b4dff454a73ca06e0fbc475a84a2e2fbf4f7cea9419ed-br"
x-timer
S1733871460.239362,VS0,VE1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
content-length
1193
date
Tue, 10 Dec 2024 22:57:40 GMT
content-type
image/x-icon
last-modified
Tue, 26 Nov 2024 23:03:17 GMT
x-served-by
cache-fra-etou8220096-FRA
x-cache-hits
0
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
bounce
id5-sync.com/ 		29 B
468 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/bounce
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.sorteioamigosecretoapp.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://www.sorteioamigosecretoapp.com
p3p
CP="CAO PSA OUR"
date
Tue, 10 Dec 2024 22:57:40 GMT
content-type
text/plain;charset=utf-8
vary
Origin
v1
lb.eu-1-id5-sync.com/lb/ 		45 B
302 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
05ef7c7c0e74af51ac70017c15a9e29996b2c98efffe7475ad3eb6fdc44d7e7d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.sorteioamigosecretoapp.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.sorteioamigosecretoapp.com
date
Tue, 10 Dec 2024 22:57:40 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
v3
id5-sync.com/gm/ 		319 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
0cea14b3c7dc9b4562fd37090312dd501f29546753938d74699ed2d82b9193c8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.sorteioamigosecretoapp.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.sorteioamigosecretoapp.com
date
Tue, 10 Dec 2024 22:57:40 GMT
content-type
application/json
vary
Origin
access-control-allow-credentials
true

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| confiantWrap number| themoneytizer_async object| eucountries object| sas function| whenFormatFctDefined function| whenDefined function| tmzrScriptErrorHandler function| tmzrCountExec number| random_cent_ab_test number| tmzr_siteid number| random_cent function| criteoCallback object| generic object| criteo_gum object| smart_csync object| pwidget_config object| iframe object| node object| tagsObject string| website object| headelement object| notifyme object| tmzr object| d object| pbs number| intervalCheckNb number| checkInterval2 object| format_size object| format_size_ix object| format_w_adform object| format_h_adform object| format_size_rubicon object| between_w object| between_h object| counter_refresh object| smart_prebid2 function| refreshVisibility26322 object| mydiv object| creatediv function| isEmpty function| GetMobileDesktop function| GetMobileDesktopId function| GetRichAudienceZone function| GetmnameAdform function| GetwAdform function| GethAdform function| GetsizeTriplelift function| Getsize function| GetsizeRubicon function| Timeout function| refreshSlot function| refreshSlotFooter function| whatToLoad number| nugg_ab number| site_id number| nugg_google string| pubstack_ab object| sublime string| sh object| _qevents object| params number| nugg object| pubstack_publica function| Adcall_26322 function| refreshVisibility30012 function| Adcall_30012 object| CryptoJS object| _0x1347 function| showPage function| showLoaderGift function| setTime function| showCardsSequentially function| startAfterDelay number| time number| time2 function| canAccessTopWindow function| getWindow function| getBatchKeyword boolean| sas_useTopicsAPIData function| SasIabApi object| sas_ads object| sas_unrenderedFormats function| sas_render function| SmartAdServer function| SmartAdServerAjax function| sas_gcf function| sas_appendToContainer function| sas_addCleanListener object| dataLayer function| gtag function| quantserve function| __qc object| ezt object| Utiq number| sas_renderMode object| __id5_finalization_registry object| ID5 object| google_tag_manager object| google_tag_data object| gaGlobal

8 Cookies

Domain/Path Name / Value
.criteo.com/ Name: cto_bundle
Value: 03OMGV9ENVluUEtmU2lwJTJGQUdzN0I4aFVRUVlWUzN5T3RkVXdMWnF0akx0eGE1dEFpMWNGWW9TWkJ3ZXY5cTBxR3ZzR1l0UEhUa2RRTEh2dkZxWnNzbUd4WTZmVDYyOVBpUUtFNWtLUFROdlAlMkJKaVdHOGdUJTJCaENrdGlXYWthJTJCRmRiWlQ4
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
adtrack.adleadevent.com/ Name: AWSELBCORS
Value: 9FC54D150466C174912E5199B1F8E822A79961F4596BFB1311DF4AD552FFCAECC412B5A4F8D63A2A90D1DB19587375008B81DF393E46C0AEB40A8EC769662133B964A72527
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.quantserve.com/ Name: mc
Value: 6758c763-f3ed0-72325-62a39
.sorteioamigosecretoapp.com/ Name: _ga_5S1M1BNWSV
Value: GS1.1.1733871460.1.0.1733871460.0.0.0
.sorteioamigosecretoapp.com/ Name: _ga
Value: GA1.1.33064301.1733871460
.id5-sync.com/ Name: id5
Value: a74a895d-bc71-7351-aa94-dcf5a7d921f1#1733871460680#1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556926

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.themoneytizer.com
adtrack.adleadevent.com
cdn.id5-sync.com
cdn.themoneytizer.fr
cdnjs.cloudflare.com
ced-ns.sascdn.com
ced.sascdn.com
firebase.googleapis.com
firebaseinstallations.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
ib.adnxs.com
id5-sync.com
lb.eu-1-id5-sync.com
match.adsrvr.org
onetag-sys.com
p.cpx.to
pixel.quantserve.com
region1.google-analytics.com
rules.quantcount.com
s.cpx.to
secure.quantserve.com
sorteioamigosecretoapp.com
www.googletagmanager.com
www.gstatic.com
www.sorteioamigosecretoapp.com
104.17.25.14
104.21.48.1
141.95.98.65
15.197.193.217
162.19.138.119
185.89.210.141
199.36.158.100
2.19.126.76
2001:4860:4802:34::36
216.58.206.67
2600:9000:223c:6200:6:44e3:f8c0:93a1
2606:4700:10::6816:3fe3
2606:4700:10::ac43:266a
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:801::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:813::200a
2a00:1450:4001:82f::200a
2a00:1450:4001:831::200a
2a02:2638:3::c
2a02:26f0:3500:2b::17cf:d259
51.89.9.251
54.220.180.23
54.229.232.169
54.72.95.184
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
013042932688da7c3b9af64ecfffb3c3e8ef3aaa0881d57c192df167f1b2a9b9
04c7f536471e1a16bb37c13fb4959de30d7e897ba4f6d66335b3c25d26289616
05ef7c7c0e74af51ac70017c15a9e29996b2c98efffe7475ad3eb6fdc44d7e7d
0cea14b3c7dc9b4562fd37090312dd501f29546753938d74699ed2d82b9193c8
0e8a10313c505ced1219a8ac81396007ab65c1c3067c52a8a6224448df0f5aa9
13a200ffd0b0b9649df1004c0644647fbb321402e3997fa18b8508b2e1960405
1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
3d266df27fb9f13f447eeebcdbb6a5816297f17a219bd2efb3c715eea96556c7
3dd4f53067dd0f0bd875bcf7acebfb72e908b5329da8f19ab48fbbe4aa10daa5
486af9ea55affad9f0abeed41d25f6ca1394a8f1deca8d7812376855be34bf09
4d40569cd7b56803ca5edf8513edef8ba1390e421ff7c6112af8210350bdefd6
5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b
62694d39a96ebcadccda146237754a9d7c930d178425bc5f6131fcae605a5e3d
6a485a9e29340e2dba0d14a57f649667460f6ef3f265b7b78109b465b57d3612
8a4d5b895642f439db1199079e8da57d2a2e04c764c32433ace6a5d48be6a36e
98098e8753bc9cc6406e308e570530996569228e87d7d9529279f9f46147be87
9a7361597716d7139c58f54e3c3147ce74debc4736d74c25eeb3519c24a6cd57
9ae09dbef1c1f00a727c1b05590ae2edd5c51dcd7631c56007d560a365ba8311
a47f836b52ab899e2879deb1005a48c20ba2f313464e4f1938e57a172add5dae
aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5
af005746e99b6b5e3721759fc55588fddcb000a054990ad799ea309adffa5a04
d325cc9773bc833e86b980d2f1dc289aedee3571f64ca8a8b8c535ee327b1c8e
d7fd098078910f12bba7a2b6c6a6a563457083910f656051ecb04088a8fe1532
df3095716f3aff6a2545822cd6ad6ffdd849b3d71eb9e2ce96e4042dbbeb0ea7
e1a3214e6ad4fe4355c5b99490b2e66ed2331ae65f8d7bdb8a864552c4532dfb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f43c3efc0e4cd7ad886134a73546a826f85848d9a15ab89c47a9dc40a0bbac85
fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a
fef77c467e926c9ad8e3c63581ac65f0a064e581e933b0371f22906b81d3bdd7