urlscan.io logo urlscan.io
SecurityTrails logo

bazar.sorteoamigosecreto.com Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://bazar.sorteoamigosecreto.com/
Submission: On December 05 via api from IE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 9 domains to perform 20 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is bazar.sorteoamigosecreto.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 10th 2022. Valid for: a year.
This is the only time bazar.sorteoamigosecreto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

9    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
bazar.sorteoamigosecreto.com
2    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    13.225.78.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-103.fra2.r.cloudfront.net
static.hotjar.com
3    54.165.58.209 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-58-209.compute-1.amazonaws.com
pl-gifts-shop-production.herokuapp.com
3    52.217.195.88 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    2a00:1450:400c:c0b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
9 sorteoamigosecreto.com
bazar.sorteoamigosecreto.com
262 KB
3 amazonaws.com
s3.amazonaws.com
51 KB
3 herokuapp.com
pl-gifts-shop-production.herokuapp.com
3 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 38
20 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 51
1 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
447 B
1 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 701
429 B
1 gstatic.com
fonts.gstatic.com
18 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 65
61 KB
20 9
Domain Requested by
9 bazar.sorteoamigosecreto.com bazar.sorteoamigosecreto.com
3 s3.amazonaws.com
3 pl-gifts-shop-production.herokuapp.com 3 redirects
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.googleapis.com bazar.sorteoamigosecreto.com
1 stats.g.doubleclick.net www.google-analytics.com
1 static.hotjar.com www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com bazar.sorteoamigosecreto.com
20 9

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-10 -
2023-06-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.hotjar.com
Amazon		 2022-10-25 -
2023-11-23		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bazar.sorteoamigosecreto.com/
Frame ID: 02424BB48258F25900C5C137908987D4
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Buenas ideas para regalar

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

20
Requests

85 %
HTTPS

67 %
IPv6

9
Domains

9
Subdomains

8
IPs

3
Countries

415 kB
Transfer

1130 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://pl-gifts-shop-production.herokuapp.com//rails/active_storage/representations/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBdEFFIiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--ce78cf6c90ed878dcf65c5c5ac0bf29edf8ddaec/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaDdCam9MY21WemFYcGxTU0lNTmpVd2VEWTFNQVk2QmtWVSIsImV4cCI6bnVsbCwicHVyIjoidmFyaWF0aW9uIn19--acc1850c2baa1899beeefae1b805f10b49ef4cc1/Gift%20Card%201.jpeg HTTP 302
  • https://s3.amazonaws.com/gift-shop.platan.us/variants/ZEoFUhTvKcCbaKyvJfcfgBqU/2fcaea03b5d3b07975134750b5e93940a0f7c2c655e9059466d41cfa913bdd9e?response-content-disposition=inline%3B%20filename%3D%22Gift%20Card%201.jpeg%22%3B%20filename%2A%3DUTF-8%27%27Gift%2520Card%25201.jpeg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAT76I3S5HTPSBUZOZ%2F20221205%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20221205T223946Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=3c3f17cff4234261978d481c7f356f6d98ebeeda1791b4a14f137bfb974b42fc
Request Chain 16
  • https://pl-gifts-shop-production.herokuapp.com//rails/active_storage/representations/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBdEVFIiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--07d3fc7c839939d0a08a63189b2299aa138ab0e6/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaDdCam9MY21WemFYcGxTU0lNTmpVd2VEWTFNQVk2QmtWVSIsImV4cCI6bnVsbCwicHVyIjoidmFyaWF0aW9uIn19--acc1850c2baa1899beeefae1b805f10b49ef4cc1/GiftCard%202.jpeg HTTP 302
  • https://s3.amazonaws.com/gift-shop.platan.us/variants/z1xcUxF48JMZ6puWCm1h3k2R/2fcaea03b5d3b07975134750b5e93940a0f7c2c655e9059466d41cfa913bdd9e?response-content-disposition=inline%3B%20filename%3D%22GiftCard%202.jpeg%22%3B%20filename%2A%3DUTF-8%27%27GiftCard%25202.jpeg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAT76I3S5HTPSBUZOZ%2F20221205%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20221205T223946Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=b91471951c7c8c6a8f572a0c48d57c3b0f199cacfacee213813624ea389b151f
Request Chain 17
  • https://pl-gifts-shop-production.herokuapp.com//rails/active_storage/representations/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBdElFIiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--ae99678f34c4134cdc2a05d5510a710ad4df104d/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaDdCam9MY21WemFYcGxTU0lNTmpVd2VEWTFNQVk2QmtWVSIsImV4cCI6bnVsbCwicHVyIjoidmFyaWF0aW9uIn19--acc1850c2baa1899beeefae1b805f10b49ef4cc1/GiftCard%203.jpeg HTTP 302
  • https://s3.amazonaws.com/gift-shop.platan.us/variants/k4VTj2FXETucGWWyM4kwRZcY/2fcaea03b5d3b07975134750b5e93940a0f7c2c655e9059466d41cfa913bdd9e?response-content-disposition=inline%3B%20filename%3D%22GiftCard%203.jpeg%22%3B%20filename%2A%3DUTF-8%27%27GiftCard%25203.jpeg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAT76I3S5HTPSBUZOZ%2F20221205%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20221205T223946Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=f3d33e111f16a1d6efe87498f2de42d4e2c596dc8129de4ccc3195dd07b9b122

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bazar.sorteoamigosecreto.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bazar.sorteoamigosecreto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4599bb061ce761f1ad2c555f43701b64003f1e6c59d29e0caccd854f027641dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
77504793df53b734-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 05 Dec 2022 22:39:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PGAfIpxO%2FwzPyfHW7wlWdcF%2Flq4XgwPTFvJDHR2II18NjuZmXvLODooySy%2FNTLwWDJ5iKjkFRdl6vg7QQBv2N7rjjXLEz636qpJ1vi9iAYUON64iPPGPOPDSvOh3FZG9I3iABW7HE2UpPTpL6kekoJyr4AnkVKL8DU14"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
via
1.1 vegur
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
b4b0114f-d5d8-48ae-babe-1f53c87ff368
x-runtime
0.003275
x-xss-protection
1; mode=block
home-2ab60e9226b029b14f21.js
bazar.sorteoamigosecreto.com/packs/js/ 		361 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bazar.sorteoamigosecreto.com/packs/js/home-2ab60e9226b029b14f21.js
Requested by
Host: bazar.sorteoamigosecreto.com
URL: https://bazar.sorteoamigosecreto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c68b1a93e0f966242a2040bd130a00927a08ace89c8b5c54ec194cc20ef15d71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bazar.sorteoamigosecreto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 22:39:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 vegur
cf-cache-status
HIT
last-modified
Wed, 23 Nov 2022 20:58:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6193
vary
Accept-Encoding, Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kVLU2E1zf5TvtAPplynuotBBS7T9wMf0T4IR8UqVOlbWoV7ld0L3YxoK8N7KLP%2FXyamcYvpAppHBfj65ZZ83nG9PFsc2vpOBMP4DuW1y%2BeweXgAMcY2qGIJyNsySMJUyBG%2FF68f52NOuxvYnHzPYpfWzVuAtSyKSGcHQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
content-encoding
br
cache-control
max-age=31536000
cf-ray
77504794bfdeb734-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
home-2909cbcc.css
bazar.sorteoamigosecreto.com/packs/css/ 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bazar.sorteoamigosecreto.com/packs/css/home-2909cbcc.css
Requested by
Host: bazar.sorteoamigosecreto.com
URL: https://bazar.sorteoamigosecreto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
026f2e618cc0c7e61c504170cef633403a79758d9ab64a2dc80c59bb34f24df6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bazar.sorteoamigosecreto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 22:39:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 vegur
cf-cache-status
HIT
last-modified
Wed, 23 Nov 2022 20:58:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6193
vary
Accept-Encoding, Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gYv%2FcF8EPA3xObHhkgVrGuoS7azgJRzZuu6l6MPGOc%2BbZBQ3o2K8BMdEcw5rYCrq%2B6swS4%2B2mbYdMgZsmu0z%2BXvKOeVHwM6EqUF2Hax1rs8eMbahdvW1QXodPWL1LLEWvGAbbPZkRZBXp%2FSCA1zHRiPL08MEMeS0fmvC"}],"group":"cf-nel","max_age":604800}
content-type
text/css
content-encoding
br
cache-control
max-age=31536000
cf-ray
77504794bfdfb734-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
application-53c8e1eaaba54d53dd71759fb0b6884e860179f9391769f9fdc0339f911cb514.css
bazar.sorteoamigosecreto.com/assets/ 		2 KB
807 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bazar.sorteoamigosecreto.com/assets/application-53c8e1eaaba54d53dd71759fb0b6884e860179f9391769f9fdc0339f911cb514.css
Requested by
Host: bazar.sorteoamigosecreto.com
URL: https://bazar.sorteoamigosecreto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53c8e1eaaba54d53dd71759fb0b6884e860179f9391769f9fdc0339f911cb514
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bazar.sorteoamigosecreto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 22:39:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 vegur
cf-cache-status
HIT
last-modified
Fri, 30 Oct 2020 14:26:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6193
vary
Accept-Encoding, Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OYmwoVxJrsK8ZKzrYmOltA4X58uMqJ861D8nsdQpvfIg50AmlY66hRbGTabD58jc6tIVPwW8nmtebbhmEPbFaxXnvfWWfdafB%2BhlYe09dmkRt4xoGeoU35yikK4TWJmUyOEuQDDTaD%2F65Y6ODBfoIcAuUvLDkmYMngx4"}],"group":"cf-nel","max_age":604800}
content-type
text/css
content-encoding
br
cache-control
max-age=31536000
cf-ray
77504794bfe0b734-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
application-ca1fddd6f95fcecaaf3f34e66ac29802b7fefa3b2ebbce2990fea9d0d548d417.js
bazar.sorteoamigosecreto.com/assets/ 		452 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bazar.sorteoamigosecreto.com/assets/application-ca1fddd6f95fcecaaf3f34e66ac29802b7fefa3b2ebbce2990fea9d0d548d417.js
Requested by
Host: bazar.sorteoamigosecreto.com
URL: https://bazar.sorteoamigosecreto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca1fddd6f95fcecaaf3f34e66ac29802b7fefa3b2ebbce2990fea9d0d548d417
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bazar.sorteoamigosecreto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 22:39:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 vegur
cf-cache-status
HIT
last-modified
Tue, 15 Oct 2019 19:20:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6193
vary
Accept-Encoding, Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PGGY4Dx1HnhWrztn2LJnP3JifOBkvhRlw8PL4VSt6Wq6fKvr4DDwldVaoxtJ1DMC%2BVBLbzeErSVtH3MqnXsv%2FODyTxgi3jiLfC53h4M1yXpYguqBJ%2B52BhLqs4S2vTrE0PThnGdjSjI%2B%2B3G8D7NmGMYmSRO8iPYZg59H"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
content-encoding
br
cache-control
max-age=31536000
cf-ray
77504794bfe1b734-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		1 KB
961 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Work+Sans&display=swap
Requested by
Host: bazar.sorteoamigosecreto.com
URL: https://bazar.sorteoamigosecreto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c7c3310a205124877e82ed3921dafefe839e95c9975bc364eff97fbc08964eb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bazar.sorteoamigosecreto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 05 Dec 2022 22:39:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 22:21:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 05 Dec 2022 22:39:45 GMT
gtm.js
www.googletagmanager.com/ 		167 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KQ3F7VR
Requested by
Host: bazar.sorteoamigosecreto.com
URL: https://bazar.sorteoamigosecreto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4dbd3cfe7658da4f3da5f11b76e5586f8507355c681723dbfec561e0ae5e32da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bazar.sorteoamigosecreto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 22:39:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62075
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 05 Dec 2022 22:39:45 GMT
css
fonts.googleapis.com/ 		1 KB
532 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Work+Sans:wght@400;600&display=swap
Requested by
Host: bazar.sorteoamigosecreto.com
URL: https://bazar.sorteoamigosecreto.com/assets/application-53c8e1eaaba54d53dd71759fb0b6884e860179f9391769f9fdc0339f911cb514.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c7c3310a205124877e82ed3921dafefe839e95c9975bc364eff97fbc08964eb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bazar.sorteoamigosecreto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 05 Dec 2022 22:39:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 22:39:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 05 Dec 2022 22:39:45 GMT
store-0ea8ec2eec1d474d3d7fef7080e13e0b.svg
bazar.sorteoamigosecreto.com/packs/media/src/assets/ 		462 B
877 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bazar.sorteoamigosecreto.com/packs/media/src/assets/store-0ea8ec2eec1d474d3d7fef7080e13e0b.svg
Requested by
Host: bazar.sorteoamigosecreto.com
URL: https://bazar.sorteoamigosecreto.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8b286c78686a92a54ce74a519d6bd7e639356ec92062ded16884549d7fa6695
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bazar.sorteoamigosecreto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 22:39:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 vegur
cf-cache-status
HIT
last-modified
Wed, 23 Nov 2022 20:58:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5044
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jlfjpF4h2WlTTY72iXjpzURt2G2Qme%2Bt7bXlQENorarJiJ2srYl7kx6OkPTXL4PhuT27mzBJG%2BovG35%2B6CDILQJdrvQOF04USYjs%2FUkPzKuYDQxrzh6j0mr5JHjen4q2G4q9EeKySvHUyE%2BDZC1Bmmiv01RRtyhQG8Tr"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
content-encoding
br
cache-control
max-age=31536000
cf-ray
775047961cd10e80-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
buenas-ideas-f98f1751415f661b57429da813be076a.svg
bazar.sorteoamigosecreto.com/packs/media/src/assets/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bazar.sorteoamigosecreto.com/packs/media/src/assets/buenas-ideas-f98f1751415f661b57429da813be076a.svg
Requested by
Host: bazar.sorteoamigosecreto.com
URL: https://bazar.sorteoamigosecreto.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6ca1b60bbf30078976e1f9d5e88f63a56b327d280733efb790ca17769ff73e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bazar.sorteoamigosecreto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 22:39:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 vegur
cf-cache-status
HIT
last-modified
Wed, 23 Nov 2022 20:58:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5044
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UI4WcVkZart7zebQjiy87dXp%2BNUaQzicS4jsVq7SiTSRwtqiCUiew72X2foq3dCpIqwydIxwrKxhMfGkV41UHNjstbuJEGn7307tmvHpgOMLdTU7nIFtXefV1GtYBFamEiy7O0zvD7sDqLK5NHY6AaHozceYC8TjQM%2BE"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
content-encoding
br
cache-control
max-age=31536000
cf-ray
775047961cd30e80-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
categories
bazar.sorteoamigosecreto.com/api/v1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bazar.sorteoamigosecreto.com/api/v1/categories?page=1
Requested by
Host: bazar.sorteoamigosecreto.com
URL: https://bazar.sorteoamigosecreto.com/packs/js/home-2ab60e9226b029b14f21.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97cc75c8442445981bd3b601b1050c8a9f2366004968a82f7e22ea5fe472e076
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://bazar.sorteoamigosecreto.com/
X-CSRF-Token
IPDgF/I9xLun8gIFv2gpmU6GXhcnPfo84UWFq48RVSReKQh+wUNNCtxzowyJJtcrOFGkx1Wq9kmzyYL1Tj+A/A==
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 22:39:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 vegur
x-permitted-cross-domain-policies
none
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
1c8e0202-a18c-4d6e-a217-de9a44eab168
x-runtime
0.058266
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"97cc75c8442445981bd3b601b1050c8a"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/json; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=77qewuUJ7afQbCPISevjmySbhyDtpsOnbOO8oYKZjwk1MLhkRorpYy3wU5mbQXN0NOqTv%2Fe5rNpUfjBQAAk1BRx2UqXW%2BNA%2B72emiH8rbt9xneBuBrX63Jy6pZ5zZEs9eeA5l7ZiF%2FaapWXTbl10ZossgSuRg8x26DC1"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, private, must-revalidate
cf-ray
775047962cd40e80-AMS
QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jpg.woff2
fonts.gstatic.com/s/worksans/v18/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v18/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jpg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:wght@400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c46b18a1ccba221be436881e1649ef1bfd1e656184fcd535e84bc77c77e8e5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bazar.sorteoamigosecreto.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 20:11:04 GMT
x-content-type-options
nosniff
age
527321
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17912
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 17:55:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Nov 2023 20:11:04 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQ3F7VR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bazar.sorteoamigosecreto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 05 Dec 2022 21:24:40 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
4505
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Mon, 05 Dec 2022 23:24:40 GMT
hotjar-2055740.js
static.hotjar.com/c/ 		0
429 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2055740.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQ3F7VR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-103.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bazar.sorteoamigosecreto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
date
Mon, 05 Dec 2022 22:39:45 GMT
x-content-type-options
nosniff
via
1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
etag
W/d41d8cd98f00b204e9800998ecf8427e
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
content-length
0
x-amz-cf-id
S4rjAtbY10jpym5QxomH3Cgwe-LTj7wfC_XoBPKrAUFnZ2YYHCbgIQ==
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1364575817&t=pageview&_s=1&dl=https%3A%2F%2Fbazar.sorteoamigosecreto.com%2F&ul=en-us&de=UTF-8&dt=Buenas%20ideas%20para%20regalar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=2026397626&gjid=1406029556&cid=229221070.1670279986&tid=UA-26580157-9&_gid=2019219948.1670279986&_r=1&gtm=2wgbu0KQ3F7VR&z=1729856109
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bazar.sorteoamigosecreto.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 22:39:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bazar.sorteoamigosecreto.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
2fcaea03b5d3b07975134750b5e93940a0f7c2c655e9059466d41cfa913bdd9e
s3.amazonaws.com/gift-shop.platan.us/variants/ZEoFUhTvKcCbaKyvJfcfgBqU/
Redirect Chain
  • https://pl-gifts-shop-production.herokuapp.com//rails/active_storage/representations/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBdEFFIiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--ce78cf6c90ed878dcf65c5c5ac0bf2...
  • https://s3.amazonaws.com/gift-shop.platan.us/variants/ZEoFUhTvKcCbaKyvJfcfgBqU/2fcaea03b5d3b07975134750b5e93940a0f7c2c655e9059466d41cfa913bdd9e?response-content-disposition=inline%3B%20filename%3D%...
20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/gift-shop.platan.us/variants/ZEoFUhTvKcCbaKyvJfcfgBqU/2fcaea03b5d3b07975134750b5e93940a0f7c2c655e9059466d41cfa913bdd9e?response-content-disposition=inline%3B%20filename%3D%22Gift%20Card%201.jpeg%22%3B%20filename%2A%3DUTF-8%27%27Gift%2520Card%25201.jpeg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAT76I3S5HTPSBUZOZ%2F20221205%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20221205T223946Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=3c3f17cff4234261978d481c7f356f6d98ebeeda1791b4a14f137bfb974b42fc
Protocol
HTTP/1.1
Server
52.217.195.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
f1a299ac36cb7ff27801732720abc4790a357994994d0974aefb570fa1ca287b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bazar.sorteoamigosecreto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Mon, 05 Dec 2022 22:39:47 GMT
Last-Modified
Tue, 22 Nov 2022 12:26:40 GMT
Server
AmazonS3
x-amz-request-id
FFF6MTCFGEV2SVYN
ETag
"5517385dc3a2868349fe26d25955a6c7"
Content-Type
image/jpeg
Content-Disposition
inline; filename="Gift Card 1.jpeg"; filename*=UTF-8''Gift%20Card%201.jpeg
Accept-Ranges
bytes
Content-Length
20489
x-amz-id-2
XBLwQDHL9EFG+9mU2a68kfkospTSiG53Dfg8aQ4wPCXdVZGraBmRTQe+AYBaHHXXpALQ/I8Qaig=

Redirect headers

Date
Mon, 05 Dec 2022 22:39:46 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Via
1.1 vegur
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-Id
1e2b9f46-a13c-4046-8416-daa25e5292a7
X-Runtime
0.034931
Referrer-Policy
strict-origin-when-cross-origin
Server
Cowboy
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Origin
Content-Type
text/html; charset=utf-8
Location
https://s3.amazonaws.com/gift-shop.platan.us/variants/ZEoFUhTvKcCbaKyvJfcfgBqU/2fcaea03b5d3b07975134750b5e93940a0f7c2c655e9059466d41cfa913bdd9e?response-content-disposition=inline%3B%20filename%3D%22Gift%20Card%201.jpeg%22%3B%20filename%2A%3DUTF-8%27%27Gift%2520Card%25201.jpeg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAT76I3S5HTPSBUZOZ%2F20221205%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20221205T223946Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=3c3f17cff4234261978d481c7f356f6d98ebeeda1791b4a14f137bfb974b42fc
Cache-Control
max-age=300, private
save-2f622ce40c7c59e35dab825d71cdf728.svg
bazar.sorteoamigosecreto.com/packs/media/src/assets/ 		735 B
929 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bazar.sorteoamigosecreto.com/packs/media/src/assets/save-2f622ce40c7c59e35dab825d71cdf728.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c11e393f1be040b0fd4a28da70b3f32914158498a838bacca857d5e4ee5cb39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bazar.sorteoamigosecreto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 22:39:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 vegur
cf-cache-status
HIT
last-modified
Wed, 23 Nov 2022 20:58:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5045
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0dZ7TyajnUdYrOfJAaiEk7NcMjiT40bLJKWImKCZC%2BAzatoo%2BVEObclJR0KlAIDpR%2B%2BhW2qtL0paA%2BqPvG6s5fP7DmqD8qC06%2BIx91iKzVaSBSmeGpo%2F7yj0nitgb8gtMSsWtEFHM%2BQZzW9qne30ID6gMnydE4U0iqJx"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
content-encoding
br
cache-control
max-age=31536000
cf-ray
77504799389e0e80-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
2fcaea03b5d3b07975134750b5e93940a0f7c2c655e9059466d41cfa913bdd9e
s3.amazonaws.com/gift-shop.platan.us/variants/z1xcUxF48JMZ6puWCm1h3k2R/
Redirect Chain
  • https://pl-gifts-shop-production.herokuapp.com//rails/active_storage/representations/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBdEVFIiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--07d3fc7c839939d0a08a63189b2299...
  • https://s3.amazonaws.com/gift-shop.platan.us/variants/z1xcUxF48JMZ6puWCm1h3k2R/2fcaea03b5d3b07975134750b5e93940a0f7c2c655e9059466d41cfa913bdd9e?response-content-disposition=inline%3B%20filename%3D%...
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/gift-shop.platan.us/variants/z1xcUxF48JMZ6puWCm1h3k2R/2fcaea03b5d3b07975134750b5e93940a0f7c2c655e9059466d41cfa913bdd9e?response-content-disposition=inline%3B%20filename%3D%22GiftCard%202.jpeg%22%3B%20filename%2A%3DUTF-8%27%27GiftCard%25202.jpeg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAT76I3S5HTPSBUZOZ%2F20221205%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20221205T223946Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=b91471951c7c8c6a8f572a0c48d57c3b0f199cacfacee213813624ea389b151f
Protocol
HTTP/1.1
Server
52.217.195.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b55086a240390041a6eb724ae39cc11d5f522dc60d67583e6bd9f00cc0aa9c38

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bazar.sorteoamigosecreto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Mon, 05 Dec 2022 22:39:47 GMT
Last-Modified
Tue, 22 Nov 2022 12:29:04 GMT
Server
AmazonS3
x-amz-request-id
FFF1CJT4NT9976BX
ETag
"6f2aba07fd7def779dfddce2c07ed4fb"
Content-Type
image/jpeg
Content-Disposition
inline; filename="GiftCard 2.jpeg"; filename*=UTF-8''GiftCard%202.jpeg
Accept-Ranges
bytes
Content-Length
15270
x-amz-id-2
jN07M4RTajfcTbR1AW2WfrHrh2qXWajRu5+01Jdbh21dLuwwaYA65mHOMkuqz9eXTZfV86VSgE0=

Redirect headers

Date
Mon, 05 Dec 2022 22:39:46 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Via
1.1 vegur
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-Id
3e277680-0345-498f-9eba-0d1120e2a182
X-Runtime
0.016083
Referrer-Policy
strict-origin-when-cross-origin
Server
Cowboy
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Origin
Content-Type
text/html; charset=utf-8
Location
https://s3.amazonaws.com/gift-shop.platan.us/variants/z1xcUxF48JMZ6puWCm1h3k2R/2fcaea03b5d3b07975134750b5e93940a0f7c2c655e9059466d41cfa913bdd9e?response-content-disposition=inline%3B%20filename%3D%22GiftCard%202.jpeg%22%3B%20filename%2A%3DUTF-8%27%27GiftCard%25202.jpeg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAT76I3S5HTPSBUZOZ%2F20221205%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20221205T223946Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=b91471951c7c8c6a8f572a0c48d57c3b0f199cacfacee213813624ea389b151f
Cache-Control
max-age=300, private
2fcaea03b5d3b07975134750b5e93940a0f7c2c655e9059466d41cfa913bdd9e
s3.amazonaws.com/gift-shop.platan.us/variants/k4VTj2FXETucGWWyM4kwRZcY/
Redirect Chain
  • https://pl-gifts-shop-production.herokuapp.com//rails/active_storage/representations/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBdElFIiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--ae99678f34c4134cdc2a05d5510a71...
  • https://s3.amazonaws.com/gift-shop.platan.us/variants/k4VTj2FXETucGWWyM4kwRZcY/2fcaea03b5d3b07975134750b5e93940a0f7c2c655e9059466d41cfa913bdd9e?response-content-disposition=inline%3B%20filename%3D%...
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/gift-shop.platan.us/variants/k4VTj2FXETucGWWyM4kwRZcY/2fcaea03b5d3b07975134750b5e93940a0f7c2c655e9059466d41cfa913bdd9e?response-content-disposition=inline%3B%20filename%3D%22GiftCard%203.jpeg%22%3B%20filename%2A%3DUTF-8%27%27GiftCard%25203.jpeg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAT76I3S5HTPSBUZOZ%2F20221205%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20221205T223946Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=f3d33e111f16a1d6efe87498f2de42d4e2c596dc8129de4ccc3195dd07b9b122
Protocol
HTTP/1.1
Server
52.217.195.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
f3097ef1568d30925cf748cbac226659fc5570c80a8620d14015376ce9f8d44a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bazar.sorteoamigosecreto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Mon, 05 Dec 2022 22:39:47 GMT
Last-Modified
Tue, 22 Nov 2022 12:35:10 GMT
Server
AmazonS3
x-amz-request-id
FFFEC7T4VG76ZDGW
ETag
"400c79e27320d889a2dcd89a37cd6e65"
Content-Type
image/jpeg
Content-Disposition
inline; filename="GiftCard 3.jpeg"; filename*=UTF-8''GiftCard%203.jpeg
Accept-Ranges
bytes
Content-Length
15412
x-amz-id-2
c4yJRHqqmb7pXOuuDnMQbrJwo5On2T0UcDoYpyzTPrqtyWgKC4jmdo3enKM2a2he0zX/IzwbaFs=

Redirect headers

Date
Mon, 05 Dec 2022 22:39:46 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Via
1.1 vegur
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-Id
8970ae27-bb9b-43f1-b0e9-63d905270c66
X-Runtime
0.017349
Referrer-Policy
strict-origin-when-cross-origin
Server
Cowboy
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Origin
Content-Type
text/html; charset=utf-8
Location
https://s3.amazonaws.com/gift-shop.platan.us/variants/k4VTj2FXETucGWWyM4kwRZcY/2fcaea03b5d3b07975134750b5e93940a0f7c2c655e9059466d41cfa913bdd9e?response-content-disposition=inline%3B%20filename%3D%22GiftCard%203.jpeg%22%3B%20filename%2A%3DUTF-8%27%27GiftCard%25203.jpeg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAT76I3S5HTPSBUZOZ%2F20221205%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20221205T223946Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=f3d33e111f16a1d6efe87498f2de42d4e2c596dc8129de4ccc3195dd07b9b122
Cache-Control
max-age=300, private
collect
stats.g.doubleclick.net/j/ 		1 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-26580157-9&cid=229221070.1670279986&jid=2026397626&gjid=1406029556&_gid=2019219948.1670279986&_u=YEBAAEAAAAAAACAAI~&z=1232338884
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bazar.sorteoamigosecreto.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 05 Dec 2022 22:39:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bazar.sorteoamigosecreto.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| dataLayer function| setImmediate function| clearImmediate function| _ function| DateFormatter function| initializer object| Rails boolean| _rails_loaded object| ActiveStorage function| $ function| jQuery object| ActiveAdmin object| ActionCable object| App object| ActiveadminAddons object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
.sorteoamigosecreto.com/ Name: _ga
Value: GA1.2.229221070.1670279986
.sorteoamigosecreto.com/ Name: _gid
Value: GA1.2.2019219948.1670279986
.sorteoamigosecreto.com/ Name: _gat_UA-26580157-9
Value: 1
bazar.sorteoamigosecreto.com/ Name: _gifts_shop_session
Value: rozGmrHfVrNm9aMuUJRLiZPSf8QPOD6PxlseMegT%2FYON%2Bvs38RBW%2FYeKgeDJsjrVlXr5931%2BbCN6s77BfbPJNOuR%2BUjPbMfSkXHAMrMJHM%2F1voyUml2ZD12oamUK3SaJfezSdPhfvx%2B30KcTu%2FvTUyJDUAwdPQ33rhd4yrdXzvQmGXDXUvleWQ%3D%3D--csAb0F6xMpIzdVXF--AmMbSPcz%2FXZnj40Vyo%2FeLQ%3D%3D

3 Console Messages

Source Level URL
Text
security warning URL: https://bazar.sorteoamigosecreto.com/#/
Message:
Mixed Content: The page at 'https://bazar.sorteoamigosecreto.com/#/' was loaded over HTTPS, but requested an insecure element 'http://pl-gifts-shop-production.herokuapp.com//rails/active_storage/representations/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBdEFFIiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--ce78cf6c90ed878dcf65c5c5ac0bf29edf8ddaec/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaDdCam9MY21WemFYcGxTU0lNTmpVd2VEWTFNQVk2QmtWVSIsImV4cCI6bnVsbCwicHVyIjoidmFyaWF0aW9uIn19--acc1850c2baa1899beeefae1b805f10b49ef4cc1/Gift%20Card%201.jpeg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://bazar.sorteoamigosecreto.com/#/
Message:
Mixed Content: The page at 'https://bazar.sorteoamigosecreto.com/#/' was loaded over HTTPS, but requested an insecure element 'http://pl-gifts-shop-production.herokuapp.com//rails/active_storage/representations/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBdEVFIiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--07d3fc7c839939d0a08a63189b2299aa138ab0e6/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaDdCam9MY21WemFYcGxTU0lNTmpVd2VEWTFNQVk2QmtWVSIsImV4cCI6bnVsbCwicHVyIjoidmFyaWF0aW9uIn19--acc1850c2baa1899beeefae1b805f10b49ef4cc1/GiftCard%202.jpeg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://bazar.sorteoamigosecreto.com/#/
Message:
Mixed Content: The page at 'https://bazar.sorteoamigosecreto.com/#/' was loaded over HTTPS, but requested an insecure element 'http://pl-gifts-shop-production.herokuapp.com//rails/active_storage/representations/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBdElFIiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--ae99678f34c4134cdc2a05d5510a710ad4df104d/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaDdCam9MY21WemFYcGxTU0lNTmpVd2VEWTFNQVk2QmtWVSIsImV4cCI6bnVsbCwicHVyIjoidmFyaWF0aW9uIn19--acc1850c2baa1899beeefae1b805f10b49ef4cc1/GiftCard%203.jpeg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bazar.sorteoamigosecreto.com
fonts.googleapis.com
fonts.gstatic.com
pl-gifts-shop-production.herokuapp.com
s3.amazonaws.com
static.hotjar.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
13.225.78.103
2a00:1450:4001:80e::200a
2a00:1450:4001:811::200e
2a00:1450:4001:829::2008
2a00:1450:4001:82f::2003
2a00:1450:400c:c0b::9b
2a06:98c1:3121::3
52.217.195.88
54.165.58.209
026f2e618cc0c7e61c504170cef633403a79758d9ab64a2dc80c59bb34f24df6
3c46b18a1ccba221be436881e1649ef1bfd1e656184fcd535e84bc77c77e8e5d
4599bb061ce761f1ad2c555f43701b64003f1e6c59d29e0caccd854f027641dd
4dbd3cfe7658da4f3da5f11b76e5586f8507355c681723dbfec561e0ae5e32da
53c8e1eaaba54d53dd71759fb0b6884e860179f9391769f9fdc0339f911cb514
5c11e393f1be040b0fd4a28da70b3f32914158498a838bacca857d5e4ee5cb39
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
97cc75c8442445981bd3b601b1050c8a9f2366004968a82f7e22ea5fe472e076
a6ca1b60bbf30078976e1f9d5e88f63a56b327d280733efb790ca17769ff73e5
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b55086a240390041a6eb724ae39cc11d5f522dc60d67583e6bd9f00cc0aa9c38
c68b1a93e0f966242a2040bd130a00927a08ace89c8b5c54ec194cc20ef15d71
c7c3310a205124877e82ed3921dafefe839e95c9975bc364eff97fbc08964eb9
c8b286c78686a92a54ce74a519d6bd7e639356ec92062ded16884549d7fa6695
ca1fddd6f95fcecaaf3f34e66ac29802b7fefa3b2ebbce2990fea9d0d548d417
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1a299ac36cb7ff27801732720abc4790a357994994d0974aefb570fa1ca287b
f3097ef1568d30925cf748cbac226659fc5570c80a8620d14015376ce9f8d44a