urlscan.io logo urlscan.io
SecurityTrails logo

sorteador.com.br Open in urlscan Pro
104.21.32.77  Public Scan

Go To Rescan Add Verdict Report
URL: https://sorteador.com.br/sorteio-no-facebook
Submission Tags: @phishunt_io
Submission: On September 20 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 39 IPs in 8 countries across 26 domains to perform 159 HTTP transactions. The main IP is 104.21.32.77, located in and belongs to CLOUDFLARENET, US. The main domain is sorteador.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 12th 2021. Valid for: a year.
This is the only time sorteador.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
22 104.21.32.77 13335 (CLOUDFLAR...)
3 13.225.84.180 16509 (AMAZON-02)
1 142.250.186.104 15169 (GOOGLE)
7 142.250.186.170 15169 (GOOGLE)
2 142.250.185.142 15169 (GOOGLE)
2 104.22.76.91 13335 (CLOUDFLAR...)
5 142.250.185.226 15169 (GOOGLE)
1 13.225.78.14 16509 (AMAZON-02)
3 13.224.193.38 16509 (AMAZON-02)
5 104.22.4.165 13335 (CLOUDFLAR...)
1 142.251.5.155 15169 (GOOGLE)
1 13.224.193.73 16509 (AMAZON-02)
3 142.250.184.196 15169 (GOOGLE)
1 52.49.237.17 16509 (AMAZON-02)
1 143.204.98.13 16509 (AMAZON-02)
25 172.67.38.66 13335 (CLOUDFLAR...)
17 142.250.186.66 15169 (GOOGLE)
1 18.156.195.47 16509 (AMAZON-02)
1 4 185.33.221.13 29990 (ASN-APPNEX)
1 185.184.10.30 203690 (RTB-HOUSE...)
5 142.250.186.130 15169 (GOOGLE)
4 172.67.168.230 13335 (CLOUDFLAR...)
3 142.250.74.195 15169 (GOOGLE)
2 142.250.185.98 15169 (GOOGLE)
3 142.250.185.194 15169 (GOOGLE)
4 104.21.27.44 13335 (CLOUDFLAR...)
1 148.69.64.76 12353 (VODAFONE-...)
2 142.250.185.97 15169 (GOOGLE)
1 148.69.64.74 12353 (VODAFONE-...)
1 1 217.147.127.42 201071 (VISL-IE)
1 13.225.78.28 16509 (AMAZON-02)
11 142.250.181.225 15169 (GOOGLE)
6 7 142.250.74.194 15169 (GOOGLE)
2 4 2.18.234.21 16625 (AKAMAI-AS)
6 172.217.18.102 15169 (GOOGLE)
2 142.250.181.226 15169 (GOOGLE)
3 172.217.16.131 15169 (GOOGLE)
2 104.22.24.131 13335 (CLOUDFLAR...)
1 151.101.193.229 54113 (FASTLY)
159 39
22    104.21.32.77 (None, )

ASN13335 (CLOUDFLARENET, US)
sorteador.com.br
3    13.225.84.180 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-180.fra2.r.cloudfront.net
d33wubrfki0l68.cloudfront.net
1    142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net
www.googletagmanager.com
7    142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net
fonts.googleapis.com
2    142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net
www.google-analytics.com
2    104.22.76.91 (None, )

ASN13335 (CLOUDFLARENET, US)
scripts.cleverwebserver.com
ui.cleverwebserver.com
5    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
1    13.225.78.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-14.fra2.r.cloudfront.net
static.hotjar.com
3    13.224.193.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-38.fra2.r.cloudfront.net
script.hotjar.com
5    104.22.4.165 (None, )

ASN13335 (CLOUDFLARENET, US)
tags.denakop.com
v3.denakop.com
1    142.251.5.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f155.1e100.net
stats.g.doubleclick.net
1    13.224.193.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-73.fra2.r.cloudfront.net
vars.hotjar.com
3    142.250.184.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net
www.google.com
1    52.49.237.17 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-237-17.eu-west-1.compute.amazonaws.com
in.hotjar.com
1    143.204.98.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-13.fra50.r.cloudfront.net
vc.hotjar.io
25    172.67.38.66 (United States)

ASN13335 (CLOUDFLARENET, US)
embed.tawk.to
va.tawk.to
vsb117.tawk.to
17    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
pagead2.googlesyndication.com
1    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
4    185.33.221.13 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
prebid-us.creativecdn.com
5    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
googleads.g.doubleclick.net
4    172.67.168.230 (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.getsitekit.com
3    142.250.74.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f3.1e100.net
fonts.gstatic.com
2    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
adservice.google.com
3    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
www.googletagservices.com
4    104.21.27.44 (None, )

ASN13335 (CLOUDFLARENET, US)
api.getsitekit.com
1    148.69.64.76 (Lisbon, Portugal)

ASN12353 (VODAFONE-PT Vodafone Portugal, PT)
PTR: are.clevernt.com
sender.clevernt.com
2    142.250.185.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f1.1e100.net
be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com
1    148.69.64.74 (Lisbon, Portugal)

ASN12353 (VODAFONE-PT Vodafone Portugal, PT)
PTR: bus.clevernt.com
bus.clevernt.com
1    217.147.127.42 (Gibraltar)

ASN201071 (VISL-IE, GI)
PTR: www.aff-handler.com
mmwebhandler.aff-online.com
1    13.225.78.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-28.fra2.r.cloudfront.net
www.888casino.com
11    142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net
tpc.googlesyndication.com
7    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
cm.g.doubleclick.net
4    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
6    172.217.18.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f6.1e100.net
s0.2mdn.net
2    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
googleads4.g.doubleclick.net
3    172.217.16.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f3.1e100.net
www.gstatic.com
2    104.22.24.131 (None, )

ASN13335 (CLOUDFLARENET, US)
va.tawk.to
vsb117.tawk.to
1    151.101.193.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
Apex Domain
Subdomains		 Transfer
30 googlesyndication.com
pagead2.googlesyndication.com
be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com
tpc.googlesyndication.com
325 KB
27 tawk.to
embed.tawk.to
va.tawk.to
vsb117.tawk.to
201 KB
22 sorteador.com.br
sorteador.com.br
329 KB
19 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
228 KB
8 getsitekit.com
sdk.getsitekit.com
api.getsitekit.com
155 KB
7 googleapis.com
fonts.googleapis.com
4 KB
6 2mdn.net
s0.2mdn.net
744 KB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
79 KB
6 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
in.hotjar.com
94 KB
5 google.com
www.google.com
adservice.google.com
2 KB
5 denakop.com
tags.denakop.com
v3.denakop.com
84 KB
4 casalemedia.com
dsum-sec.casalemedia.com
4 KB
4 adnxs.com
ib.adnxs.com
4 KB
3 googletagservices.com
www.googletagservices.com
105 KB
3 cloudfront.net
d33wubrfki0l68.cloudfront.net
218 KB
2 clevernt.com
sender.clevernt.com
bus.clevernt.com
1 KB
2 cleverwebserver.com
scripts.cleverwebserver.com
ui.cleverwebserver.com
52 KB
2 google-analytics.com
www.google-analytics.com
20 KB
1 jsdelivr.net
cdn.jsdelivr.net
53 KB
1 888casino.com
www.888casino.com
1 KB
1 aff-online.com
mmwebhandler.aff-online.com
364 B
1 googleadservices.com
partner.googleadservices.com
441 B
1 creativecdn.com
prebid-us.creativecdn.com
178 B
1 yahoo.com
c2shb.ssp.yahoo.com
476 B
1 hotjar.io
vc.hotjar.io
258 B
1 googletagmanager.com
www.googletagmanager.com
41 KB
159 26
Domain Requested by
22 sorteador.com.br sorteador.com.br
21 embed.tawk.to sorteador.com.br
embed.tawk.to
17 pagead2.googlesyndication.com www.googletagmanager.com
pagead2.googlesyndication.com
sorteador.com.br
securepubads.g.doubleclick.net
be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
11 tpc.googlesyndication.com be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
7 cm.g.doubleclick.net 6 redirects googleads.g.doubleclick.net
7 fonts.googleapis.com d33wubrfki0l68.cloudfront.net
s0.2mdn.net
googleads.g.doubleclick.net
embed.tawk.to
6 s0.2mdn.net sorteador.com.br
s0.2mdn.net
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com
sorteador.com.br
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 api.getsitekit.com sdk.getsitekit.com
4 sdk.getsitekit.com sorteador.com.br
sdk.getsitekit.com
4 ib.adnxs.com 1 redirects tags.denakop.com
googleads.g.doubleclick.net
4 securepubads.g.doubleclick.net www.googletagmanager.com
securepubads.g.doubleclick.net
3 vsb117.tawk.to embed.tawk.to
3 va.tawk.to embed.tawk.to
3 www.gstatic.com googleads.g.doubleclick.net
3 www.googletagservices.com pagead2.googlesyndication.com
be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com
googleads.g.doubleclick.net
3 fonts.gstatic.com fonts.googleapis.com
3 v3.denakop.com sorteador.com.br
3 www.google.com sorteador.com.br
be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com
tpc.googlesyndication.com
3 script.hotjar.com static.hotjar.com
script.hotjar.com
sorteador.com.br
3 d33wubrfki0l68.cloudfront.net sorteador.com.br
d33wubrfki0l68.cloudfront.net
2 googleads4.g.doubleclick.net sorteador.com.br
2 be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 tags.denakop.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 cdn.jsdelivr.net embed.tawk.to
1 www.888casino.com bus.clevernt.com
1 mmwebhandler.aff-online.com 1 redirects
1 bus.clevernt.com sender.clevernt.com
1 sender.clevernt.com sorteador.com.br
1 partner.googleadservices.com pagead2.googlesyndication.com
1 prebid-us.creativecdn.com tags.denakop.com
1 c2shb.ssp.yahoo.com tags.denakop.com
1 ui.cleverwebserver.com sorteador.com.br
1 vc.hotjar.io script.hotjar.com
1 in.hotjar.com script.hotjar.com
1 vars.hotjar.com static.hotjar.com
1 stats.g.doubleclick.net www.google-analytics.com
1 static.hotjar.com sorteador.com.br
1 scripts.cleverwebserver.com sorteador.com.br
1 www.googletagmanager.com sorteador.com.br
159 43
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-05-12 -
2022-05-11		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
denakop.com
Cloudflare Inc ECC CA-3		 2021-01-14 -
2022-01-13		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.hotjar.io
Amazon		 2021-08-17 -
2022-09-15		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-30 -
2022-02-23		 6 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.clevernt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-23 -
2022-02-23		 a year crt.sh
*.888casino.com
Amazon		 2021-04-13 -
2022-05-12		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-30 -
2022-06-01		 a year crt.sh

This page contains 19 frames:

Primary Page: https://sorteador.com.br/sorteio-no-facebook
Frame ID: 35A059D85279AEA678DBB76177E6B241
Requests: 99 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Frame ID: 2650FC1023D3FB5ED3E58881FF0E6AB5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20190131/zrt_lookup.html
Frame ID: 86637D08011CB079D9A1C395EA1E8219
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3126428890115149&output=html&adk=1812271804&adf=3025194257&lmt=1632132033&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsorteador.com.br%2Fsorteio-no-facebook&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632132033716&bpp=4&bdt=944&idt=154&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3549348640157&frm=20&pv=2&ga_vid=1263839898.1632132033&ga_sid=1632132034&ga_hid=1875864420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621&oid=3&pvsid=4285411369248082&pem=142&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=170
Frame ID: ED4AC2B0E436521BBF7749574DFB2B9E
Requests: 1 HTTP requests in this frame

Frame: https://www.888casino.com/exclusive-mob/starburst-hot.htm?sr=1099597&mm_id=42492&utm_source=aff&utm_medium=casap&utm_content=100090451&utm_campaign=100090451_Luisao
Frame ID: E1A0A2F73DE8C7F8C8101C58E5A58925
Requests: 3 HTTP requests in this frame

Frame: https://be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1441B492EED5791484ED1322B1995239
Requests: 1 HTTP requests in this frame

Frame: https://be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C2094347836906A699BF971FE3556BF5
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCz8jkYsr-mQjAB&v=APEucNXGKv5D6JUqSkAWFwPTRYKM61Hlo7Zz854CYERrQP5-HPo56IxEzPccHs4KXowu5t81xoVF4bsxcQqypFIwKvd-wCX1Uw
Frame ID: 0451C5C3F4626EB69A944A33A2A49886
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F9C2E5B0302DECCA9648F6A5A0238CD2
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3287913761834705872/index.html
Frame ID: 4587EFE792ADE2CC2B40329475FCCBDB
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Frame ID: F276BFDFA1356F3793AF3D32FA6EB999
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 56F20DA08212E1B4012ECF9E0FC6DC05
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YqSUqZI0IRdbUAy163IJKnGw-hEMSU1MpsI8iakDbOc.js
Frame ID: 12465FE6E31A3078A4F6878566955D59
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 1B9F40D5A861AA0BA4E87C1015351C38
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CDFEFF7965CB739A64DE0B6950ADD16B
Requests: 2 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/61483167bf6/css/min-widget.css
Frame ID: AB47055BB6728679C8905CF44E40FD5B
Requests: 3 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/61483167bf6/css/bubble-widget.css
Frame ID: 9FB97F1F42FA3ABAB373AA8122F32395
Requests: 2 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/61483167bf6/css/message-preview.css
Frame ID: C606F1D781344D2317432FC05C86F75D
Requests: 2 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/61483167bf6/css/max-widget.css
Frame ID: 0AEA52A77F495D48C12DE4346E77B14F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sorteio no Facebook | Sorteador.com.br - É fácil sortear!

Detected technologies

Overall confidence: 100%
Detected patterns
  • //embed\.tawk\.to
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

159
Requests

100 %
HTTPS

0 %
IPv6

26
Domains

43
Subdomains

39
IPs

8
Countries

2741 kB
Transfer

6310 kB
Size

27
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71
  • https://mmwebhandler.aff-online.com/c/42492?sr=1099597 HTTP 302
  • https://www.888casino.com/exclusive-mob/starburst-hot.htm?sr=1099597&mm_id=42492&utm_source=aff&utm_medium=casap&utm_content=100090451&utm_campaign=100090451_Luisao
Request Chain 87
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm=&google_dbm=&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBpdRO2Jorvr4xTsv_aser4&google_cver=1
Request Chain 88
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YUhbws8tbeIzhulp2d1noQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBpdRO2Jorvr4xTsv_aser4&google_cver=1
Request Chain 89
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm=&google_dbm=&google_tc= HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJaaZHF-h1J8m3AvMqMV60g&google_cver=1
Request Chain 90
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgzMTI4MjA1ODgzOTg3NzQxMQ%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgzMTI4MjA1ODgzOTg3NzQxMQ%3D%3D&google_tc=

159 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request sorteio-no-facebook
sorteador.com.br/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sorteador.com.br/sorteio-no-facebook
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.32.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79c99cf993aba78ba9b1ffb675725b27ef0cc9287da81ced7e44f63056faf889

Request headers

:method
GET
:authority
sorteador.com.br
:scheme
https
:path
/sorteio-no-facebook
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 20 Sep 2021 10:00:32 GMT
content-type
text/html; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
age
479
vary
Accept-Encoding
x-nf-request-id
01FG1ACT52NJY5Z0JDV18Y18E3
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rAq2wl5OF2JhJGuUlBX4X0E%2FrIkExmxxnVM5FGcKe29%2FxTOR%2Fi3RjwgHBn50UhwxVfO607aP6WgF9pjUwU2HipyXlXXr2wg81HBHhgTAsN7%2FxAxUly2jEIWMpGVtgqSyMDGE"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
691a3512af694126-PRG
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
logo-extended.svg
sorteador.com.br/imgs/ 		27 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorteador.com.br/imgs/logo-extended.svg
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.32.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac4260db6b864dbbf2f234d30158eee4ec5af0d75f7e235392d5d4ff30d84675

Request headers

:path
/imgs/logo-extended.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
sorteador.com.br
referer
https://sorteador.com.br/sorteio-no-facebook
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/sorteio-no-facebook
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id
01FG1ACTGTJ4FZ8FX94TRB0D3B
date
Mon, 20 Sep 2021 10:00:33 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9519
server
cloudflare
etag
"c3e6323866c43ddb533ec678c56a62a8-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1XZHd92Lqq4dB9oEvVbc2%2Bt70E1or07r%2BwvATkrHN1XVuranlJQQdrlZSFVaaxSI6F%2BHSL4DoNeDsiydcx7eFpSDgDqoOvXaNrMOT8mZXbi%2FENHhq1MTOSoAGGds0JNDMHA6"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
cf-ray
691a3514f9d44126-PRG
heskFW7clwivQUkL07-8CESiubc.js
sorteador.com.br/cdn-cgi/apps/head/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorteador.com.br/cdn-cgi/apps/head/heskFW7clwivQUkL07-8CESiubc.js
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.32.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f3b6ebe14544aff6e135872a38a532423b654018ad2ab2f8ebac6d68471723a

Request headers

:path
/cdn-cgi/apps/head/heskFW7clwivQUkL07-8CESiubc.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
sorteador.com.br
referer
https://sorteador.com.br/sorteio-no-facebook
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/sorteio-no-facebook
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:33 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
DHHVKP3K8SMBNKZH
cf-ray
691a351509d54126-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
7286
x-amz-id-2
vBWn5r2R14YE0OCYCpV8poCM6e8yRnPMH5yPKB0D9Il3K98ev/0tH4e4c4pAN6vnQaGqztOqxMs=
last-modified
Thu, 08 Apr 2021 03:21:47 GMT
server
cloudflare
etag
"6bb412060b09140f004ace9dadeeef75"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=it8QYjUop6OIbO5ym5DkVBiJXYhkpXC9O%2Bagha3vIGvofckdZmhwwyetXSrKl9yYkmYTgZZvcdOrKAPaaIZKqzL5w6QhUJO0iNW7mEHRR11KUxOFPuRT%2BLQvVChUwp3ARUNE"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
Btx3LSbRfzhB1Ft1scvgC4erHdrEhToZ
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
main.0aa121fc.chunk.css
d33wubrfki0l68.cloudfront.net/css/41ac778f38081bc7d1a9af4403fcad0ab12b6590/static/css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d33wubrfki0l68.cloudfront.net/css/41ac778f38081bc7d1a9af4403fcad0ab12b6590/static/css/main.0aa121fc.chunk.css
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.180 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-180.fra2.r.cloudfront.net
Software
Netlify /
Resource Hash
60212703680e389d8a0dac8df5d4e9b6deea3877d1c1489bc678ce7b91fb6080

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id
01FFYE3R6QSYK2NH725PF9SXMA
date
Sun, 19 Sep 2021 07:07:45 GMT
content-encoding
gzip
age
96767
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
4936
access-control-allow-origin
*
server
Netlify
etag
e6e95d1a6ade639f0a4b09c67c5ee765a83191f3-df
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
cache-control
public, max-age=31556926
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
9df7ynlwVjxeew9Llk9Tmj_11kMAmb3HFulG2Pw1CQrSzuy4nJ3k4w==
1f18fc3ac3883ec9a4774d8d0e7093f9384fc140.js
d33wubrfki0l68.cloudfront.net/bundles/ 		330 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d33wubrfki0l68.cloudfront.net/bundles/1f18fc3ac3883ec9a4774d8d0e7093f9384fc140.js
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.180 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-180.fra2.r.cloudfront.net
Software
Netlify /
Resource Hash
3fa95ae329f0b2363fc21a7b1d4b57abd1f8a78e0dedc886479a9c6209eb52ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id
01FFZB92VK496QX6V056X6B9P4
date
Sun, 19 Sep 2021 15:32:12 GMT
content-encoding
gzip
age
66501
x-cache
Hit from cloudfront
content-length
102571
access-control-allow-origin
*
server
Netlify
etag
8d36c860e74b0640f421f2e1604c909fd8a64b37-df
vary
Accept-Encoding
content-type
application/javascript
via
1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
cache-control
public, max-age=31556926
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
BAhNrA3tptI3CWUtBvTyRLj7jK17ols6viABAH_C4sQBJXsu5DEgIg==
truncated
/ 		359 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a37ef130f8c75c77e90eafd245d0f5de0541d0c9fc23b9f57624f994bf21b80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
gtm.js
www.googletagmanager.com/ 		103 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WJ3WR3R
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
c7635473372e95c87b29b2000e5eb5b6b0e2f8927a79a2366b2decc5abafa5b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:33 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41054
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 20 Sep 2021 10:00:33 GMT
css2
fonts.googleapis.com/ 		2 KB
979 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Pattaya&display=swap
Requested by
Host: d33wubrfki0l68.cloudfront.net
URL: https://d33wubrfki0l68.cloudfront.net/css/41ac778f38081bc7d1a9af4403fcad0ab12b6590/static/css/main.0aa121fc.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
ESF /
Resource Hash
f8c9d1b14c2dc0a73532a574f327030d297ea21f37e43c2dbd15188e62c59ddb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d33wubrfki0l68.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 10:00:33 GMT
server
ESF
date
Mon, 20 Sep 2021 10:00:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 20 Sep 2021 10:00:33 GMT
0.f7187be3.chunk.js
sorteador.com.br/static/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorteador.com.br/static/js/0.f7187be3.chunk.js
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb7d2090f6831e2f6cc57002e43685988412a28d6c22b32f099d553fa48cbf2e

Request headers

:path
/static/js/0.f7187be3.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
sorteador.com.br
referer
https://sorteador.com.br/sorteio-no-facebook
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/sorteio-no-facebook
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id
01FG1ACV0GWD88AYVAMKJN0STW
date
Mon, 20 Sep 2021 10:00:33 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4011
server
cloudflare
etag
"4801ffd6cb8a11f543cc4ca8b732013d-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbSv%2B6bTcsbXxKQWEzTawBwlJpSJ09N3K9wp7l%2BD%2BEJ19Zlee7vs7g8QELwHbMKpy23I88G4hENP7%2BntYL3pFaaDDuaUP8FdgtCkLFXIeRtjtd0Pz5jgjfAcQRzNtkKjBlok"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
cf-ray
691a35181f2827a0-PRG
3.4f0e1c13.chunk.js
sorteador.com.br/static/js/ 		69 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorteador.com.br/static/js/3.4f0e1c13.chunk.js
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3c19b1eaadd08c44832e6bd20cc5b26c85df108bb587e64f08af0a0d3055a93

Request headers

:path
/static/js/3.4f0e1c13.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
sorteador.com.br
referer
https://sorteador.com.br/sorteio-no-facebook
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/sorteio-no-facebook
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id
01FG1ACV0FDJCKXCG551M0MSC5
date
Mon, 20 Sep 2021 10:00:33 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18772
server
cloudflare
etag
"56e18361ffb2769388cf38fb6da6c4b3-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9IJ8wCoqAftW3o1dX8VpzuQW%2F7hG0cBq3b4k3BJHOV%2F3TJr75EChr3UxVCINSnfSRKNkT2hcgRwXWCK%2BJ4glhX0%2F9FigiJg7uV7ESxNfQcjKpeqgx1x4Uq7ReD%2Ft6H0%2BS9O5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
cf-ray
691a35181f2b27a0-PRG
30.e30b2c79.chunk.js
sorteador.com.br/static/js/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorteador.com.br/static/js/30.e30b2c79.chunk.js
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d812861fe7aaa6b14603054a1225861af3aed447f56941ef965a5557edc0eab

Request headers

:path
/static/js/30.e30b2c79.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
sorteador.com.br
referer
https://sorteador.com.br/sorteio-no-facebook
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/sorteio-no-facebook
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id
01FG1ACV0CQ9JNFVY34MGG28WM
date
Mon, 20 Sep 2021 10:00:33 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11997
server
cloudflare
etag
"7769544f83c6abfdbfb9bcc28a461c16-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0azfTqVGi0MI6ShvE8R6oiDF9Kcwx6ov0cGgUrDxgyvcHjgoHfi%2B0%2ByEMcEBz4KTUczvzaixz7cofybEOI%2FN74Tw6bugagJ2xmdh4BBCXQy1%2FqMaNmnxq0Omtn245slrVzjN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
cf-ray
691a35181f2c27a0-PRG
32.592c1141.chunk.js
sorteador.com.br/static/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorteador.com.br/static/js/32.592c1141.chunk.js
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2674bc58bbdd1b96d138ef6067fa056e508d4d91b4ee4201dc8a60d49683b2ad

Request headers

:path
/static/js/32.592c1141.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
sorteador.com.br
referer
https://sorteador.com.br/sorteio-no-facebook
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/sorteio-no-facebook
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id
01FG1ACV0FF5CFRG7S1F7TDQRT
date
Mon, 20 Sep 2021 10:00:33 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1480
server
cloudflare
etag
"2ea5d2727da30ce5a6b3737802d9c026-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=umB4LlNVynV1I%2BBYewVzOB7zkbrjdkJybDgGa9bA3FCmKcOni3XH4KeV8uQcOmCVILXriKnoasTssvmWl7xJl%2FNSIx9c89OO09zmDcxrQz1tHepOYD22mKYLMNtheqUnW%2FV3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
cf-ray
691a35181f2d27a0-PRG
31.42f7ed45.chunk.js
sorteador.com.br/static/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorteador.com.br/static/js/31.42f7ed45.chunk.js
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
957bb61e163b386efdf77755ee2273a10fec4652df9c113b5f8ac8c4e0699e98

Request headers

:path
/static/js/31.42f7ed45.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
sorteador.com.br
referer
https://sorteador.com.br/sorteio-no-facebook
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/sorteio-no-facebook
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id
01FG1ACV0E2E25ASWF6TKBZ53Z
date
Mon, 20 Sep 2021 10:00:33 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
647
server
cloudflare
etag
"925abb31150896269734aa652fda7a92-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZEdQvr%2FVmri3ykk6FdKNAaKXlaeOHUQa6esKzhffFLVTZcQ%2FlsENXDB4utIh1nWqwGcNFj7dLI1Yqce8aJ8MCBTaYR6ZRKPLzLJRW1rZh94aSmTvvnukvdF5mSX7SYRQ2zLS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
cf-ray
691a35181f2e27a0-PRG
11.c2769703.chunk.js
sorteador.com.br/static/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorteador.com.br/static/js/11.c2769703.chunk.js
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45c22f4afddfeda788880a81c1c9120f36e4ec81460df977c8103690bf7c808c

Request headers

:path
/static/js/11.c2769703.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
sorteador.com.br
referer
https://sorteador.com.br/sorteio-no-facebook
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/sorteio-no-facebook
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id
01FG1ACV0DHSW40277V8XQ99VB
date
Mon, 20 Sep 2021 10:00:33 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3160
server
cloudflare
etag
"c043ff7556dd27ea000231775d900991-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dbbdbP4ruk8lVu6gVKz0ZgUjQ0pmFZgav4xL7bN4PzOAAmlmGqq26A8jsesBc6rcPVs4KENB47nkJdUpBa3j7LpfQAYTqJCFuEB1WITqiEMjWRBW7rtKoddLXHyPNN%2BL%2FH90"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
cf-ray
691a35181f2f27a0-PRG
1.3c8c3f9a.chunk.js
sorteador.com.br/static/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorteador.com.br/static/js/1.3c8c3f9a.chunk.js
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c47062d302c55d4bb05c76b59c41eb195b05b286ea6b2e5b15185279e02383a4

Request headers

:path
/static/js/1.3c8c3f9a.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
sorteador.com.br
referer
https://sorteador.com.br/sorteio-no-facebook
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/sorteio-no-facebook
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id
01FG1ACV0A5E602BPNMGPH6MW5
date
Mon, 20 Sep 2021 10:00:33 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
7120
server
cloudflare
etag
"3c0c39e784f4e66a027eb51c7bd25820-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KaSKL4KESnLew0uKDfBA0wABYwCdT1DtnQurQntNH3eFG9jWIgRethco9Zt6e2HPv5xj7TpGD2%2FWxavPPaUKN4xfpmfrj0DMuN61SIeSq2kDc0N8DgfTmcZriEHonzVMNEAO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
cf-ray
691a35181f3027a0-PRG
26.fe806e60.chunk.js
sorteador.com.br/static/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorteador.com.br/static/js/26.fe806e60.chunk.js
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36ea978cbb6e81c1862b4702457802f8014ffa492ee2986a2b9ad84541b19c0f

Request headers

:path
/static/js/26.fe806e60.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
sorteador.com.br
referer
https://sorteador.com.br/sorteio-no-facebook
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/sorteio-no-facebook
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id
01FG1ACV0EA48YSD80B4F4JQ8G
date
Mon, 20 Sep 2021 10:00:33 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1353
server
cloudflare
etag
"616ec91216f9eb962af7016c3b0d861c-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1QWiHqG90UfyhNUU%2FZUcD47gMzKORBdfH9vZG6N%2FIA7o0OhBARELyDso2IUTfjJpXfUjPowfmYPAphys4b0OJfthmV1FdfT6hZehuWvMEK%2F4TH04VP2lV4EYZea5jBYr%2BCnD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
cf-ray
691a35181f3127a0-PRG
16.b1c50091.chunk.js
sorteador.com.br/static/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorteador.com.br/static/js/16.b1c50091.chunk.js
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ede6a6754479ae42f32183a013df68b8055ed31d90593dcd8c6a03ceac6e6183

Request headers

:path
/static/js/16.b1c50091.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
sorteador.com.br
referer
https://sorteador.com.br/sorteio-no-facebook
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/sorteio-no-facebook
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id
01FG1ACV0FKJHXD5PHE7R66B5V
date
Mon, 20 Sep 2021 10:00:33 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3004
server
cloudflare
etag
"1c49119dbfc5d0dd9b2f8f9901acae28-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BWYzs7wYpcpCS0t4c4KRkJWhqJUwNSy3FYG57bPcAQcFueZzvFAJrbuXx%2FV1eMwGyqe4YtZVOhYiTUPTtq5UXEkdoZD13jLJjq8iGDGneAOGPUjYnUKnKx0Mauvmb5XgYfiO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
cf-ray
691a35181f3227a0-PRG
loading.gif
sorteador.com.br/imgs/ 		237 KB
238 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorteador.com.br/imgs/loading.gif
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42b8e2ea6c7acbf3a0440887e1343f9b1cfa1b99020d8c407edea169d1d6aa4d

Request headers

:path
/imgs/loading.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
sorteador.com.br
referer
https://sorteador.com.br/sorteio-no-facebook
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/sorteio-no-facebook
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id
01FG1ACV0GANABSSXSVBYCTXJX
date
Mon, 20 Sep 2021 10:00:33 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"e5d1838dad0329e00cc684cc98557312-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZMe72dMOYsgfF4YYadE7VC7t4cFykdld1AP3FmyJBjFvqHZa%2BVWuAoGC44mptI7WAogbKwdfb7Sekf7PoKk%2FcT19wNofKyorAt4K69HpnC1sGvAf02IXkTy6GAZsVvBDmH%2F9"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
cf-ray
691a35182f3827a0-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
243016
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJ3WR3R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
4416
date
Mon, 20 Sep 2021 08:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Mon, 20 Sep 2021 10:46:57 GMT
daf62c02e2ffc916461462634fcf4ae0.js
scripts.cleverwebserver.com/ 		132 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.cleverwebserver.com/daf62c02e2ffc916461462634fcf4ae0.js
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.76.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c18426aeca0eb8719071a9837b51a3c653c86f7dcb1076af659b60fdced550a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:33 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 20 Sep 2021 08:28:06 GMT
server
cloudflare
x-amz-request-id
DHHWQ26PM7MK6A7X
etag
W/"0cf79d4baf67e826980e2b1210b61a1b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
0fn6Et8Ii2vT.zcPL28AFa0BIj9DMBvL
content-type
application/javascript
cache-control
max-age=1800
cf-ray
691a35187b8ec2db-FRA
x-amz-id-2
8NZSzD33AIrm9P/RDCSqFlp0lrcb4pvQd6aezc5IlOVqziy3qyKviQk3MZlU0AOybzeSskDhsPc=
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		73 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJ3WR3R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
dab5a359469f00611604530ea06ad1bf9f78ee960f13d36310c5f11c51dcec31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"992 / 828 of 1000 / last-modified: 1632128583"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24993
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 20 Sep 2021 10:00:33 GMT
hotjar-1668758.js
static.hotjar.com/c/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1668758.js?sv=6
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-14.fra2.r.cloudfront.net
Software
/
Resource Hash
25d5fac60bb3653ab7e80ad2991110b1d1692b2d43633d38bd4653423e5e889c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:33 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA2-C2
etag
W/a80c5bc5a5aa15a669c734246f7ecdda
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-id
B8cNkhGiAFvP6fuQyNQPDt5I2ilU3QiEWU0n9ERXJ4K54gU5kgdn5A==
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1875864420&t=pageview&_s=1&dl=https%3A%2F%2Fsorteador.com.br%2Fsorteio-no-facebook&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1343486543&gjid=1996189841&cid=1263839898.1632132033&tid=UA-2896196-2&_gid=372412081.1632132033&_r=1&gtm=2wg9f0WJ3WR3R&z=27302097
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sorteador.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Sep 2021 10:00:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sorteador.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.5fe2f4f38cf4833026a9.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.5fe2f4f38cf4833026a9.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1668758.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-38.fra2.r.cloudfront.net
Software
/
Resource Hash
33d18bfaad19367135cba7d9096fba55164cd67b8e5819617c6d6b34bd43454b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 07:15:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
960327
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59626
access-control-allow-origin
*
last-modified
Thu, 09 Sep 2021 07:14:26 GMT
etag
"e8c5ca8d148a212696c04c37e713b2a1"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
RH9_jbFXnTw9glQZT_DRNMEuMdYGoW4ya2TiB36fJWskuZYfwhZK-A==
pubads_impl_2021091503.js
securepubads.g.doubleclick.net/gpt/ 		332 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091503.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
e152b757baeb786f86d661804414ffcf1ea9d533aadbe4d19642c25c2d9f9cf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118679
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 16:13:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 20 Sep 2021 10:00:33 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		99 B
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=sorteador.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
7f41695353e4d80b98ba56b374e0156384e2e97940634299618e3629f6e55546
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 20 Sep 2021 10:00:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87
x-xss-protection
0
expires
Mon, 20 Sep 2021 10:00:33 GMT
prebid.js
tags.denakop.com/ 		206 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.denakop.com/prebid.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJ3WR3R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.4.165 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46bf91ca36c2d1ec9d95dcc4220998a120c5050d1a61616c59966f62bf98e1c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
326
cf-polished
origSize=210606
cf-ray
691a3518ed436961-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 14 Sep 2021 19:55:36 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"6140fe38-336ae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
timing-allow-origin
*
cf-bgj
minify
collect
stats.g.doubleclick.net/j/ 		2 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-2896196-2&cid=1263839898.1632132033&jid=1343486543&gjid=1996189841&_gid=372412081.1632132033&_u=YEBAAEAAAAAAAC~&z=964177983
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.5.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wg-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sorteador.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 20 Sep 2021 10:00:33 GMT
content-type
text/plain
access-control-allow-origin
https://sorteador.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-dfc01efbdc94bb0936d9a35a502b0b64.html
vars.hotjar.com/ Frame 2650 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1668758.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-73.fra2.r.cloudfront.net
Software
/
Resource Hash
88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-dfc01efbdc94bb0936d9a35a502b0b64.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorteador.com.br/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/

Response headers

content-type
text/html
content-length
1044
date
Tue, 20 Jul 2021 13:05:05 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"10714b84569172431728622d7c8098e4"
last-modified
Tue, 20 Jul 2021 13:04:43 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
UQLQN9lJkMC3bhrqJsfgzBpUgmP_s2sNhrYM9-I1cXsoc_1hfoCnoQ==
age
5345728
sorteador.com.br.js
tags.denakop.com/10177/ 		82 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.denakop.com/10177/sorteador.com.br.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJ3WR3R
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.4.165 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2d5185888988d185c8f5f177116b578410dfdb687624dcfc569425d37c432f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
6622
cf-ray
691a35196e786961-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:03:41 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"6148324d-1473f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
timing-allow-origin
*
cf-bgj
minify
ga-audiences
www.google.com/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-2896196-2&cid=1263839898.1632132033&jid=1343486543&_u=YEBAAEAAAAAAAC~&z=1236512268
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Sep 2021 10:00:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
visit-data
in.hotjar.com/api/v2/client/sites/1668758/ 		146 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/1668758/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.5fe2f4f38cf4833026a9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.237.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-237-17.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ab95872c4726727a3b09b1f8c28490c70b7e407e97fd93bbfb75a2ecc5faac36

Request headers

Referer
https://sorteador.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Mon, 20 Sep 2021 10:00:33 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
1668758
vc.hotjar.io/sessions/ 		0
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/1668758?s=0.25&r=0.12437539366697425
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.5fe2f4f38cf4833026a9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:33 GMT
via
1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
server
Python/3.7 aiohttp/3.5.4
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
Ghd5-t7WGvx0IPjkRxDOmbkh6BIRXDqj6YoM3yWFbTmygPvaEnCswA==
preact-incoming-feedback.26d973fdc6fa0689912b.js
script.hotjar.com/ 		142 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/preact-incoming-feedback.26d973fdc6fa0689912b.js
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.5fe2f4f38cf4833026a9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-38.fra2.r.cloudfront.net
Software
/
Resource Hash
dfd96b79897e47fd4bda4fbe0dea06a0273a85bb8aaea294fc90b91acc8c5139
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 07:15:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
960327
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
28348
access-control-allow-origin
*
last-modified
Thu, 09 Sep 2021 07:14:26 GMT
etag
"91406c099b6ec96ce4c499a27a2b9850"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
e6-SagAA1xn27Ls9DA5xhHvGI3-LxiVam4s8mXv90KK4mjQQ88ivsg==
font-hotjar_5.65042d.woff2
script.hotjar.com/ 		2 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/font-hotjar_5.65042d.woff2
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-38.fra2.r.cloudfront.net
Software
/
Resource Hash
fab4fef6bbfa8d6464403a14be7de1be5e3e63637a96d994fab10266e1eaf6da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sorteador.com.br/
Origin
https://sorteador.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 03:57:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20066608
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Fri, 29 Jan 2021 15:20:31 GMT
etag
"c9fb9163f8b7be37023ebe649688bebf"
vary
Accept-Encoding
content-type
application/octet-stream
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
PVAqDjvR4ErU9CFczKo2NyisVWpAKdZW8oYXnRbh7sMypVYS_9Y_CQ==
api.gif
v3.denakop.com/ 		0
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3.denakop.com/api.gif?a=10177&d=desktop&b=Chrome&o=Windows&v=4.0.7&sw=1600&sh=1200&ac=p&p=https%3A%2F%2Fsorteador.com.br%2Fsorteio-no-facebook&t=1632132033543&cb=0.5845091120471357
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.4.165 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Sep 2021 10:00:33 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
image/gif
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges
bytes
cf-ray
691a3519df776961-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
1ff44rgdt
embed.tawk.to/5a1c1b52198bd56b8c03d978/ 		2 KB
985 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/5a1c1b52198bd56b8c03d978/1ff44rgdt
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02a2d9b08cee3fdd170eae6ee64c51946e09d80355948e062a7fdab8312a249b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sorteador.com.br/
Origin
https://sorteador.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
server
cloudflare
etag
W/"stable-v4-61483167bf6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, s-maxage=3600
strict-transport-security
max-age=0; includeSubDomains; preload
cf-ray
691a351a5abd6993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		138 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3126428890115149
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJ3WR3R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
d3ffd2f274dd10f44ebce4988535bddeb96d2f18a7c61de4808e0855e037cf03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sorteador.com.br/
Origin
https://sorteador.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48996
x-xss-protection
0
server
cafe
etag
17499996729304877941
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 20 Sep 2021 10:00:33 GMT
/
ui.cleverwebserver.com/3fb71065e38842a2b8e766d4ad87d4d5/ 		161 B
228 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ui.cleverwebserver.com/3fb71065e38842a2b8e766d4ad87d4d5/
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.76.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.19
Resource Hash
ae8fc06de3bf41915d227c897a89b47a0f32a3a75c09dde8d39ea1dc27d95318

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/7.4.19
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/javascript;charset=UTF-8
cf-ray
691a351a1d9dc2db-FRA
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96983d017575db4b3edb9ac0dc0015&pos=8a96983d017575db4b3edb9d8d750019&cmd=bid&secure=1
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
e65d5211fb27f6713af6048e9cd0e3a89668360e8e53c51a54f6bb7e96da9f9f

Request headers

Referer
https://sorteador.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 20 Sep 2021 10:00:33 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://sorteador.com.br
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
prebid
ib.adnxs.com/ut/v3/ 		138 B
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
ae16b00ff8c1ce4b69f57f05509fbba608fdf8ec0829b8c7fafc2c5e5ced13c0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sorteador.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 20 Sep 2021 10:00:33 GMT
X-Proxy-Origin
216.131.114.60; 216.131.114.60; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
d79aa2a2-8429-44fe-9a87-f531d7d34b01
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sorteador.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
7770cef670e7d8b2f6901f010925cafe8251a21a13cac8a91c6a226306d282ba
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sorteador.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 20 Sep 2021 10:00:33 GMT
X-Proxy-Origin
216.131.114.60; 216.131.114.60; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
b4dfb5ac-0b1b-4c2a-8969-9b1ef542d41a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sorteador.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sorteador.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sorteador.com.br
date
Mon, 20 Sep 2021 10:00:33 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/ 		253 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3126428890115149
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
fece609132179152484c9592c0cad0b32ea746fd41546306a38b8556b82d2fb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95702
x-xss-protection
0
server
cafe
etag
17553272322223311488
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Sep 2021 10:00:33 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210915/r20190131/ Frame 8663 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210915/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3126428890115149
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210915/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorteador.com.br/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 19 Sep 2021 12:31:14 GMT
expires
Sun, 03 Oct 2021 12:31:14 GMT
content-type
text/html; charset=UTF-8
etag
13836150016441684253
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4591
x-xss-protection
0
age
77359
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
app.js
sdk.getsitekit.com/static/js/ 		201 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.getsitekit.com/static/js/app.js
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.168.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9d288e9aa2e3d38a47508b50d2f1cef46920f16d7f609f6b8979dcd9f593a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
272
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 29 Jul 2021 07:46:45 GMT
server
cloudflare
etag
W/"61025ce5-32571"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PMNZmnmP09F7Rh0joFagmVV64s4Id3kI3CcklRjaIMQ6X6yESn8Y22Dx%2F73Eh26hp74nxS0bjcyh10tMmlVq6m8D5atEwoLJjr3W8Vb%2BcCW8YzDO%2B%2F4lPd6z3iNiuN0cFzZ9QCM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=14400, maxage=300
cf-ray
691a351b6fef4113-PRG
expires
Mon, 20 Sep 2021 10:01:01 GMT
logo.svg
sorteador.com.br/imgs/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorteador.com.br/imgs/logo.svg
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c68153220f5540729a065afc5fbc7109fa708c1e6e68c1de7576587c1aac0ecd

Request headers

:path
/imgs/logo.svg
pragma
no-cache
cookie
_ga=GA1.3.1263839898.1632132033; _gid=GA1.3.372412081.1632132033; _gat_UA-2896196-2=1; _hjid=2c0526bb-cee8-4f47-83ea-460dc47ff403; _hjFirstSeen=1; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
sorteador.com.br
referer
https://sorteador.com.br/sorteio-no-facebook
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/sorteio-no-facebook
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id
01FG1ACVHP8CAC6QE657P6A5SE
date
Mon, 20 Sep 2021 10:00:34 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2265
server
cloudflare
etag
"686a3f8b977534d86626a0118f173cfc-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FuHRi7yZzM3I5bGfFdxWdpovPM2Vx4nP%2B67bYHQeGz%2BK%2BqiNp4qfAWqu%2Fbf2lnnqNQtikvEmbvse4qinLMM9A3n4m0laNGPZF2FchWeaIwp8ovttyvM9UaM75Qh0482kgpPT"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
cf-ray
691a351b9afa27a0-PRG
search.svg
sorteador.com.br/imgs/icons/ 		379 B
916 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorteador.com.br/imgs/icons/search.svg
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d66b9ac30e3fae717e28de87aa741d9c405964506aaa339beafbe9e7dde4ec1

Request headers

:path
/imgs/icons/search.svg
pragma
no-cache
cookie
_ga=GA1.3.1263839898.1632132033; _gid=GA1.3.372412081.1632132033; _gat_UA-2896196-2=1; _hjid=2c0526bb-cee8-4f47-83ea-460dc47ff403; _hjFirstSeen=1; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
sorteador.com.br
referer
https://sorteador.com.br/sorteio-no-facebook
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/sorteio-no-facebook
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id
01FG1ACVHVV114RGXJBMD934XG
date
Mon, 20 Sep 2021 10:00:34 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"c9d729e5067b2a393f55c160179ecb60-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pd4Y%2B%2FaGCdRiS8KMcKwOmbNEiBXcOT3zA1omCNxP1kVox8iK36Z74wBJqfN4GD3lJ9dFdcdcl5rDpSNuBU%2Bz5kQj2H0bmyKTrxw%2F0xLtyK6tJ6HeEfTNjM1jOErUFOHKQqW8"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=0, must-revalidate
cf-ray
691a351b9afc27a0-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
dice.svg
sorteador.com.br/imgs/icons/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorteador.com.br/imgs/icons/dice.svg
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0661c84f3b566a91c14f8bedfc8dce494d00b116a45d78bdee48a53ec2cc4a97

Request headers

:path
/imgs/icons/dice.svg
pragma
no-cache
cookie
_ga=GA1.3.1263839898.1632132033; _gid=GA1.3.372412081.1632132033; _gat_UA-2896196-2=1; _hjid=2c0526bb-cee8-4f47-83ea-460dc47ff403; _hjFirstSeen=1; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
sorteador.com.br
referer
https://sorteador.com.br/sorteio-no-facebook
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/sorteio-no-facebook
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id
01FG1ACVHTA77MAYZJ0GKBTY90
date
Mon, 20 Sep 2021 10:00:34 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1689
server
cloudflare
etag
"23df32bcff837697fcb239ba565f0465-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GGHzumD66jIM4YSHSYYQwwgWjNo0NqhY4qIDY8N3x52KNfyc5lT39bFhdfqBNexWMg4sC2vhUSSi98r5PjrUao4n0ZWUCfJXFJi3GX8Uneois45jcQAhBTM8Pf3i3VEe0Dj1"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
cf-ray
691a351b9afe27a0-PRG
list.svg
sorteador.com.br/imgs/icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorteador.com.br/imgs/icons/list.svg
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9610b454704750e58f7a7780eac7a62c5dd32b234c7556c6b9b5b8262825e2a4

Request headers

:path
/imgs/icons/list.svg
pragma
no-cache
cookie
_ga=GA1.3.1263839898.1632132033; _gid=GA1.3.372412081.1632132033; _gat_UA-2896196-2=1; _hjid=2c0526bb-cee8-4f47-83ea-460dc47ff403; _hjFirstSeen=1; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
sorteador.com.br
referer
https://sorteador.com.br/sorteio-no-facebook
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/sorteio-no-facebook
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id
01FG1ACVCMHQWMPPN8GBA5DFHE
date
Mon, 20 Sep 2021 10:00:34 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
657
server
cloudflare
etag
"5d40cb192fab4bed4bbcfeb23e667e5b-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2aNW5lrCHs%2B0Mt%2B9Oy5ZqE%2Fql15TB23YrtIXJdHFrnyTTVhG9G31xBL9s27%2BF%2B8%2Bj3TMYF1CE976v3Ugh%2BpjkIih8JTZT%2Fy0lMlEXRqWLCm0Sc5SSQO3wqE1CszP2vGyMmgG"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
cf-ray
691a351b9b0027a0-PRG
file.svg
sorteador.com.br/imgs/icons/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorteador.com.br/imgs/icons/file.svg
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a6d85cf3fc85e20d127cc486b3d098ee5ccbc8668b396e537c6b37281cc90b4

Request headers

:path
/imgs/icons/file.svg
pragma
no-cache
cookie
_ga=GA1.3.1263839898.1632132033; _gid=GA1.3.372412081.1632132033; _gat_UA-2896196-2=1; _hjid=2c0526bb-cee8-4f47-83ea-460dc47ff403; _hjFirstSeen=1; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
sorteador.com.br
referer
https://sorteador.com.br/sorteio-no-facebook
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/sorteio-no-facebook
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id
01FG1ACVCNT7KASNP3VZNV3HJR
date
Mon, 20 Sep 2021 10:00:34 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1266
server
cloudflare
etag
"0e2a2192f3c42b907b358ed01d2d2e39-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rlzeWP7aw1B9MkbAW8rOSySdv4lfUvwQkgS1COA5QJK4hljAPNaLQJaPieDFLWobxIBGgAlNuD%2BGWbwgHG7uw7ErwY6DwuwtE%2Bl0smKyQ9MFDXIogDZwN5TdZ7kz4lcbF6B%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
cf-ray
691a351b9b0327a0-PRG
coin.svg
sorteador.com.br/imgs/icons/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorteador.com.br/imgs/icons/coin.svg
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
559227781a8e2c2c799fbaa8b5b30105d9a8a4762fd9afe6ffcb1bf14bca598f

Request headers

:path
/imgs/icons/coin.svg
pragma
no-cache
cookie
_ga=GA1.3.1263839898.1632132033; _gid=GA1.3.372412081.1632132033; _gat_UA-2896196-2=1; _hjid=2c0526bb-cee8-4f47-83ea-460dc47ff403; _hjFirstSeen=1; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
sorteador.com.br
referer
https://sorteador.com.br/sorteio-no-facebook
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/sorteio-no-facebook
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id
01FG1ACVHYQ4SRWJP3PJE36F8K
date
Mon, 20 Sep 2021 10:00:34 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1280
server
cloudflare
etag
"661f5482254e9ef95ac24c481979cad6-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dIWcQ7fdyQHULrHCJJF%2BTb%2FZ1PCQXKyubSReq2s9h7yhZVYSuqrh5s0yhOOMYan%2Bz6ugnNnWtUZ1RCA1E4ybMgxagUKBjCgJOJ%2BVpGcwHuBNoHrrzafhhMVbIQaKEvwgVCIl"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
cf-ray
691a351b9b0427a0-PRG
instagram.svg
sorteador.com.br/imgs/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorteador.com.br/imgs/icons/instagram.svg
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abefd7018b1107eb0bb0dcceb01c7c77f67198b7a36fe6068fe6df913f298c32

Request headers

:path
/imgs/icons/instagram.svg
pragma
no-cache
cookie
_ga=GA1.3.1263839898.1632132033; _gid=GA1.3.372412081.1632132033; _gat_UA-2896196-2=1; _hjid=2c0526bb-cee8-4f47-83ea-460dc47ff403; _hjFirstSeen=1; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
sorteador.com.br
referer
https://sorteador.com.br/sorteio-no-facebook
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/sorteio-no-facebook
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id
01FG1ACVHRN211T3GG2M9ZJ022
date
Mon, 20 Sep 2021 10:00:34 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
502
server
cloudflare
etag
"254b28fbf83ed7cff1004d3e762ab68e-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nF154YIjO34NXWW%2FRAxbYgC5leCwuFMekMWVKUDkW3v9tYLoPoktB5yahHe7NbyEvRtzXH0zW7tN5dtUVm29v%2BX%2BySkRzk1hOz6HiDIyejb91PJzRiHl8bV%2FNu4e3Oj%2F2EiB"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
cf-ray
691a351b9b0627a0-PRG
facebook.svg
sorteador.com.br/imgs/icons/ 		791 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorteador.com.br/imgs/icons/facebook.svg
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0f5b55c488cb0b06324c5939f5571cc3d3933aed105be9339132aa67da1b063

Request headers

:path
/imgs/icons/facebook.svg
pragma
no-cache
cookie
_ga=GA1.3.1263839898.1632132033; _gid=GA1.3.372412081.1632132033; _gat_UA-2896196-2=1; _hjid=2c0526bb-cee8-4f47-83ea-460dc47ff403; _hjFirstSeen=1; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
sorteador.com.br
referer
https://sorteador.com.br/sorteio-no-facebook
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/sorteio-no-facebook
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id
01FG1ACVHRS120XEPC0QRAKZHM
date
Mon, 20 Sep 2021 10:00:34 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"7a18a8263aceaf7165a4d672934ecd5d-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yMTe%2F%2B0yqISn3O1LVTdx3Q%2BL4kmEo8EukwDBNLvfjhMOiYlfDnIHYnvkaXJqAewqaH3YEo79HtcEj2WOmuFtYRIg4JlPRkty%2BUi8Pdm7MWnSogdKvSRDTOciJtu8tjRoOZvu"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=0, must-revalidate
cf-ray
691a351b9b0727a0-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
contact.svg
sorteador.com.br/imgs/icons/ 		445 B
957 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorteador.com.br/imgs/icons/contact.svg
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e039a33cf956377d4092c5a1f5e6fce97df2db99c447b5a663e1c8d2edd6add

Request headers

:path
/imgs/icons/contact.svg
pragma
no-cache
cookie
_ga=GA1.3.1263839898.1632132033; _gid=GA1.3.372412081.1632132033; _gat_UA-2896196-2=1; _hjid=2c0526bb-cee8-4f47-83ea-460dc47ff403; _hjFirstSeen=1; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
sorteador.com.br
referer
https://sorteador.com.br/sorteio-no-facebook
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/sorteio-no-facebook
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id
01FG1ACVHSCJ2PE0PD5Y8TJV9G
date
Mon, 20 Sep 2021 10:00:34 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3ac217cb049f6078e9aadb43a105e76a-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eorlkGQLV7OeXcR%2FD6A4MpQD77s1%2BWB2iT%2BPxHHCCmF4zNb7lKsBBR%2Bl0QPD9pgJJcTiQQDEZsqZF1Y0n4GW%2BsX1FxIZBc7YRiMg2iNCu7vdxlp81Dy4cnT8GBOZNPl0P%2FSf"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=0, must-revalidate
cf-ray
691a351b9b0827a0-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
background.d600232d.jpg
d33wubrfki0l68.cloudfront.net/static/media/d38193508f62a94b61fcf69acff79352890c2b5f/ 		112 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d33wubrfki0l68.cloudfront.net/static/media/d38193508f62a94b61fcf69acff79352890c2b5f/background.d600232d.jpg
Requested by
Host: d33wubrfki0l68.cloudfront.net
URL: https://d33wubrfki0l68.cloudfront.net/css/41ac778f38081bc7d1a9af4403fcad0ab12b6590/static/css/main.0aa121fc.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.180 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-180.fra2.r.cloudfront.net
Software
Netlify /
Resource Hash
b7bdc359b91a975d7176ec6b37c3e9b22770f84f36186f844322093825d85522

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d33wubrfki0l68.cloudfront.net/css/41ac778f38081bc7d1a9af4403fcad0ab12b6590/static/css/main.0aa121fc.chunk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id
01FFYT6G669Y05MAMH7FF618ZG
date
Sun, 19 Sep 2021 10:38:59 GMT
via
1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
server
Netlify
age
84094
etag
e92013e999afd6eff184fe4d524f73d62cafabc3
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31556926
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
114653
x-amz-cf-id
IfWIZWHZzsHOmf-fXRHk71013pNF5MkK2UPEA8sFe-Xcaecyg1hmvQ==
ea8ZadcqV_zkHY-XBdet9g.woff2
fonts.gstatic.com/s/pattaya/v7/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/pattaya/v7/ea8ZadcqV_zkHY-XBdet9g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Pattaya&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
10e48eed7cce9a869cbf188f9f40815f8f9b926c1ee2e1ad1fc009eb14aa26de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sorteador.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 11:11:36 GMT
x-content-type-options
nosniff
age
600537
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28448
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 19:46:02 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 11:11:36 GMT
cookie.js
partner.googleadservices.com/gampad/ 		206 B
441 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=sorteador.com.br&callback=_gfp_s_&client=ca-pub-3126428890115149
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
d3f4085a579d5ec53198f2ff2119cfb7dd8c82de662dee9d3d3c208a4e3b421f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
194
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fsorteador.com.br%2Fsorteio-no-facebook&tn=DIV&cls=hidden%20transition-all%20duration-500%20ease-in-out%20md%3Ablock%20items-center%20bg-white%20dark%3Abg-gray-700%20h-screen%20p-2%20shadow-2xl%20z-10%20w-20%20fixed%20slideOut-appear%20slideOut-appear-active&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Sep 2021 10:00:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fsorteador.com.br%2Fsorteio-no-facebook&tn=DIV&cls=pace-progress&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Sep 2021 10:00:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sorteador.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 20 Sep 2021 10:00:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame ED4A 		147 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3126428890115149&output=html&adk=1812271804&adf=3025194257&lmt=1632132033&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsorteador.com.br%2Fsorteio-no-facebook&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632132033716&bpp=4&bdt=944&idt=154&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3549348640157&frm=20&pv=2&ga_vid=1263839898.1632132033&ga_sid=1632132034&ga_hid=1875864420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621&oid=3&pvsid=4285411369248082&pem=142&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=170
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ee090d0d0de727383c9ca14c0f8cc08a1f627538ac64dd743d4414c40d7a65c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3126428890115149&output=html&adk=1812271804&adf=3025194257&lmt=1632132033&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsorteador.com.br%2Fsorteio-no-facebook&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632132033716&bpp=4&bdt=944&idt=154&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3549348640157&frm=20&pv=2&ga_vid=1263839898.1632132033&ga_sid=1632132034&ga_hid=1875864420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621&oid=3&pvsid=4285411369248082&pem=142&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=170
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorteador.com.br/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 20 Sep 2021 10:00:34 GMT
server
cafe
content-length
40950
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 20-Sep-2021 10:15:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 20 Sep 2021 10:00:34 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
24d026371427b41d6d168c5d4c18de465b026afc3907c86c8f3b3bc31bd87467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27652
x-xss-protection
0
server
sffe
etag
"1631879122047051"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Mon, 20 Sep 2021 10:00:33 GMT
settings.json
api.getsitekit.com/v1/sk-public/site/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.getsitekit.com/v1/sk-public/site/settings.json
Requested by
Host: sdk.getsitekit.com
URL: https://sdk.getsitekit.com/static/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.27.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ea4455227663d6b4e014e75f894726d303df295471084d1ef7373ece80e7c85

Request headers

Accept
application/json, text/plain, */*
Referer
https://sorteador.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
X-Sitekit-Key
0f5bbad1ece78b833385036d9f8948fb

Response headers

date
Mon, 20 Sep 2021 10:00:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jqHWgVS%2BWOcrRnZz8XyYGxJEwN%2BV%2BDYpZ1MGf3815SA5hQYHkSGbJLiPfE5D3xDHTfbcMRYUBJ%2FM6WSzYsbrBuIQPhgVOo%2BsxXHyrdQJ7FXQsZBT7zRspWhmYKrop%2Bc3lMfimGo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sorteador.com.br
access-control-allow-credentials
true
cf-ray
691a351d88684a91-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
settings.json
api.getsitekit.com/v1/sk-public/site/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.getsitekit.com/v1/sk-public/site/settings.json
Protocol
H2
Server
104.21.27.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-sitekit-key
Origin
https://sorteador.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 20 Sep 2021 10:00:34 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-headers
X-Sitekit-Key
access-control-allow-methods
GET
access-control-allow-origin
https://sorteador.com.br
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XaM2i%2Fu4gO%2BIPqeyz%2Fr0KkQk9exjk3XPUid208vBhsNB%2BKirokT2MFUk76zlKLigTsPDCoD3qffKw4pDNwCsAxvqQyK0c3dtppMAT6jElCU91XBzVUYUO%2B%2B5Q7SYWyFDLhRaJk4%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
691a351c3bf74a9d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
42908.php
sender.clevernt.com/transporter/ Frame E1A0 		545 B
821 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sender.clevernt.com/transporter/42908.php?ppuc=1&ppu=0&id=447786&ref=aHR0cHM6Ly9zb3J0ZWFkb3IuY29tLmJyL3NvcnRlaW8tbm8tZmFjZWJvb2s%3D&ruri=&r=764068037&tok=33419711310201791433&cc=1&iv=-1&ctr=DE&sz=1200&wn=null&res=1600x1200&landing=1&hei=360&ts=0.327
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.69.64.76 Lisbon, Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS
are.clevernt.com
Software
nginx /
Resource Hash
6e9d7d556e73912779a66e3ae82345690361a3f95b2ab02494ad71a206d9b6ad

Request headers

:method
GET
:authority
sender.clevernt.com
:scheme
https
:path
/transporter/42908.php?ppuc=1&ppu=0&id=447786&ref=aHR0cHM6Ly9zb3J0ZWFkb3IuY29tLmJyL3NvcnRlaW8tbm8tZmFjZWJvb2s%3D&ruri=&r=764068037&tok=33419711310201791433&cc=1&iv=-1&ctr=DE&sz=1200&wn=null&res=1600x1200&landing=1&hei=360&ts=0.327
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorteador.com.br/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/

Response headers

server
nginx
date
Mon, 20 Sep 2021 10:00:34 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
hstpv4user=eyJJRCI6IjM5NDExMTM5d2FuNjE0ODViYzIwYWQwMyIsIkNUUiI6IlVTIiwiUmVnaW9uIjpudWxsLCJCcm93c2VyIjoiQ2hyb21lIiwiUGxhdGZvcm0iOiJXaW5kb3dzIiwiTW9iaWxlIjowLCJCb3QiOjAsInJlbW90ZV9hZGRyIjoiMzYzMjQ5MzExNiIsIkxhc3RVcGRhdGUiOjE2MzIxMzIwMzR9; expires=1663668034; path=/; domain=.clevernt.com; SameSite=None; Secure
expires
Fri, 27 Jun 1986 23:00:00 GMT
last-modified
Mon, 20 Sep 2021 10:00:34 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
pragma
no-cache
content-encoding
gzip
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/gif
api.gif
v3.denakop.com/ 		0
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3.denakop.com/api.gif?a=10177&d=desktop&b=Chrome&o=Windows&v=4.0.7&sw=1600&sh=1200&ac=a&p=https%3A%2F%2Fsorteador.com.br%2Fsorteio-no-facebook&t=1632132033990&cb=0.27951668904227134&aa=under
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.4.165 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Sep 2021 10:00:34 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
image/gif
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges
bytes
cf-ray
691a351c7e496961-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		12 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4285411369248082&correlator=3665917947241922&output=ldjh&impl=fifs&eid=31062366&vrg=2021091503&ptt=17&sc=1&sfv=1-0-38&ecs=20210920&iu_parts=21715141650%2Cdesktop_under&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&prev_scp=dk_refresh%3Dtrue%26index%3D1%26hostname%3Dsorteador.com.br%26pathname%3D%252Fsorteio-no-facebook&cookie=ID%3D121fd4b8c944eb25-2259fe1c3ec900bb%3AT%3D1632132033%3ART%3D1632132033%3AS%3DALNI_Ma58nVC1R83GYY75O2nR-pPWtr3_w&bc=31&abxe=1&lmt=1632132034&dt=1632132034000&dlt=1632132032772&idt=680&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=1&adks=2911887401&ucis=1&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsorteador.com.br%2Fsorteio-no-facebook&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x1034&msz=1600x0&ga_vid=1263839898.1632132033&ga_sid=1632132034&ga_hid=1875864420&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091503.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
4bf3c7be15dfd662001fe58167a6e1b61e650d275ebf374538bfdf983368a18e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7341
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sorteador.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1441 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091503.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorteador.com.br/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 20 Sep 2021 10:00:34 GMT
expires
Tue, 20 Sep 2022 10:00:34 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GU23oZ7JkazMb66DxSclYagUwkH2Tm2bLERBFQDCpQ7WxnB5INhtqlfHc3cio1lSPat1O8Q_req1xKlIN5Hkc72QMzTQPiyrBBYsToD_s3D8RFE7Io-qC9N2oA-Ui1v_PUaEh3rkaQCNm6exrQbVNQ==.html
bus.clevernt.com/ Frame E1A0 		369 B
328 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bus.clevernt.com/GU23oZ7JkazMb66DxSclYagUwkH2Tm2bLERBFQDCpQ7WxnB5INhtqlfHc3cio1lSPat1O8Q_req1xKlIN5Hkc72QMzTQPiyrBBYsToD_s3D8RFE7Io-qC9N2oA-Ui1v_PUaEh3rkaQCNm6exrQbVNQ==.html
Requested by
Host: sender.clevernt.com
URL: https://sender.clevernt.com/transporter/42908.php?ppuc=1&ppu=0&id=447786&ref=aHR0cHM6Ly9zb3J0ZWFkb3IuY29tLmJyL3NvcnRlaW8tbm8tZmFjZWJvb2s%3D&ruri=&r=764068037&tok=33419711310201791433&cc=1&iv=-1&ctr=DE&sz=1200&wn=null&res=1600x1200&landing=1&hei=360&ts=0.327
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.69.64.74 Lisbon, Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS
bus.clevernt.com
Software
nginx /
Resource Hash
782e16fe2967e39a2f55e5bac74333254c78da103a194582b49d31f015516512

Request headers

:method
GET
:authority
bus.clevernt.com
:scheme
https
:path
/GU23oZ7JkazMb66DxSclYagUwkH2Tm2bLERBFQDCpQ7WxnB5INhtqlfHc3cio1lSPat1O8Q_req1xKlIN5Hkc72QMzTQPiyrBBYsToD_s3D8RFE7Io-qC9N2oA-Ui1v_PUaEh3rkaQCNm6exrQbVNQ==.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sender.clevernt.com/
accept-encoding
gzip, deflate, br
cookie
hstpv4user=eyJJRCI6IjM5NDExMTM5d2FuNjE0ODViYzIwYWQwMyIsIkNUUiI6IlVTIiwiUmVnaW9uIjpudWxsLCJCcm93c2VyIjoiQ2hyb21lIiwiUGxhdGZvcm0iOiJXaW5kb3dzIiwiTW9iaWxlIjowLCJCb3QiOjAsInJlbW90ZV9hZGRyIjoiMzYzMjQ5MzExNiIsIkxhc3RVcGRhdGUiOjE2MzIxMzIwMzR9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sender.clevernt.com/

Response headers

server
nginx
date
Mon, 20 Sep 2021 10:00:34 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
content-encoding
gzip
starburst-hot.htm
www.888casino.com/exclusive-mob/ Frame E1A0
Redirect Chain
  • https://mmwebhandler.aff-online.com/c/42492?sr=1099597
  • https://www.888casino.com/exclusive-mob/starburst-hot.htm?sr=1099597&mm_id=42492&utm_source=aff&utm_medium=casap&utm_content=100090451&utm_campaign=100090451_Luisao
919 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.888casino.com/exclusive-mob/starburst-hot.htm?sr=1099597&mm_id=42492&utm_source=aff&utm_medium=casap&utm_content=100090451&utm_campaign=100090451_Luisao
Requested by
Host: bus.clevernt.com
URL: https://bus.clevernt.com/GU23oZ7JkazMb66DxSclYagUwkH2Tm2bLERBFQDCpQ7WxnB5INhtqlfHc3cio1lSPat1O8Q_req1xKlIN5Hkc72QMzTQPiyrBBYsToD_s3D8RFE7Io-qC9N2oA-Ui1v_PUaEh3rkaQCNm6exrQbVNQ==.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-28.fra2.r.cloudfront.net
Software
CloudFront /
Resource Hash
bf53e03546cc618b8b49b954db8495711b14a1cc8ba35d65cd5c240aea1119aa

Request headers

:method
GET
:authority
www.888casino.com
:scheme
https
:path
/exclusive-mob/starburst-hot.htm?sr=1099597&mm_id=42492&utm_source=aff&utm_medium=casap&utm_content=100090451&utm_campaign=100090451_Luisao
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bus.clevernt.com/GU23oZ7JkazMb66DxSclYagUwkH2Tm2bLERBFQDCpQ7WxnB5INhtqlfHc3cio1lSPat1O8Q_req1xKlIN5Hkc72QMzTQPiyrBBYsToD_s3D8RFE7Io-qC9N2oA-Ui1v_PUaEh3rkaQCNm6exrQbVNQ==.html

Response headers

server
CloudFront
date
Mon, 20 Sep 2021 10:00:34 GMT
content-type
text/html
content-length
919
x-cache
Error from cloudfront
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
Yu6LAbe5IXI5DvuhZpSUJ2uJPdHxS3XMgNtXrE_JGbxIjr7FwKjbMw==

Redirect headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
content-type
text/html; charset=utf-8
expires
0
location
https://www.888casino.com/exclusive-mob/starburst-hot.htm?sr=1099597&mm_id=42492&utm_source=aff&utm_medium=casap&utm_content=100090451&utm_campaign=100090451_Luisao
server
x-aspnetmvc-version
4.0
set-cookie
uffiliate_click_42492_1099597_=uffiliate_click_42492_1099597_; expires=Wed, 20-Oct-2021 10:00:34 GMT; path=/; SameSite=None; Secure
srv
1231321
date
Mon, 20 Sep 2021 10:00:33 GMT
content-length
301
18507
api.getsitekit.com/v1/feature-switch/get-data/frontend/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.getsitekit.com/v1/feature-switch/get-data/frontend/18507
Protocol
H3
Server
104.21.27.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-sitekit-key
Origin
https://sorteador.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 20 Sep 2021 10:00:34 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-headers
X-Sitekit-Key
access-control-allow-methods
GET
access-control-allow-origin
https://sorteador.com.br
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SVHcU8eqAPyzXoy9PNowiUCQrvErF%2FcAXjUGnQMZZ%2FeyXimQmRZG7cNJoFNxiKkFxk5G3mA%2B8LWGHSAXLnfq9AJSTipvMQO298NjKjk8h%2Bi2cRY3MUAodHjbpizecQ5ySggGQRQ%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
691a351ecadd4a91-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
0.44f02aa9dab520e67f69.js
sdk.getsitekit.com/static/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.getsitekit.com/static/js/0.44f02aa9dab520e67f69.js
Requested by
Host: sdk.getsitekit.com
URL: https://sdk.getsitekit.com/static/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.168.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e77a5485c5abed4fdc3cb6d89140d3d9aa89bddab743ee4e2de313ae0038995

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1994648
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 29 Jul 2021 07:46:45 GMT
server
cloudflare
etag
W/"61025ce5-5ae8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0i%2BbPy48l6uQANF%2BY%2B5Kfan4dbN9uSxhhEvzmzcbhlHUPFvoRv0Yl70GcqAxRwBrebMyYGIo1m0wJsHj9xxbSThSqjiyeJpkZDrEaNWuur0SwoMBgGbsJ3%2BHIHl71n2osL2tJ4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
691a351efe9b27bc-PRG
expires
Mon, 27 Sep 2021 07:56:26 GMT
3.9602cf434625578ef0fd.css
sdk.getsitekit.com/static/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sdk.getsitekit.com/static/css/3.9602cf434625578ef0fd.css
Requested by
Host: sdk.getsitekit.com
URL: https://sdk.getsitekit.com/static/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.168.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35e5a1d04c28c5a7f4e955975bd07f1d8cb7d4a84f3c3922a6cef71455055d56

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1994648
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 29 Jul 2021 07:46:45 GMT
server
cloudflare
etag
W/"61025ce5-1a46"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BVDEMw9qwYiXT4actbC56H960zB2m5cBDLqjBRUwBYLLBGHfR6ldmpFWLEUuoHdlZqmPD2wk%2BynkMx6iFfA2rh5rkV0JexrE9%2FDL%2Bdv%2FDDrgj%2FwutVM2ZJFgSrQYKl2j0AStsPQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
691a351efe9e27bc-PRG
expires
Mon, 27 Sep 2021 07:56:26 GMT
3.b57312b1adf6a69710c8.js
sdk.getsitekit.com/static/js/ 		299 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.getsitekit.com/static/js/3.b57312b1adf6a69710c8.js
Requested by
Host: sdk.getsitekit.com
URL: https://sdk.getsitekit.com/static/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.168.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6005570f1e1d7b5f299ff3ce3e8513fc0422493c1ed9dc12ee7dce799d15c157

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1994648
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 29 Jul 2021 07:46:45 GMT
server
cloudflare
etag
W/"61025ce5-4aaac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m6gWOQDdrdPIv%2BoIcKDinDDH5VIvX2keYDVLmAjlgDKOUv714gpmfrOX%2BLdSWUWSzPo4g%2F5EwlTLgWIPijvGfTjYCVhLL1PMp3V05YSDmBiGlRcc%2BPG1Vh7lBFRlVDLWnVkvJms%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
691a351efe9d27bc-PRG
expires
Mon, 27 Sep 2021 07:56:26 GMT
18507
api.getsitekit.com/v1/feature-switch/get-data/frontend/ 		1 KB
953 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.getsitekit.com/v1/feature-switch/get-data/frontend/18507
Requested by
Host: sdk.getsitekit.com
URL: https://sdk.getsitekit.com/static/js/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.27.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6c151b3bf28f1c9d51d954e58fad44f70e04ff94eb564809d7a9f422ce81f22

Request headers

Accept
application/json, text/plain, */*
Referer
https://sorteador.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
X-Sitekit-Key
0f5bbad1ece78b833385036d9f8948fb

Response headers

date
Mon, 20 Sep 2021 10:00:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
etag
W/"XUANPRJMXRUGYYIXMWJV"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZU7GIMpEqg6ncyn%2F2bKxYOTnmvPsdNevLbE%2B9%2BilvcTYlZ6C1xEMX6Fwguajt79jlt9BfiVBueTA8VxHKKpbad31l89iJM40Psw8UNvHmniRL%2FvdIppOvQcYKwzH7pM9ta%2FhVYI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sorteador.com.br
cache-control
public, max-age=300, stale-while-revalidate=60, stale-if-error=60
access-control-allow-credentials
true
cf-ray
691a351ffd104a91-FRA
x-proto-cache
HIT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=sorteador.com.br&host=sorteador.com.br&success=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091503.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Sep 2021 10:00:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C209 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091503.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorteador.com.br/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 20 Sep 2021 10:00:34 GMT
expires
Tue, 20 Sep 2022 10:00:34 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ 		262 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f266202b591aab2563e8ef52fcc7cf8d2358f48600ad7f52bc62462787dca01

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0451 		624 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCz8jkYsr-mQjAB&v=APEucNXGKv5D6JUqSkAWFwPTRYKM61Hlo7Zz854CYERrQP5-HPo56IxEzPccHs4KXowu5t81xoVF4bsxcQqypFIwKvd-wCX1Uw
Requested by
Host: be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com
URL: https://be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CPDkLxCz8jkYsr-mQjAB&v=APEucNXGKv5D6JUqSkAWFwPTRYKM61Hlo7Zz854CYERrQP5-HPo56IxEzPccHs4KXowu5t81xoVF4bsxcQqypFIwKvd-wCX1Uw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 20 Sep 2021 10:00:34 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUn7ApV_PWL8dIpBM4SUWsMTAJ4WmpWo7aECMf6W5V6Lb1_4bPnxdZeP1mS2; expires=Wed, 20-Sep-2023 10:00:34 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 20 Sep 2021 10:00:34 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame C209 		69 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B6EqDm3mSm11eqXA9qF6QClwYrHd-5ajh6RUT02Arqcy_mFVMzdSaI5XU6yXm9YF1xR0QV0bf02m3j7CPC5tHIiwrio09jx79XKa9kX0Xikw-UmWUyM9sJ5pwZzaFVFhUjMXGF_kDKdmrBOsU8_MOw2lHnaQ&dbm_d=AKAmf-CenAn4iP5eWqeqH9YwfALR_uLSO2TZm0JPJUtD_coL6qPVo3pVMYvcxyVBHlLajGGkaCb4axVHK0G8DlEYVl80qLe6shjM2s_jPWbeQcvh-SqL9IeSA5-a5EeVibm2-JjEvrxcCggCs2BhLQgoSTSPnJJYOaumzKFlbDHsJao33LU863jUhyhokfLkxx0s4udA-Y1qN76SZmkKhFqxvdPWWlvxnOgKjo-DMcjwrtpbqo0eHHpl5VR1BzI96M2mufAavFFgi6wOeIZdFn2D33XGvHcxq-Ych_4elMV-vlDbfixvBhkbICdc0hH7DMSx--ntfhXN9WJCzlbBY9QoUmv-KA7erRSOp816bAxVX3FbwdVNtkk12XsRDVxfG-Iv6jo5R6ILy-m3nQvY714uL7ol-ltmfedB-dnjTCuUxNySdpj-kKOqkQ05qkELbrAl2MT7NyW2qUZcofXh5vLxkq2LtG6gNLB16urHNJl2fHceAfDowP_TvkUXp0ZdnAewWmdZjkHnW4fb1Eg2cBuh9ZfS9Aa-wMVjUv1gZIoSeppDWn_sZEWz1rFCGGxTxEKOJ0VN5qhgRz1pTQZmCZOnOn_ZJXqdmhV2XnRJw4bXc7LB_feL1jHZvs3bwOiF3rxXYRc5PBeCr3pj1TcUv7Uz-HiW5SKwSB8lRtvWA3sbtMW2uFQeoGValgGn0WJvkeUcqZfIL56NZT3u_Rlim5DbQHIYA8oBJ5oMSvbR06tNTlL-YB2HpeFv3KsnC1_m7hdN2hNHMUBsLE3BQ-Vs_xvT-zbeH7x0hJMGmh3OQ-Vkwc1bSDEkaT09CV-GNaaUMC2TO7W7y340L1ezu4jL4pTDGaE2J1nuRxr9hrvWm3In6-xoJSqbAv_kvD-zgnl8d_la63QOLmWvmOp4hMCDP985ZVyjtj5EEI9RDLNaQkQ0M-lhYSN97h5T0kALExNtWeaVbBFCcU-iaC0CAJRCPs1JMClUpwqBHrBdYJ4ru8wzVrKVK1t3ZoJHLc8Qnltr4ZktiDrLSuciRUmrq6vUThqYREMnbeAIeoDzggAL-tiv_v2Ac6nvWHSbB-M2rXlpsNB2PEWC3jmtkeNYw7FnzioPDUe2kv5nyC60FGZCDlGf4c2y4AFfYMeIY6C_-1upJcsErp5fBNCAQY1d3g4nTQuSVkC4qstq5OGvtSIqm4bWHbg3VqbdAKQl5oVpLItV2Jlt9XWBcZSV62sAMXyrjHV8C7wUbuxbkD-fveGP6UBAMvpKVfOEgfCXD8MHtY9RdrDuPFLZXLCosWkqjeYpZvI2Ia_JxwKjfZOtnwpCUlu3Xn7giRdPL419kXjSDVqUwhXU4Z7UiCuVUM_IdDg_BolaWvgbCywPf4ntdP5lVg4Kx4EhOVTVMJ4WchLFaFVF0s1BcGDPbXcU_Y8TjUmH0ceEsSDgH8zHSBrX7hnGtIrE1hvVq7mjLFxxsCuezPG_Ar3jTzT_CMuvAqmUiiSVgoLo_5p7dYJh8XxP6_rr6U4g-cA9vy4cFzHrWgv8qqwC4TVZYKwK-dv8tK3GHiz3JNxLnOzp7rLYiNF_jHtiRZ8M1Wec3yr92KLrcksjL9SYxT24yirimihE1eX7RLHCXqH9qe-bQlGcK0hpAJS4gzEnbPS1vJ7J_6ORl0OWK9LfhWygXWYdbmAWVxbZXS_pvVESWzM_B-ma6uItj_r2j2NOBSgU3IkWR15OiAgiV9A4yXhpw6UNbZJWdMiVL5tf4vFQd4iU_u3fYwtPeGYt1WKQwfeFDGL-G61al4Xj4NYW1oW_QtS97Fb5XChXVZS3FPrv0ZS8CkxcMrKwfr6PafC2Li1snSy8DV5H560jvUXY98VlWMUnHWaKS-KL0nFUugD_QAn4-3MxzMo44ucOxGg2alwIIsr7K0d-F2uF8q50Eh2SAVJNeTzDuVm0XQa5c-k8zolfmwn8prB3qOYUnwmiqb5Qp0k0D867nDfro2y04qps0DLB9y_SZE4_aAmHhdjS81nvzicJtiZmX52HM5J4xF6i293TP2Clb7rMAGG9XKDjEtcervP-u8xS-FfFJosmEFkgkoW9fAAOMh-qMociPVw10UxJeonizWTTzjNcQJvq5JBfchvtbR3ZoCtInXWpkxqd4ho9cKG_IsTrHj4O21D3V5FF6LjsnG6XVkpHjFoz6ygygE-9tdB_18NswKKkXjEuxrRXNys0Bsy20B8TIUr05s8vwmnYkFGYm8YNF93yDikk8bf4dOCeac9gV0oMqaz6KHrN1V9sqoEzTpqPc7qED0MmzVdWgzTQLEnPYLryISp7E9kopn8TfyD_PqRm4DNOVWR9LTDr14wYEENdFhp_xWjBEBon9iznfUs3VEu_Xz-NFXN19LhIBitzs3R7o_qvCpr43KKMJ4D5tgdyVWEHQuG7rb94DXFjLDkPc_4wQuR3hCH6GWzEHq3FzSRxdtFp1_OdbAPQu6x9XVhG10lI7_xVHGtGkCQh8Q3REOIAXRP-qLcCPzvaUVxjkHClpRpd8R-7QWfZxDnxruSUmhULg-fV6FcxAMDi6lsTrORDVJ17NOSGOucwTV5oy5fYoqjQ4WHbFOyC9mUAX5dhnPKYd4FobF5F5sND_RuwWrWFvHuEKI14Xx0c_463yFuvO0mzjofjzZqWjk0920WEy3T6CsPOTsZU1xFssqpuQCbeCCIV4ubO1F3bCXTOtK8BRbpYNQEltHnI_vn8nCW3bjt2QUQQkr3tRqE9i0k90RnDTUd3DMN9I6-e859oZ0aakvjxh_bKi9oRcJkYtcxLE1euE87ASUGFRcGVFcZZjWpAmrzbZvOLPskTk-BpSqyari-gtnPZWPKjaWayP48Zn5nm-SroW6k8uQDL7O7RILf0gUnzSJePuzXkLnn14epJmlI9thbvW4ViuVLIAKc5WZEW95VQjf8q-RjTEU_3LwhxpdQGyBgjWq_I2-E44Hm3Bs-lNxshI6yXbNvoIhSFmiOzTXBTZwxU-W0hS8QWtgV-KoT93IZ90ja952fMUeu9GbCv-LKjrmk_RYewPE58DfWQ_yxtGDN5-vQFLpQqdY8_tITTHd3LAwJ2Tqf3mUlHD4Kpk96UE430eP2aqUmkNXTen7dVBqoZe3d--yizZO6p709IxtHUwujTbUtdCMFUalojf5EHbQ&cid=CAASFeRoI-fQZS-7rWFR4FlYLolKAhHo1g&rfl=1%2Chttps%253A%252F%252Fsorteador.com.br%252F%240
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
0f38b55010401798f17c1fbad201ea2f9ba32f4b8cb98eebc1dd52bf8a02211c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Sep 2021 10:00:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28287
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C209 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CW_8z84cUD-GwMT9GPDbaEXN661jsm63s5FV4H9vBMHKzT_szpfoOZTQgXegmqoSorND1B76T2focVgorhWrV86TELVFvs0fg3Jx4fmXl_kstqiVk
Requested by
Host: be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com
URL: https://be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Sep 2021 10:00:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame C209 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/window_focus_fy2019.js
Requested by
Host: be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com
URL: https://be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:58:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
126
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Oct 2021 09:58:28 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C209 		128 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com
URL: https://be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
daaaa4101e8414d3c9c0baab3c015599b7e1fa70035268b8ba23ea6790f00bf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39526
x-xss-protection
0
server
sffe
etag
"1631879102694099"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Mon, 20 Sep 2021 10:00:34 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame C209 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com
URL: https://be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
cafe /
Resource Hash
127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:57:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
198
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6211
x-xss-protection
0
server
cafe
etag
18326705275735229343
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Oct 2021 09:57:16 GMT
l
www.google.com/ads/measurement/ Frame C209 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQM5KdQr1Fm2goyGXFzfrL8Qc_S5iBNr5fG7HgWmsUOyPL8_LiBXXZtILw2hfWsmpGL1H3lBNnq5Ek78BgPwYvs5hT7WA
Requested by
Host: be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com
URL: https://be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 0451
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm=&google_dbm=&google_tc=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBpdRO2Jorvr4xTsv_aser4&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBpdRO2Jorvr4xTsv_aser4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCz8jkYsr-mQjAB&v=APEucNXGKv5D6JUqSkAWFwPTRYKM61Hlo7Zz854CYERrQP5-HPo56IxEzPccHs4KXowu5t81xoVF4bsxcQqypFIwKvd-wCX1Uw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Sep 2021 10:00:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 20 Sep 2021 10:00:34 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Sep 2021 10:00:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBpdRO2Jorvr4xTsv_aser4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0451
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YUhbws8tbeIzhulp2d1noQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBpdRO2Jorvr4xTsv_aser4&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBpdRO2Jorvr4xTsv_aser4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCz8jkYsr-mQjAB&v=APEucNXGKv5D6JUqSkAWFwPTRYKM61Hlo7Zz854CYERrQP5-HPo56IxEzPccHs4KXowu5t81xoVF4bsxcQqypFIwKvd-wCX1Uw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Sep 2021 10:00:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 20 Sep 2021 10:00:34 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Sep 2021 10:00:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBpdRO2Jorvr4xTsv_aser4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 0451
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm=&google_dbm=&google_tc=
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJaaZHF-h1J8m3AvMqMV60g&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJaaZHF-h1J8m3AvMqMV60g&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCz8jkYsr-mQjAB&v=APEucNXGKv5D6JUqSkAWFwPTRYKM61Hlo7Zz854CYERrQP5-HPo56IxEzPccHs4KXowu5t81xoVF4bsxcQqypFIwKvd-wCX1Uw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Sep 2021 10:00:34 GMT
X-Proxy-Origin
216.131.114.60; 216.131.114.60; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
9da52b0a-7ef7-4862-8450-64221058ff58
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Sep 2021 10:00:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJaaZHF-h1J8m3AvMqMV60g&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0451
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgzMTI4MjA1ODgzOTg3NzQxMQ%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgzMTI4MjA1ODgzOTg3NzQxMQ%3D%3D&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgzMTI4MjA1ODgzOTg3NzQxMQ%3D%3D&google_tc=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCz8jkYsr-mQjAB&v=APEucNXGKv5D6JUqSkAWFwPTRYKM61Hlo7Zz854CYERrQP5-HPo56IxEzPccHs4KXowu5t81xoVF4bsxcQqypFIwKvd-wCX1Uw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Sep 2021 10:00:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Sep 2021 10:00:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgzMTI4MjA1ODgzOTg3NzQxMQ%3D%3D&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame C209 		114 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f6.1e100.net
Software
sffe /
Resource Hash
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com/
Origin
https://be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:40:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1210
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40185
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 21 Sep 2021 09:40:24 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210915/r20110914/elements/html/ Frame C209 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210915/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B6EqDm3mSm11eqXA9qF6QClwYrHd-5ajh6RUT02Arqcy_mFVMzdSaI5XU6yXm9YF1xR0QV0bf02m3j7CPC5tHIiwrio09jx79XKa9kX0Xikw-UmWUyM9sJ5pwZzaFVFhUjMXGF_kDKdmrBOsU8_MOw2lHnaQ&dbm_d=AKAmf-CenAn4iP5eWqeqH9YwfALR_uLSO2TZm0JPJUtD_coL6qPVo3pVMYvcxyVBHlLajGGkaCb4axVHK0G8DlEYVl80qLe6shjM2s_jPWbeQcvh-SqL9IeSA5-a5EeVibm2-JjEvrxcCggCs2BhLQgoSTSPnJJYOaumzKFlbDHsJao33LU863jUhyhokfLkxx0s4udA-Y1qN76SZmkKhFqxvdPWWlvxnOgKjo-DMcjwrtpbqo0eHHpl5VR1BzI96M2mufAavFFgi6wOeIZdFn2D33XGvHcxq-Ych_4elMV-vlDbfixvBhkbICdc0hH7DMSx--ntfhXN9WJCzlbBY9QoUmv-KA7erRSOp816bAxVX3FbwdVNtkk12XsRDVxfG-Iv6jo5R6ILy-m3nQvY714uL7ol-ltmfedB-dnjTCuUxNySdpj-kKOqkQ05qkELbrAl2MT7NyW2qUZcofXh5vLxkq2LtG6gNLB16urHNJl2fHceAfDowP_TvkUXp0ZdnAewWmdZjkHnW4fb1Eg2cBuh9ZfS9Aa-wMVjUv1gZIoSeppDWn_sZEWz1rFCGGxTxEKOJ0VN5qhgRz1pTQZmCZOnOn_ZJXqdmhV2XnRJw4bXc7LB_feL1jHZvs3bwOiF3rxXYRc5PBeCr3pj1TcUv7Uz-HiW5SKwSB8lRtvWA3sbtMW2uFQeoGValgGn0WJvkeUcqZfIL56NZT3u_Rlim5DbQHIYA8oBJ5oMSvbR06tNTlL-YB2HpeFv3KsnC1_m7hdN2hNHMUBsLE3BQ-Vs_xvT-zbeH7x0hJMGmh3OQ-Vkwc1bSDEkaT09CV-GNaaUMC2TO7W7y340L1ezu4jL4pTDGaE2J1nuRxr9hrvWm3In6-xoJSqbAv_kvD-zgnl8d_la63QOLmWvmOp4hMCDP985ZVyjtj5EEI9RDLNaQkQ0M-lhYSN97h5T0kALExNtWeaVbBFCcU-iaC0CAJRCPs1JMClUpwqBHrBdYJ4ru8wzVrKVK1t3ZoJHLc8Qnltr4ZktiDrLSuciRUmrq6vUThqYREMnbeAIeoDzggAL-tiv_v2Ac6nvWHSbB-M2rXlpsNB2PEWC3jmtkeNYw7FnzioPDUe2kv5nyC60FGZCDlGf4c2y4AFfYMeIY6C_-1upJcsErp5fBNCAQY1d3g4nTQuSVkC4qstq5OGvtSIqm4bWHbg3VqbdAKQl5oVpLItV2Jlt9XWBcZSV62sAMXyrjHV8C7wUbuxbkD-fveGP6UBAMvpKVfOEgfCXD8MHtY9RdrDuPFLZXLCosWkqjeYpZvI2Ia_JxwKjfZOtnwpCUlu3Xn7giRdPL419kXjSDVqUwhXU4Z7UiCuVUM_IdDg_BolaWvgbCywPf4ntdP5lVg4Kx4EhOVTVMJ4WchLFaFVF0s1BcGDPbXcU_Y8TjUmH0ceEsSDgH8zHSBrX7hnGtIrE1hvVq7mjLFxxsCuezPG_Ar3jTzT_CMuvAqmUiiSVgoLo_5p7dYJh8XxP6_rr6U4g-cA9vy4cFzHrWgv8qqwC4TVZYKwK-dv8tK3GHiz3JNxLnOzp7rLYiNF_jHtiRZ8M1Wec3yr92KLrcksjL9SYxT24yirimihE1eX7RLHCXqH9qe-bQlGcK0hpAJS4gzEnbPS1vJ7J_6ORl0OWK9LfhWygXWYdbmAWVxbZXS_pvVESWzM_B-ma6uItj_r2j2NOBSgU3IkWR15OiAgiV9A4yXhpw6UNbZJWdMiVL5tf4vFQd4iU_u3fYwtPeGYt1WKQwfeFDGL-G61al4Xj4NYW1oW_QtS97Fb5XChXVZS3FPrv0ZS8CkxcMrKwfr6PafC2Li1snSy8DV5H560jvUXY98VlWMUnHWaKS-KL0nFUugD_QAn4-3MxzMo44ucOxGg2alwIIsr7K0d-F2uF8q50Eh2SAVJNeTzDuVm0XQa5c-k8zolfmwn8prB3qOYUnwmiqb5Qp0k0D867nDfro2y04qps0DLB9y_SZE4_aAmHhdjS81nvzicJtiZmX52HM5J4xF6i293TP2Clb7rMAGG9XKDjEtcervP-u8xS-FfFJosmEFkgkoW9fAAOMh-qMociPVw10UxJeonizWTTzjNcQJvq5JBfchvtbR3ZoCtInXWpkxqd4ho9cKG_IsTrHj4O21D3V5FF6LjsnG6XVkpHjFoz6ygygE-9tdB_18NswKKkXjEuxrRXNys0Bsy20B8TIUr05s8vwmnYkFGYm8YNF93yDikk8bf4dOCeac9gV0oMqaz6KHrN1V9sqoEzTpqPc7qED0MmzVdWgzTQLEnPYLryISp7E9kopn8TfyD_PqRm4DNOVWR9LTDr14wYEENdFhp_xWjBEBon9iznfUs3VEu_Xz-NFXN19LhIBitzs3R7o_qvCpr43KKMJ4D5tgdyVWEHQuG7rb94DXFjLDkPc_4wQuR3hCH6GWzEHq3FzSRxdtFp1_OdbAPQu6x9XVhG10lI7_xVHGtGkCQh8Q3REOIAXRP-qLcCPzvaUVxjkHClpRpd8R-7QWfZxDnxruSUmhULg-fV6FcxAMDi6lsTrORDVJ17NOSGOucwTV5oy5fYoqjQ4WHbFOyC9mUAX5dhnPKYd4FobF5F5sND_RuwWrWFvHuEKI14Xx0c_463yFuvO0mzjofjzZqWjk0920WEy3T6CsPOTsZU1xFssqpuQCbeCCIV4ubO1F3bCXTOtK8BRbpYNQEltHnI_vn8nCW3bjt2QUQQkr3tRqE9i0k90RnDTUd3DMN9I6-e859oZ0aakvjxh_bKi9oRcJkYtcxLE1euE87ASUGFRcGVFcZZjWpAmrzbZvOLPskTk-BpSqyari-gtnPZWPKjaWayP48Zn5nm-SroW6k8uQDL7O7RILf0gUnzSJePuzXkLnn14epJmlI9thbvW4ViuVLIAKc5WZEW95VQjf8q-RjTEU_3LwhxpdQGyBgjWq_I2-E44Hm3Bs-lNxshI6yXbNvoIhSFmiOzTXBTZwxU-W0hS8QWtgV-KoT93IZ90ja952fMUeu9GbCv-LKjrmk_RYewPE58DfWQ_yxtGDN5-vQFLpQqdY8_tITTHd3LAwJ2Tqf3mUlHD4Kpk96UE430eP2aqUmkNXTen7dVBqoZe3d--yizZO6p709IxtHUwujTbUtdCMFUalojf5EHbQ&cid=CAASFeRoI-fQZS-7rWFR4FlYLolKAhHo1g&rfl=1%2Chttps%253A%252F%252Fsorteador.com.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:55:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
312
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Oct 2021 09:55:22 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210915/r20110914/ Frame C209 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210915/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B6EqDm3mSm11eqXA9qF6QClwYrHd-5ajh6RUT02Arqcy_mFVMzdSaI5XU6yXm9YF1xR0QV0bf02m3j7CPC5tHIiwrio09jx79XKa9kX0Xikw-UmWUyM9sJ5pwZzaFVFhUjMXGF_kDKdmrBOsU8_MOw2lHnaQ&dbm_d=AKAmf-CenAn4iP5eWqeqH9YwfALR_uLSO2TZm0JPJUtD_coL6qPVo3pVMYvcxyVBHlLajGGkaCb4axVHK0G8DlEYVl80qLe6shjM2s_jPWbeQcvh-SqL9IeSA5-a5EeVibm2-JjEvrxcCggCs2BhLQgoSTSPnJJYOaumzKFlbDHsJao33LU863jUhyhokfLkxx0s4udA-Y1qN76SZmkKhFqxvdPWWlvxnOgKjo-DMcjwrtpbqo0eHHpl5VR1BzI96M2mufAavFFgi6wOeIZdFn2D33XGvHcxq-Ych_4elMV-vlDbfixvBhkbICdc0hH7DMSx--ntfhXN9WJCzlbBY9QoUmv-KA7erRSOp816bAxVX3FbwdVNtkk12XsRDVxfG-Iv6jo5R6ILy-m3nQvY714uL7ol-ltmfedB-dnjTCuUxNySdpj-kKOqkQ05qkELbrAl2MT7NyW2qUZcofXh5vLxkq2LtG6gNLB16urHNJl2fHceAfDowP_TvkUXp0ZdnAewWmdZjkHnW4fb1Eg2cBuh9ZfS9Aa-wMVjUv1gZIoSeppDWn_sZEWz1rFCGGxTxEKOJ0VN5qhgRz1pTQZmCZOnOn_ZJXqdmhV2XnRJw4bXc7LB_feL1jHZvs3bwOiF3rxXYRc5PBeCr3pj1TcUv7Uz-HiW5SKwSB8lRtvWA3sbtMW2uFQeoGValgGn0WJvkeUcqZfIL56NZT3u_Rlim5DbQHIYA8oBJ5oMSvbR06tNTlL-YB2HpeFv3KsnC1_m7hdN2hNHMUBsLE3BQ-Vs_xvT-zbeH7x0hJMGmh3OQ-Vkwc1bSDEkaT09CV-GNaaUMC2TO7W7y340L1ezu4jL4pTDGaE2J1nuRxr9hrvWm3In6-xoJSqbAv_kvD-zgnl8d_la63QOLmWvmOp4hMCDP985ZVyjtj5EEI9RDLNaQkQ0M-lhYSN97h5T0kALExNtWeaVbBFCcU-iaC0CAJRCPs1JMClUpwqBHrBdYJ4ru8wzVrKVK1t3ZoJHLc8Qnltr4ZktiDrLSuciRUmrq6vUThqYREMnbeAIeoDzggAL-tiv_v2Ac6nvWHSbB-M2rXlpsNB2PEWC3jmtkeNYw7FnzioPDUe2kv5nyC60FGZCDlGf4c2y4AFfYMeIY6C_-1upJcsErp5fBNCAQY1d3g4nTQuSVkC4qstq5OGvtSIqm4bWHbg3VqbdAKQl5oVpLItV2Jlt9XWBcZSV62sAMXyrjHV8C7wUbuxbkD-fveGP6UBAMvpKVfOEgfCXD8MHtY9RdrDuPFLZXLCosWkqjeYpZvI2Ia_JxwKjfZOtnwpCUlu3Xn7giRdPL419kXjSDVqUwhXU4Z7UiCuVUM_IdDg_BolaWvgbCywPf4ntdP5lVg4Kx4EhOVTVMJ4WchLFaFVF0s1BcGDPbXcU_Y8TjUmH0ceEsSDgH8zHSBrX7hnGtIrE1hvVq7mjLFxxsCuezPG_Ar3jTzT_CMuvAqmUiiSVgoLo_5p7dYJh8XxP6_rr6U4g-cA9vy4cFzHrWgv8qqwC4TVZYKwK-dv8tK3GHiz3JNxLnOzp7rLYiNF_jHtiRZ8M1Wec3yr92KLrcksjL9SYxT24yirimihE1eX7RLHCXqH9qe-bQlGcK0hpAJS4gzEnbPS1vJ7J_6ORl0OWK9LfhWygXWYdbmAWVxbZXS_pvVESWzM_B-ma6uItj_r2j2NOBSgU3IkWR15OiAgiV9A4yXhpw6UNbZJWdMiVL5tf4vFQd4iU_u3fYwtPeGYt1WKQwfeFDGL-G61al4Xj4NYW1oW_QtS97Fb5XChXVZS3FPrv0ZS8CkxcMrKwfr6PafC2Li1snSy8DV5H560jvUXY98VlWMUnHWaKS-KL0nFUugD_QAn4-3MxzMo44ucOxGg2alwIIsr7K0d-F2uF8q50Eh2SAVJNeTzDuVm0XQa5c-k8zolfmwn8prB3qOYUnwmiqb5Qp0k0D867nDfro2y04qps0DLB9y_SZE4_aAmHhdjS81nvzicJtiZmX52HM5J4xF6i293TP2Clb7rMAGG9XKDjEtcervP-u8xS-FfFJosmEFkgkoW9fAAOMh-qMociPVw10UxJeonizWTTzjNcQJvq5JBfchvtbR3ZoCtInXWpkxqd4ho9cKG_IsTrHj4O21D3V5FF6LjsnG6XVkpHjFoz6ygygE-9tdB_18NswKKkXjEuxrRXNys0Bsy20B8TIUr05s8vwmnYkFGYm8YNF93yDikk8bf4dOCeac9gV0oMqaz6KHrN1V9sqoEzTpqPc7qED0MmzVdWgzTQLEnPYLryISp7E9kopn8TfyD_PqRm4DNOVWR9LTDr14wYEENdFhp_xWjBEBon9iznfUs3VEu_Xz-NFXN19LhIBitzs3R7o_qvCpr43KKMJ4D5tgdyVWEHQuG7rb94DXFjLDkPc_4wQuR3hCH6GWzEHq3FzSRxdtFp1_OdbAPQu6x9XVhG10lI7_xVHGtGkCQh8Q3REOIAXRP-qLcCPzvaUVxjkHClpRpd8R-7QWfZxDnxruSUmhULg-fV6FcxAMDi6lsTrORDVJ17NOSGOucwTV5oy5fYoqjQ4WHbFOyC9mUAX5dhnPKYd4FobF5F5sND_RuwWrWFvHuEKI14Xx0c_463yFuvO0mzjofjzZqWjk0920WEy3T6CsPOTsZU1xFssqpuQCbeCCIV4ubO1F3bCXTOtK8BRbpYNQEltHnI_vn8nCW3bjt2QUQQkr3tRqE9i0k90RnDTUd3DMN9I6-e859oZ0aakvjxh_bKi9oRcJkYtcxLE1euE87ASUGFRcGVFcZZjWpAmrzbZvOLPskTk-BpSqyari-gtnPZWPKjaWayP48Zn5nm-SroW6k8uQDL7O7RILf0gUnzSJePuzXkLnn14epJmlI9thbvW4ViuVLIAKc5WZEW95VQjf8q-RjTEU_3LwhxpdQGyBgjWq_I2-E44Hm3Bs-lNxshI6yXbNvoIhSFmiOzTXBTZwxU-W0hS8QWtgV-KoT93IZ90ja952fMUeu9GbCv-LKjrmk_RYewPE58DfWQ_yxtGDN5-vQFLpQqdY8_tITTHd3LAwJ2Tqf3mUlHD4Kpk96UE430eP2aqUmkNXTen7dVBqoZe3d--yizZO6p709IxtHUwujTbUtdCMFUalojf5EHbQ&cid=CAASFeRoI-fQZS-7rWFR4FlYLolKAhHo1g&rfl=1%2Chttps%253A%252F%252Fsorteador.com.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
574d0f8eeef6741771d3cef0cc4869634263181bbf42de1e93ca22dcae36d8e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:59:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9215
x-xss-protection
0
server
cafe
etag
10665788317172091938
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Oct 2021 09:59:10 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C209 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com
URL: https://be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 08:58:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262948
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 17 Sep 2022 08:58:06 GMT
truncated
/ Frame C209 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a85a8b029d47677f256a9b52dd4a15bf7e0201d8d02417297254121bcd48261

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F9C2 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Fri, 17 Sep 2021 08:58:07 GMT
expires
Sat, 17 Sep 2022 08:58:07 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
262947
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/ 		145 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
3827f61fb79cfe72886e152f47e32cc6b9e112c40fffbfd254a9828f94ebf65e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53040
x-xss-protection
0
server
cafe
etag
10624087348813358335
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Sep 2021 10:00:36 GMT
index.html
s0.2mdn.net/sadbundle/3287913761834705872/ Frame 4587 		91 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3287913761834705872/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f6.1e100.net
Software
sffe /
Resource Hash
1bc24b5b17d74b4cdc67ab3bfdc22bfd0e7743fc22bd0672cf77b08d0a8cc683
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/sadbundle/3287913761834705872/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Sun, 19 Sep 2021 18:13:15 GMT
expires
Mon, 19 Sep 2022 18:13:15 GMT
last-modified
Tue, 01 Sep 2020 21:03:11 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
21338
age
56839
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame C209 		0
592 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssce9aCwMgYVeEqG0MqeCKwwHYuO-ZZ4UWS5fBNlsXaqiKONL73RhlfYYaktGWRCrKD7ZDl4d9l0VP1fS_p3KnIi1kjCOyMhFcUHCFB75Jgc68vO70dx7jtUYcKtNFQ1IfRt7ijA1l7n4Xk_gZrmmEMQrIB0LMCq3lwvq9ZFU0keeePs4EfGiy-TnvVaFwE79nmUHu1xpFa2LBKrNot5VUc3sl-ptwh54y9-XY4VBhcrK7GIcS3UoVBbBdVnVrFr8Ujp1BU5KneU8MwoeigIrAhF82I9RowiqpSr91Ns1N7zaqClb_q30Q3pJBIwJbaNiSOD9wntWpk4dWfVuAXcLxLTiGRK4lJVYJdspfg-l2cv5E9BrfWa_NdlBQ4dVxXo7t6IFthaWgLHiM1fVPtU0KrZk8lD61Qj-9WMzUp020_InuQzlhsubcFYU0Fefi0TSynycFcTXIgLkLgsstTqHThaQYWc_l-hdnV_d9ztpr7ujOFVHII_9R7CN1_FkM5WJ8COTkrlLjRsCxX2FyPHkG9XkQttvtWg3ajAt_MubQqCFpkNFx1l3XWdc9WMOG3lGKDMoWGKjRwc4Cyexx5D62uCVpXDslAopNGsBOF2zkjLF_vOMJpjp1GEjHYtnYRi7muFYzWPUBq7G0PTTIWGhz2-Oz2k8UvcvIEKG_nYZ6sbhnQbmuEx2cXZDhMO2xxaUtzNRLUWtehUDaIGMPg7qesb30b-bhUeWiI5wWMyS2rZPda0Q0vRIDYtpGUcpOpRVBpJ4LsR3rjnp-Eo5N6uuX2iiiFsfb962c0jwJin3BQdrxqtvWpaXUVLAePV5Ok7bLTD4UC2U1ySGtsDFsPyxP00OpO4_dCzscvYK20oBlHxAH1FBdAWb3kul8WPCogGzCV1WnTmsRKrzqEht5vUTdYLqspbn_8WK88WWhihGVSzgsSlC3hTHg9ldBv9Moo4RvU1pd84g_d0lXa-A3b_7KJDW0Z2vgfHZvaXL2tnOAy-sIddz3VChVW7yvO2ITVNcPokIDrbcsMbGr30_qofeX274abvs79lFfl2l_GFSzMRXgIxtU3aQ19UMLrb4g4XU-kHMLY9b9QaX4xVToKX7yPiTbkLGPUcHsXdBXR9jeu4gBYzWEB1_HhtH4&sai=AMfl-YQgEAz7mzQs_Me2z30Wwgvgq-20hqN5-1L-SEH0T55wY8x2DCV_1pmGzeg6Yi7m3V-4VVl34jr7AkUNAf7shVFCKoYFdhJRqAv5GwViukscr1E03w8wrWvvzr-jbFLWIbBXgDUnqwlcQYi32dUPnhwfwjep21FrnXUo1QE&sig=Cg0ArKJSzOaJNcwyEx-_EAE&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=114&cbvp=1&cstd=112&cisv=r20210915.31004&adurl=
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Mon, 20 Sep 2021 10:00:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
YqSUqZI0IRdbUAy163IJKnGw-hEMSU1MpsI8iakDbOc.js
pagead2.googlesyndication.com/bg/ Frame F9C2 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YqSUqZI0IRdbUAy163IJKnGw-hEMSU1MpsI8iakDbOc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
62a494a9923421175b500cb5eb72092a71b0fa110c494d4ca6c23c89a9036ce7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:24:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
2178
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13243
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 14:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Tue, 20 Sep 2022 09:24:16 GMT
css
fonts.googleapis.com/ Frame 4587 		2 KB
536 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3287913761834705872/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
ESF /
Resource Hash
99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 08:52:01 GMT
server
ESF
date
Mon, 20 Sep 2021 10:00:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 20 Sep 2021 10:00:34 GMT
DcmEnabler_01_244.js
s0.2mdn.net/879366/ Frame 4587 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_244.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3287913761834705872/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f6.1e100.net
Software
sffe /
Resource Hash
5cda1be06cbf31fbdc5afc91a547b3ff68a4ed02bf4fc98e02625875fa7848de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3287913761834705872/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 17:57:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57799
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10271
x-xss-protection
0
last-modified
Tue, 07 Jul 2020 18:35:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 20 Sep 2021 17:57:15 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 4587 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 08:46:15 GMT
x-content-type-options
nosniff
age
436459
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 15 Sep 2022 08:46:15 GMT
TS-Online-EN.png
s0.2mdn.net/sadbundle/3287913761834705872/ Frame 4587 		628 KB
629 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3287913761834705872/TS-Online-EN.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3287913761834705872/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f6.1e100.net
Software
sffe /
Resource Hash
1459a4c2d036e9bf1a897002f1e18a3b502c9661bacd06e616bd08d422058dd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3287913761834705872/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 08:57:06 GMT
x-content-type-options
nosniff
age
522208
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
643563
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 21:03:11 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Sep 2022 08:57:06 GMT
BitdefenderLogo_white-_2_.png
s0.2mdn.net/sadbundle/3287913761834705872/ Frame 4587 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3287913761834705872/BitdefenderLogo_white-_2_.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3287913761834705872/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f6.1e100.net
Software
sffe /
Resource Hash
09390420931de1a5876504eb4ebc8af93bd0464e7837af05c971b8afd33f6dbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3287913761834705872/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 07:17:31 GMT
x-content-type-options
nosniff
age
96183
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28426
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 21:03:11 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 19 Sep 2022 07:17:31 GMT
BD2020-UFSolutions-728x90.jpg
s0.2mdn.net/sadbundle/3287913761834705872/ Frame 4587 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3287913761834705872/BD2020-UFSolutions-728x90.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3287913761834705872/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f6.1e100.net
Software
sffe /
Resource Hash
25ca8d40663e68ab949b973ba270ac76530001f7615cef358ee75369d7cad50c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3287913761834705872/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 16:20:20 GMT
x-content-type-options
nosniff
age
63614
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17122
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 21:03:11 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 19 Sep 2022 16:20:20 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C209 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssce9aCwMgYVeEqG0MqeCKwwHYuO-ZZ4UWS5fBNlsXaqiKONL73RhlfYYaktGWRCrKD7ZDl4d9l0VP1fS_p3KnIi1kjCOyMhFcUHCFB75Jgc68vO70dx7jtUYcKtNFQ1IfRt7ijA1l7n4Xk_gZrmmEMQrIB0LMCq3lwvq9ZFU0keeePs4EfGiy-TnvVaFwE79nmUHu1xpFa2LBKrNot5VUc3sl-ptwh54y9-XY4VBhcrK7GIcS3UoVBbBdVnVrFr8Ujp1BU5KneU8MwoeigIrAhF82I9RowiqpSr91Ns1N7zaqClb_q30Q3pJBIwJbaNiSOD9wntWpk4dWfVuAXcLxLTiGRK4lJVYJdspfg-l2cv5E9BrfWa_NdlBQ4dVxXo7t6IFthaWgLHiM1fVPtU0KrZk8lD61Qj-9WMzUp020_InuQzlhsubcFYU0Fefi0TSynycFcTXIgLkLgsstTqHThaQYWc_l-hdnV_d9ztpr7ujOFVHII_9R7CN1_FkM5WJ8COTkrlLjRsCxX2FyPHkG9XkQttvtWg3ajAt_MubQqCFpkNFx1l3XWdc9WMOG3lGKDMoWGKjRwc4Cyexx5D62uCVpXDslAopNGsBOF2zkjLF_vOMJpjp1GEjHYtnYRi7muFYzWPUBq7G0PTTIWGhz2-Oz2k8UvcvIEKG_nYZ6sbhnQbmuEx2cXZDhMO2xxaUtzNRLUWtehUDaIGMPg7qesb30b-bhUeWiI5wWMyS2rZPda0Q0vRIDYtpGUcpOpRVBpJ4LsR3rjnp-Eo5N6uuX2iiiFsfb962c0jwJin3BQdrxqtvWpaXUVLAePV5Ok7bLTD4UC2U1ySGtsDFsPyxP00OpO4_dCzscvYK20oBlHxAH1FBdAWb3kul8WPCogGzCV1WnTmsRKrzqEht5vUTdYLqspbn_8WK88WWhihGVSzgsSlC3hTHg9ldBv9Moo4RvU1pd84g_d0lXa-A3b_7KJDW0Z2vgfHZvaXL2tnOAy-sIddz3VChVW7yvO2ITVNcPokIDrbcsMbGr30_qofeX274abvs79lFfl2l_GFSzMRXgIxtU3aQ19UMLrb4g4XU-kHMLY9b9QaX4xVToKX7yPiTbkLGPUcHsXdBXR9jeu4gBYzWEB1_HhtH4&sai=AMfl-YQgEAz7mzQs_Me2z30Wwgvgq-20hqN5-1L-SEH0T55wY8x2DCV_1pmGzeg6Yi7m3V-4VVl34jr7AkUNAf7shVFCKoYFdhJRqAv5GwViukscr1E03w8wrWvvzr-jbFLWIbBXgDUnqwlcQYi32dUPnhwfwjep21FrnXUo1QE&sig=Cg0ArKJSzOaJNcwyEx-_EAE&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=279&vt=11&dtpt=165&dett=3&cstd=112&cisv=r20210915.31004&adurl=
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 20 Sep 2021 10:00:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame F9C2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BM62CwltIYdr7IMWIrAT0v53oAwAAAAA4AeAEAg&bg=!7e6l7qrNAAaUnz4elJ87ACkAdvg8Wn1i9RE-a-slskvzZ16Swa508Qt63w127iYjpMHAw6St3Wb3BQIAAABwUgAAAApoAQeZAugwiTtEJi8MnlltC286Mc_Cq3MTbQoPNhW9zUdPw1ggtv-rCMqkX4Zh21pVIIINTCTHGVYFx1wnHct1MdCHk_95XpiJZCc0z_PE0-ZfFVG5E9Q09fkJ-WowvySUsjg2H11y0seL0GZcgaZkIM46i_WKSJxJH5HW97Y3xcuFR5nZ8flgE2ZLBW43wVMnSymfWkud5NN-1H72gcMUibGGovkZHd0CAJwCZqN_XBCcQFB-0-PoiB9Aa9UCmryRiYTVEcuTPb5f5zax_eUSaOqQeRBGBejOAdMonv0U99_ZLwFK43iGk5TeV2N2hD_Q-RUXq5ssIDfWY3qlvIXz-trgE-pI1MS-p1FL97yIvlzR5iMdRw_e1EZLdYCfgCBuSVyH5fOAaXZW4dFv-fFt4bKlbjwjz08KkOJGUBn9SD9JYPwb8nvHgbjgZ9a0dftv7-sc5QG6X4sCgCX77gXo5KbTnAFJPtSY7Pdg79cilL93x_JvTPjGVCBxG-fN_RRR8eQu0qR5nAnGgaA3-TYBRrShxwr8np1bvFQ6NJHRMx2OMib55eeS6dBHrixwGFAePco6-a-kyeZ3ycvkDzl-130Le6qjqLxWZNKPOMdlv4Hv_GCMgXlbaL_U81Qxob7l6xMkzUP2iPlNvQO5XdyoP4Zf5fIYdpugUeiM-IAafWmpLV1nZe71BNocckp4jllb4TmyjB2aDc79Kl-NlT5Ctq6L3czkDQM1zj-0uIYQBcz5vZcF22Q0gYJu3X1CMWBoZK5BWiKnwAtkZF7nG3_sBkqfOmMTdd0T9m7iakHPGHIkvS486B4tNdJB0Xn5okLO3SzJHF9XPdfCTjb7BDw5AekSiEdG8xANWULGtrAG-R2eW3b95QNgLBZuCGqyuy_NzhtGYAh3ZlbPIpSBbLyxCysNXHnOEvYFTGrim7L7YcS3b-Kqr1ACmXjn0xtiorXNO5ul-S-zqjBL8yBdIc7rKOHJl5YpxqjrbSZgYmg
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Sep 2021 10:00:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C209 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstH9kcNOl0anXa29Y5AstucFEOBOxFQ4NGn9E_oay5BxFWfmlNnf_EXoKXpWnZF7SsmTnYUIYHQZmsXUjACPxV_KQruQWpRHGGRYg-V82YbXLEPXSg&sai=AMfl-YRmfAG9X8sewVegmyLkf1fPdeJRElmGeAq5O0798B7eUUKGzxMwuNjRKFcZxio0fOrpSeqCQSMbA6CLl0O-tLrOtYZBf4_yEnmaLOkmRDO0zmFiopl9F9FF07Vcd3M&sig=Cg0ArKJSzExX9V-uWQWREAE&cid=CAASFeRoI-fQZS-7rWFR4FlYLolKAhHo1g&id=lidar2&mcvt=1001&p=1110,436,1200,1164&asp=1110,436,1200,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210917&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2911887401&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&eosm=0&rst=1632132034481&rpt=167&isd=0&lsd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Sep 2021 10:00:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
api.gif
v3.denakop.com/ 		0
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3.denakop.com/api.gif?a=10177&d=desktop&b=Chrome&o=Windows&v=4.0.7&sw=1600&sh=1200&ac=v&p=https%3A%2F%2Fsorteador.com.br%2Fsorteio-no-facebook&t=1632132036484&cb=0.10231578443510991&aa=under
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.4.165 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Sep 2021 10:00:36 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
image/gif
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges
bytes
cf-ray
691a352c0e5c6961-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sorteador.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 20 Sep 2021 10:00:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/ Frame F276 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorteador.com.br/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUkJy9V-ua_8Xv-sx_hNN64vEWR8WBArrv9Z-Wm_yUNpGYP11gY9wC-b_srhUS8; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 20 Sep 2021 01:20:06 GMT
expires
Mon, 04 Oct 2021 01:20:06 GMT
content-type
text/html; charset=UTF-8
etag
13836150016441684253
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4591
x-xss-protection
0
age
31230
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css2
fonts.googleapis.com/ Frame F276 		4 KB
633 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
ESF /
Resource Hash
e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 08:57:52 GMT
server
ESF
date
Mon, 20 Sep 2021 10:00:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 20 Sep 2021 10:00:36 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F276 		205 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f3.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 16:27:22 GMT
x-content-type-options
nosniff
age
63194
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 19 Sep 2022 16:27:22 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F276 		604 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f3.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 19:55:10 GMT
x-content-type-options
nosniff
age
50726
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 19 Sep 2022 19:55:10 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/elements/html/ Frame F276 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
cafe /
Resource Hash
89e590d44510a10b9602ebffa228e2d8a2f2aeb1acc462b51cd19df5f5434308
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 08:44:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4548
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7656
x-xss-protection
0
server
cafe
etag
8352096984186353373
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Oct 2021 08:44:48 GMT
css
fonts.googleapis.com/ Frame 56F2 		3 KB
578 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 08:56:36 GMT
server
ESF
date
Mon, 20 Sep 2021 10:00:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 20 Sep 2021 10:00:36 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame 56F2 		1 KB
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
cafe /
Resource Hash
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:49:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
638
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
830
x-xss-protection
0
server
cafe
etag
3558876194914413708
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Oct 2021 09:49:58 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/ Frame 56F2 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
cafe /
Resource Hash
7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:59:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7612
x-xss-protection
0
server
cafe
etag
7316329070599479730
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Oct 2021 09:59:10 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame 56F2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:58:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
128
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Oct 2021 09:58:28 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 56F2 		128 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
daaaa4101e8414d3c9c0baab3c015599b7e1fa70035268b8ba23ea6790f00bf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39526
x-xss-protection
0
server
sffe
etag
"1631879102694099"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Mon, 20 Sep 2021 10:00:36 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame 56F2 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
cafe /
Resource Hash
127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:57:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6211
x-xss-protection
0
server
cafe
etag
18326705275735229343
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Oct 2021 09:57:16 GMT
8b8c639f95e935c054a6465040a495ee.js
www.gstatic.com/mysidia/ Frame 56F2 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8b8c639f95e935c054a6465040a495ee.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f3.1e100.net
Software
sffe /
Resource Hash
42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 09:35:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
87883
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10883
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 04:03:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Sat, 18 Dec 2021 09:35:53 GMT
YqSUqZI0IRdbUAy163IJKnGw-hEMSU1MpsI8iakDbOc.js
pagead2.googlesyndication.com/bg/ Frame 1246 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YqSUqZI0IRdbUAy163IJKnGw-hEMSU1MpsI8iakDbOc.js
Requested by
Host: sorteador.com.br
URL: https://sorteador.com.br/sorteio-no-facebook
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
62a494a9923421175b500cb5eb72092a71b0fa110c494d4ca6c23c89a9036ce7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:24:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
2180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13243
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 14:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Tue, 20 Sep 2022 09:24:16 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210915&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
2b5bcfe9cb1953d5ee3bc9a0152722b22f439c0b129e452ea3d706f77bf7ab71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 20 Sep 2021 10:00:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8438
x-xss-protection
0
twk-main.js
embed.tawk.to/_s/v4/app/61483167bf6/js/ 		121 B
469 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-main.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5a1c1b52198bd56b8c03d978/1ff44rgdt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sorteador.com.br/
Origin
https://sorteador.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
6618
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:03 GMT
server
cloudflare
etag
W/"da5bb1dc647470204df0e49f5afac2de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
691a352e6fcfdfb7-FRA
twk-vendor.js
embed.tawk.to/_s/v4/app/61483167bf6/js/ 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-vendor.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5a1c1b52198bd56b8c03d978/1ff44rgdt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sorteador.com.br/
Origin
https://sorteador.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
6618
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:03 GMT
server
cloudflare
etag
W/"7dcb496e4882926f93f2e73fa87062c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
691a352e6fd9dfb7-FRA
twk-chunk-vendors.js
embed.tawk.to/_s/v4/app/61483167bf6/js/ 		191 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-vendors.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5a1c1b52198bd56b8c03d978/1ff44rgdt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ee71aa15bd6f5e9f650cb2fd28073635fe050d7e71b61a7dae31094f5466236
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sorteador.com.br/
Origin
https://sorteador.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
6618
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:03 GMT
server
cloudflare
etag
W/"f5397b5e368531031773bbfe6ac26ab8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
691a352e6fd4dfb7-FRA
twk-chunk-common.js
embed.tawk.to/_s/v4/app/61483167bf6/js/ 		136 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-common.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5a1c1b52198bd56b8c03d978/1ff44rgdt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
509e2fdc820147df1cdc5f27fca75ad561761f95af1b68faab42160013f8f2c3
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sorteador.com.br/
Origin
https://sorteador.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
6618
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:03 GMT
server
cloudflare
etag
W/"9bc7c334899155070faef320af658bae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
691a352e6fd5dfb7-FRA
twk-runtime.js
embed.tawk.to/_s/v4/app/61483167bf6/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-runtime.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5a1c1b52198bd56b8c03d978/1ff44rgdt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
631105904eaf607e58b401a5bb1b8cf111d9c22e0576a6571cb39077aaac3211
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sorteador.com.br/
Origin
https://sorteador.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
6618
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:03 GMT
server
cloudflare
etag
W/"c9988f3f6096def2f280e804e16e18fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
691a352e6fd7dfb7-FRA
twk-app.js
embed.tawk.to/_s/v4/app/61483167bf6/js/ 		151 B
529 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-app.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5a1c1b52198bd56b8c03d978/1ff44rgdt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sorteador.com.br/
Origin
https://sorteador.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
6618
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:03 GMT
server
cloudflare
etag
W/"e736e189edb5d0d9d5b8e7f23dd9114a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
691a352e6fd8dfb7-FRA
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 20 Sep 2021 10:00:36 GMT
register
va.tawk.to/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/register
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26350735e44149cd5f347a02ccfd290b1bdcdd0bd660e4fe7eca48a61af2d942
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sorteador.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 20 Sep 2021 10:00:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
visitor-application-preemptive-swt9
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://sorteador.com.br
vary
Accept-Encoding
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
691a352f2d574e3d-FRA
access-control-allow-headers
content-type,x-tawk-token
widget-settings
va.tawk.to/v1/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/widget-settings?propertyId=5a1c1b52198bd56b8c03d978&widgetId=1ff44rgdt&sv=undefined
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6fd5cc156c1d889f269c734c6c0eae03f62c8937dfb21343c5db0043f107c43
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
visitor-application-preemptive-rftn
server
cloudflare
etag
W/"2-5-0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=7200, s-maxage=1800
cf-ray
691a352f190f6993-FRA
access-control-allow-headers
content-type,x-tawk-token
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 1B9F 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorteador.com.br/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Mon, 20 Sep 2021 09:43:19 GMT
expires
Tue, 20 Sep 2022 09:43:19 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1037
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame CDFE 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
GSE /
Resource Hash
a988c259261451cc602706f86d2bac1220622c8fcdba2c9c1d0a7da3c6092027
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5mRQGa9wxiZwberZKtUvZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorteador.com.br/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 20 Sep 2021 10:00:36 GMT
date
Mon, 20 Sep 2021 10:00:36 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-5mRQGa9wxiZwberZKtUvZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
YqSUqZI0IRdbUAy163IJKnGw-hEMSU1MpsI8iakDbOc.js
pagead2.googlesyndication.com/bg/ Frame 1B9F 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YqSUqZI0IRdbUAy163IJKnGw-hEMSU1MpsI8iakDbOc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
62a494a9923421175b500cb5eb72092a71b0fa110c494d4ca6c23c89a9036ce7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:24:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
2180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13243
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 14:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Tue, 20 Sep 2022 09:24:16 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame CDFE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210915&jk=4285411369248082&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210915&jk=4285411369248082&bg=!VValVhLNAAaUnz4elJ87ACkAdvg8WiUJrTmXp2mjAdbcxJ9gLL4AAKWM2_xoGk3bHaE9qhxjOrij2AIAAABcUgAAAAhoAQcKAI6Db5GW289GkLKVYG5S0yOoeRkd8z5afHQyHXs8Xx0drxx5Wws8-LcxhqoVf46sGr-dC1RS3MqXbZqzUdTMcytg7NqbQJ4Uwar1v3JPoI5EH2iekzB1yn6mOGqseK-63trm3aKJPMUFGCBqyYgk_aIE0H-WAsYUVjX581VRlNIK8FqejogfgpCwPmTZK0cumQK1GsJzLzteksdgBoA1jQnHsDNuwkg83ay5xY8KOdMtRzC3AAnvGd1eR27R0DkkdCzpWPh5Yxs5N2B4HnAT3FINnjjlz-YKeb-bOaWnwo4gAPQt6PdYa0L1hsxAsvKMV6CEVzv0BptBHsL8Q98z4qN8THcQ5bZBjYcQmNI7FPJdK0ziiz4ukVhNyXq3zMoDWWNV9CVzsYcIDsY-XmzjlTX1n4JjP7UGRIjvDVcWzwYe4uVVRTcV0ieuT5jG6h3wGVvWCIqwW45hJmPBxDTrOYOZv86sufUuRnz2mivkN9ODEt-trBrhWabu6e1b3q92bnlODS8xD3HiwPHLlrLiJlKXSi3_-8KNT_XaX_WNj9aIeAcWX-QGhnT5EV8DmYWn-Vzdv-iTzaFBrK-Q7fu370tvblRMvu4gjaF8iG4PY3_zMVsuiyaGUgQqHPzqFPsW5cmNPMpYKhBT8Lf1ZjVbi6o3SZxqiLoff_4mohjjjFlcf0ZL3HyMbchk9GgRa_qnkp_69phaETSWWp1xy5LHzNhhhSAx4IacmAtIVZo36kjVH5tQAPu8vl3G_qa0MZbN76ie0zs-r80uueVdyZ_AeZihEQaQuBW0f-rEHdMF_-jZttRPDCZaYFRfH1EgJ7rslzJEgQMuxjBKkx9Zd4cORgZEVaFzxS455hBxsvibGhlVnpb21agGQcXr-PEUtGJCMC50K8PVysCWte96PMY-9Vc2aIMBMKedS3qZGIURmYLH7Lb-tv0UBF-lVT4z3h_rYfL1SRCa0HmaIp7SViCcDdmrSJsUFXff_849BrDbi6yZfXkrDP3Qhpc45WAeFoxHXC-DbQwZ7nJ8w9Vis6P248ISuiDXx3LUhSl5WXNjir4rMRlo1b27gCGREmrXRtymSKqntDIdYeuoUqTIAi24ZyXv4Zt25Ft2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
pt_br.js
embed.tawk.to/_s/v4/app/61483167bf6/languages/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/languages/pt_br.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4abc1b2fe98380c19d7557d1550b433dc4ce844512306d3f754c7b9e56c2b789
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
10703
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:03 GMT
server
cloudflare
etag
W/"dda677a1f0dfc313385243cb2008e89d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
691a353249d42b41-FRA
twk-chunk-2d0d2b7c.js
embed.tawk.to/_s/v4/app/61483167bf6/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-2d0d2b7c.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0258bf0904baa243eb5f64f1607f3f568ac3aa3290b3f50f673968c71344c37d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
10720
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:03 GMT
server
cloudflare
etag
W/"722cffb3daa1570354cb1b80cb4846c1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
691a35352e8d2b41-FRA
twk-chunk-2d224aff.js
embed.tawk.to/_s/v4/app/61483167bf6/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-2d224aff.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51aebceae05d7c7bc2c7b6e081db6f193051f6da42db106e6190a327bfec3887
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
10720
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:03 GMT
server
cloudflare
etag
W/"6da1d3fedb4f02e72841b12ea46a3b69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
691a35352e902b41-FRA
twk-chunk-f1596d96.js
embed.tawk.to/_s/v4/app/61483167bf6/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-f1596d96.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f2dd287b85e6611792422486676043848792c63fd5d37551f4b1de8575bcdb3
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
10720
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:03 GMT
server
cloudflare
etag
W/"39ad72483ef8e38d00f38e474d3165a6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
691a35352e912b41-FRA
twk-chunk-48f46bef.js
embed.tawk.to/_s/v4/app/61483167bf6/js/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-48f46bef.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d30ff127c1558967e1b8b2ff4c67587c79fef936b5b0ca61a6f8ea02c7d4415
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
10720
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:03 GMT
server
cloudflare
etag
W/"dff7e7b637ab438f5f1b10264d56ebca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
691a35352e922b41-FRA
twk-chunk-4fe9d5dd.js
embed.tawk.to/_s/v4/app/61483167bf6/js/ 		942 B
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-4fe9d5dd.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
10720
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:03 GMT
server
cloudflare
etag
W/"5f434bdd806571a4e1b385bee9316ff6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
691a35352e932b41-FRA
twk-chunk-2d0b9454.js
embed.tawk.to/_s/v4/app/61483167bf6/js/ 		546 B
706 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-2d0b9454.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
10720
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:03 GMT
server
cloudflare
etag
W/"09c3819d373bd4178a620d721429fada"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
691a35352e972b41-FRA
twk-chunk-f163fcd0.js
embed.tawk.to/_s/v4/app/61483167bf6/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-f163fcd0.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf64b7caeb2a605264e93f82d9316b04b5cea1983aaf982020ae3ea6bd836ee8
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
10720
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:03 GMT
server
cloudflare
etag
W/"bd8b7745dd473d1c97cf29616df94bd6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
691a35352e992b41-FRA
twk-chunk-35f53b3a.js
embed.tawk.to/_s/v4/app/61483167bf6/js/ 		64 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-35f53b3a.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78df5371e5481796ff1ab16bd1f6e74fd2feffc1224680500aee2155589ac3cf
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
10720
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:03 GMT
server
cloudflare
etag
W/"4f52ca0830a3e9c2a1955d242f03a199"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
691a35352e9b2b41-FRA
/
vsb117.tawk.to/s/ 		101 B
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsb117.tawk.to/s/?k=61485bc535c71e27424cd540&cver=0&pop=false&asver=437&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI1YTFjMWI1MjE5OGJkNTZiOGMwM2Q5NzgiLCJ2aWQiOiI1YmI4OTJjN2VhZTVjZWUzZGQ0NjU0OGU5MzdhMzgyYWJlZmFmNTkzZDAwNTRmOGU2Y2Y2NmU2ODdmMjMzZjNmIiwiaWF0IjoxNjMyMTMyMDM3LCJleHAiOjE2MzIxMzM4MzcsImp0aSI6ImVWZXhKLWE4ZkltZ0x1VnZ1MGVOTyJ9.TUp66QNgFaG3OJTPre3WDaR1zWNFCpvSNe47kZRi4N9FepT9ODHcjsGAKrqPho3TaA0n9EDGT372CRCtVaka8w&EIO=3&transport=polling&__t=Nm2fdqq
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e70f67c452fd7e13b982832e5bb1d98f77dfbb187b7c9628f69a3bd6fc14113e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:38 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://sorteador.com.br
access-control-allow-credentials
true
cf-ray
691a353549d24e3d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
101
min-widget.css
embed.tawk.to/_s/v4/app/61483167bf6/css/ Frame AB47 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/css/min-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-2d0d2b7c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34533e0e1da75160a7daf8a64a6c8e84d3ee9b9265695cfdf0ce3ce7ccac0139
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
10719
cf-polished
origSize=25050
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:02 GMT
server
cloudflare
etag
W/"ca07acfc9643befa104a07a93067f7c8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
691a35356f0a2b41-FRA
cf-bgj
minify
bubble-widget.css
embed.tawk.to/_s/v4/app/61483167bf6/css/ Frame 9FB9 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/css/bubble-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-2d0d2b7c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
10720
cf-polished
origSize=13594
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:02 GMT
server
cloudflare
etag
W/"ce7913b80c763449b3895d46419f7a6b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
691a35358f2e2b41-FRA
cf-bgj
minify
message-preview.css
embed.tawk.to/_s/v4/app/61483167bf6/css/ Frame C606 		37 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/css/message-preview.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-2d0d2b7c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c441a4185403c04c6660b68f8e08dbb2c1006c6a0f792fd454216a35b73fc867
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
10720
cf-polished
origSize=37650
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:02 GMT
server
cloudflare
etag
W/"792b46302ed8c4acdf03169ba30069fc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
691a35358f352b41-FRA
cf-bgj
minify
max-widget.css
embed.tawk.to/_s/v4/app/61483167bf6/css/ Frame 0AEA 		72 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/css/max-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-2d0d2b7c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e21c61919ec004e9d18cfb704145ae487ec9add63437f5b09d84aa04944db103
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
10720
cf-polished
origSize=73817
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:02 GMT
server
cloudflare
etag
W/"892ddb1a25ecef753428866428aea000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
691a35359f502b41-FRA
cf-bgj
minify
css
fonts.googleapis.com/ Frame AB47 		7 KB
591 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/css/min-widget.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
ESF /
Resource Hash
6cb55dbfadd93b87021f5281d31950151aa41e0b067c0c134f60331fa5243e89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://embed.tawk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 08:58:08 GMT
server
ESF
date
Mon, 20 Sep 2021 10:00:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 20 Sep 2021 10:00:38 GMT
css
fonts.googleapis.com/ Frame C606 		7 KB
591 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/css/message-preview.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
ESF /
Resource Hash
6cb55dbfadd93b87021f5281d31950151aa41e0b067c0c134f60331fa5243e89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://embed.tawk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 09:43:47 GMT
server
ESF
date
Mon, 20 Sep 2021 10:00:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 20 Sep 2021 10:00:38 GMT
168-r-br.svg
embed.tawk.to/_s/v4/assets/images/attention-grabbers/ Frame 9FB9 		22 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://embed.tawk.to/_s/v4/assets/images/attention-grabbers/168-r-br.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5108ef00c54e1f6ce859852834135447457cf19ee19aa7b0fb55b64b425cb526
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
632328
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 22 May 2021 07:25:19 GMT
server
cloudflare
etag
W/"f66e029841759471d2ec78b86760dca7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
image/svg+xml
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
691a3535bf682b41-FRA
css
fonts.googleapis.com/ Frame 0AEA 		7 KB
591 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/css/max-widget.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
ESF /
Resource Hash
6cb55dbfadd93b87021f5281d31950151aa41e0b067c0c134f60331fa5243e89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://embed.tawk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 09:08:35 GMT
server
ESF
date
Mon, 20 Sep 2021 10:00:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 20 Sep 2021 10:00:38 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ Frame AB47 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sorteador.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 15:11:30 GMT
x-content-type-options
nosniff
age
586148
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 15:11:30 GMT
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 		295 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
2514615
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
53889
etag
W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
x-served-by
cache-fra19134-FRA, cache-hhn4076-HHN
date
Mon, 20 Sep 2021 10:00:38 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
/
vsb117.tawk.to/s/ 		77 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsb117.tawk.to/s/?k=61485bc535c71e27424cd540&cver=0&pop=false&asver=437&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI1YTFjMWI1MjE5OGJkNTZiOGMwM2Q5NzgiLCJ2aWQiOiI1YmI4OTJjN2VhZTVjZWUzZGQ0NjU0OGU5MzdhMzgyYWJlZmFmNTkzZDAwNTRmOGU2Y2Y2NmU2ODdmMjMzZjNmIiwiaWF0IjoxNjMyMTMyMDM3LCJleHAiOjE2MzIxMzM4MzcsImp0aSI6ImVWZXhKLWE4ZkltZ0x1VnZ1MGVOTyJ9.TUp66QNgFaG3OJTPre3WDaR1zWNFCpvSNe47kZRi4N9FepT9ODHcjsGAKrqPho3TaA0n9EDGT372CRCtVaka8w&EIO=3&transport=polling&__t=Nm2fdtG.0&sid=9iwHLgjGiJzWDtEdZoza
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-vendors.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8a85e768f06a2f0607147705b8d67706b4074884321aeace614b3b9f7ed751a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:38 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://sorteador.com.br
access-control-allow-credentials
true
cf-ray
691a353628152b41-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
77
v3
va.tawk.to/log-performance/ 		5 B
384 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/log-performance/v3
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sorteador.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 20 Sep 2021 10:00:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
visitor-application-preemptive-4l9r
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://sorteador.com.br
vary
Accept-Encoding
access-control-allow-credentials
true
cf-ray
691a3536fd00dfb7-FRA
access-control-allow-headers
content-type,x-tawk-token
/
vsb117.tawk.to/s/ 		4 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsb117.tawk.to/s/?k=61485bc535c71e27424cd540&cver=0&pop=false&asver=437&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI1YTFjMWI1MjE5OGJkNTZiOGMwM2Q5NzgiLCJ2aWQiOiI1YmI4OTJjN2VhZTVjZWUzZGQ0NjU0OGU5MzdhMzgyYWJlZmFmNTkzZDAwNTRmOGU2Y2Y2NmU2ODdmMjMzZjNmIiwiaWF0IjoxNjMyMTMyMDM3LCJleHAiOjE2MzIxMzM4MzcsImp0aSI6ImVWZXhKLWE4ZkltZ0x1VnZ1MGVOTyJ9.TUp66QNgFaG3OJTPre3WDaR1zWNFCpvSNe47kZRi4N9FepT9ODHcjsGAKrqPho3TaA0n9EDGT372CRCtVaka8w&EIO=3&transport=polling&__t=Nm2fdvR&sid=9iwHLgjGiJzWDtEdZoza
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-vendors.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorteador.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:00:38 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://sorteador.com.br
access-control-allow-credentials
true
cf-ray
691a3536f9952b41-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| onbeforexrselect boolean| originAgentCluster object| CloudflareApps object| Pace object| dataLayer object| webpackJsonpsorteador-frontend function| postscribe object| google_tag_manager_external object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings object| gaplugins object| gaGlobal object| gaData object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| googletag object| ggeac object| google_js_reporting_queue function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter boolean| google_measure_js_timing function| dkpbjsChunk object| dkpbjs object| _pbjsGlobals object| denakop object| Tawk_API object| Tawk_LoadStart object| CleverCore undefined| sentryScript number| CleverCoreRegistryLoaded number| google_srt object| google_logging_queue object| google_ad_modifications object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| siteKitSDKJSP function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk object| sk object| google_llp number| google_lpabyc object| GoogleGcLKhOms object| tawkJsonp function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| regeneratorRuntime object| Tawk_Window object| emojione

27 Cookies

Domain/Path Name / Value
.sorteador.com.br/ Name: _ga
Value: GA1.3.1263839898.1632132033
.sorteador.com.br/ Name: _gid
Value: GA1.3.372412081.1632132033
.sorteador.com.br/ Name: _gat_UA-2896196-2
Value: 1
.sorteador.com.br/ Name: _hjid
Value: 2c0526bb-cee8-4f47-83ea-460dc47ff403
.sorteador.com.br/ Name: _hjFirstSeen
Value: 1
sorteador.com.br/ Name: _hjIncludedInPageviewSample
Value: 1
.sorteador.com.br/ Name: _hjAbsoluteSessionInProgress
Value: 1
.adnxs.com/ Name: icu
Value: ChgI8_hXEAoYASABKAEwwbehigY4AUABSAEQwbehigYYAA..
.adnxs.com/ Name: uuid2
Value: 4831282058839877411
sorteador.com.br/ Name: clever-last-tracker-42908
Value: 1
sorteador.com.br/ Name: clever-counter-42908
Value: 0-1
.denakop.com/ Name: uxid
Value: ZPHzwpkgTjeA7zWmAx5cLw%2F0
.clevernt.com/ Name: hstpv4user
Value: eyJJRCI6IjM5NDExMTM5d2FuNjE0ODViYzIwYWQwMyIsIkNUUiI6IlVTIiwiUmVnaW9uIjpudWxsLCJCcm93c2VyIjoiQ2hyb21lIiwiUGxhdGZvcm0iOiJXaW5kb3dzIiwiTW9iaWxlIjowLCJCb3QiOjAsInJlbW90ZV9hZGRyIjoiMzYzMjQ5MzExNiIsIkxhc3RVcGRhdGUiOjE2MzIxMzIwMzR9
mmwebhandler.aff-online.com/ Name: uffiliate_click_42492_1099597_
Value: uffiliate_click_42492_1099597_
.sorteador.com.br/ Name: __gads
Value: ID=121fd4b8c944eb25-2259fe1c3ec900bb:T=1632132033:S=ALNI_Ma58nVC1R83GYY75O2nR-pPWtr3_w
.doubleclick.net/ Name: IDE
Value: AHWqTUkJy9V-ua_8Xv-sx_hNN64vEWR8WBArrv9Z-Wm_yUNpGYP11gY9wC-b_srhUS8
.casalemedia.com/ Name: CMID
Value: YUhbws8tbeIzhulp2d1noQAA
.casalemedia.com/ Name: CMPS
Value: 5217
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.casalemedia.com/ Name: CMPRO
Value: 1144
.casalemedia.com/ Name: CMST
Value: YUhbwmFIW8IA
.casalemedia.com/ Name: CMRUM3
Value: 2d61485bc22760CAESEBpdRO2Jorvr4xTsv_aser4
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Hbzwr5C$!@wnfH8K6pQK`!5=E<*L5?%K33juml=kOz>g=KUo_0=b*5uFNlC2]-)OoEP0%nugO%v4VB%nm2I)gubO
va.tawk.to/ Name: ss
Value: 5wf5u69vqy
va.tawk.to/ Name: tawkUUID
Value: IfvMKCeKzoBabmsvuAsLMNj3NrT0RCc%2FkT1jqdWoKNzPeX%2BlA1%2FYzb9QhQQw0UdT%7C%7C2
sorteador.com.br/ Name: TawkConnectionTime
Value: 0
.sorteador.com.br/ Name: __tawkuuid
Value: e::sorteador.com.br::e2Gyr5b8yaVf8emLxZ9QHhNOJnFdssNlKBSvstHpxwH2O4vJWJ8mv8XetKGC+1Db::2

1 Console Messages

Source Level URL
Text
network error URL: https://www.888casino.com/exclusive-mob/starburst-hot.htm?sr=1099597&mm_id=42492&utm_source=aff&utm_medium=casap&utm_content=100090451&utm_campaign=100090451_Luisao
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
api.getsitekit.com
be9deabb610ecde2e33cbcbf885d45bc.safeframe.googlesyndication.com
bus.clevernt.com
c2shb.ssp.yahoo.com
cdn.jsdelivr.net
cm.g.doubleclick.net
d33wubrfki0l68.cloudfront.net
dsum-sec.casalemedia.com
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
in.hotjar.com
mmwebhandler.aff-online.com
pagead2.googlesyndication.com
partner.googleadservices.com
prebid-us.creativecdn.com
s0.2mdn.net
script.hotjar.com
scripts.cleverwebserver.com
sdk.getsitekit.com
securepubads.g.doubleclick.net
sender.clevernt.com
sorteador.com.br
static.hotjar.com
stats.g.doubleclick.net
tags.denakop.com
tpc.googlesyndication.com
ui.cleverwebserver.com
v3.denakop.com
va.tawk.to
vars.hotjar.com
vc.hotjar.io
vsb117.tawk.to
www.888casino.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.21.27.44
104.21.32.77
104.22.24.131
104.22.4.165
104.22.76.91
13.224.193.38
13.224.193.73
13.225.78.14
13.225.78.28
13.225.84.180
142.250.181.225
142.250.181.226
142.250.184.196
142.250.185.142
142.250.185.194
142.250.185.226
142.250.185.97
142.250.185.98
142.250.186.104
142.250.186.130
142.250.186.170
142.250.186.66
142.250.74.194
142.250.74.195
142.251.5.155
143.204.98.13
148.69.64.74
148.69.64.76
151.101.193.229
172.217.16.131
172.217.18.102
172.67.168.230
172.67.38.66
18.156.195.47
185.184.10.30
185.33.221.13
2.18.234.21
217.147.127.42
52.49.237.17
0258bf0904baa243eb5f64f1607f3f568ac3aa3290b3f50f673968c71344c37d
02a2d9b08cee3fdd170eae6ee64c51946e09d80355948e062a7fdab8312a249b
0661c84f3b566a91c14f8bedfc8dce494d00b116a45d78bdee48a53ec2cc4a97
09390420931de1a5876504eb4ebc8af93bd0464e7837af05c971b8afd33f6dbf
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c9d288e9aa2e3d38a47508b50d2f1cef46920f16d7f609f6b8979dcd9f593a6
0e039a33cf956377d4092c5a1f5e6fce97df2db99c447b5a663e1c8d2edd6add
0f266202b591aab2563e8ef52fcc7cf8d2358f48600ad7f52bc62462787dca01
0f38b55010401798f17c1fbad201ea2f9ba32f4b8cb98eebc1dd52bf8a02211c
10e48eed7cce9a869cbf188f9f40815f8f9b926c1ee2e1ad1fc009eb14aa26de
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
1459a4c2d036e9bf1a897002f1e18a3b502c9661bacd06e616bd08d422058dd9
1bc24b5b17d74b4cdc67ab3bfdc22bfd0e7743fc22bd0672cf77b08d0a8cc683
1d812861fe7aaa6b14603054a1225861af3aed447f56941ef965a5557edc0eab
1f2d5185888988d185c8f5f177116b578410dfdb687624dcfc569425d37c432f
1f3b6ebe14544aff6e135872a38a532423b654018ad2ab2f8ebac6d68471723a
24d026371427b41d6d168c5d4c18de465b026afc3907c86c8f3b3bc31bd87467
25ca8d40663e68ab949b973ba270ac76530001f7615cef358ee75369d7cad50c
25d5fac60bb3653ab7e80ad2991110b1d1692b2d43633d38bd4653423e5e889c
26350735e44149cd5f347a02ccfd290b1bdcdd0bd660e4fe7eca48a61af2d942
2674bc58bbdd1b96d138ef6067fa056e508d4d91b4ee4201dc8a60d49683b2ad
2a37ef130f8c75c77e90eafd245d0f5de0541d0c9fc23b9f57624f994bf21b80
2b5bcfe9cb1953d5ee3bc9a0152722b22f439c0b129e452ea3d706f77bf7ab71
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
33d18bfaad19367135cba7d9096fba55164cd67b8e5819617c6d6b34bd43454b
34533e0e1da75160a7daf8a64a6c8e84d3ee9b9265695cfdf0ce3ce7ccac0139
35e5a1d04c28c5a7f4e955975bd07f1d8cb7d4a84f3c3922a6cef71455055d56
36ea978cbb6e81c1862b4702457802f8014ffa492ee2986a2b9ad84541b19c0f
3827f61fb79cfe72886e152f47e32cc6b9e112c40fffbfd254a9828f94ebf65e
3d66b9ac30e3fae717e28de87aa741d9c405964506aaa339beafbe9e7dde4ec1
3e77a5485c5abed4fdc3cb6d89140d3d9aa89bddab743ee4e2de313ae0038995
3fa95ae329f0b2363fc21a7b1d4b57abd1f8a78e0dedc886479a9c6209eb52ca
42b8e2ea6c7acbf3a0440887e1343f9b1cfa1b99020d8c407edea169d1d6aa4d
42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53
45c22f4afddfeda788880a81c1c9120f36e4ec81460df977c8103690bf7c808c
46bf91ca36c2d1ec9d95dcc4220998a120c5050d1a61616c59966f62bf98e1c2
48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c
4a85a8b029d47677f256a9b52dd4a15bf7e0201d8d02417297254121bcd48261
4abc1b2fe98380c19d7557d1550b433dc4ce844512306d3f754c7b9e56c2b789
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf3c7be15dfd662001fe58167a6e1b61e650d275ebf374538bfdf983368a18e
4c18426aeca0eb8719071a9837b51a3c653c86f7dcb1076af659b60fdced550a
4d30ff127c1558967e1b8b2ff4c67587c79fef936b5b0ca61a6f8ea02c7d4415
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
509e2fdc820147df1cdc5f27fca75ad561761f95af1b68faab42160013f8f2c3
5108ef00c54e1f6ce859852834135447457cf19ee19aa7b0fb55b64b425cb526
51aebceae05d7c7bc2c7b6e081db6f193051f6da42db106e6190a327bfec3887
559227781a8e2c2c799fbaa8b5b30105d9a8a4762fd9afe6ffcb1bf14bca598f
574d0f8eeef6741771d3cef0cc4869634263181bbf42de1e93ca22dcae36d8e3
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cda1be06cbf31fbdc5afc91a547b3ff68a4ed02bf4fc98e02625875fa7848de
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
6005570f1e1d7b5f299ff3ce3e8513fc0422493c1ed9dc12ee7dce799d15c157
60212703680e389d8a0dac8df5d4e9b6deea3877d1c1489bc678ce7b91fb6080
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
62a494a9923421175b500cb5eb72092a71b0fa110c494d4ca6c23c89a9036ce7
631105904eaf607e58b401a5bb1b8cf111d9c22e0576a6571cb39077aaac3211
6a6d85cf3fc85e20d127cc486b3d098ee5ccbc8668b396e537c6b37281cc90b4
6cb55dbfadd93b87021f5281d31950151aa41e0b067c0c134f60331fa5243e89
6e9d7d556e73912779a66e3ae82345690361a3f95b2ab02494ad71a206d9b6ad
6f2dd287b85e6611792422486676043848792c63fd5d37551f4b1de8575bcdb3
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673
7770cef670e7d8b2f6901f010925cafe8251a21a13cac8a91c6a226306d282ba
782e16fe2967e39a2f55e5bac74333254c78da103a194582b49d31f015516512
78df5371e5481796ff1ab16bd1f6e74fd2feffc1224680500aee2155589ac3cf
79c99cf993aba78ba9b1ffb675725b27ef0cc9287da81ced7e44f63056faf889
7ee71aa15bd6f5e9f650cb2fd28073635fe050d7e71b61a7dae31094f5466236
7f41695353e4d80b98ba56b374e0156384e2e97940634299618e3629f6e55546
88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987
89e590d44510a10b9602ebffa228e2d8a2f2aeb1acc462b51cd19df5f5434308
8ea4455227663d6b4e014e75f894726d303df295471084d1ef7373ece80e7c85
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
957bb61e163b386efdf77755ee2273a10fec4652df9c113b5f8ac8c4e0699e98
9610b454704750e58f7a7780eac7a62c5dd32b234c7556c6b9b5b8262825e2a4
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a988c259261451cc602706f86d2bac1220622c8fcdba2c9c1d0a7da3c6092027
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
ab95872c4726727a3b09b1f8c28490c70b7e407e97fd93bbfb75a2ecc5faac36
abefd7018b1107eb0bb0dcceb01c7c77f67198b7a36fe6068fe6df913f298c32
ac4260db6b864dbbf2f234d30158eee4ec5af0d75f7e235392d5d4ff30d84675
ae16b00ff8c1ce4b69f57f05509fbba608fdf8ec0829b8c7fafc2c5e5ced13c0
ae8fc06de3bf41915d227c897a89b47a0f32a3a75c09dde8d39ea1dc27d95318
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b7bdc359b91a975d7176ec6b37c3e9b22770f84f36186f844322093825d85522
bb7d2090f6831e2f6cc57002e43685988412a28d6c22b32f099d553fa48cbf2e
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
bf53e03546cc618b8b49b954db8495711b14a1cc8ba35d65cd5c240aea1119aa
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c441a4185403c04c6660b68f8e08dbb2c1006c6a0f792fd454216a35b73fc867
c47062d302c55d4bb05c76b59c41eb195b05b286ea6b2e5b15185279e02383a4
c68153220f5540729a065afc5fbc7109fa708c1e6e68c1de7576587c1aac0ecd
c7635473372e95c87b29b2000e5eb5b6b0e2f8927a79a2366b2decc5abafa5b1
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf64b7caeb2a605264e93f82d9316b04b5cea1983aaf982020ae3ea6bd836ee8
d0f5b55c488cb0b06324c5939f5571cc3d3933aed105be9339132aa67da1b063
d3c19b1eaadd08c44832e6bd20cc5b26c85df108bb587e64f08af0a0d3055a93
d3f4085a579d5ec53198f2ff2119cfb7dd8c82de662dee9d3d3c208a4e3b421f
d3ffd2f274dd10f44ebce4988535bddeb96d2f18a7c61de4808e0855e037cf03
d6fd5cc156c1d889f269c734c6c0eae03f62c8937dfb21343c5db0043f107c43
daaaa4101e8414d3c9c0baab3c015599b7e1fa70035268b8ba23ea6790f00bf3
dab5a359469f00611604530ea06ad1bf9f78ee960f13d36310c5f11c51dcec31
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfd96b79897e47fd4bda4fbe0dea06a0273a85bb8aaea294fc90b91acc8c5139
e152b757baeb786f86d661804414ffcf1ea9d533aadbe4d19642c25c2d9f9cf3
e21c61919ec004e9d18cfb704145ae487ec9add63437f5b09d84aa04944db103
e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e65d5211fb27f6713af6048e9cd0e3a89668360e8e53c51a54f6bb7e96da9f9f
e70f67c452fd7e13b982832e5bb1d98f77dfbb187b7c9628f69a3bd6fc14113e
ede6a6754479ae42f32183a013df68b8055ed31d90593dcd8c6a03ceac6e6183
ee090d0d0de727383c9ca14c0f8cc08a1f627538ac64dd743d4414c40d7a65c7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f6c151b3bf28f1c9d51d954e58fad44f70e04ff94eb564809d7a9f422ce81f22
f8a85e768f06a2f0607147705b8d67706b4074884321aeace614b3b9f7ed751a
f8c9d1b14c2dc0a73532a574f327030d297ea21f37e43c2dbd15188e62c59ddb
fab4fef6bbfa8d6464403a14be7de1be5e3e63637a96d994fab10266e1eaf6da
fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fece609132179152484c9592c0cad0b32ea746fd41546306a38b8556b82d2fb5