urlscan.io logo urlscan.io
SecurityTrails logo

cointreaugameday.com Open in urlscan Pro
162.159.128.47  Public Scan

Go To Rescan Add Verdict Report
URL: https://cointreaugameday.com/
Submission Tags: analytics-framework
Submission: On April 25 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 20 HTTP transactions. The main IP is 162.159.128.47, located in and belongs to CLOUDFLARENET, US. The main domain is cointreaugameday.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 29th 2022. Valid for: a year.
This is the only time cointreaugameday.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 162.159.128.47 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
3 74.206.104.174 12025 (IMDC-AS12025)
2 2a00:1450:400... 15169 (GOOGLE)
20 6
8    162.159.128.47 (None, )

ASN13335 (CLOUDFLARENET, US)
cointreaugameday.com
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2606:4700:4400::ac40:95f1 (United States)

ASN13335 (CLOUDFLARENET, US)
secure-shared2.plcontent.com
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    74.206.104.174 (Phoenix, United States)

ASN12025 (IMDC-AS12025, US)
bundles.prizelogic.com
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
8 cointreaugameday.com
cointreaugameday.com
60 KB
5 plcontent.com
secure-shared2.plcontent.com
274 KB
3 prizelogic.com
bundles.prizelogic.com
7 KB
2 gstatic.com
fonts.gstatic.com
26 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 189
89 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119
1 KB
20 6
Domain Requested by
8 cointreaugameday.com 1 redirects cointreaugameday.com
secure-shared2.plcontent.com
5 secure-shared2.plcontent.com cointreaugameday.com
3 bundles.prizelogic.com cointreaugameday.com
bundles.prizelogic.com
2 fonts.gstatic.com fonts.googleapis.com
2 connect.facebook.net cointreaugameday.com
connect.facebook.net
1 fonts.googleapis.com cointreaugameday.com
20 6
Subject Issuer Validity Valid
cointreaugameday.com
Cloudflare Inc ECC CA-3		 2022-12-29 -
2023-12-29		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
plcontent.com
Cloudflare Inc ECC CA-3		 2022-04-28 -
2023-04-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-02-01 -
2023-05-02		 3 months crt.sh
*.prizelogic.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-07-28		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://cointreaugameday.com/
Frame ID: D350F7EE3606D6A1A7707058B014B4AE
Requests: 17 HTTP requests in this frame

Frame: https://cointreaugameday.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/078c83c1/invisible.js
Frame ID: FD9E709CE52EEFADE313775F0FDE9E26
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

In The Mix Sweepstakes - Promotion ended

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

95 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

457 kB
Transfer

1000 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://cointreaugameday.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://cointreaugameday.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/078c83c1/invisible.js

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
cointreaugameday.com/ 		22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cointreaugameday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.128.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
006a8f79b3d1db8320f3eb301e6b21204083ce0e1b4a764e4307f8853c68f5fc
Security Headers
Name Value
Content-Security-Policy default-src https: data: wss: *.plcontent.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'none'; frame-src 'self' *.facebook.com *.googletagmanager.com *.demdex.net;
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Cookie, accept, origin, x-request, Content-Type, Accept, X-Requested-With, withCredentials
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
3628800
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7bd27f15bf9f3669-FRA
content-encoding
gzip
content-security-policy
default-src https: data: wss: *.plcontent.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'none'; frame-src 'self' *.facebook.com *.googletagmanager.com *.demdex.net;
content-type
text/html; charset=utf-8
date
Tue, 25 Apr 2023 00:33:46 GMT
expires
-1
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
p3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000;includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
fonts.css
cointreaugameday.com/Content/css/ 		2 KB
828 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cointreaugameday.com/Content/css/fonts.css
Requested by
Host: cointreaugameday.com
URL: https://cointreaugameday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.128.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9648adb8d40adde596c915112754138e602bc50d06f12dca9c045e59822c5520
Security Headers
Name Value
Content-Security-Policy default-src https: data: wss: *.plcontent.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'none'; frame-src 'self' *.facebook.com *.googletagmanager.com *.demdex.net;
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cointreaugameday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 00:33:46 GMT
content-security-policy
default-src https: data: wss: *.plcontent.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'none'; frame-src 'self' *.facebook.com *.googletagmanager.com *.demdex.net;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000;includeSubDomains
cf-cache-status
MISS
content-encoding
gzip
p3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 15 Dec 2022 22:57:00 GMT
server
cloudflare
etag
W/"0c6188ad810d91:0"
access-control-max-age
3628800
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
x-frame-options
SAMEORIGIN
cache-control
public, max-age=14400
access-control-allow-credentials
true
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
vary
Accept-Encoding
cf-ray
7bd27f198ac83669-FRA
access-control-allow-headers
Cookie, accept, origin, x-request, Content-Type, Accept, X-Requested-With, withCredentials
expires
Tue, 25 Apr 2023 04:33:46 GMT
css2
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: cointreaugameday.com
URL: https://cointreaugameday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bf6da094f0a65c1e917aee9a8f68e85ec7c933b2ece67cb6a5c44a00d8fe54ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cointreaugameday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 25 Apr 2023 00:33:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 00:33:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Apr 2023 00:33:46 GMT
pl-layout.css
secure-shared2.plcontent.com/pl018117-cointreaumixsweeps/Content/css/ 		99 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure-shared2.plcontent.com/pl018117-cointreaumixsweeps/Content/css/pl-layout.css
Requested by
Host: cointreaugameday.com
URL: https://cointreaugameday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e91cbcd78e3af6a510c1c6bb0dad46833e472a954a7c2c97e4ad02147a8578f
Security Headers
Name Value
Content-Security-Policy frame-ancestors none
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cointreaugameday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 00:33:46 GMT
content-security-policy
frame-ancestors none
x-content-type-options
nosniff
strict-transport-security
max-age=31536000;includeSubDomains
cf-cache-status
HIT
content-encoding
gzip
x-xss-protection
1;mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Dec 2022 22:57:00 GMT
server
cloudflare
etag
W/"0c6188ad810d91:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
cf-ray
7bd27f1a49d7380e-FRA
expires
Tue, 25 Apr 2023 04:33:46 GMT
prizelogic-jquery.min.js
secure-shared2.plcontent.com/pl018117-cointreaumixsweeps/Scripts/PL/ 		123 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-shared2.plcontent.com/pl018117-cointreaumixsweeps/Scripts/PL/prizelogic-jquery.min.js
Requested by
Host: cointreaugameday.com
URL: https://cointreaugameday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcc137594b43b63f233dcd281d5ccb348293449d2d48b6a38fa6f8126022ea74
Security Headers
Name Value
Content-Security-Policy frame-ancestors none
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cointreaugameday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 00:33:46 GMT
content-security-policy
frame-ancestors none
x-content-type-options
nosniff
strict-transport-security
max-age=31536000;includeSubDomains
cf-cache-status
HIT
content-encoding
gzip
x-xss-protection
1;mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Dec 2022 22:57:00 GMT
server
cloudflare
etag
W/"0c6188ad810d91:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
7bd27f1a49d8380e-FRA
expires
Tue, 25 Apr 2023 04:33:46 GMT
foundation-all-min.js
secure-shared2.plcontent.com/pl018117-cointreaumixsweeps/Scripts/Vendor/Zurb/ 		124 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-shared2.plcontent.com/pl018117-cointreaumixsweeps/Scripts/Vendor/Zurb/foundation-all-min.js
Requested by
Host: cointreaugameday.com
URL: https://cointreaugameday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d09a1088fa9ac79578932d163fe1b20817b6b7273214145bb12016469cf1179
Security Headers
Name Value
Content-Security-Policy frame-ancestors none
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cointreaugameday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 00:33:46 GMT
content-security-policy
frame-ancestors none
x-content-type-options
nosniff
strict-transport-security
max-age=31536000;includeSubDomains
cf-cache-status
HIT
content-encoding
gzip
x-xss-protection
1;mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Dec 2022 22:57:00 GMT
server
cloudflare
etag
W/"0c6188ad810d91:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
7bd27f1a49d9380e-FRA
expires
Tue, 25 Apr 2023 04:33:46 GMT
prizelogic.core-min.js
secure-shared2.plcontent.com/pl018117-cointreaumixsweeps/Scripts/PL/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-shared2.plcontent.com/pl018117-cointreaumixsweeps/Scripts/PL/prizelogic.core-min.js
Requested by
Host: cointreaugameday.com
URL: https://cointreaugameday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13ce99e566877df73fac915b81199d76405ca7ecc60225f529041a9ce1bb2f5b
Security Headers
Name Value
Content-Security-Policy frame-ancestors none
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cointreaugameday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 00:33:46 GMT
content-security-policy
frame-ancestors none
x-content-type-options
nosniff
strict-transport-security
max-age=31536000;includeSubDomains
cf-cache-status
HIT
content-encoding
gzip
x-xss-protection
1;mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Dec 2022 22:57:00 GMT
server
cloudflare
etag
W/"0c6188ad810d91:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
7bd27f1a49da380e-FRA
expires
Tue, 25 Apr 2023 04:33:46 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: cointreaugameday.com
URL: https://cointreaugameday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bb686be9f95deb8200d6ae46f42e17a9d5a4ecb4096ea83fa95ecd0639bd6de3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cointreaugameday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 25 Apr 2023 00:33:47 GMT
content-md5
Qjz+pirfrK36JjSopgO1EA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
x-fb-rlafr
0
x-fb-debug
ome46tqUDqrrlSPF9uSaLI0Px28WTndfx1GqPWDc5wjekRBV3RPDWGx7L1R03kRRU9rtIkOwNSYf5/ompRn0Cw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
7e1c5fa4c5aecc80aec2235b6e10d87a
cross-origin-opener-policy
same-origin-allow-popups
etag
"4395aed0a47e7d81d83274a9c9e23b66"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-frame-options
DENY
timing-allow-origin
*
expires
Tue, 25 Apr 2023 00:52:19 GMT
third-party-optin.min.js
bundles.prizelogic.com/gdpr/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bundles.prizelogic.com/gdpr/third-party-optin.min.js
Requested by
Host: cointreaugameday.com
URL: https://cointreaugameday.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.206.104.174 Phoenix, United States, ASN12025 (IMDC-AS12025, US),
Reverse DNS
Software
/
Resource Hash
5ab2ea97130e247524fa6eef1b730557d910350a827c651a28905c6692ee7c50
Security Headers
Name Value
Content-Security-Policy frame-ancestors none
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cointreaugameday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 00:33:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors none
last-modified
Tue, 27 Oct 2020 22:14:15 GMT
referrer-policy
strict-origin
strict-transport-security
max-age=31536000;includeSubDomains
etag
"80957181aeacd61:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
3790
x-xss-protection
1;mode=block
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cointreaugameday.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 06:19:10 GMT
x-content-type-options
nosniff
age
238477
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12924
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:02:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 06:19:10 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cointreaugameday.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:05:23 GMT
x-content-type-options
nosniff
age
340104
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 Apr 2024 02:05:23 GMT
NimbusBoldCondensed.woff2
cointreaugameday.com/Content/fonts/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cointreaugameday.com/Content/fonts/NimbusBoldCondensed.woff2
Requested by
Host: cointreaugameday.com
URL: https://cointreaugameday.com/Content/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.128.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96bbc90403bf0031a30463f769421803f132577e0d85e5bd6356645086d1416c
Security Headers
Name Value
Content-Security-Policy default-src https: data: wss: *.plcontent.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'none'; frame-src 'self' *.facebook.com *.googletagmanager.com *.demdex.net;
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cointreaugameday.com/Content/css/fonts.css
Origin
https://cointreaugameday.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 00:33:47 GMT
content-security-policy
default-src https: data: wss: *.plcontent.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'none'; frame-src 'self' *.facebook.com *.googletagmanager.com *.demdex.net;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000;includeSubDomains
cf-cache-status
MISS
p3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
content-length
35900
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 15 Dec 2022 22:57:00 GMT
server
cloudflare
etag
"0c6188ad810d91:0"
access-control-max-age
3628800
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/font-woff2
x-frame-options
SAMEORIGIN
cache-control
public, max-age=14400
access-control-allow-credentials
true
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7bd27f1cbd2e3669-FRA
access-control-allow-headers
Cookie, accept, origin, x-request, Content-Type, Accept, X-Requested-With, withCredentials
expires
Tue, 25 Apr 2023 04:33:47 GMT
sdk.js
connect.facebook.net/en_US/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=64346ea84d82441f5de8a4f15b2b9584
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0b43becbed57560b3afac9cb7078875bad87928ec46eb44083e9480d7262a8ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://cointreaugameday.com/
Origin
https://cointreaugameday.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 25 Apr 2023 00:33:47 GMT
content-md5
MY0FEAejvh28q6rF03isqw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88614
x-fb-rlafr
0
x-fb-debug
VlZUt8UYyO6Y0E3HVhK0UraUGu96pd8Uh0/caoodKDuFDFnsmN3ReugafQfMs+EK1Nz+W+qyyyfLrS/DabLMMg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
e3e9c5563b11de92c9f017a7c945640c
cross-origin-opener-policy
same-origin-allow-popups
etag
"bebc5cdc8045e40a4d1d6bc4acf70216"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Tue, 23 Apr 2024 22:57:12 GMT
cointreaugameday.com.json
bundles.prizelogic.com/gdpr/ 		906 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bundles.prizelogic.com/gdpr/cointreaugameday.com.json
Requested by
Host: bundles.prizelogic.com
URL: https://bundles.prizelogic.com/gdpr/third-party-optin.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.206.104.174 Phoenix, United States, ASN12025 (IMDC-AS12025, US),
Reverse DNS
Software
/
Resource Hash
6f498a6b68d1ea237ca3d66628eb71ecfd66b7927fe21fba3ae0c2a5f2dcc6aa
Security Headers
Name Value
Content-Security-Policy frame-ancestors none
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cointreaugameday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 00:33:51 GMT
content-security-policy
frame-ancestors none
x-content-type-options
nosniff
strict-transport-security
max-age=31536000;includeSubDomains
last-modified
Wed, 30 Nov 2022 17:01:22 GMT
referrer-policy
strict-origin
etag
"3c19e75fdd4d91:0"
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
accept-ranges
bytes
content-length
906
x-xss-protection
1;mode=block
CookieGate
cointreaugameday.com/de-DE/ 		4 B
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cointreaugameday.com/de-DE/CookieGate
Requested by
Host: secure-shared2.plcontent.com
URL: https://secure-shared2.plcontent.com/pl018117-cointreaumixsweeps/Scripts/PL/prizelogic-jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.128.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
Security Headers
Name Value
Content-Security-Policy default-src https: data: wss: *.plcontent.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'none'; frame-src 'self' *.facebook.com *.googletagmanager.com *.demdex.net;
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://cointreaugameday.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 00:33:49 GMT
content-security-policy
default-src https: data: wss: *.plcontent.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'none'; frame-src 'self' *.facebook.com *.googletagmanager.com *.demdex.net;
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
strict-transport-security
max-age=31536000;includeSubDomains
p3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
access-control-max-age
3628800
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
access-control-allow-methods
GET, POST, OPTIONS
cache-control
private
access-control-allow-credentials
true
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-ray
7bd27f2a5f633669-FRA
access-control-allow-headers
Cookie, accept, origin, x-request, Content-Type, Accept, X-Requested-With, withCredentials
internal-header.png
secure-shared2.plcontent.com/pl018117-cointreaumixsweeps/Content/images/ 		190 KB
190 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-shared2.plcontent.com/pl018117-cointreaumixsweeps/Content/images/internal-header.png
Requested by
Host: cointreaugameday.com
URL: https://cointreaugameday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1ded203c700f19823daa54e89bcf9b29e4d06483379fb469a4d3f6be9e5443a
Security Headers
Name Value
Content-Security-Policy frame-ancestors none
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cointreaugameday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 00:33:49 GMT
content-security-policy
frame-ancestors none
x-content-type-options
nosniff
strict-transport-security
max-age=31536000;includeSubDomains
cf-cache-status
MISS
content-length
194303
x-xss-protection
1;mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Dec 2022 22:57:00 GMT
server
cloudflare
etag
"0c6188ad810d91:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7bd27f2a5de2380e-FRA
expires
Tue, 25 Apr 2023 04:33:49 GMT
invisible.js
cointreaugameday.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/078c83c1/ Frame FD9E
Redirect Chain
  • https://cointreaugameday.com/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://cointreaugameday.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/078c83c1/invisible.js
27 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cointreaugameday.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/078c83c1/invisible.js
Requested by
Host: cointreaugameday.com
URL: https://cointreaugameday.com/
Protocol
H2
Server
162.159.128.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c2dc7847b5d0199253f873ed8a967f155a7066baf14c43b8c20598f2c89ed06
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 00:33:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7bd27f2a7f743669-FRA

Redirect headers

date
Tue, 25 Apr 2023 00:33:49 GMT
content-encoding
gzip
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/078c83c1/invisible.js
cache-control
max-age=300, public
cf-ray
7bd27f2a6f693669-FRA
pica.js
cointreaugameday.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame FD9E 		6 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cointreaugameday.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by
Host: cointreaugameday.com
URL: https://cointreaugameday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.128.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5c6f42fcd97deb7430599ac0aa59e7b634d08fcae4e8ae6fab0c5aa3b6eef22
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 00:33:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7bd27f2a9f8c3669-FRA
7bd27f15bf9f3669
cointreaugameday.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame FD9E 		2 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cointreaugameday.com/cdn-cgi/challenge-platform/h/b/cv/result/7bd27f15bf9f3669
Requested by
Host: cointreaugameday.com
URL: https://cointreaugameday.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.128.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 25 Apr 2023 00:33:49 GMT
content-encoding
gzip
server
cloudflare
cf-ray
7bd27f2c28f23669-FRA
content-type
text/plain; charset=UTF-8
default-styles.css
bundles.prizelogic.com/gdpr/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bundles.prizelogic.com/gdpr/default-styles.css
Requested by
Host: bundles.prizelogic.com
URL: https://bundles.prizelogic.com/gdpr/third-party-optin.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.206.104.174 Phoenix, United States, ASN12025 (IMDC-AS12025, US),
Reverse DNS
Software
/
Resource Hash
2623d3bcfc9b9dbf28037fca80a1848268f3ffb6df6b06ce98b0e57535c3bd6c
Security Headers
Name Value
Content-Security-Policy frame-ancestors none
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cointreaugameday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 00:33:52 GMT
content-security-policy
frame-ancestors none
x-content-type-options
nosniff
strict-transport-security
max-age=31536000;includeSubDomains
last-modified
Wed, 18 Dec 2019 20:35:46 GMT
referrer-policy
strict-origin
etag
"c5a1ccb9e2b5d51:0"
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
1377
x-xss-protection
1;mode=block

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| $ function| jQuery object| $pl object| __FOUNDATION_EXTERNAL__ object| Foundation object| jQuery1111005850391240977615 function| createCookie function| readCookie function| eraseCookie function| getElemValue function| getModelIDPrefix function| isCompositeActive object| formSubmit function| openModal function| wrapAsterisks function| wrapParenthesis function| pop function| GetQueryParamValues function| Tab function| onOptinDialogMount function| Class boolean| fbApiInit function| fbEnsureInit function| fbAsyncInit function| getQueryVariable undefined| showModal string| servercookieName string| clientcookieName function| cookies_enabled function| cookies_checked string| browserBypassedCookieName function| browsercheck_bypassed function| getBrowserInfo object| FB object| __buffer function| parseContentLinks function| initOptinDialog function| createGTMInitializer function| createAdobeAnalyticsInitializer function| initGTMOptinDialog function| initAdobeAnalyticsOptinDialog object| options function| init

4 Cookies

Domain/Path Name / Value
cointreaugameday.com/ Name: ::Language::
Value: de-DE
.plcontent.com/ Name: __cf_bm
Value: .9Q4U8cVusuhMicynGd1otQ7_ykM90SzIhim3qHQxpw-1682382826-0-AfgsjZ406k2ZE1n1FXoH2pvCkA46+c1mkd8Hfb2WyRRhT1LHFrtTP//QpbxmRJaoEnZzJJ2GW4aFMq8ixVnoCD0=
cointreaugameday.com/ Name: ::ClientCookie::
Value: test
.cointreaugameday.com/ Name: __cf_bm
Value: dN9dMtBZMmqtX5Az9vgJfZN8iwLGYBU0gpRuVPSuC8g-1682382829-0-AYhm6WUBFM4i1ZwVXKgApBzllTgXhgJupky3QTciA2TyURilU34smWjgR8TRJEyGeAi2w7R+++unL4SAOjDgvBuce5RGIDrqYfsTFwm/ZRHfB+B9Afge09RgBv/UA2oljdUsp03t+rQRHMrz4jQA6MQ8JpHa7m018hf/FOEERq3Q

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https: data: wss: *.plcontent.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'none'; frame-src 'self' *.facebook.com *.googletagmanager.com *.demdex.net;
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bundles.prizelogic.com
cointreaugameday.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
secure-shared2.plcontent.com
162.159.128.47
2606:4700:4400::ac40:95f1
2a00:1450:4001:80e::200a
2a00:1450:4001:831::2003
2a03:2880:f083:9:face:b00c:0:3
74.206.104.174
006a8f79b3d1db8320f3eb301e6b21204083ce0e1b4a764e4307f8853c68f5fc
0b43becbed57560b3afac9cb7078875bad87928ec46eb44083e9480d7262a8ae
13ce99e566877df73fac915b81199d76405ca7ecc60225f529041a9ce1bb2f5b
2623d3bcfc9b9dbf28037fca80a1848268f3ffb6df6b06ce98b0e57535c3bd6c
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2d09a1088fa9ac79578932d163fe1b20817b6b7273214145bb12016469cf1179
5ab2ea97130e247524fa6eef1b730557d910350a827c651a28905c6692ee7c50
5c2dc7847b5d0199253f873ed8a967f155a7066baf14c43b8c20598f2c89ed06
5e91cbcd78e3af6a510c1c6bb0dad46833e472a954a7c2c97e4ad02147a8578f
6f498a6b68d1ea237ca3d66628eb71ecfd66b7927fe21fba3ae0c2a5f2dcc6aa
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
9648adb8d40adde596c915112754138e602bc50d06f12dca9c045e59822c5520
96bbc90403bf0031a30463f769421803f132577e0d85e5bd6356645086d1416c
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b5c6f42fcd97deb7430599ac0aa59e7b634d08fcae4e8ae6fab0c5aa3b6eef22
bb686be9f95deb8200d6ae46f42e17a9d5a4ecb4096ea83fa95ecd0639bd6de3
bcc137594b43b63f233dcd281d5ccb348293449d2d48b6a38fa6f8126022ea74
bf6da094f0a65c1e917aee9a8f68e85ec7c933b2ece67cb6a5c44a00d8fe54ff
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
e1ded203c700f19823daa54e89bcf9b29e4d06483379fb469a4d3f6be9e5443a