Submitted URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Effective URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indi...
Submission: On March 11 via api from BR

Summary

This website contacted 50 IPs in 9 countries across 36 domains to perform 367 HTTP transactions. The main IP is 200.230.161.212, located in Guarulhos, Brazil and belongs to CLARO S.A., BR. The main domain is www.portoseguro.com.br.
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on October 16th 2020. Valid for: a year.
This is the only time www.portoseguro.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 27 2606:4700:303... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 217.182.76.191 16276 (OVH)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
23 2a00:1450:400... 15169 (GOOGLE)
1 148.69.64.109 12353 (VODAFONE-...)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 1 148.69.64.76 12353 (VODAFONE-...)
15 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 91.92.196.187 49882 (SKRILL)
1 2 77.87.181.72 43338 (RATIONAL-AS)
32 23.37.44.205 16625 (AKAMAI-AS)
2 23.79.136.111 16625 (AKAMAI-AS)
1 77.87.179.68 43338 (RATIONAL-AS)
7 2.17.187.116 16625 (AKAMAI-AS)
4 184.30.20.207 16625 (AKAMAI-AS)
8 104.109.74.148 20940 (AKAMAI-ASN1)
5 77.87.179.149 43338 (RATIONAL-AS)
4 77.87.180.198 43338 (RATIONAL-AS)
17 52.208.178.181 16509 (AMAZON-02)
1 77.87.178.197 43338 (RATIONAL-AS)
3 2a03:2880:f02... 32934 (FACEBOOK)
12 152.199.20.219 15133 (EDGECAST)
1 3 142.250.185.198 15169 (GOOGLE)
2 6 205.185.216.10 20446 (HIGHWINDS3)
2 13 37.252.172.249 29990 (ASN-APPNEX)
2 2 151.101.114.49 54113 (FASTLY)
5 5 142.250.186.130 15169 (GOOGLE)
1 1 185.29.135.190 30419 (MEDIAMATH...)
1 1 34.251.104.84 16509 (AMAZON-02)
1 2 142.250.74.198 15169 (GOOGLE)
2 2 37.252.173.38 29990 (ASN-APPNEX)
3 17 85.17.192.104 60781 (LEASEWEB-...)
2 2a03:2880:f12... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
2 52.48.136.43 16509 (AMAZON-02)
2 35.227.248.159 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
3 142.250.185.66 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 10 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
33 200.230.161.212 4230 (CLARO S.A.)
1 65.9.96.124 16509 (AMAZON-02)
1 52.95.165.10 16509 (AMAZON-02)
1 200.211.179.211 4230 (CLARO S.A.)
8 2a00:1450:400... 15169 (GOOGLE)
49 2a00:1450:400... 15169 (GOOGLE)
1 65.9.96.51 16509 (AMAZON-02)
1 13.226.159.100 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
367 50
Apex Domain
Subdomains
Transfer
57 youtube.com
www.youtube.com
5 MB
40 rationalcdn.com
cmsstorage.rationalcdn.com
cashier.rationalcdn.com
s4.rationalcdn.com
6 MB
34 portoseguro.com.br
www.portoseguro.com.br
cliente.portoseguro.com.br
370 KB
29 tradelab.fr
cdn.tradelab.fr
its.tradelab.fr
50 KB
28 doubleclick.net
8954552.fls.doubleclick.net
cm.g.doubleclick.net
8526803.fls.doubleclick.net
googleads.g.doubleclick.net
static.doubleclick.net
9 KB
27 bityli.com
bityli.com
204 KB
25 gstatic.com
fonts.gstatic.com
www.gstatic.com
370 KB
17 thebrighttag.com
s.thebrighttag.com
16 KB
15 adnxs.com
secure.adnxs.com
ib.adnxs.com
15 KB
15 clevernetwork.pt
lp.clevernetwork.pt
178 KB
12 google.com
adservice.google.com
www.google.com
99 KB
11 cloudflare.com
cdnjs.cloudflare.com
ajax.cloudflare.com
41 KB
8 flashtalking.com
servedby.flashtalking.com
d9.flashtalking.com
27 KB
8 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
34 KB
7 btstatic.com
s.btstatic.com
77 KB
7 pokerstars.eu
www.pokerstars.eu
ram.pokerstars.eu
17 KB
6 google-analytics.com
www.google-analytics.com
91 KB
5 mathtag.com
pixel.mathtag.com
sync.mathtag.com
3 KB
4 psimg.com
www.psimg.com
9 KB
3 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
61 KB
3 googleadservices.com
www.googleadservices.com
18 KB
3 google.de
adservice.google.de
www.google.de
473 B
3 facebook.net
connect.facebook.net
98 KB
3 clevernt.com
clevernt.com
ui.clevernt.com
sender.clevernt.com
52 KB
2 tapad.com
tapestry.tapad.com
852 B
2 facebook.com
www.facebook.com
408 B
2 everesttech.net
sync-tm.everesttech.net
596 B
2 maxymiser.net
service.maxymiser.net
6 KB
2 starsaffiliateclub.com
secure.starsaffiliateclub.com
1 KB
1 amazonaws.com
s3-sa-east-1.amazonaws.com
516 B
1 device9.com
tag.device9.com
643 B
1 starsaccount.com
rewards.starsaccount.com
347 B
1 starscrm.com
starscrm.com
429 B
1 miniature.io
api.miniature.io
23 KB
1 googletagmanager.com
www.googletagmanager.com
39 KB
0 livedados.com Failed
livedados.com Failed
367 36
Domain Requested by
57 www.youtube.com www.portoseguro.com.br
www.youtube.com
33 www.portoseguro.com.br bityli.com
www.portoseguro.com.br
32 cmsstorage.rationalcdn.com www.pokerstars.eu
bityli.com
cmsstorage.rationalcdn.com
27 bityli.com 1 redirects bityli.com
23 fonts.gstatic.com fonts.googleapis.com
www.portoseguro.com.br
www.youtube.com
17 its.tradelab.fr 3 redirects bityli.com
17 s.thebrighttag.com s.btstatic.com
bityli.com
15 lp.clevernetwork.pt bityli.com
lp.clevernetwork.pt
13 secure.adnxs.com 2 redirects bityli.com
12 cdn.tradelab.fr s.btstatic.com
cdn.tradelab.fr
10 www.google.com 2 redirects www.youtube.com
10 googleads.g.doubleclick.net 2 redirects www.youtube.com
10 cdnjs.cloudflare.com bityli.com
8 static.doubleclick.net www.youtube.com
7 cashier.rationalcdn.com www.pokerstars.eu
cmsstorage.rationalcdn.com
cashier.rationalcdn.com
7 s.btstatic.com cmsstorage.rationalcdn.com
s.btstatic.com
7 fonts.googleapis.com bityli.com
lp.clevernetwork.pt
www.pokerstars.eu
cashier.rationalcdn.com
6 servedby.flashtalking.com 2 redirects bityli.com
servedby.flashtalking.com
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
s.btstatic.com
www.portoseguro.com.br
5 cm.g.doubleclick.net 5 redirects
5 ram.pokerstars.eu cmsstorage.rationalcdn.com
cashier.rationalcdn.com
4 www.psimg.com bityli.com
s.btstatic.com
4 pixel.mathtag.com cmsstorage.rationalcdn.com
s.btstatic.com
bityli.com
3 www.googleadservices.com 8954552.fls.doubleclick.net
www.googleadservices.com
3 8954552.fls.doubleclick.net 1 redirects s.btstatic.com
adservice.google.com
3 connect.facebook.net bityli.com
connect.facebook.net
2 www.gstatic.com www.youtube.com
2 www.google.de 8954552.fls.doubleclick.net
2 tapestry.tapad.com servedby.flashtalking.com
bityli.com
2 d9.flashtalking.com servedby.flashtalking.com
d9.flashtalking.com
2 adservice.google.com 8954552.fls.doubleclick.net
8526803.fls.doubleclick.net
2 www.facebook.com bityli.com
2 ib.adnxs.com 2 redirects
2 8526803.fls.doubleclick.net 1 redirects bityli.com
2 sync-tm.everesttech.net 2 redirects
2 service.maxymiser.net www.pokerstars.eu
service.maxymiser.net
2 www.pokerstars.eu 1 redirects bityli.com
2 secure.starsaffiliateclub.com 2 redirects
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 cliente.portoseguro.com.br www.portoseguro.com.br
1 s3-sa-east-1.amazonaws.com www.portoseguro.com.br
1 static.hotjar.com www.portoseguro.com.br
1 adservice.google.de 1 redirects
1 tag.device9.com 1 redirects
1 sync.mathtag.com 1 redirects
1 rewards.starsaccount.com cmsstorage.rationalcdn.com
1 s4.rationalcdn.com cmsstorage.rationalcdn.com
1 starscrm.com cmsstorage.rationalcdn.com
1 ajax.cloudflare.com lp.clevernetwork.pt
1 sender.clevernt.com 1 redirects
1 ui.clevernt.com bityli.com
1 clevernt.com bityli.com
1 api.miniature.io bityli.com
1 www.googletagmanager.com bityli.com
1 ajax.googleapis.com bityli.com
0 livedados.com Failed bityli.com
367 57

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-02-22 -
2022-02-21
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-02-17 -
2021-05-12
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
miniature.io
R3
2021-01-22 -
2021-04-22
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2021-02-17 -
2021-05-12
3 months crt.sh
*.clevernt.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-23 -
2022-02-23
a year crt.sh
ajax.cloudflare.com
DigiCert ECC Secure Server CA
2020-08-11 -
2022-08-16
2 years crt.sh
www.pokerstars.eu
DigiCert TLS RSA SHA256 2020 CA1
2021-01-26 -
2022-02-26
a year crt.sh
rationalcdn.com
GeoTrust RSA CA 2018
2020-09-28 -
2021-08-13
10 months crt.sh
*.maxymiser.net
DigiCert SHA2 Secure Server CA
2020-03-04 -
2021-06-03
a year crt.sh
starscrm.com
DigiCert TLS RSA SHA256 2020 CA1
2020-12-02 -
2021-12-20
a year crt.sh
s.btstatic.com
DigiCert SHA2 Secure Server CA
2020-02-10 -
2022-02-17
2 years crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA
2020-04-15 -
2021-07-15
a year crt.sh
www.psimg.com
DigiCert TLS RSA SHA256 2020 CA1
2021-01-26 -
2022-02-26
a year crt.sh
*.signal.co
Entrust Certification Authority - L1K
2021-01-26 -
2022-02-25
a year crt.sh
rewards.starsaccount.com
DigiCert SHA2 Secure Server CA
2019-05-21 -
2021-05-25
2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-02-10 -
2021-05-10
3 months crt.sh
crealab.cdn.tradelab-apps.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1
2021-01-27 -
2021-10-09
8 months crt.sh
*.doubleclick.net
GTS CA 1O1
2021-02-17 -
2021-05-12
3 months crt.sh
servedby.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1
2021-02-04 -
2022-02-22
a year crt.sh
*.tradelab.fr
Go Daddy Secure Certificate Authority - G2
2019-07-30 -
2021-09-28
2 years crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh
*.google.com
GTS CA 1O1
2021-02-17 -
2021-05-12
3 months crt.sh
tag.device9.com
Go Daddy Secure Certificate Authority - G2
2020-08-06 -
2021-09-17
a year crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA
2020-10-05 -
2021-11-06
a year crt.sh
www.googleadservices.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
*.googleadservices.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
www.google.de
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
portoseguro.com.br
GlobalSign GCC R3 DV TLS CA 2020
2020-10-16 -
2021-11-17
a year crt.sh
*.hotjar.com
Amazon
2020-12-25 -
2022-01-23
a year crt.sh
*.s3-sa-east-1.amazonaws.com
DigiCert Baltimore CA-2 G2
2020-08-27 -
2021-09-01
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-02-17 -
2021-05-12
3 months crt.sh

This page contains 19 frames:

Primary Page: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Frame ID: A2EF1FF6C010D698DE63A1F7B75FAD55
Requests: 96 HTTP requests in this frame

Frame: https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
Frame ID: 349369E6620C08EFF2755E18FFB35EFB
Requests: 18 HTTP requests in this frame

Frame: https://www.pokerstars.eu/
Frame ID: 973D7223B5CE576FA83365B8DBDE01C8
Requests: 134 HTTP requests in this frame

Frame: https://8954552.fls.doubleclick.net/activityi;dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F
Frame ID: 7E2A5691AE238021895CD37E6901BFEB
Requests: 1 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=105097354712665&ft_referrer=https%3A//www.pokerstars.eu/&ns=https%3A//lp.clevernetwork.pt/&cb=703418.7285725914
Frame ID: 7E722B33D04D98428FB74F5C01C6DA89
Requests: 7 HTTP requests in this frame

Frame: https://8526803.fls.doubleclick.net/activityi;dc_pre=CKavwOKDp-8CFULXEQgdcmYIyA;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7177934446110.81
Frame ID: 9D6E69433CAB488A19883C62575FB424
Requests: 2 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/container/29;71832;7464;iframe/?g=48188FEABBAD17
Frame ID: 5FCE151B11D81F777BA3BD846BD0F80D
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F
Frame ID: 70756295310DFB46526CD73AB4007A54
Requests: 1 HTTP requests in this frame

Frame: https://8954552.fls.doubleclick.net/ddm/fls/r/dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F
Frame ID: CF60CC792110001402236EFC63BDB2D3
Requests: 6 HTTP requests in this frame

Frame: https://cliente.portoseguro.com.br/portal/site/portaldecliente/check-logged-in
Frame ID: 19787290F06934832666F05386A2F934
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/kLYStLxCc6Y?rel=0&showinfo=0
Frame ID: 5F151FCDCEDBBE44A495E19983CC6C5F
Requests: 13 HTTP requests in this frame

Frame: https://www.youtube.com/embed/A9xQ5hQ4gr4?rel=0&showinfo=0
Frame ID: 40095025D460E55DBFAE581AEFBC195D
Requests: 13 HTTP requests in this frame

Frame: https://www.youtube.com/embed/4TNPi3q_tPs?rel=0&showinfo=0
Frame ID: D4E498C0B6084FE7E429563458B255BF
Requests: 13 HTTP requests in this frame

Frame: https://www.youtube.com/embed/lP_1qjb9Gxo?rel=0&showinfo=0
Frame ID: 98EBF178B78873BECD260D4D4F27D7DF
Requests: 13 HTTP requests in this frame

Frame: https://www.youtube.com/embed/_N6Jdu-wLO4?rel=0&showinfo=0
Frame ID: 403CD94787134C580FDCD91A1E887C8F
Requests: 11 HTTP requests in this frame

Frame: https://www.youtube.com/embed/8to6cULY1as?rel=0&showinfo=0
Frame ID: 130F39A7B1E0C6967A04C1B761423B5F
Requests: 13 HTTP requests in this frame

Frame: https://www.youtube.com/embed/RuPBLGEP3eU?rel=0&showinfo=0
Frame ID: E78F71C93D13F73504FCE9F91FC62FD5
Requests: 13 HTTP requests in this frame

Frame: https://www.youtube.com/embed/NJ2yRGIktsc?rel=0&showinfo=0
Frame ID: 1ADB5BDF217B4763125F127076A76ECE
Requests: 11 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 97FC89E56A26A2EBCA0B4E6DFA526AB6
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU Page URL
  2. https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_88... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

367
Requests

97 %
HTTPS

40 %
IPv6

36
Domains

57
Subdomains

50
IPs

9
Countries

13772 kB
Transfer

31884 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU Page URL
  2. https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38
  • https://bityli.com/pkvHy/i HTTP 302
  • https://api.miniature.io/?width=800&height=600&screen=1024&url=https%3A%2F%2Fwww.portoseguro.com.br%2Fconsorcio-de-imoveis%3Futm_source%3Dmeuportoseguro%26utm_medium%3Droberta_machado_8800%26utm_campaign%3Dindicacao%26utm_content%3Dsite_candidato%26codigoParceiroExterno%3D900011%26codigoRepresentanteParceiroExterno%3Droberta_machado_8800
Request Chain 49
  • https://sender.clevernt.com/transporter/45417.php?ppuc=1&ppu=0&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&ruri=&r=427379269&tok=542811100321118245&iv=-1&ctr=NL&sz=1200&wn=&res=1600x1200&landing=1&hei=360&ts=0.17 HTTP 302
  • https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
Request Chain 69
  • https://secure.starsaffiliateclub.com/C.ashx?btag=a_174457b_2708c_&affid=2356410&siteid=174457&adid=2708&c=SNAAEQARCBBAAWP HTTP 302
  • https://secure.starsaffiliateclub.com/C.ashx?btag=a_174457b_2708c_&affid=2356410&siteid=174457&adid=2708&c=SNAAEQARCBBAAWP&AutoR=1 HTTP 302
  • https://www.pokerstars.eu/?btag=a_174457b_2708c_SNAAEQARCBBAAWP HTTP 301
  • https://www.pokerstars.eu/
Request Chain 140
  • https://8954552.fls.doubleclick.net/activityi;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F HTTP 302
  • https://8954552.fls.doubleclick.net/activityi;dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F
Request Chain 142
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.thebrighttag.com%2Fcs?btt=0&tp=an&uid=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.thebrighttag.com%252Fcs%3Fbtt%3D0%26tp%3Dan%26uid%3D%24UID HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=an&uid=3838662649262320631
Request Chain 143
  • https://sync-tm.everesttech.net/upi/pid/epROgTTp/?redir=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3D0WCbX0j%26uid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/epROgTTp/?redir=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3D0WCbX0j%26uid%3D%24%7BTM_USER_ID%7D&_test=YElqbwAAAK7HYVLS HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=0WCbX0j&uid=YElqbwAAAK7HYVLS&_test=YElqbwAAAK7HYVLS
Request Chain 144
  • https://cm.g.doubleclick.net/pixel?google_nid=signal_dmp&google_cm&btt=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=signal_dmp&google_cm=&btt=0&google_tc= HTTP 302
  • https://s.thebrighttag.com/cs?tp=gcms&btt=0&google_gid=CAESEApvBkDhe2K_ADcNTOylt38&google_cver=1
Request Chain 145
  • https://sync.mathtag.com/sync/js?redir=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Ftp%3Dmm%26uid%3D%5BMM_UUID%5D%26btt%3D0 HTTP 302
  • https://s.thebrighttag.com/cs?tp=mm&uid=01206049-6a6e-4f00-bc26-b04394b367c4&btt=0
Request Chain 146
  • https://servedby.flashtalking.com/map/?key=s3lJXta567k8G63uyekk63hUj6k11&url=https://s.thebrighttag.com/cs?btt=0&tp=dJNjEOZ&uid=[%FT_GUID%] HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=dJNjEOZ&uid=48188FEABBAD17
Request Chain 147
  • https://tag.device9.com/img/img.png?D9v.Version=1&D9v.Tag=1&D9r.DeviceID=true&D9v.AdvID=14708&D9v.SiteId=1&D9c=ftSync&D9c.dest=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dv0HKuXG%26uid%3D%5BD9ID%5D HTTP 307
  • https://s.thebrighttag.com/cs?btt=0&tp=v0HKuXG&uid=f2a191dc93844daaa4560408392229e7
Request Chain 158
  • https://8526803.fls.doubleclick.net/activityi;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7177934446110.81 HTTP 302
  • https://8526803.fls.doubleclick.net/activityi;dc_pre=CKavwOKDp-8CFULXEQgdcmYIyA;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7177934446110.81
Request Chain 160
  • https://ib.adnxs.com/getuid?//its.tradelab.fr/?type=tlsync&uuid2=$UID&callback=tl_sync HTTP 302
  • https://its.tradelab.fr/?type=tlsync&uuid2=3838662649262320631&callback=tl_sync
Request Chain 161
  • https://its.tradelab.fr/?type=tp&advid=727265&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1615424111%2C%22page_url%22%3A%22lp.clevernetwork.pt%2F%22%2C%22dm%22%3A%22pokerstars.eu%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1615424111%2C%22prev_vis_ts%22%3A1615424111%2C%22curr_vis_ts%22%3A1615424111%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm HTTP 302
  • https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEFLgpwY6LeAtbaGIjUlEL1I&google_cver=1
Request Chain 171
  • https://ib.adnxs.com/getuid?//its.tradelab.fr/?type=seg&uuid2=$UID&sid=25072242&val=null&fp=0&advid=727265&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F89.0.4389.72%2520Safari%252F537.36&ur=https%253A%252F%252Flp.clevernetwork.pt%252F HTTP 302
  • https://its.tradelab.fr/?type=seg&uuid2=3838662649262320631&sid=25072242&val=null&fp=0&advid=727265&isregen=0&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&ur=https%3A%2F%2Flp.clevernetwork.pt%2F HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm HTTP 302
  • https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESELpQZs9GdkeCeuJKxvQbDxY&google_cver=1
Request Chain 172
  • https://servedby.flashtalking.com/map/?key=a7rAgh52909gAgrTaAporDg928888&url=https://servedby.flashtalking.com/container/29;71832;7464;iframe/?g=[%FT_GUID%] HTTP 302
  • https://servedby.flashtalking.com/container/29;71832;7464;iframe/?g=48188FEABBAD17
Request Chain 181
  • https://its.tradelab.fr/?type=tp&advid=5189423&uuid=0&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1615424111%2C%22page_url%22%3A%22lp.clevernetwork.pt%2F%22%2C%22dm%22%3A%22pokerstars.eu%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1615424111%2C%22prev_vis_ts%22%3A1615424111%2C%22curr_vis_ts%22%3A1615424111%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm HTTP 302
  • https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEOP-pQTLZUzUa0mn_7DeOSg&google_cver=1
Request Chain 189
  • https://adservice.google.de/ddm/fls/i/dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F HTTP 302
  • https://8954552.fls.doubleclick.net/ddm/fls/r/dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F
Request Chain 209
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/702974000/?random=1348709411&cv=9&fst=1615424111565&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMqauOKDp-8CFRoE4AodSA0DNQ%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D105097354712665%3Bord%3D4664647398926.674%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.eu%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=b2pJYIuvJpmxx_APhMSswAo&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/702974000/?random=1348709411&cv=9&fst=1615424111565&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMqauOKDp-8CFRoE4AodSA0DNQ%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D105097354712665%3Bord%3D4664647398926.674%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.eu%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=b2pJYIuvJpmxx_APhMSswAo&cid=CAQSKQCNIrLMQKKDlWbvvrYVsKJfH8aFku-JtzC15uxsaMCLoe1BVB-EDbfu&random=476051964&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/702974000/?random=1348709411&cv=9&fst=1615424111565&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMqauOKDp-8CFRoE4AodSA0DNQ%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D105097354712665%3Bord%3D4664647398926.674%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.eu%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=b2pJYIuvJpmxx_APhMSswAo&cid=CAQSKQCNIrLMQKKDlWbvvrYVsKJfH8aFku-JtzC15uxsaMCLoe1BVB-EDbfu&random=476051964&resp=GooglemKTybQhCsO&ipr=y
Request Chain 210
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/752674712/?random=168098372&cv=9&fst=1615424111565&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMqauOKDp-8CFRoE4AodSA0DNQ%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D105097354712665%3Bord%3D4664647398926.674%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.eu%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=b2pJYIOxJvuBx_AP3MyCwAE&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/752674712/?random=168098372&cv=9&fst=1615424111565&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMqauOKDp-8CFRoE4AodSA0DNQ%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D105097354712665%3Bord%3D4664647398926.674%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.eu%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=b2pJYIOxJvuBx_AP3MyCwAE&cid=CAQSKQCNIrLMmxyP6sKWBdenaJMj2dUNFDllmtxZM6IpgUMSb9oCkW9faH7I&random=2936703643&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/752674712/?random=168098372&cv=9&fst=1615424111565&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMqauOKDp-8CFRoE4AodSA0DNQ%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D105097354712665%3Bord%3D4664647398926.674%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.eu%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=b2pJYIOxJvuBx_AP3MyCwAE&cid=CAQSKQCNIrLMmxyP6sKWBdenaJMj2dUNFDllmtxZM6IpgUMSb9oCkW9faH7I&random=2936703643&resp=GooglemKTybQhCsO&ipr=y

367 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
pkvHy
bityli.com/
16 KB
5 KB
Document
General
Full URL
https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8429a6ffbbbe9bf668f8309c48d76ccb7fd19856ae638274c7c492415b39f7f

Request headers

:method
GET
:authority
bityli.com
:scheme
https
:path
/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:07 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d761692af86ca6efcc9b88cb11a91c76e1615424106; expires=Sat, 10-Apr-21 00:55:06 GMT; path=/; domain=.bityli.com; HttpOnly; SameSite=Lax; Secure PHPSESSID=3a366181407c99d18ec4a2a36eac2bd4; path=/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
08c060c6b900002c4e9028e000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6egkKXmeLpNQBOYO0SRFF2ekn%2FXLfv4algcZodxnVMYX0tUqM1YAaDiJ%2FCCrAR4BCuai2PUTGiLiy2vUU%2FcrBHy2caBMMd1%2FglJiG7%2FDAAqJ0uVZsAeY"}],"max_age":604800}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
62e0d0b78d472c4e-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/
3 KB
526 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7e8158695e0e4cf90e8ee1ac3fd76572a677909d6969df84086026841e84b1fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bityli.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 11 Mar 2021 00:28:21 GMT
server
ESF
date
Thu, 11 Mar 2021 00:55:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 Mar 2021 00:55:07 GMT
bootstrap.min.css
bityli.com/themes/saas/assets1/css/
156 KB
21 KB
Stylesheet
General
Full URL
https://bityli.com/themes/saas/assets1/css/bootstrap.min.css
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Request headers

Referer
https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 07 Nov 2020 00:03:50 GMT
server
cloudflare
age
2399
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nYAceXOyegv70SjWT592n4aqL7zK1Z8272NhQEGzJuFK%2FofZ3OM%2BnCnG%2Be6vF5sjqnurHs0R7KMae5xrJOjm4G4LRa2X1CfxpJRyPfW0iVFBvgqMjyD3"}],"max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
62e0d0c09c952c4e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c060cc6000002c4e69143000000001
slick.css
bityli.com/themes/saas/assets1/css/
1 KB
745 B
Stylesheet
General
Full URL
https://bityli.com/themes/saas/assets1/css/slick.css
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21061765237c66c10b48e236063a3497c22d33629e98f8654d1a3b860fa48700

Request headers

Referer
https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2399
cf-polished
origSize=1776
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c060cc6000002c4ed692c000000001
last-modified
Sun, 03 May 2020 19:56:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9vTZa0nAvuXKZGvzZkbpZ8adQddKZzGT0Pxw80VqK%2FLFwTKp6IUY9J4zSxGW3tajcKdIlcsIpo08aj9VPHfghuL0AT6faNhUeVzNNvnkdAk%2FufBnOYMh"}],"max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
62e0d0c09c962c4e-FRA
cf-bgj
minify
LineIcons.css
bityli.com/themes/saas/assets1/fonts/lineicons/font-css/
22 KB
4 KB
Stylesheet
General
Full URL
https://bityli.com/themes/saas/assets1/fonts/lineicons/font-css/LineIcons.css
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0b65098ced25c5e297bad2d15d60bb699e598fae6f80faae7a0a6903e59d21d

Request headers

Referer
https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2399
cf-polished
origSize=28260
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c060cc6200002c4e9bb48000000001
last-modified
Sun, 23 Feb 2020 11:45:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4ercR%2Fa2sM%2BqBnsxiV9IFV08g1A0ui8rMndpGR3b6J6XKqfXNYmwi%2B8ys2SreXe07LYjdLUz2KOLavCAeMFg63Rpg2JZAQTqECEa5fTAav9bPw%2FDxsoa"}],"max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
62e0d0c09c982c4e-FRA
cf-bgj
minify
LineIcons.css
bityli.com/themes/saas/assets1/css/
22 KB
4 KB
Stylesheet
General
Full URL
https://bityli.com/themes/saas/assets1/css/LineIcons.css
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0b65098ced25c5e297bad2d15d60bb699e598fae6f80faae7a0a6903e59d21d

Request headers

Referer
https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2399
cf-polished
origSize=28260
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c060cc6200002c4e660fa000000001
last-modified
Sun, 03 May 2020 19:56:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Qb4z4uSnn%2FiGpBf5l7jCFPZncvMNLhjcNE1oK7iKYTz337kkiHhLPasMjHwF6FExGwThjgTDkmSTn5S%2B14wiP%2FMhmGMpAA5Hf3rjCdOVonPk2aNxAuOm"}],"max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
62e0d0c09c992c4e-FRA
cf-bgj
minify
default.css
bityli.com/themes/saas/assets1/css/
8 KB
1 KB
Stylesheet
General
Full URL
https://bityli.com/themes/saas/assets1/css/default.css
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c59d882e3530622289705fd1e3d0b192a62debfcde1027fe90b3e11dd3a981d3

Request headers

Referer
https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2399
cf-polished
origSize=11304
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c060cc6300002c4ed03d1000000001
last-modified
Sun, 03 May 2020 19:56:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cfuE8VUDRRz2fYPEGE5xIxVt8vwcCh5fpX1CrACGiCraVwXgJFmuKqStiNsDb50ROFptdiQ44zCZOvlEc63f%2BghxtR%2ByYEGi58%2FfEOMdI7In86HA3aR5"}],"max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
62e0d0c09c9b2c4e-FRA
cf-bgj
minify
style.css
bityli.com/themes/saas/assets1/css/
50 KB
8 KB
Stylesheet
General
Full URL
https://bityli.com/themes/saas/assets1/css/style.css
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46289d29d992c5c7210ae2e100ad185f10858b2db61859fa2eadddca78ad829e

Request headers

Referer
https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2399
cf-polished
origSize=69891
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c060cc6300002c4eab9c2000000001
last-modified
Sat, 30 Jan 2021 14:44:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bB%2BQTSVQHnIRC5rYGPQLm2KxjhxCNvL1EZOxVNUWWldwFg67FBj2DPOffuhXChyrrmsZ%2FZSN0b4G0qsmbVIBfccL15%2BTHM6Ut4Jd0RGHgh%2BUEUPtwO%2Bg"}],"max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
62e0d0c09c9c2c4e-FRA
cf-bgj
minify
style.css
bityli.com/themes/saas/
91 KB
14 KB
Stylesheet
General
Full URL
https://bityli.com/themes/saas/style.css
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53289bc177e9dbf73eaf23404a01e76d2237941bf9e4cca32713b6a979f8e387

Request headers

Referer
https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2398
cf-polished
origSize=113589
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c060cc6300002c4e88972000000001
last-modified
Fri, 13 Nov 2020 21:15:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ajVzucdpiapuRnt0KkrA1q9PTFQh%2FWo013%2BORIURgovdTH9PotTeqfEraCwGNE8Kdoq6pXoPh6UYQRWgeV0vRhZkXzf8w2zwVLaRH5GnoKDniXJKYFl3"}],"max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
62e0d0c09c9d2c4e-FRA
cf-bgj
minify
components.min.css
bityli.com/static/css/
19 KB
3 KB
Stylesheet
General
Full URL
https://bityli.com/static/css/components.min.css
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c19df610d2b937c34facbe5517c48054fd3695a18e69fa1ac94084aa61d5079

Request headers

Referer
https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 10 Jan 2021 20:51:08 GMT
server
cloudflare
age
2398
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C9rG2OygKNQZZ3fTLupZFkahQ8EYeSVrJyFMtzZCX6D0lPmhnTXTd7zI2z73FvxyolvGQdIbA50UV%2FuhkoGmbsxLy%2Br%2BMxlWT%2BPfK6ipQnVjcP4duFdi"}],"max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
62e0d0c09c9e2c4e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c060cc6300002c4ea6092000000001
fa-all.min.css
bityli.com/static/css/
56 KB
12 KB
Stylesheet
General
Full URL
https://bityli.com/static/css/fa-all.min.css
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74d66add22660b12e57cf4a9e1c2fe4fcc8708e052ec75b62b1e9428968fc90d

Request headers

Referer
https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 10 Jan 2021 20:51:08 GMT
server
cloudflare
age
2398
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VrZ0qf91kWYYo7w9TctZqsIjPTsOd6zzN1Cr9ezHT32YeayPfm%2BsFIMvvtea8mngHV%2B9UBaeU6cluY%2B6QeoNHCcHwsUtcsFmY9pMYMyuvVke4M5QofFI"}],"max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
62e0d0c09c9f2c4e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c060cc6400002c4ebe398000000001
components.min.css
bityli.com/themes/saas/assets/css/
0
0
Stylesheet
General
Full URL
https://bityli.com/themes/saas/assets/css/components.min.css
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 00:55:08 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=J5xHdms1x%2Fft2P2A8pT6Lzel3t%2FtUPZTWR8odtuwokWhiExasNLMJZwstaBsr3%2FtYFnqeU9O9sgRiC3oeB5xsl%2FYkELUsZB4HeLLnUSQY0vidGrbS9gF"}],"max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
62e0d0c09ca02c4e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c060cc6400002c4e5d10f000000001
expires
Thu, 19 Nov 1981 08:52:00 GMT
animate.min.css
bityli.com/themes/saas/assets/css/
0
0
Stylesheet
General
Full URL
https://bityli.com/themes/saas/assets/css/animate.min.css
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 00:55:08 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=urYm3TB%2FR0WFnhhgAIwqvD27Cu5eajlLqN0akVeJ694L%2BAIHeHdBoB5fwnMErIASkp%2FAnHd3K8uhG9YLX9ncMZCdfxh%2FNG3Zhr6N6XKmKF3CksJtl1UA"}],"max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
62e0d0c0aca22c4e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c060cc6500002c4ea73bc000000001
expires
Thu, 19 Nov 1981 08:52:00 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.0.3/
82 KB
29 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bityli.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 08:38:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
145021
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29440
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Mar 2022 08:38:06 GMT
bootstrap.min.js
bityli.com/static/
3 KB
1 KB
Script
General
Full URL
https://bityli.com/static/bootstrap.min.js
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f7244cb694f7f667a5f3668a79844fc6159e3922363f0423d9b09872680f372

Request headers

Referer
https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 10 Jan 2021 20:51:08 GMT
server
cloudflare
age
2395
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hgdXAfT9RDCeQ8GwgH0OIami6tjoBCelFXBtZbkdelV23ynZRsw6%2BlpY70nXr5LcRpg5fn5VqmmSdJV2OkOCEzmhKuReQHXgwJ3rYvyQDYl5NxUSK0PJ"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
62e0d0c0aca32c4e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c060cc6600002c4e6face000000001
application.fn.js
bityli.com/static/
3 KB
1 KB
Script
General
Full URL
https://bityli.com/static/application.fn.js
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
877de2ffab95719d6ff1f1048fa912e70ee31879a2a31f868eb5b1770252d8fb

Request headers

Referer
https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2395
cf-polished
origSize=4495
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c060cc6600002c4e722f3000000001
last-modified
Sun, 10 Jan 2021 20:51:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4%2Fg00mxfdJiyq0GcC7x5U7VBIW%2FTt4EE0sUh99qvnCqNajK29sJ1SM%2FR8Loc9c4O1IRmiJxda86BlLwUn2iZu29dGC1hgTZ9Xtie9RmtZwNAjViSTs8Y"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
62e0d0c0aca42c4e-FRA
cf-bgj
minify
jquery-1.12.4.min.js
bityli.com/themes/saas/assets1/js/vendor/
95 KB
32 KB
Script
General
Full URL
https://bityli.com/themes/saas/assets1/js/vendor/jquery-1.12.4.min.js
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer
https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Sep 2018 13:54:46 GMT
server
cloudflare
age
2395
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Q5vcCzhEL3YppSWh6wKuBparY9UrnoEnNm4QdZg2QG70cCoEueapOKUop6ljvb%2FX4QFJyHbitmjynhTnZVMB0TqhhT%2BNGI%2BPOqpB9w%2BnjE46G8gzb%2Bu6"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
62e0d0c0aca52c4e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c060cc6600002c4e853d9000000001
bootstrap.min.js
bityli.com/themes/saas/assets1/js/
59 KB
15 KB
Script
General
Full URL
https://bityli.com/themes/saas/assets1/js/bootstrap.min.js
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548

Request headers

Referer
https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 28 Nov 2019 13:08:56 GMT
server
cloudflare
age
2394
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iV83vpOgJU4JTZj%2FJ2Pszr%2B%2Ff3MfPX4gXJVH7xUzywgy6Xooiwe1EuM%2Btz03ps%2F4JGd6BkVtcg5OpsOiYo6O%2BX3PzsglS7BFk2K0UJsiP5hjovQe3hV%2B"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
62e0d0c0aca62c4e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c060cc6600002c4e7d815000000001
slick.min.js
bityli.com/themes/saas/assets1/js/
42 KB
10 KB
Script
General
Full URL
https://bityli.com/themes/saas/assets1/js/slick.min.js
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

Referer
https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 03 May 2020 19:56:34 GMT
server
cloudflare
age
2394
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5KN46z%2FBuNb5bEQ8O7Yz%2FCx%2FvlUFzqnl%2Fwn5svjDQisp8mIP%2Ba4BlA5aa%2BCUfkrKiBGir%2BA0%2BaBpNDuLZxNbeaANGY74Hk8fannQfq4BK%2BT5SxTW0%2Fw7"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
62e0d0c0aca72c4e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c060cc6600002c4ec3078000000001
components.js
bityli.com/themes/saas/assets/js/
0
0
Script
General
Full URL
https://bityli.com/themes/saas/assets/js/components.js
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 00:55:08 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ANRoL4UhA47HzkRNkOid0SUFI5nQ0hvM4tZc8E9zbKY5TllFMZCAKCzg6PnAg0H2vjtIdJBGdnQX6th7mGAK%2FCEAufyqw%2FAU3l5XI9t07Uf36g3LLmxE"}],"max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
62e0d0c0aca82c4e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c060cc6700002c4e951da000000001
expires
Thu, 19 Nov 1981 08:52:00 GMT
waypoints.min.js
cdnjs.cloudflare.com/ajax/libs/waypoints/2.0.3/
8 KB
3 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/waypoints/2.0.3/waypoints.min.js
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://bityli.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1821910
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2331
cf-request-id
08c060cc6500004a7f85866000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:51 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0402f-1f6c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C7NDSG0VopHRD%2B48RWZl0toN7gYcNqbOX3mbxID1olgJbjQRUmADt9R8jGKeLV%2FjExz39GJpT%2F%2F%2FLSpp1Kw%2F7SpH6JKtmvvpnTrFNMtdY1jFppDXNVRy0NiNguoHDBILbw%3D%3D"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
62e0d0c0aa5a4a7f-FRA
expires
Tue, 01 Mar 2022 00:55:07 GMT
script.js
livedados.com/js/
0
0

blockadblock.min.js
cdnjs.cloudflare.com/ajax/libs/blockadblock/3.2.1/
5 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/blockadblock/3.2.1/blockadblock.min.js?v=3.2.1
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df35392ebe2722ddcafc180639031db9a8ed65c3d5f5e94833fdb74435d1a77a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://bityli.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
616847
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1309
cf-request-id
08c060cc6500004a7f73995000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:06:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d8b-1289"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5xcPHR1tyGHxW3hsMSInbC6vO6nPexgSDR4VSQeo%2BbKM2Yc%2FvmcLuwHyV709mzX0Eb1hK7KtEWQmr9h63JySD%2B6Ib49xa6inSp288xWOK9ylF%2FqqclGDzKEsIoxWqNwaZg%3D%3D"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
62e0d0c0aa5b4a7f-FRA
expires
Tue, 01 Mar 2022 00:55:07 GMT
detect.app.js
bityli.com/static/
386 B
684 B
Script
General
Full URL
https://bityli.com/static/detect.app.js
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e527e6fb033ab7789f691a772a1c400c759c1fb6decc5c0b2995c43670114216

Request headers

Referer
https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1096
cf-polished
origSize=440
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c060cc6700002c4e7b100000000001
last-modified
Sun, 10 Jan 2021 20:51:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hkA9HwYDp0aJupKV3KT5Y%2BIyPEMY%2F66W%2B3cr22J0fykI5BlX4T0ZHeRbIoxeEVktYQaN%2Firk4JWd6x1gLzvMiR7nF4YHxXfANlohrAF0UOcaJYjIERge"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
62e0d0c0aca92c4e-FRA
cf-bgj
minify
chosen.jquery.min.js
cdnjs.cloudflare.com/ajax/libs/chosen/1.1.0/
26 KB
6 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/chosen/1.1.0/chosen.jquery.min.js?v=1.1.0
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c7e07dfb2d7437793e8b1ed577739a8bd55558df14aa7234714675ba53f71ee
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://bityli.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3649675
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5483
cf-request-id
08c060cc6500004a7f31911000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e23-6956"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=apmWqsbyCATHxRrDMtJFMa21KZlenq1m3X8AeHZT273SYGLQPQKynOtv%2FkxaPVmTbPg%2FX35ccwlT1KrcuND4i9sWf1wYx0v3FvCYM82OQYnzpKHJRHQSdnYXNpXMfShXYA%3D%3D"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
62e0d0c0aa5c4a7f-FRA
expires
Tue, 01 Mar 2022 00:55:07 GMT
icheck.min.js
cdnjs.cloudflare.com/ajax/libs/iCheck/1.0.1/
4 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/iCheck/1.0.1/icheck.min.js?v=1.0.1
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6102d725c22f9bf27ef542ceae070843153f3e0926b89820a75f29b107e33cb2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://bityli.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1961180
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1911
cf-request-id
08c060cc6500004a7f3b155000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:10 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e9e-11a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZRWo8CVEkbPUZnJd5XHvmEC5v6p9k3ecEm7Y7KovgV8Bcw1M5EtZyLsvqKtnvm2mNrbGdJOpmcn%2F%2BHhs8ppE%2BEmAKrINruZcr4Ibm643lJzylfdhktS4w23cVMUw3PKjTw%3D%3D"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
62e0d0c0aa5d4a7f-FRA
expires
Tue, 01 Mar 2022 00:55:07 GMT
clipboard.min.js
cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.5.15/
10 KB
3 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.5.15/clipboard.min.js?v=1.5.15
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08e5970dcee7ecf02ab04df2d6be02568a71594f4923491e9f3e8ae3306a853f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://bityli.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4845740
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2906
cf-request-id
08c060cc6500004a7f1aa7b000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:13 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e29-2824"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LMdBxWxK55JzZrdz4t14iR4aIujfjVk19oJtTvDtkLhcgWXm8CtcfJGvVDxQWbVEEQCNyySYTkDqjqURS13894eRfa%2FCZjT82xmpYc45oS0%2B%2FWfrn2xNW6vqniw4g1OXqA%3D%3D"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
62e0d0c0aa5e4a7f-FRA
expires
Tue, 01 Mar 2022 00:55:07 GMT
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/
19 KB
6 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js?v=3.0.3
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://bityli.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1961218
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5676
cf-request-id
08c060cc6500004a7f2736a000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-4d5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SBQhw7ravNQQc%2BoCbStlLeyYM%2FOh%2FYPxAvdMaLIlss53dXnMbwrpabwAbMI4LFKHIQjrkRSo9Dfb3WMVjBcx77W84eQQdP%2BotnEo8Snl070RTQarypmTjJ%2FqcHUcr7MhwA%3D%3D"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
62e0d0c0aa5f4a7f-FRA
expires
Tue, 01 Mar 2022 00:55:07 GMT
cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/
4 KB
1 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css?v=3.0.3
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://bityli.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1219890
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
948
cf-request-id
08c060cc6400004a7f688e1000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-f62"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RE5prsBG18t1b7Wu1hLQB60S5K3qdTA2YUm1XYS9Ka%2FoEffZ32nea8GhDut3COf44msqz4EB6%2F5%2FfsDmdFxR3m92MnPqnOMXz47yPkMx51YjVdrRb53uiAJ2Ouusru35kA%3D%3D"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
62e0d0c0aa594a7f-FRA
expires
Tue, 01 Mar 2022 00:55:07 GMT
jquery.autocomplete.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.devbridge-autocomplete/1.4.10/
13 KB
4 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.devbridge-autocomplete/1.4.10/jquery.autocomplete.min.js?v=1.1.5
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6ff6d4624a5c8140cbc19107aa372a233907f8e6e4d55d002d20cae682a575f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://bityli.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3640099
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3860
cf-request-id
08c060cc6500004a7f1804d000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-331b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SEfFPffJf7Spmc6pSQKlKw6vtM%2FNVIz6dfo2jmpQv90j5xbZuUmk38EmfmMIEADj7JToU%2B9gsS9VsKDzt%2FaO2LxlS0iYkbKioEKdEQ%2FM5O8hYuxWQXNMmq4hGgKPPbJ7zw%3D%3D"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
62e0d0c0aa604a7f-FRA
expires
Tue, 01 Mar 2022 00:55:07 GMT
pace.js
cdnjs.cloudflare.com/ajax/libs/pace/0.4.17/
25 KB
6 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/pace/0.4.17/pace.js?v=0.4.17
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a898f00aabf0e5632b47a59e092c4662c8cbda0c33ea6d0d424cbced57e3ee72
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://bityli.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2422009
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5158
cf-request-id
08c060cc6500004a7f533cf000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f40-621b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rCMCQr%2FOeCCp61erZ4%2BWukl%2FgGWpNr7Reond6%2BoJqliu%2FgK7TksYtIsEEJAN9p%2FkYrzdLtobRg9F%2Fj0WxFd%2FEMTcAnBzhRy%2FP76duEGZ30GDWDxJ3Vdb9PuC86QiHGIxBQ%3D%3D"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
62e0d0c0aa614a7f-FRA
expires
Tue, 01 Mar 2022 00:55:07 GMT
js
www.googletagmanager.com/gtag/
99 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-146760796-1
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0f2d69704a49ce1914361c4e1d9e7adc325d30967ab8518a0c087545c2f9c9c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://bityli.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:08 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39824
x-xss-protection
0
last-modified
Thu, 11 Mar 2021 00:35:04 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 11 Mar 2021 00:55:08 GMT
application.js
bityli.com/static/
15 KB
4 KB
Script
General
Full URL
https://bityli.com/static/application.js
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
171ca22825d9d3284a7e20e85120854bc2bf6fb15b821ce6bed382f14ff51c29

Request headers

Referer
https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2393
cf-polished
origSize=20067
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c060cc6700002c4e8034e000000001
last-modified
Sun, 10 Jan 2021 20:51:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Xkv2XJgzzxTGRup7CbqFa5ljTmpyqo8%2BVT8Regawh8vxcyHSoaMnsvWE7osDm7HR4TNPt8C55hCMu%2FTCMoOlroY4YLdrD%2BvCymEsvWy7CajUxAYSRxEm"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
62e0d0c0acaa2c4e-FRA
cf-bgj
minify
server.js
bityli.com/static/
8 KB
2 KB
Script
General
Full URL
https://bityli.com/static/server.js
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7c3e55eaa9ecaa4ca4a2ebffc199b1d3b5c4c568e832a107811ca61db66bcbb

Request headers

Referer
https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2393
cf-polished
origSize=12439
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c060cc6700002c4e8c081000000001
last-modified
Sun, 10 Jan 2021 20:51:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8USrY0tK%2BwgwzUYYzBPgRA%2FyjbDqeLd2lp%2FmfN6ziTp6MjfcZHk6DNljRlbFhpA1eEfaZg4eu5E3bDwlE7CDg%2BbX1c8iSm9NR7TjrbVndMCGtLXQ53VP"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
62e0d0c0acab2c4e-FRA
cf-bgj
minify
auto_site_logo.png
bityli.com/content/
4 KB
4 KB
Image
General
Full URL
https://bityli.com/content/auto_site_logo.png
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a923b3ea0ecb81905ee68b897fd3e2a1ba5b42feef35f648539e9c4b1da3320d

Request headers

Referer
https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:08 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2393
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4238
cf-request-id
08c060cfbe00002c4e8036b000000001
last-modified
Wed, 03 Mar 2021 23:57:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1Zn7EG%2BPDlV86qJ%2BUYbGNTgq7yxvVmKEj6oNtt1B8ysJUyvVlj%2BqpBrvpAWB6ieW7EHGwGexpLchHpN%2Fh5HqfQhzjl2ojEm8uU9NFO4E00mAciMbvF8z"}],"max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
62e0d0c5f8c62c4e-FRA
css
fonts.googleapis.com/
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Nunito:300,400,600,700,800&display=swap
Requested by
Host: bityli.com
URL: https://bityli.com/themes/saas/assets1/css/style.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e5e8a081c33e64578de89d2fe9f37aeca106246d4fbd2c0b9ba2f2520cd0edb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bityli.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 23:42:37 GMT
server
ESF
date
Thu, 11 Mar 2021 00:55:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 Mar 2021 00:55:07 GMT
icons.css
bityli.com/themes/saas/assets/css/
14 KB
3 KB
Stylesheet
General
Full URL
https://bityli.com/themes/saas/assets/css/icons.css
Requested by
Host: bityli.com
URL: https://bityli.com/themes/saas/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5677bfe81b3c8ac24882e1c9b6b53f629e150f6124730061898c8409130c866c

Request headers

Referer
https://bityli.com/themes/saas/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1992
cf-polished
origSize=16435
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c060cc8c00002c4ea73bd000000001
last-modified
Fri, 23 May 2014 18:31:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1nJ3Mo0WweA6lHAeaz1R1YvhXV0IpH9RC%2FYimM2DYzquUuX2zKoa%2B0xkV2hSrQMCty2L08C6k9WAmwOx%2BCKk0LteR%2BHNOA9EzaNJPDiyAJlKGpRD3vZb"}],"max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
62e0d0c0eccc2c4e-FRA
cf-bgj
minify
responsive.css
bityli.com/themes/saas/assets/css/
0
304 B
Stylesheet
General
Full URL
https://bityli.com/themes/saas/assets/css/responsive.css
Requested by
Host: bityli.com
URL: https://bityli.com/themes/saas/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bityli.com/themes/saas/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:07 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1991
cf-polished
origSize=581
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-request-id
08c060cc8c00002c4e6facf000000001
last-modified
Wed, 23 Jan 2019 22:25:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ihrzN9yCx35EWE%2FsZL1Xccg9pvsxGckGqiq2CP6z4Dz3GYT7cTGqORJA871Mm%2FXFLkaPIde4Jis%2FnfC4FTD7fvsLPfCDDUYThdHzU7I0SpU16eGEKGEw"}],"max_age":604800}
content-type
text/css
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
62e0d0c0eccd2c4e-FRA
cf-bgj
minify
/
api.miniature.io/
Redirect Chain
  • https://bityli.com/pkvHy/i
  • https://api.miniature.io/?width=800&height=600&screen=1024&url=https%3A%2F%2Fwww.portoseguro.com.br%2Fconsorcio-de-imoveis%3Futm_source%3Dmeuportoseguro%26utm_medium%3Droberta_machado_8800%26utm_ca...
23 KB
23 KB
Image
General
Full URL
https://api.miniature.io/?width=800&height=600&screen=1024&url=https%3A%2F%2Fwww.portoseguro.com.br%2Fconsorcio-de-imoveis%3Futm_source%3Dmeuportoseguro%26utm_medium%3Droberta_machado_8800%26utm_campaign%3Dindicacao%26utm_content%3Dsite_candidato%26codigoParceiroExterno%3D900011%26codigoRepresentanteParceiroExterno%3Droberta_machado_8800
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.182.76.191 Poledno, Poland, ASN16276 (OVH, FR),
Reverse DNS
edge01.devgrid.net
Software
openresty /
Resource Hash
45024d41846a2594d90f9942d9e3b4f068eed7e2b33761e53a4aca99a372e720

Request headers

Referer
https://bityli.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:09 GMT
server
openresty
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
x-response-type
content
cache-control
max-age=86400
access-control-allow-headers
X-Requested-With

Redirect headers

pragma
no-cache
date
Thu, 11 Mar 2021 00:55:09 GMT
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=P7HHGmRI%2FF%2Bn3%2Fz9M5o32qf%2BjvfyDP9hz4BcJxCDixAwpGNBaIOp1uEMF42jy6pU4c4qYzNR3Q8wThfWsScMYy3cX1vt3Tq%2FGTslEYq4tZCg%2BEuSWIuh"}],"max_age":604800}
content-type
text/html; charset=UTF-8
location
https://api.miniature.io/?width=800&height=600&screen=1024&url=https%3A%2F%2Fwww.portoseguro.com.br%2Fconsorcio-de-imoveis%3Futm_source%3Dmeuportoseguro%26utm_medium%3Droberta_machado_8800%26utm_campaign%3Dindicacao%26utm_content%3Dsite_candidato%26codigoParceiroExterno%3D900011%26codigoRepresentanteParceiroExterno%3Droberta_machado_8800
cache-control
no-store, no-cache, must-revalidate
cf-ray
62e0d0c5f8c72c4e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c060cfbe00002c4e8898d000000001
expires
Thu, 19 Nov 1981 08:52:00 GMT
typed.min.js
cdnjs.cloudflare.com/ajax/libs/typed.js/2.0.6/
11 KB
3 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/typed.js/2.0.6/typed.min.js
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
960d3c7144bd7d1695869610cb719fa0d30c5ca692eb76e1497a96f0c7ee001c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://bityli.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1958926
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3045
cf-request-id
08c060cf9b00004a7f7f1a6000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-2cc5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pU0kyyxx6%2FUXPwayoZPu9SmaIirsAUohh148P%2BcL8IhlC%2FsABwqSgcytKMvs4yQDQBKDgCgDR89O2EoOJYF7nCHHaXAxW0RHUdz37oxQfHUP3AnSc34%2BV%2FCHA%2Bd3rIHDVg%3D%3D"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
62e0d0c5ced04a7f-FRA
expires
Tue, 01 Mar 2022 00:55:08 GMT
main.js
bityli.com/themes/saas/assets/js/
3 KB
1 KB
Script
General
Full URL
https://bityli.com/themes/saas/assets/js/main.js
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3568fab3fd530fc35c9f674ba12058852e3390ae36ef8393140b5c82432a782

Request headers

Referer
https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1991
cf-polished
origSize=3609
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c060cfae00002c4eb3261000000001
last-modified
Thu, 31 Jan 2019 00:31:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vHRgkySNeGvLwJ4luUXKtF5kv%2FFsPg31SNYnBCEAMfRPuqn3JfEbhm3tMAppjlMfONa9Tiwd5f9A1I9P%2FDCPqdjEeDRW7OgFCpd7XuIeAPF8cVLiB%2Bti"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
62e0d0c5e8b52c4e-FRA
cf-bgj
minify
9d136f8caa99b4fa79d868ae9a2b9cf7.min.js
clevernt.com/scripts/
127 KB
50 KB
Script
General
Full URL
https://clevernt.com/scripts/9d136f8caa99b4fa79d868ae9a2b9cf7.min.js?20200913=1615424108476
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc9ffaa978a0594b8d6f5dda0a295185fd19044f1bd4b49c7e00929328cc4d05

Request headers

Referer
https://bityli.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1096
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
7J6VCHEK8Y8G8W5M
x-amz-id-2
GwpVmEnXjxR9WbenKe50DPvgVjOGOgu2EbKsTPh6S/UomF0D6FiXbBXtMRYylyVUQyT5BxEZh8Y=
last-modified
Wed, 10 Mar 2021 11:44:51 GMT
server
cloudflare
etag
W/"ac8a8c43031b033175ef3069141d2947"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7qZGwEHcrotUGXb7jH3VtVQk%2Bce4ZMGJON8lEWtHDE64aJRls1EAphBJKRRcpfGFz0EBZK6x%2B40%2BajfaDQP%2BwEF7kzcNNNni9jmZ2nGWw9m4wusT8CBDY6w%3D"}],"max_age":604800}
content-type
text/javascript
cache-control
max-age=1800
cf-request-id
08c060cfd5000032483302f000000001
cf-ray
62e0d0c62fad3248-FRA
XRXW3I6Li01BKofA6sKUYevI.woff2
fonts.gstatic.com/s/nunito/v16/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofA6sKUYevI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:300,400,600,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8a2fc19b3c25b470b6b7a2cb69be14e22328bc0bf9adfe709f0b1477fc61525
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://bityli.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 19:41:25 GMT
x-content-type-options
nosniff
last-modified
Wed, 25 Nov 2020 02:44:29 GMT
server
sffe
age
537223
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19248
x-xss-protection
0
expires
Fri, 04 Mar 2022 19:41:25 GMT
XRXW3I6Li01BKofAjsOUYevI.woff2
fonts.gstatic.com/s/nunito/v16/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofAjsOUYevI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:300,400,600,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
622b2acb1b2c8d4eba45b028583b297a195b839f4684fc02d6906c84779f763d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://bityli.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 22:37:29 GMT
x-content-type-options
nosniff
last-modified
Wed, 25 Nov 2020 02:44:23 GMT
server
sffe
age
8259
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19088
x-xss-protection
0
expires
Thu, 10 Mar 2022 22:37:29 GMT
XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v16/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/nunito/v16/XRXV3I6Li01BKofINeaB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:300,400,600,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06f3af3fe52542d40ad9bc14ec03e04deaabd09ec369221cc8f536db1c72bf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://bityli.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:25:23 GMT
x-content-type-options
nosniff
last-modified
Wed, 25 Nov 2020 02:44:35 GMT
server
sffe
age
1785
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18972
x-xss-protection
0
expires
Fri, 11 Mar 2022 00:25:23 GMT
themify.woff
bityli.com/themes/saas/assets/css/fonts/
55 KB
55 KB
Font
General
Full URL
https://bityli.com/themes/saas/assets/css/fonts/themify.woff?-fvbane
Requested by
Host: bityli.com
URL: https://bityli.com/themes/saas/assets/css/icons.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7

Request headers

Origin
https://bityli.com
Referer
https://bityli.com/themes/saas/assets/css/icons.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:08 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1990
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
56108
cf-request-id
08c060cfc900002c4ea60ac000000001
last-modified
Fri, 23 May 2014 18:31:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9IucOU%2FtSQj9Uk1cGBOoY4CJoUkK0HQwcwtYXHa1GZqI2M8iHgUBk6SmGxlSorgJzrabM%2FLV8t%2FKdwp2euDpR%2FdFreIF1inx81jnAvlbUbgpu%2BUedF3R"}],"max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
62e0d0c608d32c4e-FRA
docallbackinfoa60f7e5344174d36a83bfa6dd438bc04.js
ui.clevernt.com/
695 B
1018 B
Script
General
Full URL
https://ui.clevernt.com/docallbackinfoa60f7e5344174d36a83bfa6dd438bc04.js
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.69.64.109 Porto, Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS
host-109.clevernetwork.pt
Software
nginx /
Resource Hash
44a012a4ad2f32024e0be67c17b7e1c19f92229b3f4431f55269947fb2e5a2ba
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://bityli.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
cache
date
Thu, 11 Mar 2021 00:55:08 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
strict-transport-security
max-age=15768000
expires
Thu, 11 Mar 2021 01:55:08 GMT
analytics.js
www.google-analytics.com/
46 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-146760796-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bityli.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
5203
date
Wed, 10 Mar 2021 23:28:25 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Thu, 11 Mar 2021 01:28:25 GMT
collect
www.google-analytics.com/j/
1 B
61 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=616681465&t=pageview&_s=1&dl=https%3A%2F%2Fbityli.com%2FpkvHy%3Ffbclid%3DIwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU&ul=en-us&de=UTF-8&dt=Cons%C3%B3rcio%20de%20im%C3%B3veis%20%7C%20Porto%20Seguro%20-%20Encurtador%20de%20URL%20-%20Encurtador%20de%20Link%20-%20Bityli&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1649431026&gjid=1737869633&cid=1777478963.1615424109&tid=UA-146760796-1&_gid=837807942.1615424109&_r=1&gtm=2ou330&z=177818625
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bityli.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 00:55:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bityli.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
lp.clevernetwork.pt/pokerstars/aa/ Frame 3493
Redirect Chain
  • https://sender.clevernt.com/transporter/45417.php?ppuc=1&ppu=0&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJr...
  • https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=4...
5 KB
2 KB
Document
General
Full URL
https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52c386cb8b28fcdc069b847d6a7f686a77ec8e678dee41307bc8c7d66bda29f8

Request headers

:method
GET
:authority
lp.clevernetwork.pt
:scheme
https
:path
/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bityli.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://bityli.com/

Response headers

date
Thu, 11 Mar 2021 00:55:09 GMT
content-type
text/html
set-cookie
__cfduid=df719aa891d1f322f63506c28061aaab21615424108; expires=Sat, 10-Apr-21 00:55:08 GMT; path=/; domain=.clevernetwork.pt; HttpOnly; SameSite=Lax; Secure
x-amz-id-2
QqiOuP4H1myv1tYBgu+KQtJbSi9lgoxZJnlwHP75v7f/4mqQwXAGkXeY6jnPGy4I89mhtW47N1A=
x-amz-request-id
XSY9V1PFPP8T9K1Q
last-modified
Wed, 10 Mar 2021 22:22:31 GMT
cache-control
max-age=1800
cf-cache-status
MISS
cf-request-id
08c060d18a00002b41e1bf4000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ioetYZLpv3xQDaOp3J%2B3Al9vZEZDUVsLYHwbCysR6Fr165eKRVFG5TQi%2B%2FSJDUFzNDQvcLGnhL4GZ%2Bocyk1K95OIMebpI18a%2BYV2AGBXAGIRzaQlpIWO9AV2ClMmx4BB"}],"group":"cf-nel"}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
62e0d0c8ddee2b41-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

server
nginx
date
Thu, 11 Mar 2021 00:55:08 GMT
content-type
text/html; charset=UTF-8
location
https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
set-cookie
hstpv4user=eyJJRCI6IjQ3MzQ0MTk0d2FuNjA0OTZhNmNkNDRhZCIsIkNUUiI6Ik5MIiwiUmVnaW9uIjpudWxsLCJCcm93c2VyIjoiQ2hyb21lIiwiUGxhdGZvcm0iOiJXaW5kb3dzIiwiTW9iaWxlIjowLCJCb3QiOjAsInJlbW90ZV9hZGRyIjoiMzExNzcyMjQzNSIsIkxhc3RVcGRhdGUiOjE2MTU0MjQxMDh9; expires=1646960108; path=/; domain=.clevernt.com; SameSite=None; Secure
expires
Fri, 27 Jun 1986 23:00:00 GMT
last-modified
Thu, 11 Mar 2021 00:55:08 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
pragma
no-cache
truncated
/
6 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
32c37dc9434bdf2e6543b6bffaf90c5846c1515f2e2480d115fd865e9240b3c3

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
16 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
16a7b2007ea6375a98b53b67e626f89f26415cf82eb3b120f5426fcbbe62cde2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
style.css
lp.clevernetwork.pt/pokerstars/aa/ Frame 3493
7 KB
1 KB
Stylesheet
General
Full URL
https://lp.clevernetwork.pt/pokerstars/aa/style.css?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b78eadc03cee4c5ad476d3df8de773727e25c4952cc4d615fa5203d439c8095

Request headers

Referer
https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3535
cf-polished
origSize=7159
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
2A75BB253D1AD99F
x-amz-id-2
Of3/EYDrNSny4iwRROUpgoCx3AHRHTz2BnMKhQhCEt41fz02RhELDmBPmN0Q6aOsLUbcexq7m3I=
last-modified
Thu, 18 Feb 2021 11:54:26 GMT
server
cloudflare
etag
W/"c56149724e0ef3794776547dd9150296"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7E3YxrPb2c%2BEoh3Tlyy6OQUaiILQbfoYoqgNYNwwviZb3W50LhQ6OCKAjb3DCQ%2BykVxRz%2F0jENzOTvxMNRuVWDjVy1GaR7rTCQ1f6V%2FBgq3fSOSLZXUI7Jd%2BEksIAgxn"}],"group":"cf-nel"}
content-type
text/css
cache-control
max-age=1800
cf-request-id
08c060d1d700002b41938c9000000001
cf-ray
62e0d0c95e312b41-FRA
cf-bgj
minify
logo.png
lp.clevernetwork.pt/pokerstars/aa/imgs/ Frame 3493
7 KB
8 KB
Image
General
Full URL
https://lp.clevernetwork.pt/pokerstars/aa/imgs/logo.png?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
744f85a7207ab76af9bea325844f5c39d6b3ae642acfbb4076e1e29d5cc10d57

Request headers

Referer
https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:09 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1366
cf-ray
62e0d0c95e322b41-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7460
x-amz-id-2
zW5z7gZk8Q1SzFMvb5CTiKsGs/VVHc+gPby92FGey71d06EmxssnHx/ydxT3XZz31eWPnOLGnXA=
last-modified
Thu, 18 Feb 2021 11:54:26 GMT
server
cloudflare
etag
"df1c65e3078c82895a1eb424b29af06b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JGF6UqDauAho4pMKJjcEjPn293knYLHDTvFSwWMM5GJqbiJa8YrJlZ19C69sxg%2BCbmT2Ggyk17ydjpbQgIaCHB4uQ1M8LqGhmBhY8E26EFS4vj%2F6d6th4aQegGywXbHP"}],"group":"cf-nel"}
x-amz-request-id
5A008AE798A0CA43
cache-control
max-age=1800
cf-request-id
08c060d1d700002b41e380d000000001
accept-ranges
bytes
content-type
image/png
copy1-bannermobile.svg
lp.clevernetwork.pt/pokerstars/aa/imgs/ Frame 3493
13 KB
5 KB
Image
General
Full URL
https://lp.clevernetwork.pt/pokerstars/aa/imgs/copy1-bannermobile.svg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1760cd328d3f336d3501133d9ecdf357483011c1d8f06be2a773ee394c142718

Request headers

Referer
https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1366
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
BA3DFD0AA442E943
x-amz-id-2
3TnPRgwlEZcw+1pfzF92N1FKRR5cIphz6QqFyFpcS0KtN/TxLwc5sz7mANLtYIyYQvNOJLB618s=
last-modified
Thu, 18 Feb 2021 11:54:26 GMT
server
cloudflare
etag
W/"5f5445912d9549b9e290e44d55e5ff54"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WjOvnP00k44Soq0C4K6H8hE5%2BNQFXhIWBpAgvqKde2QIOZ3PdrXnmL%2BTZlNKeZeWfc6soPOrWyEgICma1FPLjZioaUnf9ZSNCOBVWeamrn4eFoszIXlkP4W%2FL067KguH"}],"group":"cf-nel"}
content-type
image/svg+xml
cache-control
max-age=1800
cf-request-id
08c060d1d900002b419dbae000000001
cf-ray
62e0d0c95e352b41-FRA
copy1-mobile.svg
lp.clevernetwork.pt/pokerstars/aa/imgs/ Frame 3493
10 KB
4 KB
Image
General
Full URL
https://lp.clevernetwork.pt/pokerstars/aa/imgs/copy1-mobile.svg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1536a4fcb5484555abbe06364bdcc0715a7ad07cdd81dea52fc0cb459bf216b7

Request headers

Referer
https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1366
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
2F5C57DA65F18E28
x-amz-id-2
RMz4zUYJiTek827NqSErS6zHVulX6eg1JksQDAQTDSnlZgc3H7+3YiOyPXnvYtP/rjMqvouVh8E=
last-modified
Thu, 18 Feb 2021 11:54:26 GMT
server
cloudflare
etag
W/"f51291e7901209034e77976142cfc72f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kf7S6UUqk3HM28BjRRxoPmX9YdFlTppZQYJK%2FFxUpQZKhHNHbHwDw1JwboyjIVTPb82TnCkgxcfuRg3Qus0MIv7%2BMjhMiLikB49RhBowqljqY0BqwaT6WuklB3WHYjYS"}],"group":"cf-nel"}
content-type
image/svg+xml
cache-control
max-age=1800
cf-request-id
08c060d1d900002b41e4862000000001
cf-ray
62e0d0c95e362b41-FRA
copy1-Interstitial.svg
lp.clevernetwork.pt/pokerstars/aa/imgs/ Frame 3493
12 KB
4 KB
Image
General
Full URL
https://lp.clevernetwork.pt/pokerstars/aa/imgs/copy1-Interstitial.svg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c1aa1fc1b2c3981ac9d3d98fa124a90a6261986aa520225d1ffe027f8fa1ec0

Request headers

Referer
https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1366
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
69FFBDCD4B660FA6
x-amz-id-2
AodlDJW/518oyc9sh4FqxAyxsiv9qjpzcXEmG9qHbZNmt11BFfq5ySpW46x3Zsf27xr1N5zykAA=
last-modified
Thu, 18 Feb 2021 11:54:26 GMT
server
cloudflare
etag
W/"efc9661aad028e1bd55e561bdd8da455"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NHjwwGhjf%2FXQBrNYCc9eFLlSL%2BFy3L%2Ba9C%2BFNLIkSyzDAJ9bsHPcRQ4ux%2FFSW%2F01bPCpu0qc2H0%2FdrFJVpJG63VrYZKU2Haa2wlCZlTYe2jbZs3SmriLeoihsWybFhMm"}],"group":"cf-nel"}
content-type
image/svg+xml
cache-control
max-age=1800
cf-request-id
08c060d1df00002b41cebc6000000001
cf-ray
62e0d0c95e372b41-FRA
copy2-Interstitial.svg
lp.clevernetwork.pt/pokerstars/aa/imgs/ Frame 3493
9 KB
4 KB
Image
General
Full URL
https://lp.clevernetwork.pt/pokerstars/aa/imgs/copy2-Interstitial.svg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53738c67f8690689a3a6b8eacba10507214031bb2f533133d05d202b080e1e58

Request headers

Referer
https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1366
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
300C12F3D571D475
x-amz-id-2
uHVv2CLzBJgAljYbsjWNB8TBF/U4ZDylGTJp3lQAZ6E/0ABHS/H7HSjrSjYW0xSAliwTmi3H1e0=
last-modified
Thu, 18 Feb 2021 11:54:26 GMT
server
cloudflare
etag
W/"e1ad1a0b652586cf0558a24e5b9265e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wUsOhAev1C0o9MwPMvcLLFci4RhbDVclnk0kz7HJtBry4xynOjO5qQ%2FYNUeaDuGVWimpMP%2BjO79lNDh1M2ztz65lWFPH%2BuG0ZYBAGTLxXHCQiNWsKy6ASjcxN8NzDBqW"}],"group":"cf-nel"}
content-type
image/svg+xml
cache-control
max-age=1800
cf-request-id
08c060d1da00002b418eb4f000000001
cf-ray
62e0d0c95e382b41-FRA
copy3.svg
lp.clevernetwork.pt/pokerstars/aa/imgs/ Frame 3493
36 KB
7 KB
Image
General
Full URL
https://lp.clevernetwork.pt/pokerstars/aa/imgs/copy3.svg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b16975fe48dabe2e4674d67d3541badf178ed468241a34c1c6631b5a71e573c0

Request headers

Referer
https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1366
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
662430A65ADE8C49
x-amz-id-2
3kh3qcLXXaQLBbTy1Sl+7hlPNYS0CRbBNh7MgD/R/SDPRWT0vN3GTKxzqU3oiW+kYT9Zd2EnXZY=
last-modified
Sat, 20 Feb 2021 16:30:36 GMT
server
cloudflare
etag
W/"c78d32fc90a18c43f6d57144bcf0b5da"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8DLZBYXw%2FQD%2B5KJzETAV50C%2BbcA6h%2Fg%2FMoO8OJBg1Yfk1ALpmvCcn%2FV1%2B80TTRpxXHHL%2BqB9eFMrBYdXBHu7cN5wG71t%2FgrUYbVyIcoyFbuPKIRRJLvrTPG4AMWnrKvc"}],"group":"cf-nel"}
content-type
image/svg+xml
cache-control
max-age=1800
cf-request-id
08c060d1da00002b41c9805000000001
cf-ray
62e0d0c95e392b41-FRA
cta.svg
lp.clevernetwork.pt/pokerstars/aa/imgs/ Frame 3493
3 KB
2 KB
Image
General
Full URL
https://lp.clevernetwork.pt/pokerstars/aa/imgs/cta.svg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c0f29539692165c3704acc7f7e2565f01a47f36bfd4938ebf76113b1b49d1eb

Request headers

Referer
https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1366
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
449941FDE6F96494
x-amz-id-2
4ojEsmolgXyJSgaYAcwmz8T3CqE+bZel80lwq9A/d7XHCI8sP9KB9fiXrpCHK0l+Ro5jUNCnnHQ=
last-modified
Thu, 18 Feb 2021 11:54:26 GMT
server
cloudflare
etag
W/"c969960e47c2a5f7629d16407ff624d2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gnF%2FOtVQ9yKIeBUL%2FGPFq2HdY1mAODdGUyipSfOf7Sk4jQkP1e88ih2NN0GefjS%2FnCinYDTM5c%2FoJBJa9fjktA1WmEKn49cgvIetW3krM6C2oGVH3al3jv0aaU1rrjJT"}],"group":"cf-nel"}
content-type
image/svg+xml
cache-control
max-age=1800
cf-request-id
08c060d1da00002b41fa0c7000000001
cf-ray
62e0d0c95e3a2b41-FRA
cta-mobile.svg
lp.clevernetwork.pt/pokerstars/aa/imgs/ Frame 3493
3 KB
2 KB
Image
General
Full URL
https://lp.clevernetwork.pt/pokerstars/aa/imgs/cta-mobile.svg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7db055cbb1d8d048dde5759adefa774ae430836523a466a5e351c69db5220862

Request headers

Referer
https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1366
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
E83A0B3B7F33E413
x-amz-id-2
/KD4XvcBU+nVkIEXS3Mb+LhNzZkKFl1JCWpAwIM3sEamLHhEJkG/1YFbQljk9b642fN21XiNnnM=
last-modified
Thu, 18 Feb 2021 11:54:26 GMT
server
cloudflare
etag
W/"fd02d53e6bde89c52d91248822edba6f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=W%2FuebA%2FikNWjUEFWKd%2F8aVxNNXoyHcbjkR0ciEYkj%2F6d1CEbr1R61nEcOabRQxM8gz%2F6t17wt6LOGbLeusCNoqOHmJpF%2Br13Q85W64gJvdUdsTvmJ%2Fy5B2ImxFY8wDz%2F"}],"group":"cf-nel"}
content-type
image/svg+xml
cache-control
max-age=1800
cf-request-id
08c060d1da00002b418ba8c000000001
cf-ray
62e0d0c95e3b2b41-FRA
steps1-mobile.svg
lp.clevernetwork.pt/pokerstars/aa/imgs/ Frame 3493
83 KB
15 KB
Image
General
Full URL
https://lp.clevernetwork.pt/pokerstars/aa/imgs/steps1-mobile.svg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc420bfbeb7f621a48d230cde485c0d3b86922a107b6d5b8bac405f025d4b206

Request headers

Referer
https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1366
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
1456D1102939CF4B
x-amz-id-2
0VbZJPKb7ewNBka3hLS/0HVPF8gqAzobv0pKQY4zkxtW2lAjnz1RQbGZ+EdWGwF8YqO0Nb+Ga28=
last-modified
Thu, 18 Feb 2021 11:54:26 GMT
server
cloudflare
etag
W/"12e5320899dd41f4174bc9a8d4f8fc01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=no6ZS76TikqTMBqGumyudOxjCiuboHNKTMqKtuhuyaA9wa34D7bW%2FrdU48aEsHUliUVd2Lsz8zMUgs7Q%2Fjxk7MhNJWg0sAUsnXMTA3ka5bA2Xl5L6y1ZTEakdL2r2MrE"}],"group":"cf-nel"}
content-type
image/svg+xml
cache-control
max-age=1800
cf-request-id
08c060d1da00002b410a223000000001
cf-ray
62e0d0c95e3c2b41-FRA
steps1-Interstitial.svg
lp.clevernetwork.pt/pokerstars/aa/imgs/ Frame 3493
82 KB
14 KB
Image
General
Full URL
https://lp.clevernetwork.pt/pokerstars/aa/imgs/steps1-Interstitial.svg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87c34ac385475b568c6186c57988d07ea6ff53848e46194e32a9d0687b34e2aa

Request headers

Referer
https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1366
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
6E842AB5A8B905D9
x-amz-id-2
6+rSm1o5lLVpJ+FLya7qT9KajqkQb75ll2u6Ka19prNaWmJ3XgmL4gRh+5DSUGMRBqIwET5YEFY=
last-modified
Thu, 18 Feb 2021 11:54:26 GMT
server
cloudflare
etag
W/"f57478f63dd3d044e8369215339a8541"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s6ZzVng%2Fj3FNbZTunxEj%2FvkA9k0866R4mgHPaemUhuNSHR%2FQnMmw7Id9qnvuKK83daHho5WVm3hD5p5mAumtBW%2Bykjm%2FHEUVBcNncb0zRPacGsKkGab8KcdIKw%2BlBxIO"}],"group":"cf-nel"}
content-type
image/svg+xml
cache-control
max-age=1800
cf-request-id
08c060d1da00002b41d7194000000001
cf-ray
62e0d0c95e3d2b41-FRA
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ Frame 3493
12 KB
5 KB
Script
General
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://lp.clevernetwork.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
cf-request-id
08c060d1ed00004e132d1f4000000001
last-modified
Thu, 04 Mar 2021 10:30:05 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"6040b6ad-3016"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cPKEifYed3y0s1DcfopwQuCHyenzivL3GyVc%2FBZkgZOxA%2BnolYd3QIqIUFbqkd%2Bwe7ZznOJAD%2BnHKPdo6QNAPbIkKMTCTg5FQbvQ%2FRttkvcM%2BYRWyXEbpUaOzDm8UMkE"}]}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
62e0d0c97c3d4e13-FRA
expires
Sat, 13 Mar 2021 00:55:09 GMT
css
fonts.googleapis.com/ Frame 3493
7 KB
759 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/style.css?v=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ebdb2a9839cc6fbf9a05e4282c7d6e7a965f0165a7c84909d9770c1028a1ce8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://lp.clevernetwork.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 11 Mar 2021 00:28:50 GMT
server
ESF
date
Thu, 11 Mar 2021 00:55:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 Mar 2021 00:55:09 GMT
bg-bannermobile.jpg
lp.clevernetwork.pt/pokerstars/aa/imgs/ Frame 3493
9 KB
9 KB
Image
General
Full URL
https://lp.clevernetwork.pt/pokerstars/aa/imgs/bg-bannermobile.jpg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/style.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0809079a0df54cccbea6c5171eb66ced5cb708e24ae9a477939955f68ce37524

Request headers

Referer
https://lp.clevernetwork.pt/pokerstars/aa/style.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:09 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1365
cf-ray
62e0d0c9ae632b41-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9059
x-amz-id-2
i64C108pWcAHnwamDC+B1XrArkRQCxt5JILF8vLgZnef8ciAN7uusaiYvgB5C8zyxnQ+6o4pG5o=
last-modified
Thu, 18 Feb 2021 11:54:26 GMT
server
cloudflare
etag
"805c2bb7cd82577894c350a9bbb17824"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=V8DDm1rxD8QtNKwGZkqBG%2BWGklAwbjn4Bon5Uc%2FfKhB7wa%2BjZX9aRNAHA3IuSTc5z5%2BgOMeaoZViS%2BZga7RhP9NxfHkrtbN5z%2FeX4tUA%2FPBRL7wxqspaGdM8IpuasD4o"}],"group":"cf-nel"}
x-amz-request-id
0F29FC0284D77C33
cache-control
max-age=1800
cf-request-id
08c060d20800002b41c202e000000001
accept-ranges
bytes
content-type
image/jpeg
cf-bgj
h2pri
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 3493
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://lp.clevernetwork.pt
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:24:16 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:47 GMT
server
sffe
age
1853
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14880
x-xss-protection
0
expires
Fri, 11 Mar 2022 00:24:16 GMT
Cookie set /
www.pokerstars.eu/ Frame 973D
Redirect Chain
  • https://secure.starsaffiliateclub.com/C.ashx?btag=a_174457b_2708c_&affid=2356410&siteid=174457&adid=2708&c=SNAAEQARCBBAAWP
  • https://secure.starsaffiliateclub.com/C.ashx?btag=a_174457b_2708c_&affid=2356410&siteid=174457&adid=2708&c=SNAAEQARCBBAAWP&AutoR=1
  • https://www.pokerstars.eu/?btag=a_174457b_2708c_SNAAEQARCBBAAWP
  • https://www.pokerstars.eu/
42 KB
8 KB
Document
General
Full URL
https://www.pokerstars.eu/
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.87.181.72 , Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
Apache /
Resource Hash
ea9e305e3294b9b1075f91e45198cb25f8fe0b03618776c08cf0f37b67c1d605
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Host
www.pokerstars.eu
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://lp.clevernetwork.pt/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://lp.clevernetwork.pt/

Response headers

Date
Thu, 11 Mar 2021 00:55:09 GMT
Server
Apache
Set-Cookie
geoip_country=NL; path=/; domain=www.pokerstars.eu NSC_hfofsbmIptut-8001_xjui_tjhnb4-5=ffffffff0943140945525d5f4f58455e445a4a422971;expires=Thu, 11-Mar-2021 00:57:09 GMT;path=/;secure;httponly
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
7630
Keep-Alive
timeout=5, max=147
Connection
Keep-Alive
Content-Type
text/html
Strict-Transport-Security
max-age=31536000

Redirect headers

Date
Thu, 11 Mar 2021 00:55:09 GMT
Server
Apache
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Expires
0
Set-Cookie
geoip_country=NL; path=/; domain=www.pokerstars.eu sti=NWJ0G34bLDMTAgxocwJhKi0rJC8xMH1UBy4pLX8YJQh2TWc8RUldPS5xayxQDExDVDxBfHVqazxUPW1EVSZ2YTVgaCkTUnJzeDxXZE8uVSVCHFRKTGRjaQh1NW4bF0VyXktQAWQQPWtUSCYrJyo2MH5RBjAkFxxySHQERjRpJzctNGwxfl0SVBceRRBmU0ZYAAhgZXxCWVpbRksJUBg2fkEgLH4RPgl3T2QGLwo%3D; path=/ pti=NWJ0G34bLDMTAgxocwJhKi0rJC8xMH1UBy4pLX8YJQh2TWc8RUldPS5xayxQDExDVDxBfHVqazxUPW1EVSZ2YTVgaCkTUnJzeDxXZE8uVSVCHFRKTGRjaQh1NW4bF0VyXktQAWQQPWtUSCYrJyo2MH5RBjAkFxxySHQERjRpJzctNGwxfl0SVBceRRBmU0ZYAAhgZXxCWVpbRksJUBg2fkEgLH4RPgl3T2QGLwo%3D; path=/; expires=Fri, 11-Mar-2022 00:55:09 GMT promo_ia=a_174457b_2708c_SNAAEQARCBBAAWP; path=/; expires=Fri, 11-Mar-2022 00:55:09 GMT sti2=NWJ0G34bLDMTAgxocwJhKi0rJC8xMH1UBy4pLX8YJQh2TWc8RUldPS5xayxQDExDVDxBfHVqazxUPW1EVSZ2YTVgaCkTUnJzeDxXZE8uVSVCHFRKTGRjaQh1NW4bF0VyXktQAWQQPWtUSCYrJyo2MH5RBjAkFxxySHQERjRpJzctNGwxfl0SVBceRRBmU0ZYAAhgZXxCWVpbRksJUBg2fkEgLH4RPgl3T2QGLwo%3D; domain=.pokerstars.eu; path=/ pti2=NWJ0G34bLDMTAgxocwJhKi0rJC8xMH1UBy4pLX8YJQh2TWc8RUldPS5xayxQDExDVDxBfHVqazxUPW1EVSZ2YTVgaCkTUnJzeDxXZE8uVSVCHFRKTGRjaQh1NW4bF0VyXktQAWQQPWtUSCYrJyo2MH5RBjAkFxxySHQERjRpJzctNGwxfl0SVBceRRBmU0ZYAAhgZXxCWVpbRksJUBg2fkEgLH4RPgl3T2QGLwo%3D; domain=.pokerstars.eu; path=/; expires=Fri, 11-Mar-2022 00:55:09 GMT stiram=NWJ0G34bLDMTAgxocwJhKi0rJC8xMH1UBy4pLX8YJQh2TWc8RUldPS5xayxQDExDVDxBfHVqazxUPW1EVSZ2YTVgaCkTUnJzeDxXZE8uVSVCHFRKTGRjaQhjL3MbdA54F1JPDGQQPXZSTiZ2YTVgaCkTUnJzeDxXZE8uVSVCHEdaTBBCITMqN3N1G34DLDItd20QBwYKT0lZWFo%2BZRNUADQpKH9CVA9yS21VSVNXQRhDTUNyIGVkZw5iTQ1NEQpodgIxLSovJSk3NXxcPQ%3D%3D; domain=pokerstars.eu; path=/ ptiram=NWJ0G34bLDMTAgxocwJhKi0rJC8xMH1UBy4pLX8YJQh2TWc8RUldPS5xayxQDExDVDxBfHVqazxUPW1EVSZ2YTVgaCkTUnJzeDxXZE8uVSVCHFRKTGRjaQhjL3MbdA54F1JPDGQQPXZSTiZ2YTVgaCkTUnJzeDxXZE8uVSVCHEdaTBBCITMqN3N1G34DLDItd20QBwYKT0lZWFo%2BZRNUADQpKH9CVA9yS21VSVNXQRhDTUNyIGVkZw5iTQ1NEQpodgIxLSovJSk3NXxcPQ%3D%3D; domain=pokerstars.eu; path=/; expires=Fri, 11-Mar-2022 00:55:09 GMT NSC_hfofsbmIptut-8001_xjui_tjhnb4-5=ffffffff0943140945525d5f4f58455e445a4a422971;expires=Thu, 11-Mar-2021 00:57:09 GMT;path=/;secure;httponly
Location
https://www.pokerstars.eu/
Keep-Alive
timeout=5, max=148
Connection
Keep-Alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
bg-pushmobile.jpg
lp.clevernetwork.pt/pokerstars/aa/imgs/ Frame 3493
14 KB
15 KB
Image
General
Full URL
https://lp.clevernetwork.pt/pokerstars/aa/imgs/bg-pushmobile.jpg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/style.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc703dab29722d073f46611612fb3475b73ad131ce2113a0505ee34571afad91

Request headers

Referer
https://lp.clevernetwork.pt/pokerstars/aa/style.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:09 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1161
cf-ray
62e0d0cacf122b41-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14692
x-amz-id-2
SycupF7xZcJ+JUHFQo6v8laoA4oNhbqJ082O8dPHYqJLUUE45XmNgdxeZtmo06RGf6xsIMdb4X0=
last-modified
Thu, 18 Feb 2021 11:54:26 GMT
server
cloudflare
etag
"f0dcf95c34e65053e107f1e901bfdb59"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wVYPZPOqfjIYUrvZ%2B3Yje%2FKTYh3gcr9TJTumulIRlSIZfYehjJdu0bKfS3zmhWqYiIv1bs%2BSHHV%2F39O4gXTYQrU9VQ1llJgVos03gzmUeKyL7pFJmkXkBwck7zMuCvG7"}],"group":"cf-nel"}
x-amz-request-id
D81EA2DDBF531DE1
cache-control
max-age=1800
cf-request-id
08c060d2ba00002b418ba92000000001
accept-ranges
bytes
content-type
image/jpeg
cf-bgj
h2pri
bg-pushdown.jpg
lp.clevernetwork.pt/pokerstars/aa/imgs/ Frame 3493
85 KB
86 KB
Image
General
Full URL
https://lp.clevernetwork.pt/pokerstars/aa/imgs/bg-pushdown.jpg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/style.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
315e17341889b49df782825122e591e3b9be6080269cd899049f2a33336d9a4a

Request headers

Referer
https://lp.clevernetwork.pt/pokerstars/aa/style.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:09 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3533
cf-ray
62e0d0cadf242b41-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
87472
x-amz-id-2
aRbp7BcaHmgXEhy1+ZlbCOZwcDgyioHOlUR8m1yHrrxvZ7zz5tXuM7jTrpJcE+VwoYVsJ7ys8sc=
last-modified
Thu, 18 Feb 2021 11:54:26 GMT
server
cloudflare
etag
"0a79740c152cd5134504758708f1d955"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VCmqstaLELOKOPhp2kXv6bJRUppD2YiyLOf8Oo6Lovl%2BGgyQwVVtWk%2B0Uqh76QsiG6Yug9P4m2%2BMsK4mZ0gAuVBC1l3q5012%2BfClVp%2FvnDaHLBiTAG8xBWrTzR7W4r3O"}],"group":"cf-nel"}
x-amz-request-id
17DCD18F57ACDB0D
cache-control
max-age=1800
cf-request-id
08c060d2ca00002b41ab915000000001
accept-ranges
bytes
content-type
image/jpeg
cf-bgj
h2pri
bootstrap.min.css
cmsstorage.rationalcdn.com/assets/ps/assets/common/bootstrap/css/ Frame 973D
21 KB
5 KB
Stylesheet
General
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/bootstrap/css/bootstrap.min.css
Requested by
Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8878fe76a9d5f812136977a768b0292a70190104050ce601f84fd75c92c2f35d

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:09 GMT
content-encoding
gzip
last-modified
Thu, 12 Nov 2015 11:26:08 GMT
server
Apache
etag
"54f2-5245635907400"
ntcoent-length
21746
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
private, max-age=225400
accept-ranges
bytes
content-length
4529
lib.js
cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/ Frame 973D
117 KB
42 KB
Script
General
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/lib.js?v=2
Requested by
Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
70bf070ead0b1c4728fa295b5e98b14cf9b228c8ede128e726d4311654fcc585

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:09 GMT
content-encoding
gzip
last-modified
Mon, 15 Feb 2021 15:15:47 GMT
server
Apache
etag
"1d377-5bb6175da0ec0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
42733
config.js
cmsstorage.rationalcdn.com/assets/ps/assets/data/ps_eu/en-us/ Frame 973D
13 KB
6 KB
Script
General
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/data/ps_eu/en-us/config.js
Requested by
Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
56a58692a9ce6410e6dcf268ebe05e95fbef95ede4c37aae1ad824fdbad6b16e

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:09 GMT
content-encoding
gzip
last-modified
Thu, 04 Feb 2021 15:28:06 GMT
server
Apache
etag
"3520-5ba8459a52d80"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
5708
casino.assetwrapper.js
cmsstorage.rationalcdn.com/assets/psc/assets/common/scripts/cross-ux/ Frame 973D
2 KB
1 KB
Script
General
Full URL
https://cmsstorage.rationalcdn.com/assets/psc/assets/common/scripts/cross-ux/casino.assetwrapper.js
Requested by
Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
64796d852c2396b0cf83789e9047c36eb71ce0226ac63214f453b4548f42e021

Request headers

Origin
https://www.pokerstars.eu
Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:09 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 09:30:51 GMT
server
Apache
etag
"83e-5b62cf2bf68c0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
865
cvl-active.js
cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/cross-ux/ Frame 973D
2 KB
878 B
Script
General
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/cross-ux/cvl-active.js
Requested by
Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
37406e702700804191263694d80f23af99441f8f2add8d30d9c176265c9daa0e

Request headers

Origin
https://www.pokerstars.eu
Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:09 GMT
content-encoding
gzip
last-modified
Mon, 22 May 2017 08:28:36 GMT
server
Apache
etag
"8e8-55018a843b500"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
696
PstrkIdManager.js
cmsstorage.rationalcdn.com/assets/ps/assets/tracking/ Frame 973D
15 KB
5 KB
Script
General
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/tracking/PstrkIdManager.js
Requested by
Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7860b542cd2448a7ff2601a39d8817bf569fe078d2518e40236030abce5310da

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:09 GMT
content-encoding
gzip
last-modified
Mon, 08 Feb 2021 15:55:57 GMT
server
Apache
etag
"3a45-5bad5349c1d40"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
4985
mmcore.js
service.maxymiser.net/cdn/pokerstarseu/js/ Frame 973D
15 KB
6 KB
Script
General
Full URL
https://service.maxymiser.net/cdn/pokerstarseu/js/mmcore.js
Requested by
Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.136.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-136-111.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
00a44a4041102b06c7304b576ed5327f1b9f46a5ef79fb03009c4d974a3c8325

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:09 GMT
content-encoding
gzip
last-modified
Wed, 10 Feb 2021 14:38:49 GMT
server
AkamaiNetStorage
etag
"94a7ee0a7d4a006465eeeb9942553461:1612967930.81822"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
content-length
5907
homepage.css
cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/ Frame 973D
70 KB
13 KB
Stylesheet
General
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Requested by
Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b7e327a33ffec79dd819a9186c549ad959f9f7184d5f9c10faec851b5210c064

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cteonnt-length
71481
date
Thu, 11 Mar 2021 00:55:09 GMT
content-encoding
gzip
last-modified
Tue, 24 Nov 2020 17:13:49 GMT
server
Apache
etag
"11739-5b4dd6f24ad40"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
private, max-age=121067
accept-ranges
bytes
content-length
12788
css
fonts.googleapis.com/ Frame 973D
8 KB
734 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,greek,vietnamese
Requested by
Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae31abd20931ac70ca57381ebeed30009c8343f1fb257f0d90e64b6b137262ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 11 Mar 2021 00:47:58 GMT
server
ESF
date
Thu, 11 Mar 2021 00:55:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 Mar 2021 00:55:09 GMT
ps_eu_en-us.css
cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/overrides/ Frame 973D
119 B
294 B
Stylesheet
General
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/overrides/ps_eu_en-us.css
Requested by
Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d6b343dd44b156260d11cca3b623daad756f879cf3d6524e8c5e30c7bea6d20a

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:09 GMT
content-encoding
gzip
last-modified
Tue, 11 Dec 2018 15:05:56 GMT
server
Apache
etag
"77-57cc06b1a3d00"
ntcoent-length
119
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
private, max-age=490937
accept-ranges
bytes
content-length
108
loading-frame-1.jpg
cmsstorage.rationalcdn.com/assets/ps/assets/common/videos/ Frame 973D
95 KB
95 KB
Image
General
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/videos/loading-frame-1.jpg
Requested by
Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
063d8d9dd28ae87cfa41724da6afe5931c3dccb4b7f8f04cafb51efe8eff5393

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:09 GMT
last-modified
Mon, 18 Jan 2021 17:20:54 GMT
server
Apache
etag
"17c76-5b92ff1bf4980"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
97398
community-twitch.jpg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/global-one-col/ Frame 973D
40 KB
40 KB
Image
General
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/global-one-col/community-twitch.jpg
Requested by
Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d8453c0d4be5e4379a0620dc5c8a7a1d3a410a5f78ba0c379c5b840f7d9ae19c

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:09 GMT
last-modified
Tue, 20 Oct 2020 07:12:00 GMT
server
Apache
etag
"a044-5b214f26ef000"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
41028
community-ambassadors.jpg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/global-one-col/ Frame 973D
156 KB
156 KB
Image
General
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/global-one-col/community-ambassadors.jpg
Requested by
Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8461d16dc5f56ee0d99897735abac9c47be6d3808e47a967ba546f69b89a2215

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:10 GMT
last-modified
Mon, 25 Jan 2021 15:08:45 GMT
server
Apache
etag
"26f32-5b9baea07f940"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
159538
facebook.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/ Frame 973D
2 KB
1 KB
Image
General
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/facebook.svg
Requested by
Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6aa11e842888cd75c787ba6e59d03d8139f93af3da4876c39b7d1600124a126c

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:10 GMT
content-encoding
gzip
last-modified
Tue, 27 Nov 2018 11:38:33 GMT
server
Apache
etag
"774-57ba3e3a9e040"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
913
twitter.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/ Frame 973D
3 KB
1 KB
Image
General
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/twitter.svg
Requested by
Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5ff86f271c2c50f1074477420ba9679ed243b281f5cfb7f66129bdf5eea43c24

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:10 GMT
content-encoding
gzip
last-modified
Tue, 27 Nov 2018 11:38:34 GMT
server
Apache
etag
"a1a-57ba3e3b92280"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
1080
youtube.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/ Frame 973D
1 KB
895 B
Image
General
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/youtube.svg
Requested by
Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3bca67455c27a03bbaa0a91d29cbf8d2080c9c46e81f914d380528dd2e8c23cb

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:10 GMT
content-encoding
gzip
last-modified
Tue, 27 Nov 2018 12:48:01 GMT
server
Apache
etag
"573-57ba4dc188240"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
718
twitch.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/ Frame 973D
2 KB
1 KB
Image
General
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/twitch.svg
Requested by
Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4bfcd81b1c8cb16dbef3943b9e226283221681bd87a4ebd2ffd169bcd9586597

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:10 GMT
content-encoding
gzip
last-modified
Tue, 27 Nov 2018 11:38:34 GMT
server
Apache
etag
"8cb-57ba3e3b92280"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
993
instagram.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/ Frame 973D
2 KB
1 KB
Image
General
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/instagram.svg
Requested by
Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
de2d174b8956ce02c80601c3f05b3033fd83b4607df0b2700b919d9d12653365

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:10 GMT
content-encoding
gzip
last-modified
Tue, 27 Nov 2018 11:38:33 GMT
server
Apache
etag
"6b7-57ba3e3a9e040"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
899
starscrm.config.json
starscrm.com/ Frame 973D
77 B
429 B
XHR
General
Full URL
https://starscrm.com/starscrm.config.json?bust=1615424109959
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/psc/assets/common/scripts/cross-ux/casino.assetwrapper.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.87.179.68 Onchan, Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
Apache /
Resource Hash
0977875c5974eb789be0e9ffe818ec53a6c9a67cb9a22390b618b8316e9a5c5a

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:10 GMT
Last-Modified
Tue, 19 Jan 2021 15:53:51 GMT
Server
Apache
MyHeader
member143
ETag
"4d-5b942d84601c0"
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With
Content-Length
77
Keep-Alive
timeout=15, max=170
tag.js
s.btstatic.com/ Frame 973D
34 KB
13 KB
Script
General
Full URL
https://s.btstatic.com/tag.js
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/tracking/PstrkIdManager.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.17.187.116 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-187-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
03f57788464aacc762395c050df417bcab6f9f8159c15e237fbec864c93895c0

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:10 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Dec 2020 19:32:39 GMT
Server
nginx
Vary
Accept-Encoding
P3P
CP=NOI DSP COR NID
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
12487
js
pixel.mathtag.com/sync/ Frame 973D
252 B
722 B
Script
General
Full URL
https://pixel.mathtag.com/sync/js?cs_jsonp=pstrkIdManager.mmUuidSync&mt_nsync=1
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/tracking/PstrkIdManager.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-207.deploy.static.akamaitechnologies.com
Software
MT3 3611 f10363c master cdg-pixel-x27 /
Resource Hash
6597ce6eb365c2b6270851e541b54bb0d50774c9082ea529639d16b8311fb452

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:10 GMT
Server
MT3 3611 f10363c master cdg-pixel-x27
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
252
Expires
Thu, 11 Mar 2021 00:55:54 GMT
/
service.maxymiser.net/cg/v5/ Frame 973D
81 B
335 B
Script
General
Full URL
https://service.maxymiser.net/cg/v5/?fv=dmn%3Dpokerstars.eu%3Bref%3Dhttps%253A%252F%252Flp.clevernetwork.pt%252F%3Burl%3Dhttps%253A%252F%252Fwww.pokerstars.eu%252F%3Bscrw%3D1600%3Bscrh%3D1200%3Bclrd%3D24%3Bcok%3D0&lver=1.18&jsncl=mmRequestCallbacks%5B1%5D&ri=1&lto=60&jrt=s
Requested by
Host: service.maxymiser.net
URL: https://service.maxymiser.net/cdn/pokerstarseu/js/mmcore.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.136.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-136-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
13c2341b441b258bd27d374aeeda9ddc3ac6f3b34c6da8d36756dcb629bf78b5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 00:55:09 GMT
x-content-type-options
nosniff
last-modified
03/11/2021 00:55:09
server
nginx
p3p
CP="DEV IND NOI OTC OUR PSA PSD"
cache-control
no-store, no-cache, must-revalidate,post-check=0, pre-check=0
content-type
text/javascript; charset=utf-8
content-length
81
expires
Sun, 06 Jan 1980 01:00:00 GMT
require.min.js
cashier.rationalcdn.com/common/libs-2.1.20/ Frame 973D
15 KB
6 KB
Script
General
Full URL
https://cashier.rationalcdn.com/common/libs-2.1.20/require.min.js
Requested by
Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-74-148.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
14a4c5164ea7f47bccc702e8e5744681e8aa0a21d513a820e231f3d921e14c0b

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:10 GMT
content-encoding
gzip
last-modified
Sun, 04 Sep 2016 11:39:34 GMT
server
Apache
etag
"3cc8-53bad04796980"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With
content-length
6356
languages.xml
cmsstorage.rationalcdn.com/assets/ps/assets/data/ps_eu/ Frame 973D
873 B
460 B
XHR
General
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/data/ps_eu/languages.xml?&sid=0.5840221109159789
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c6efa78726a5e3d7a90a6d12e2d24be3bc1e01b7396460430cbca38627c6fe3b

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:10 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 09:42:27 GMT
server
Apache
etag
"369-59d58466106c0"
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
283
poker-txt-v2.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/360/ Frame 973D
1 KB
887 B
Image
General
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/360/poker-txt-v2.svg
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
357a9f9be68be9e860cd648f2edee77a8d1b2dbcdab6659afe983ede2db5229b

Request headers

Referer
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:10 GMT
content-encoding
gzip
last-modified
Tue, 28 Apr 2020 09:38:27 GMT
server
Apache
etag
"542-5a45697f34ac0"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
711
casino-txt-v2.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/360/ Frame 973D
1 KB
985 B
Image
General
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/360/casino-txt-v2.svg
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e4e5ba893ca49051e5a82e47c800e2e6caab9c96505d58ebc2ccb5ff099032fc

Request headers

Referer
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:10 GMT
content-encoding
gzip
last-modified
Tue, 28 Apr 2020 09:38:27 GMT
server
Apache
etag
"575-5a45697f34ac0"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
808
sports-txt-v2.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/360/ Frame 973D
2 KB
1 KB
Image
General
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/360/sports-txt-v2.svg
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
df28e74af5e5c9edd4508a8964586703c5760f3b6899ab13750bee9412310eb9

Request headers

Referer
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:10 GMT
content-encoding
gzip
last-modified
Tue, 28 Apr 2020 09:38:27 GMT
server
Apache
etag
"6b3-5a45697f34ac0"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
871
bars.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/ Frame 973D
1 KB
642 B
Image
General
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/bars.svg
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c714ebb416fa0b15b725220bca8fbe1cbe2899605b8ef833f1de1f4f66169122

Request headers

Referer
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:10 GMT
content-encoding
gzip
last-modified
Fri, 27 Jul 2018 08:53:19 GMT
server
Apache
etag
"501-571f73e431dc0"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
465
poker-m.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/ Frame 973D
2 KB
940 B
Image
General
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/poker-m.svg
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dbad85147b47c3c3e23ec704c9e572676c3b4481eff7e77b6765fea11f252b9d

Request headers

Referer
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:10 GMT
content-encoding
gzip
last-modified
Fri, 27 Jul 2018 09:08:36 GMT
server
Apache
etag
"69c-571f774eb6d00"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
763
close-black.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/ Frame 973D
1 KB
774 B
Image
General
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/close-black.svg
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c65c4b1dcc3c11c6915571a25e4fe32162717f669d2cfa28517285b17bf2cdc6

Request headers

Referer
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:10 GMT
content-encoding
gzip
last-modified
Fri, 27 Jul 2018 08:53:19 GMT
server
Apache
etag
"54b-571f73e431dc0"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
597
close.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/ Frame 973D
1 KB
775 B
Image
General
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/close.svg
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
37dd1e25d8ce3db5ce2d3a76064ee6063058bbd5f1555ea55ad002d083402dc7

Request headers

Referer
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:10 GMT
content-encoding
gzip
last-modified
Wed, 25 Apr 2018 14:08:23 GMT
server
Apache
etag
"54b-56aaccdc963c0"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
598
poker.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/360/ Frame 973D
3 KB
2 KB
Image
General
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/360/poker.svg
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
137e4d3d675eaf33f19407ccb1b72948d5669883329c020103f551c7a463fc4f

Request headers

Referer
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:10 GMT
content-encoding
gzip
last-modified
Tue, 21 Jan 2020 09:18:30 GMT
server
Apache
etag
"c82-59ca2e427c580"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
1380
poker-txt.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/360/ Frame 973D
1 KB
944 B
Image
General
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/360/poker-txt.svg
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
aa1158b44f51119c26a4cdc3be24e7180797346aa5d835d7e61dad271cb59f59

Request headers

Referer
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:10 GMT
content-encoding
gzip
last-modified
Fri, 24 Jan 2020 13:59:32 GMT
server
Apache
etag
"5a2-59ce32abb9900"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
767
casino-txt.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/360/ Frame 973D
1 KB
1 KB
Image
General
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/360/casino-txt.svg
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fa077f324b5f296d626561e5ee83b7c393e224f2ce5580f1f27befc411b6297a

Request headers

Referer
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:10 GMT
content-encoding
gzip
last-modified
Fri, 24 Jan 2020 14:00:12 GMT
server
Apache
etag
"5da-59ce32d1df300"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
858
sports-txt.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/360/ Frame 973D
2 KB
1 KB
Image
General
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/360/sports-txt.svg
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2703733c5cba99ca399ca5f3fd76472ff518fb36fd5bba427dbea8dc233f44cc

Request headers

Referer
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:10 GMT
content-encoding
gzip
last-modified
Fri, 24 Jan 2020 14:01:46 GMT
server
Apache
etag
"713-59ce332b84680"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
870
questionmark.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/ Frame 973D
1 KB
932 B
Image
General
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/questionmark.svg
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9758131604411364017f6f7e517a004fd46c54ff8dc605d4c2af7ee42e2a8400

Request headers

Referer
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:10 GMT
content-encoding
gzip
last-modified
Fri, 27 Jul 2018 08:53:19 GMT
server
Apache
etag
"594-571f73e431dc0"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
755
right-arrow.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/ Frame 973D
1 KB
813 B
Image
General
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/right-arrow.svg
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
781f29dcc6e03cbf0c62e3a9b0956dd06447878e5e0ed38ed349fabcd9c4b2d4

Request headers

Referer
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:10 GMT
content-encoding
gzip
last-modified
Fri, 27 Jul 2018 08:53:19 GMT
server
Apache
etag
"537-571f73e431dc0"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
636
down-arrow.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/ Frame 973D
1 KB
814 B
Image
General
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/down-arrow.svg
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bd205ffe59aa5dbad8d578251c5f0a3af93f88dafaa33628f00d99ffc3eca7c4

Request headers

Referer
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:10 GMT
content-encoding
gzip
last-modified
Fri, 27 Jul 2018 08:53:19 GMT
server
Apache
etag
"533-571f73e431dc0"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
637
footer-small.png
s4.rationalcdn.com/img/bg/estate/ Frame 973D
462 KB
464 KB
Image
General
Full URL
https://s4.rationalcdn.com/img/bg/estate/footer-small.png
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-74-148.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
433674676291fa4acfb1be7f6e458c43afc5f44d96ddba17e0a186677c75ab0b

Request headers

Referer
https://cmsstorage.rationalcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:10 GMT
last-modified
Thu, 29 Oct 2020 15:56:14 GMT
server
AkamaiNetStorage
etag
"994388838ca4d2b47dda0d453731e187:1603986974.361162"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
473455
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 973D
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,greek,vietnamese
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.pokerstars.eu
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 19:52:31 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:00 GMT
server
sffe
age
18159
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
expires
Thu, 10 Mar 2022 19:52:31 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 973D
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,greek,vietnamese
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.pokerstars.eu
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 22:41:50 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:55 GMT
server
sffe
age
8000
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15784
x-xss-protection
0
expires
Thu, 10 Mar 2022 22:41:50 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 973D
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,greek,vietnamese
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.pokerstars.eu
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 18:27:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:37 GMT
server
sffe
age
196051
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15872
x-xss-protection
0
expires
Tue, 08 Mar 2022 18:27:39 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 973D
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,greek,vietnamese
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.pokerstars.eu
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 18:51:47 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:36 GMT
server
sffe
age
194603
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15736
x-xss-protection
0
expires
Tue, 08 Mar 2022 18:51:47 GMT
resolveurls
ram.pokerstars.eu/ram/info/ Frame 973D
143 B
975 B
XHR
General
Full URL
https://ram.pokerstars.eu/ram/info/resolveurls?tag=starsrewards_widgetservice
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/cross-ux/cvl-active.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.87.179.149 Onchan, Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
app server /
Resource Hash
33fced4e196b8568ac416675e55f9fdbd36cc9c69ade70f52a527c4d28ce2f75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache, no-store
Access-Control-Allow-Headers
Content-Type
Server
app server
Date
Thu, 11 Mar 2021 00:55:09 GMT
X-Frame-Options
DENY
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://www.pokerstars.eu
Cache-Control
private, no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=60
Expires
-86400
homepage-casino-royale.mp4
cmsstorage.rationalcdn.com/assets/ps/assets/common/videos/ Frame 973D
5 MB
5 MB
Media
General
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/videos/homepage-casino-royale.mp4
Requested by
Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c15c5491059d973562247f8126972afc1ba58eee0f4ae29a12b77e83224adf68

Request headers

Referer
https://www.pokerstars.eu/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 11 Mar 2021 00:55:10 GMT
last-modified
Mon, 18 Jan 2021 17:03:33 GMT
server
Apache
access-control-allow-origin
*
etag
"485b89-5b92fb3b2e340"
content-type
video/mp4
Content-Range
bytes 0-4742024/4742025
cache-control
public, max-age=84600
accept-ranges
bytes
Content-Length
4742025
bundle-prod.min.js
cashier.rationalcdn.com/starscrm/2.1.37/ Frame 973D
189 KB
62 KB
Script
General
Full URL
https://cashier.rationalcdn.com/starscrm/2.1.37/bundle-prod.min.js
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/psc/assets/common/scripts/cross-ux/casino.assetwrapper.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-74-148.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
edb0e4cf9be90dfbe2da6e6415afb682a484cfeba0869c89a94345e2ba0ae3a0

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:10 GMT
content-encoding
gzip
last-modified
Tue, 19 Jan 2021 15:53:51 GMT
server
Apache
etag
"2f447-5b942d84601c0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With
content-length
63286
summary.json.js
www.psimg.com/datafeed/dyn_banners/ Frame 973D
526 B
837 B
Script
General
Full URL
https://www.psimg.com/datafeed/dyn_banners/summary.json.js?callback=netcount
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.87.180.198 , Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
Apache /
Resource Hash
10c91b608c04301346f7b7af371bb3d832659df935884796dc30647c46d713a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Mar 2021 00:54:49 GMT
Server
Apache
ETag
"20e-5bd383b061571-gzip"
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=143
Content-Length
277
tag
s.thebrighttag.com/ Frame 973D
34 KB
7 KB
Script
General
Full URL
https://s.thebrighttag.com/tag?site=G58M8eX&referrer=https%3A%2F%2Fwww.pokerstars.eu%2F&docReferrer=https%3A%2F%2Flp.clevernetwork.pt%2F&H=-35niau0
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7d3dc2b66cb88ddf9888e885a03a236b515cb7e0de4f9542644a7ad6e8ee65d7

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:10 GMT
content-encoding
gzip
Server
nginx
ETag
bc1057ab45c9234c623bc33ec3aa230f
P3P
CP=NOI DSP COR NID
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Type
text/javascript
Content-Length
6505
X-BT-RequestId
6e3e5170-8204-11eb-98c5-0000ac1508e4
ram-config.js
ram.pokerstars.eu/ Frame 973D
1 KB
2 KB
Script
General
Full URL
https://ram.pokerstars.eu/ram-config.js
Requested by
Host: cashier.rationalcdn.com
URL: https://cashier.rationalcdn.com/common/libs-2.1.20/require.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.87.179.149 Onchan, Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
Apache /
Resource Hash
22ff6b53dc60a7ec3f1ad5621c3558d6a9aeb2a5cb8ef9914db8b98987d5d1cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:10 GMT
Last-Modified
Tue, 02 Mar 2021 15:22:36 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
application/x-javascript
Connection
Keep-Alive
MyHeader
member143
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=190
Content-Length
1187
resolveurls
ram.pokerstars.eu/ram/info/ Frame 973D
131 B
963 B
XHR
General
Full URL
https://ram.pokerstars.eu/ram/info/resolveurls?tag=starsrewards_widget
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/cross-ux/cvl-active.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.87.179.149 Onchan, Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
app server /
Resource Hash
327d787d84d02c84f75a9b130f7e778bb25ab8994fdd3b6ed2665667fdbe27fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache, no-store
Access-Control-Allow-Headers
Content-Type
Server
app server
Date
Thu, 11 Mar 2021 00:55:09 GMT
X-Frame-Options
DENY
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://www.pokerstars.eu
Cache-Control
private, no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=60
Expires
-86400
srwrds-path.js
rewards.starsaccount.com/widget/ Frame 973D
75 B
347 B
XHR
General
Full URL
https://rewards.starsaccount.com/widget/srwrds-path.js
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/cross-ux/cvl-active.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.87.178.197 , Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
Apache /
Resource Hash
f77f0ca0a011af69f54c878b3c3d7501b7d2b73ef0cf146829f2e5c90d532445

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:10 GMT
Last-Modified
Thu, 14 Jan 2021 13:07:31 GMT
Server
Apache
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Connection
close
MyHeader
member143
Accept-Ranges
bytes
Content-Length
75
rewards-widget.min.js
cashier.rationalcdn.com/widget/2.0.259/ Frame 973D
254 KB
69 KB
Script
General
Full URL
https://cashier.rationalcdn.com/widget/2.0.259/rewards-widget.min.js
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/cross-ux/cvl-active.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-74-148.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3549c3b2c33fc2f981c8349b96c348a44cba698450525533be7d16fb97b205ec

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:10 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 19:58:39 GMT
server
Apache
etag
"3f810-5bb14f21bc8c3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With
content-length
69865
css
fonts.googleapis.com/ Frame 973D
7 KB
762 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700&subset=cyrillic,greek
Requested by
Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a89fc8b93ffad843dd466830b83527543c50d90dad2a2a10bd53dd34dc3711e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 11 Mar 2021 00:35:04 GMT
server
ESF
date
Thu, 11 Mar 2021 00:55:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 Mar 2021 00:55:10 GMT
a0e0a2ff7ef8bd1133b01d9a743feb46beda5723.js
s.btstatic.com/lib/ Frame 973D
40 KB
4 KB
Script
General
Full URL
https://s.btstatic.com/lib/a0e0a2ff7ef8bd1133b01d9a743feb46beda5723.js?v=2
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.17.187.116 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-187-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
62d354ffc611b04d6f424a170012a988fefe4618084f17c78a529c4408f46285

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
Date
Thu, 11 Mar 2021 00:55:10 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Jan 2021 15:48:35 GMT
Server
nginx
ETag
"d3c668fbc6a8b84cc3cdf91b0af1b3b3"
Vary
Accept-Encoding
P3P
CP=NOI DSP COR NID
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
3617
vendor.js
cashier.rationalcdn.com/ram/2.2.47/ Frame 973D
208 KB
71 KB
Script
General
Full URL
https://cashier.rationalcdn.com/ram/2.2.47/vendor.js
Requested by
Host: cashier.rationalcdn.com
URL: https://cashier.rationalcdn.com/common/libs-2.1.20/require.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-74-148.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7836cf85eaa098ab43a96109a682e08f077eba5ee7451866040d47417724d6bb

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:10 GMT
content-encoding
gzip
last-modified
Thu, 25 Feb 2021 16:00:47 GMT
server
Apache
etag
"33f84-5bc2b41333881"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With
content-length
72739
analytics.js
www.google-analytics.com/ Frame 973D
46 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/lib/a0e0a2ff7ef8bd1133b01d9a743feb46beda5723.js?v=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
3155
date
Thu, 11 Mar 2021 00:02:35 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Thu, 11 Mar 2021 02:02:35 GMT
trk.core.idm.js
www.psimg.com/ga/ Frame 973D
16 KB
6 KB
Script
General
Full URL
https://www.psimg.com/ga/trk.core.idm.js
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/lib/a0e0a2ff7ef8bd1133b01d9a743feb46beda5723.js?v=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.87.180.198 , Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
Apache /
Resource Hash
cace0a2687006def3765aa8443ffc58d003a1897b6d69abcff0d4a3112c45ec3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Aug 2020 13:38:58 GMT
Server
Apache
ETag
"4090-5ac8613a6e94f-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=249
Content-Length
6009
83539b7e8cea2296f498f1910b4810156f08e280.js
s.btstatic.com/lib/ Frame 973D
1 KB
654 B
Script
General
Full URL
https://s.btstatic.com/lib/83539b7e8cea2296f498f1910b4810156f08e280.js?v=2
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.17.187.116 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-187-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
71d5e02da18d269fd345e5741358606a56af9c4709a53185242d5989b78abc1c

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:10 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Mar 2019 17:13:53 GMT
Server
nginx
ETag
"3d9b2a273f38ae9a6f683c41a0590a20"
Vary
Accept-Encoding
P3P
CP=NOI DSP COR NID
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
292
b2e63ccb7863279b58e183884d5de07935db8fc9.js
s.btstatic.com/lib/ Frame 973D
165 B
507 B
Script
General
Full URL
https://s.btstatic.com/lib/b2e63ccb7863279b58e183884d5de07935db8fc9.js?v=2
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.17.187.116 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-187-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c452dbda60c56a8e6583f9d582b02c1a7bd39e437bf137bf076cd41bd9725533

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:10 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Mar 2019 17:15:21 GMT
Server
nginx
ETag
"26753accd559a9a1bc40c1444e8a299f"
Vary
Accept-Encoding
P3P
CP=NOI DSP COR NID
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
145
ram.js
cashier.rationalcdn.com/ram/2.2.47/ Frame 973D
2 MB
416 KB
Script
General
Full URL
https://cashier.rationalcdn.com/ram/2.2.47/ram.js
Requested by
Host: cashier.rationalcdn.com
URL: https://cashier.rationalcdn.com/common/libs-2.1.20/require.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-74-148.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
923920a271ecace64fbb9b2a62cc13c005a17cd651540557358b653fccc6b037

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:10 GMT
content-encoding
gzip
last-modified
Thu, 25 Feb 2021 16:00:47 GMT
server
Apache
etag
"1bebd7-5bc2b413330b1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With
content-length
424958
a9f6f2226caa736f24989b8d804c241eb722c9e5.js
s.btstatic.com/lib/ Frame 973D
159 B
507 B
Script
General
Full URL
https://s.btstatic.com/lib/a9f6f2226caa736f24989b8d804c241eb722c9e5.js?v=2
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.17.187.116 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-187-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2d2602ee72623f30e96034575c2ee454a48f24338bf5bd40c6e09d877be41696

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:10 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Mar 2019 17:15:04 GMT
Server
nginx
ETag
"153af72ab81781c27284642861df8d85"
Vary
Accept-Encoding
P3P
CP=NOI DSP COR NID
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
145
BrightTag.jquery-1.5.1.js
s.btstatic.com/ Frame 973D
82 KB
29 KB
Script
General
Full URL
https://s.btstatic.com/BrightTag.jquery-1.5.1.js
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.17.187.116 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-187-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1d878d54b9a998f52c94a6956310423cba9996302c42f60d9b7fe81da51992c7

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Mar 2021 16:29:08 GMT
Server
nginx
Vary
Accept-Encoding
P3P
CP=NOI DSP COR NID
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
29695
css
fonts.googleapis.com/ Frame 973D
8 KB
734 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Requested by
Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae31abd20931ac70ca57381ebeed30009c8343f1fb257f0d90e64b6b137262ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 11 Mar 2021 00:41:59 GMT
server
ESF
date
Thu, 11 Mar 2021 00:55:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 Mar 2021 00:55:10 GMT
en.js
cashier.rationalcdn.com/ram/2.2.47/i18n/locales/ Frame 973D
310 KB
85 KB
Script
General
Full URL
https://cashier.rationalcdn.com/ram/2.2.47/i18n/locales/en.js
Requested by
Host: cashier.rationalcdn.com
URL: https://cashier.rationalcdn.com/ram/2.2.47/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-74-148.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
128fbaa9e18cacff8b560ee5e1ddaf8b8646904a2195b85ccc8030006b91ed2f

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:10 GMT
content-encoding
gzip
last-modified
Thu, 25 Feb 2021 16:00:47 GMT
server
Apache
etag
"4d690-5bc2b41336761"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With
content-length
86974
resolvesite
ram.pokerstars.eu/ram/info/ Frame 973D
567 B
1 KB
XHR
General
Full URL
https://ram.pokerstars.eu/ram/info/resolvesite
Requested by
Host: cashier.rationalcdn.com
URL: https://cashier.rationalcdn.com/ram/2.2.47/vendor.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.87.179.149 Onchan, Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
app server /
Resource Hash
f868f7272a6343236c494e22590d72775e956ce48b403b5fe7da3d3b887b321a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache, no-store
Access-Control-Allow-Headers
Content-Type
Server
app server
Date
Thu, 11 Mar 2021 00:55:10 GMT
X-Frame-Options
DENY
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://www.pokerstars.eu
Cache-Control
private, no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=60
Expires
-86400
js
pixel.mathtag.com/event/ Frame 973D
597 B
921 B
Script
General
Full URL
https://pixel.mathtag.com/event/js?mt_id=398041&mt_adid=117394&
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-207.deploy.static.akamaitechnologies.com
Software
MT3 3611 f10363c master cdg-pixel-x28 /
Resource Hash
a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:11 GMT
Server
MT3 3611 f10363c master cdg-pixel-x28
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
597
Expires
Thu, 11 Mar 2021 00:55:55 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 973D
91 KB
23 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
mLFDm0xfDfqGXANQorQbwT9aNQuKMexvYplH58M1tbbKM1a7gMq61x98CKhdd395BGljhKrCX6kOKHiOyLCprA==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 11 Mar 2021 00:55:11 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
origin-trial
AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
priority
u=3,i
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
6859decf69.js
cdn.tradelab.fr/tag/ Frame 973D
16 KB
6 KB
Script
General
Full URL
https://cdn.tradelab.fr/tag/6859decf69.js
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (amc/BC93) /
Resource Hash
381328efe0f3a184401768b1d6f253af88b06961bf3d7caed91f66d9b70bc5ae

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:11 GMT
content-encoding
gzip
last-modified
Mon, 01 Feb 2021 15:23:52 GMT
server
ECAcc (amc/BC93)
age
724
etag
"3f77-5ba47f0ff127a-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length
5369
expires
Thu, 11 Mar 2021 01:25:11 GMT
activityi;dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F
8954552.fls.doubleclick.net/ Frame 7E2A
Redirect Chain
  • https://8954552.fls.doubleclick.net/activityi;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F
  • https://8954552.fls.doubleclick.net/activityi;dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F
466 B
976 B
Document
General
Full URL
https://8954552.fls.doubleclick.net/activityi;dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
cafe /
Resource Hash
6899805b9d366f25306b0a3c56724777e4f3b4a3c58447479836eedc8eb3c9af
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8954552.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.pokerstars.eu/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.pokerstars.eu/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 11 Mar 2021 00:55:11 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
374
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 11-Mar-2021 01:10:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 11 Mar 2021 00:55:11 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8954552.fls.doubleclick.net/activityi;dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
servedby.flashtalking.com/container/18308;120606;12865;iframe/ Frame 7E72
19 KB
19 KB
Document
General
Full URL
https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=105097354712665&ft_referrer=https%3A//www.pokerstars.eu/&ns=https%3A//lp.clevernetwork.pt/&cb=703418.7285725914
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
prod-xre-app17.lhr11 /
Resource Hash
2cbfe45236b67669eb7067497b9e88b109f17057d88ca2c8ff6c6c86dc971b3c

Request headers

Host
servedby.flashtalking.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.pokerstars.eu/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.pokerstars.eu/

Response headers

Date
Thu, 11 Mar 2021 00:55:11 GMT
Connection
close
Cache-Control
no-cache, no-store
Content-Type
text/html
Server
prod-xre-app17.lhr11
Pragma
no-cache
X-HW
1615424111.dop056.lo4.t,1615424111.cds220.lo4.shn,1615424111.dop056.lo4.t,1615424111.cds072.lo4.sc,1615424111.cds072.lo4.p
cs
s.thebrighttag.com/ Frame 973D
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.thebrighttag.com%2Fcs?btt=0&tp=an&uid=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.thebrighttag.com%252Fcs%3Fbtt%3D0%26tp%3Dan%26uid%3D%24UID
  • https://s.thebrighttag.com/cs?btt=0&tp=an&uid=3838662649262320631
35 B
717 B
Image
General
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=an&uid=3838662649262320631
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:11 GMT
Server
nginx
P3P
CP=NOI DSP COR NID
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
X-BT-RequestId
6ea9e480-8204-11eb-a6c2-0000ac1509c1

Redirect headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:11 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.149:80
AN-X-Request-Uuid
5ef64eca-e8ca-4dbf-a32f-fba5826c697c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.thebrighttag.com/cs?btt=0&tp=an&uid=3838662649262320631
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
s.thebrighttag.com/ Frame 973D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/epROgTTp/?redir=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3D0WCbX0j%26uid%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/epROgTTp/?redir=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3D0WCbX0j%26uid%3D%24%7BTM_USER_ID%7D&_test=YElqbwAAAK7HYVLS
  • https://s.thebrighttag.com/cs?btt=0&tp=0WCbX0j&uid=YElqbwAAAK7HYVLS&_test=YElqbwAAAK7HYVLS
35 B
722 B
Image
General
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=0WCbX0j&uid=YElqbwAAAK7HYVLS&_test=YElqbwAAAK7HYVLS
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:11 GMT
Server
nginx
P3P
CP=NOI DSP COR NID
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
X-BT-RequestId
6ead18d0-8204-11eb-983a-0000ac1508e9

Redirect headers

pragma
no-cache
date
Thu, 11 Mar 2021 00:55:11 GMT
via
1.1 varnish
server
Varnish
x-timer
S1615424111.299242,VS0,VE0
x-served-by
cache-hhn4073-HHN
x-cache
HIT
location
https://s.thebrighttag.com/cs?btt=0&tp=0WCbX0j&uid=YElqbwAAAK7HYVLS&_test=YElqbwAAAK7HYVLS
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
cs
s.thebrighttag.com/ Frame 973D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=signal_dmp&google_cm&btt=0
  • https://cm.g.doubleclick.net/pixel?google_nid=signal_dmp&google_cm=&btt=0&google_tc=
  • https://s.thebrighttag.com/cs?tp=gcms&btt=0&google_gid=CAESEApvBkDhe2K_ADcNTOylt38&google_cver=1
35 B
741 B
Image
General
Full URL
https://s.thebrighttag.com/cs?tp=gcms&btt=0&google_gid=CAESEApvBkDhe2K_ADcNTOylt38&google_cver=1
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:11 GMT
Server
nginx
P3P
CP=NOI DSP COR NID
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
X-BT-RequestId
6ead3fe0-8204-11eb-90e4-0000ac150838

Redirect headers

pragma
no-cache
date
Thu, 11 Mar 2021 00:55:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.thebrighttag.com/cs?tp=gcms&btt=0&google_gid=CAESEApvBkDhe2K_ADcNTOylt38&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
305
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
s.thebrighttag.com/ Frame 973D
Redirect Chain
  • https://sync.mathtag.com/sync/js?redir=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Ftp%3Dmm%26uid%3D%5BMM_UUID%5D%26btt%3D0
  • https://s.thebrighttag.com/cs?tp=mm&uid=01206049-6a6e-4f00-bc26-b04394b367c4&btt=0
35 B
739 B
Image
General
Full URL
https://s.thebrighttag.com/cs?tp=mm&uid=01206049-6a6e-4f00-bc26-b04394b367c4&btt=0
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:11 GMT
Server
nginx
P3P
CP=NOI DSP COR NID
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
X-BT-RequestId
6e96f8c0-8204-11eb-8437-0000ac150972

Redirect headers

Date
Thu, 11 Mar 2021 00:55:10 GMT
Server
MT3 3611 f10363c master cdg-pixel-x5
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://s.thebrighttag.com/cs?tp=mm&uid=01206049-6a6e-4f00-bc26-b04394b367c4&btt=0
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 11 Mar 2021 00:55:09 GMT
cs
s.thebrighttag.com/ Frame 973D
Redirect Chain
  • https://servedby.flashtalking.com/map/?key=s3lJXta567k8G63uyekk63hUj6k11&url=https://s.thebrighttag.com/cs?btt=0&tp=dJNjEOZ&uid=[%FT_GUID%]
  • https://s.thebrighttag.com/cs?btt=0&tp=dJNjEOZ&uid=48188FEABBAD17
35 B
722 B
Image
General
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=dJNjEOZ&uid=48188FEABBAD17
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:11 GMT
Server
nginx
P3P
CP=NOI DSP COR NID
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
X-BT-RequestId
6ea50280-8204-11eb-8711-0000ac150866

Redirect headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:11 GMT
Server
prod-xre-app19.lhr11
X-HW
1615424111.dop209.lo4.t,1615424111.cds216.lo4.shn,1615424111.dop209.lo4.t,1615424111.cds236.lo4.sc,1615424111.cds236.lo4.p
P3P
policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location
https://s.thebrighttag.com/cs?btt=0&tp=dJNjEOZ&uid=48188FEABBAD17
Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Length
0
cs
s.thebrighttag.com/ Frame 973D
Redirect Chain
  • https://tag.device9.com/img/img.png?D9v.Version=1&D9v.Tag=1&D9r.DeviceID=true&D9v.AdvID=14708&D9v.SiteId=1&D9c=ftSync&D9c.dest=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dv0HKuXG%26uid%3...
  • https://s.thebrighttag.com/cs?btt=0&tp=v0HKuXG&uid=f2a191dc93844daaa4560408392229e7
35 B
744 B
Image
General
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=v0HKuXG&uid=f2a191dc93844daaa4560408392229e7
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:11 GMT
Server
nginx
P3P
CP=NOI DSP COR NID
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
X-BT-RequestId
6eaeed90-8204-11eb-bd0f-0000ac1509da

Redirect headers

Date
Thu, 11 Mar 2021 00:55:10 GMT
Server
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
Access-Control-Allow-Origin
tag.device9.com
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location
https://s.thebrighttag.com/cs?btt=0&tp=v0HKuXG&uid=f2a191dc93844daaa4560408392229e7
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
tag
s.thebrighttag.com/ Frame
0
0
Preflight
General
Full URL
https://s.thebrighttag.com/tag
Protocol
HTTP/1.1
Server
52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-requested-with
Origin
https://www.pokerstars.eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Thu, 11 Mar 2021 00:55:11 GMT
Content-Length
0
Connection
keep-alive
ETag
d41d8cd98f00b204e9800998ecf8427e
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, must-revalidate
X-BT-RequestId
6e99def0-8204-11eb-8960-0000ac150979
Access-Control-Max-Age
86400
Access-Control-Allow-Origin
https://www.pokerstars.eu
Access-Control-Allow-Headers
X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Credentials
true
P3P
CP=NOI DSP COR NID
tag
s.thebrighttag.com/ Frame 973D
4 KB
2 KB
XHR
General
Full URL
https://s.thebrighttag.com/tag
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/BrightTag.jquery-1.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
642619f247ce7848d2f6b03725fb331d0ed3472de781e24c98e305dbcc06b083

Request headers

Accept
*/*
Referer
https://www.pokerstars.eu/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:11 GMT
content-encoding
gzip
Server
nginx
ETag
3fe20f25857971ae42a2090cfcf85d36
P3P
CP=NOI DSP COR NID
Access-Control-Allow-Origin
https://www.pokerstars.eu
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript
Content-Length
1170
X-BT-RequestId
6e9f0f10-8204-11eb-b092-0000ac1509c1
ram.css
cashier.rationalcdn.com/ram/2.2.47/styles/ Frame 973D
425 KB
154 KB
Stylesheet
General
Full URL
https://cashier.rationalcdn.com/ram/2.2.47/styles/ram.css
Requested by
Host: cashier.rationalcdn.com
URL: https://cashier.rationalcdn.com/ram/2.2.47/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-74-148.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5b821c106c787bdae441b9414fbd4d1e53716e6f564e4352d3800de38f642b53

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cteonnt-length
434724
date
Thu, 11 Mar 2021 00:55:11 GMT
content-encoding
gzip
last-modified
Thu, 25 Feb 2021 15:08:24 GMT
server
Apache
etag
"6a224-5bc2a85dc2a00"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
private, max-age=377522
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With
content-length
156705
linkid.js
www.google-analytics.com/plugins/ua/ Frame 973D
2 KB
1001 B
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:16:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
2324
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
expires
Thu, 11 Mar 2021 01:16:27 GMT
sessionid
ram.pokerstars.eu/ram/login/ Frame 973D
685 B
1 KB
XHR
General
Full URL
https://ram.pokerstars.eu/ram/login/sessionid
Requested by
Host: cashier.rationalcdn.com
URL: https://cashier.rationalcdn.com/ram/2.2.47/vendor.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.87.179.149 Onchan, Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
app server /
Resource Hash
9ad6fe0711c70264492055641abfe29212f21d9f3231547ca93c48308d46d33f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache, no-store
Access-Control-Allow-Headers
Content-Type
Server
app server
Date
Thu, 11 Mar 2021 00:55:10 GMT
X-Frame-Options
DENY
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://www.pokerstars.eu
Cache-Control
private, no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=60
Expires
-86400
identity.js
connect.facebook.net/signals/plugins/ Frame 973D
11 KB
5 KB
Script
General
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.33
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
4673
x-fb-rlafr
0
pragma
public
x-fb-debug
ACDHHHYRXfR5jv1CqNZpI26ytpcBAsi1/EGEl0J08RgUKNyQX42DF1k9jPdGUdZChX34GT3WMBnpJ4sdDP3vdg==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 11 Mar 2021 00:55:11 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
origin-trial
AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
1152875091428286
connect.facebook.net/signals/config/ Frame 973D
241 KB
69 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1152875091428286?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ea544a92a4ce65207a88fef5d09e0f9d0519582c00066992366ceca4d5d2b175
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
70955
x-fb-rlafr
0
pragma
public
x-fb-debug
kiLyyBzBqBEd/fQRAJlbjuZImgHZqxubF2QEY4exjpUyoTgNVwoN4d5eKwjxhivjgE0M2ljH9JCLHJC//Ok6Ng==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Thu, 11 Mar 2021 00:55:11 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
img
pixel.mathtag.com/misc/ Frame 973D
43 B
480 B
Image
General
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-207.deploy.static.akamaitechnologies.com
Software
MT3 3611 f10363c master cdg-pixel-x28 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:11 GMT
Server
MT3 3611 f10363c master cdg-pixel-x28
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 11 Mar 2021 00:55:55 GMT
css
fonts.googleapis.com/ Frame 973D
8 KB
780 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Requested by
Host: cashier.rationalcdn.com
URL: https://cashier.rationalcdn.com/ram/2.2.47/styles/ram.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae31abd20931ac70ca57381ebeed30009c8343f1fb257f0d90e64b6b137262ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cashier.rationalcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 11 Mar 2021 00:44:07 GMT
server
ESF
date
Thu, 11 Mar 2021 00:55:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 Mar 2021 00:55:11 GMT
825.js
cdn.tradelab.fr/fseg/ Frame 973D
8 KB
3 KB
Script
General
Full URL
https://cdn.tradelab.fr/fseg/825.js?add=4232218
Requested by
Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/tag/6859decf69.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (amc/BC8E) /
Resource Hash
a77b03ac59bedd835e6261c2e0243a81824107314f736763c991f74f6c9528c4

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:11 GMT
content-encoding
gzip
last-modified
Thu, 26 Mar 2020 14:24:44 GMT
server
ECAcc (amc/BC8E)
age
99
etag
"20b1-5a1c2bf055fd2-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length
2723
expires
Thu, 11 Mar 2021 01:25:11 GMT
activityi;dc_pre=CKavwOKDp-8CFULXEQgdcmYIyA;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7177934446110.81
8526803.fls.doubleclick.net/ Frame 9D6E
Redirect Chain
  • https://8526803.fls.doubleclick.net/activityi;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7177934446110.81?
  • https://8526803.fls.doubleclick.net/activityi;dc_pre=CKavwOKDp-8CFULXEQgdcmYIyA;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7177934446110.81?
399 B
1 KB
Document
General
Full URL
https://8526803.fls.doubleclick.net/activityi;dc_pre=CKavwOKDp-8CFULXEQgdcmYIyA;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7177934446110.81?
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.74.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f6.1e100.net
Software
cafe /
Resource Hash
6595ed9a8039c01943074b0bf83cc08f0fcd5d4a01bcfbff36e2737c65722feb
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8526803.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CKavwOKDp-8CFULXEQgdcmYIyA;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7177934446110.81?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.pokerstars.eu/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.pokerstars.eu/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 11 Mar 2021 00:55:11 GMT
expires
Thu, 11 Mar 2021 00:55:11 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
328
x-xss-protection
0
set-cookie
IDE=AHWqTUltjs4m1z9Iv6TlPiY8CZcbGEaW3auNHfutqKTi-g3JVfc4bBbairT_V149zS0; expires=Tue, 05-Apr-2022 00:55:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 11 Mar 2021 00:55:11 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8526803.fls.doubleclick.net/activityi;dc_pre=CKavwOKDp-8CFULXEQgdcmYIyA;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7177934446110.81?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
seg.js
cdn.tradelab.fr/ Frame 973D
3 KB
1 KB
Script
General
Full URL
https://cdn.tradelab.fr/seg.js?add=25072242
Requested by
Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/tag/6859decf69.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (amc/BC5B) /
Resource Hash
4bcdad591e993084f420f4d2e05541355f3ef0a185dbe15b2cd1e8fd614039b7

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:11 GMT
content-encoding
gzip
last-modified
Wed, 06 Sep 2017 13:08:13 GMT
server
ECAcc (amc/BC5B)
age
604
etag
"a7c-558850954180e-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length
1107
expires
Thu, 11 Mar 2021 01:25:11 GMT
/
its.tradelab.fr/ Frame 973D
Redirect Chain
  • https://ib.adnxs.com/getuid?//its.tradelab.fr/?type=tlsync&uuid2=$UID&callback=tl_sync
  • https://its.tradelab.fr/?type=tlsync&uuid2=3838662649262320631&callback=tl_sync
53 B
540 B
Script
General
Full URL
https://its.tradelab.fr/?type=tlsync&uuid2=3838662649262320631&callback=tl_sync
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.192.104 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
tradelab.fr
Software
nginx/1.17.6 /
Resource Hash
2ad59c1d743dfdc4868486432203929ffd6e2885264c5bb69d51c3bf67c40374

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:11 GMT
Server
nginx/1.17.6
Transfer-Encoding
chunked
P3p
CP="CAO PSA OUR"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0,post-check=0,pre-check=0
Connection
keep-alive
Content-Type
application/javascript

Redirect headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:11 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.51:80
AN-X-Request-Uuid
39bf46d1-a203-495d-9ef2-a93cce328ae9
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
//its.tradelab.fr/?type=tlsync&uuid2=3838662649262320631&callback=tl_sync
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
its.tradelab.fr/ Frame 973D
Redirect Chain
  • https://its.tradelab.fr/?type=tp&advid=727265&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1615424111%2C%22page_url%22%3A%22lp.clevernetwork.pt%2F%22%2C%22dm%22%3A%22pokerstars.eu%...
  • https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm
  • https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEFLgpwY6LeAtbaGIjUlEL1I&google_cver=1
43 B
578 B
Image
General
Full URL
https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEFLgpwY6LeAtbaGIjUlEL1I&google_cver=1
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.192.104 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
tradelab.fr
Software
nginx/1.17.6 / Tradelab ITS / node1.tradelab.fr
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:11 GMT
Server
nginx/1.17.6
X-Powered-By
Tradelab ITS / node1.tradelab.fr
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*

Redirect headers

pragma
no-cache
date
Thu, 11 Mar 2021 00:55:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEFLgpwY6LeAtbaGIjUlEL1I&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c292f111f4.js
cdn.tradelab.fr/tag/ Frame 973D
11 KB
4 KB
Script
General
Full URL
https://cdn.tradelab.fr/tag/c292f111f4.js
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (amc/BC87) /
Resource Hash
a75925f253b90c84783b51260f8b9a213a2796f5050d82b3790b9ced63be42a0

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:11 GMT
content-encoding
gzip
last-modified
Sun, 28 Feb 2021 18:28:09 GMT
server
ECAcc (amc/BC87)
age
18
etag
"2bc5-5bc69a9cde728-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length
3992
expires
Thu, 11 Mar 2021 01:25:11 GMT
/
www.facebook.com/tr/ Frame 973D
44 B
261 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1152875091428286&ev=PageView&dl=https%3A%2F%2Fwww.pokerstars.eu%2F&rl=https%3A%2F%2Flp.clevernetwork.pt%2F&if=true&ts=1615424111207&sw=1600&sh=1200&ud[external_id]=ccf5e4ade05e252c6cfcf82a3b3864e7a26cb6b8ea2f6905c0e1dccc8519614d&v=2.9.33&r=stable&ec=0&o=30&it=1615424111154&coo=false&rqm=GET
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:11 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 11 Mar 2021 00:55:11 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 973D
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.pokerstars.eu
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 22:41:50 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:55 GMT
server
sffe
age
8001
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15784
x-xss-protection
0
expires
Thu, 10 Mar 2022 22:41:50 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 973D
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.pokerstars.eu
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 18:27:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:37 GMT
server
sffe
age
196052
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15872
x-xss-protection
0
expires
Tue, 08 Mar 2022 18:27:39 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 973D
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.pokerstars.eu
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 18:51:47 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:36 GMT
server
sffe
age
194604
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15736
x-xss-protection
0
expires
Tue, 08 Mar 2022 18:51:47 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 973D
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.pokerstars.eu
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 19:52:31 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:00 GMT
server
sffe
age
18160
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
expires
Thu, 10 Mar 2022 19:52:31 GMT
/
its.tradelab.fr/ Frame 973D
2 B
357 B
Script
General
Full URL
https://its.tradelab.fr/?type=token&p=tlab&gtw=%2F%2Fs.thebrighttag.com%2Fapi%3Fsite%3DG58M8eX%26referrer%3Dtlabset%26signalid%3D105097354712665
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.192.104 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
tradelab.fr
Software
nginx/1.17.6 / Tradelab ITS / node1.tradelab.fr
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:11 GMT
Server
nginx/1.17.6
X-Powered-By
Tradelab ITS / node1.tradelab.fr
P3p
CP="CAO PSA OUR"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0,post-check=0,pre-check=0
Connection
keep-alive
Content-Type
text/html
Content-Length
2
645001.js
cdn.tradelab.fr/conv/ Frame 973D
19 KB
7 KB
Script
General
Full URL
https://cdn.tradelab.fr/conv/645001.js
Requested by
Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/fseg/825.js?add=4232218
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (amc/BC58) /
Resource Hash
c93591cccd94f2254d20f66f7f091497f30c9f249714e6fa1b5c9d81c8cedcfe

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:11 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 07:08:57 GMT
server
ECAcc (amc/BC58)
age
323
etag
"4a1c-5bd15395b19f9-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length
7028
expires
Thu, 11 Mar 2021 01:25:11 GMT
seg
secure.adnxs.com/ Frame 973D
43 B
1 KB
Image
General
Full URL
https://secure.adnxs.com/seg?add=25072242&t=2
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:11 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.51:80
AN-X-Request-Uuid
aee7afc2-0741-4e05-8994-6a4940dc3c2c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
its.tradelab.fr/ Frame 973D
Redirect Chain
  • https://ib.adnxs.com/getuid?//its.tradelab.fr/?type=seg&uuid2=$UID&sid=25072242&val=null&fp=0&advid=727265&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%252...
  • https://its.tradelab.fr/?type=seg&uuid2=3838662649262320631&sid=25072242&val=null&fp=0&advid=727265&isregen=0&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(...
  • https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm
  • https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESELpQZs9GdkeCeuJKxvQbDxY&google_cver=1
43 B
578 B
Image
General
Full URL
https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESELpQZs9GdkeCeuJKxvQbDxY&google_cver=1
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.192.104 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
tradelab.fr
Software
nginx/1.17.6 / Tradelab ITS / node4.tradelab.fr
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:11 GMT
Server
nginx/1.17.6
X-Powered-By
Tradelab ITS / node4.tradelab.fr
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*

Redirect headers

pragma
no-cache
date
Thu, 11 Mar 2021 00:55:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESELpQZs9GdkeCeuJKxvQbDxY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
servedby.flashtalking.com/container/29;71832;7464;iframe/ Frame 5FCE
Redirect Chain
  • https://servedby.flashtalking.com/map/?key=a7rAgh52909gAgrTaAporDg928888&url=https://servedby.flashtalking.com/container/29;71832;7464;iframe/?g=[%FT_GUID%]
  • https://servedby.flashtalking.com/container/29;71832;7464;iframe/?g=48188FEABBAD17
262 B
575 B
Document
General
Full URL
https://servedby.flashtalking.com/container/29;71832;7464;iframe/?g=48188FEABBAD17
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=105097354712665&ft_referrer=https%3A//www.pokerstars.eu/&ns=https%3A//lp.clevernetwork.pt/&cb=703418.7285725914
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
prod-xre-app14.lhr11 /
Resource Hash
fcfe8718632767474e43758fad2a1f98cdd3665a66e34a81c9d65140109d56f2

Request headers

Host
servedby.flashtalking.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=105097354712665&ft_referrer=https%3A//www.pokerstars.eu/&ns=https%3A//lp.clevernetwork.pt/&cb=703418.7285725914
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
flashtalkingad1="GUID=48188FEABBAD17"
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=105097354712665&ft_referrer=https%3A//www.pokerstars.eu/&ns=https%3A//lp.clevernetwork.pt/&cb=703418.7285725914

Response headers

Date
Thu, 11 Mar 2021 00:55:11 GMT
Connection
close
Cache-Control
no-cache, no-store
Content-Type
text/html
Server
prod-xre-app14.lhr11
Pragma
no-cache
X-HW
1615424111.dop209.lo4.t,1615424111.cds216.lo4.shn,1615424111.dop209.lo4.t,1615424111.cds236.lo4.sc,1615424111.cds236.lo4.p

Redirect headers

Date
Thu, 11 Mar 2021 00:55:11 GMT
Connection
Keep-Alive
Cache-Control
no-cache, no-store
Content-Length
0
Server
prod-xre-app2.lhr11
Pragma
no-cache
P3P
policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location
https://servedby.flashtalking.com/container/29;71832;7464;iframe/?g=48188FEABBAD17
X-HW
1615424111.dop209.lo4.t,1615424111.cds216.lo4.shn,1615424111.dop209.lo4.t,1615424111.cds236.lo4.sc,1615424111.cds236.lo4.p
dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F
adservice.google.com/ddm/fls/i/ Frame 7075
465 B
444 B
Document
General
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F
Requested by
Host: 8954552.fls.doubleclick.net
URL: https://8954552.fls.doubleclick.net/activityi;dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef185414671f302413d96fd8a5af007c5ebb91f7a0df916dfc623f0505d72822
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.com
:scheme
https
:path
/ddm/fls/i/dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://8954552.fls.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://8954552.fls.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 11 Mar 2021 00:55:11 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
374
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
seg
secure.adnxs.com/ Frame 973D
43 B
1 KB
Image
General
Full URL
https://secure.adnxs.com/seg?add=2491894:31&t=2
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:11 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.43:80
AN-X-Request-Uuid
8b317cd9-9311-4374-a69f-6b9ef998f915
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
its.tradelab.fr/ Frame 973D
43 B
423 B
Image
General
Full URL
https://its.tradelab.fr/?type=convr&x=1&cdata=%7B%22a%22%3A645001%2C%22l%22%3A%5B2911043%2C3374860%2C3374870%2C3374871%2C3375631%2C3375634%2C3375636%2C3375869%2C3485777%2C3610728%2C4139570%2C4139577%2C5229563%2C5512754%2C5523904%2C5527627%2C5577407%2C5577415%2C5683612%2C5707327%2C5707518%2C5729834%2C5751995%2C5752074%2C5772094%2C5772112%2C5772126%2C5772157%2C5772186%2C5772205%2C5772383%2C5772421%2C5807843%2C5812186%2C5894602%2C5907913%2C5933676%2C5969498%2C5969642%2C5969671%2C5969675%2C5971810%2C5971880%2C5992671%2C5992999%2C5993021%2C6000363%2C6001937%2C6002209%2C6002253%2C6002382%2C6002507%2C6140505%2C6154762%2C6154871%2C6159236%2C6159578%2C6162984%2C6162989%2C6163852%2C6164009%2C6164071%2C6164072%2C6164436%2C6164437%2C6193482%2C6195004%2C6195041%2C6195042%2C6195043%2C6195531%2C6195532%2C6195533%2C6195609%2C6214062%2C6214063%2C6214064%2C6214094%2C6214097%2C6214101%2C6214202%2C6214204%2C6214208%2C6221015%2C6221229%2C6222282%2C6226174%2C6226212%2C6226218%2C6226221%2C6226226%2C6226446%2C6226454%2C6226458%2C6226476%2C6226484%2C6226643%2C6226796%2C6226877%2C6226880%2C6227027%2C6227558%2C6234208%2C6234214%2C6234248%2C6234255%2C6234287%2C6234366%2C6234427%2C6234545%2C6235523%2C6235651%2C6237797%2C6237800%2C6237832%2C6237857%2C6291044%2C6291049%2C6291104%2C6291106%2C6291111%2C6291118%2C6291124%2C6291138%2C6291946%2C6291953%2C6291969%2C6311673%2C6318389%2C6330471%2C6330749%2C6331140%2C6331216%2C6331277%2C6331301%2C6357110%2C6357745%2C6357758%2C6357771%2C6364697%2C6364707%2C6386022%2C6386029%2C6422150%2C6422153%2C6455878%2C6455884%2C6471290%2C6471292%2C6479718%2C6479764%2C6526614%2C6563367%2C6563414%2C6590178%2C6776590%2C6778340%2C6779076%2C6779365%2C6806511%2C6807202%2C6816216%2C6816242%2C6816247%2C6816326%2C6816335%2C6816341%2C6842289%2C6842296%2C6842320%2C6842381%2C6842396%2C6842507%2C6851735%2C6860538%2C6875822%2C6876078%2C6878676%2C6886610%2C6889819%2C6889820%2C6889829%2C6895218%2C6895221%2C6895281%2C6895289%2C6902404%2C6902406%2C6914830%2C6914832%2C6914833%2C6917298%2C6917319%2C6917321%2C6917325%2C6917329%2C6917415%2C7018738%2C7037742%2C7037747%2C7037879%2C7043219%2C7043221%2C7043222%2C7043223%2C7043356%2C7043359%2C7043387%2C7050757%2C7050810%2C7054802%2C7054821%2C7054845%2C7055172%2C7055180%2C7055199%2C7055243%2C7055269%2C7055280%2C7055313%2C7055360%2C7055754%2C7057671%2C7057780%2C7059421%2C7073089%2C7081770%2C7081774%2C7081869%2C7081871%2C7082029%2C7082088%2C7082091%2C7082175%2C7082177%2C7089154%2C7089369%2C7089726%2C7089791%2C7089907%2C7090617%2C7090621%2C7090626%2C7090631%2C7098648%2C7098649%2C7098654%2C7098664%2C7098673%2C7125571%2C7209540%2C7209542%2C7209543%2C7209544%2C7209546%2C7209548%2C7209549%2C7209550%2C7209995%2C7209997%2C7209999%2C7210001%2C7210195%2C7210198%2C7210208%2C7215834%2C7226638%2C7226689%2C7226691%2C7226766%2C7226777%2C7226784%2C7226796%2C7226942%2C7227046%2C7227047%2C7228256%2C7228261%2C7228262%2C7228265%2C7228268%2C7228270%2C7228272%2C7228273%2C7228277%2C7228284%2C7228285%2C7228289%2C7228298%2C7228299%2C7228300%2C7228302%2C7228320%2C7228331%2C7291167%2C7292156%2C7307100%2C7307264%2C7359086%2C7361643%2C7365559%2C7462205%2C7481343%2C7525396%2C7525559%2C7525623%2C7525690%2C7525745%2C7525847%2C7526713%2C7536183%2C7536493%2C7537492%2C7537579%2C7538501%2C7538532%2C7538638%2C7538719%2C7538977%2C7539323%2C7539357%2C7539424%2C7539466%2C7539475%2C7539506%2C7542691%2C7542814%2C7542908%2C7542924%2C7544348%2C7544399%2C7544474%2C7544514%2C7544544%2C7549646%2C7549719%2C7549749%2C7550152%2C7550161%2C7550213%2C7572162%2C7716684%2C7717144%2C7717791%2C7717812%2C7717827%2C7717839%2C7717845%2C7717929%2C7717945%2C7791362%2C7791430%2C7791447%2C7831211%2C7831225%2C7831261%2C7831271%2C7831809%2C7831811%2C7831815%2C7831831%2C7945977%2C7954109%2C8016142%2C8016159%2C8016171%2C8016175%2C8016181%2C8016206%2C8016306%2C8016315%2C8016332%2C8016350%2C8016357%2C8016364%2C8018483%2C8018490%2C8018538%2C8018546%2C8018559%2C8018567%2C8019394%2C8019396%2C8025229%2C8025244%2C8025246%2C8025250%2C8032818%2C8032824%2C8032827%2C8035172%2C8035174%2C8035175%2C8035176%2C8035180%2C8035184%2C8035188%2C8035190%2C8049459%2C8049473%2C8049493%2C8049509%2C8081387%2C8081422%2C8081425%2C8083336%2C8097798%2C8097803%2C8097831%2C8097833%2C8110565%2C8110587%2C8110595%2C8110599%2C8124939%2C8124944%2C8124953%2C8124960%2C8178320%2C8178327%2C8178331%2C8178333%2C8211948%2C8359406%2C8359412%2C8359420%2C8359431%2C8359441%2C8359637%2C8365506%2C8392744%2C8399097%2C8399099%2C8399111%2C8399112%2C8399130%2C8399132%2C8399133%2C8399134%2C8407979%2C8408076%2C8408078%2C8408084%2C8408087%2C8408090%2C8408092%2C8410453%2C8505019%2C8511659%2C8511660%2C8511661%2C8511662%2C8643514%2C8643560%2C8643589%2C8643686%2C8643748%2C8643808%2C8643881%2C8643903%2C8643943%2C8643973%2C8644038%2C8648496%2C8648497%2C8648502%2C8761737%2C8771359%2C8813308%2C8813343%2C8813346%2C8813349%2C8896437%2C8896445%2C8896457%2C8897484%2C8897495%2C8897500%2C8897529%2C8897530%2C8897532%2C8897533%2C8897534%2C8897535%2C8897869%2C8903049%2C8903064%2C8903076%2C8903099%2C8903103%2C8903105%2C8903122%2C8903123%2C8903125%2C8903128%2C8903132%2C8903531%2C8903539%2C8903563%2C8903568%2C8903594%2C8903599%2C8904004%2C8904014%2C8904020%2C8904031%2C8904037%2C8904056%2C8904059%2C8904063%2C9104939%2C9130903%2C9131544%2C9139541%2C9203023%2C9203067%2C9203116%2C9278395%2C9351038%2C9387947%2C9397722%2C9409325%2C9514351%2C9514357%2C9612423%2C9612517%2C9612648%2C9629921%2C9696006%2C9696064%2C9696100%2C9703331%2C9703486%2C9703627%2C9719551%2C9720613%2C9721538%2C9721695%2C9721702%2C9721705%2C9721709%2C9721710%2C9755110%2C9755385%2C9854757%2C9906851%2C9906874%2C9910363%2C9990666%2C9990685%2C9990686%2C10095363%2C10095797%2C10096001%2C10193236%2C10193384%2C10193807%2C10310290%2C10359145%2C10359204%2C10476365%2C10476464%2C10476611%2C10477525%2C10502301%2C10503758%2C10503885%2C10522118%2C10535412%2C10588065%2C10588071%2C10588162%2C10635997%2C10651842%2C10666631%2C10685105%2C10686491%2C10686495%2C10697806%2C10697843%2C10769787%2C10919956%2C10953320%2C10997851%2C10997980%2C10998089%2C10998386%2C10998397%2C10998435%2C10998569%2C10998579%2C11057024%2C11152558%2C11154187%2C11194193%2C11245943%2C11332680%2C11346958%2C11350004%2C11350005%2C11387804%2C11395097%2C11395212%2C11396897%2C11396924%2C11396962%2C11397033%2C11397135%2C11397140%2C11397143%2C11397144%2C11397147%2C11397214%2C11397215%2C11397216%2C11397217%2C11397218%2C11397960%2C11400745%2C11401196%2C11401197%2C11401392%2C11401427%2C11401493%2C11401640%2C11401724%2C11401976%2C11402069%2C11402079%2C11402096%2C11403979%2C11404377%2C11404384%2C11408351%2C11414595%2C11415196%2C11415197%2C11416031%2C11416034%2C11416120%2C11416161%2C11416324%2C11416553%2C11416714%2C11416754%2C11416984%2C11417111%2C11417621%2C11417683%2C11417716%2C11417751%2C11418099%2C11418103%2C11421607%2C11421608%2C11421620%2C11428320%2C11428379%2C11428382%2C11455715%2C11460659%2C11460890%2C11460892%2C11460901%2C11461357%2C11461368%2C11461404%2C11461722%2C11468652%2C11468653%2C11468655%2C11468676%2C11468681%2C11468684%2C11475669%2C11475694%2C11476530%2C11481965%2C11487671%2C11488866%2C11490520%2C11490827%2C11490868%2C11496300%2C11496628%2C11496649%2C11497244%2C11497486%2C11497968%2C11515690%2C11517479%2C11517532%2C11543793%2C11543906%2C11549890%2C11550201%2C11550202%2C11550203%2C11577232%2C11584353%2C11584887%2C11585480%2C11589019%2C11589113%2C11589120%2C11597342%2C11597367%2C11597472%2C11609630%2C11610899%2C11611100%2C11611338%2C11614059%2C11615411%2C11615420%2C11615446%2C11615498%2C11615501%2C11615504%2C11621887%2C11623768%2C11629337%2C11629339%2C11629401%2C11629580%2C11635203%2C11635277%2C11639299%2C11644447%2C11645614%2C11645616%2C11645617%2C11645658%2C11645659%2C11645660%2C11646244%2C11646540%2C11646635%2C11646660%2C11646737%2C11646758%2C11646798%2C11646818%2C11646842%2C11662987%2C11666805%2C11666880%2C11666886%2C11666910%2C11666918%2C11666976%2C11666994%2C11676263%2C11676270%2C11676293%2C11676312%2C11676368%2C11676415%2C11676451%2C11676455%2C11683311%2C11684178%2C11689123%2C11697904%2C11708513%2C11723817%2C11723818%2C11723861%2C11734201%2C11735165%2C11735305%2C11762514%2C11762691%2C11783343%2C11784015%2C11784931%2C11784993%2C11785011%2C11798208%2C11800129%2C11815343%2C11815391%2C11830759%2C11830841%2C11830975%2C11831346%2C11831372%2C11831539%2C11831549%2C11844423%2C11844425%2C11850207%2C11850209%2C11868176%2C11877510%2C11878882%2C11903230%2C11923402%2C11923553%2C11923569%2C11923571%2C11923657%2C11923673%2C11923736%2C11923737%2C11923739%2C11933607%2C11950397%2C11959998%2C11960028%2C11965353%2C11965440%2C11966901%2C11969715%2C11969801%2C11969866%2C11998069%2C11998156%2C12018471%2C12018822%2C12019250%2C12040619%2C12040854%2C12051550%2C12085845%2C12085852%2C12085930%2C12086375%2C12086624%2C12086628%2C12089273%2C12089504%2C12097231%2C12097501%2C12097542%2C12112378%2C12123555%2C12147846%2C12148109%2C12148144%2C12149117%2C12152120%2C12153186%2C12167992%2C12192400%2C12259785%2C12260127%2C12265565%2C12281316%2C12295255%2C12313833%2C12313922%2C12339057%2C12341877%2C12352272%2C12352686%2C12354121%2C12354122%2C12360312%2C12360381%2C12360409%2C12360462%2C12361864%2C12363145%2C12386789%2C12398074%2C12398113%2C12398378%2C12398381%2C12398504%2C12398509%2C12420753%2C12422577%2C12422611%2C12431515%2C12431517%2C12431978%2C12431992%2C12439905%2C12439907%2C12439909%2C12439912%2C12441386%2C12441481%2C12441510%2C12441534%2C12449202%2C12475965%2C12476042%2C12478711%2C12485943%2C12486269%2C12491060%2C12491062%2C12491069%2C12496885%2C12496889%2C12496896%2C12496903%2C12509636%2C12509663%2C12509666%2C12511664%2C12511728%2C12512481%2C12512497%2C12514254%2C12514258%2C12514259%2C12523410%2C12524165%2C12524190%2C12531093%2C12531215%2C12532951%2C12537147%2C12540453%2C12540458%2C12540504%2C12540622%2C12540637%2C12540684%2C12540821%2C12540930%2C12540932%2C12540934%2C12540935%2C12540941%2C12540942%2C12540944%2C12541090%2C12541116%2C12547910%2C12548079%2C12563220%2C12563442%2C12569091%2C12569109%2C12569915%2C12569976%2C12577340%2C12581719%2C12582312%2C12582313%2C12582329%2C12582452%2C12582536%2C12602522%2C12602557%2C12605925%2C12605958%2C12606093%2C12606151%2C12606168%2C12606214%2C12606227%2C12615985%2C12619760%2C12619773%2C12619803%2C12619812%2C12640901%2C12641206%2C12641243%2C12641682%2C12641809%2C12664238%2C12664319%2C12664996%2C12665004%2C12665396%2C12665413%2C12665421%2C12665439%2C12665455%2C12665461%2C12665475%2C12665487%2C12665495%2C12665500%2C12665503%2C12665525%2C12665546%2C12665547%2C12665597%2C12665601%2C12665607%2C12673380%2C12673381%2C12673382%2C12673464%2C12673465%2C12673466%2C12678055%2C12678172%2C12678221%2C12678226%2C12678237%2C12678299%2C12678359%2C12678463%2C12678488%2C12679930%2C12679980%2C12680219%2C12680220%2C12680222%2C12680286%2C12680287%2C12680288%2C12680289%2C12680415%2C12680416%2C12680421%2C12680422%2C12680547%2C12680555%2C12680601%2C12680602%2C12680650%2C12680663%2C12680669%2C12680670%2C12680738%2C12680769%2C12680771%2C12683429%2C12683434%2C12683503%2C12683505%2C12684229%2C12711824%2C12711834%2C12711888%2C12711901%2C12711998%2C12712007%2C12756221%2C12756544%2C12758212%2C12758217%2C12758706%2C12758709%2C12759543%2C12772370%2C12789220%2C12819638%2C12819641%2C12819731%2C12819732%2C12821228%2C12821232%2C12832058%2C12832408%2C12832429%2C12833471%2C12833555%2C12833582%2C12844715%2C12850910%2C12850918%2C12850920%2C12850967%2C12850982%2C12851052%2C12851887%2C12853335%2C12853406%2C12855587%2C12855588%2C12855593%2C12856316%2C12856317%2C12856352%2C12856353%2C12865755%2C12866030%2C12866078%2C12866196%2C12881237%2C12881625%2C12882278%2C12882663%2C12882964%2C12883397%2C12885363%2C12885422%2C12885453%2C12885505%2C12885592%2C12885613%2C12885663%2C12885862%2C12885905%2C12885918%2C12885923%2C12885927%2C12885985%2C12885990%2C12886005%2C12886680%2C12907847%2C12909272%2C12909273%2C12912682%2C12921648%2C12921769%2C12921826%2C12921855%2C12922024%2C12922087%2C12923143%2C12923684%2C12923704%2C12923773%2C12923936%2C12923939%2C12923998%2C12924001%2C12924874%2C12924902%2C12924912%2C12924956%2C12924975%2C12924990%2C12925005%2C12925090%2C12925181%2C12925195%2C12925241%2C12925261%2C12925400%2C12925442%2C12925508%2C12925517%2C12925633%2C12925873%2C12926824%2C12926843%2C12926883%2C12926944%2C12926953%2C12926973%2C12926981%2C12927175%2C12927269%2C12927332%2C12927414%2C12927418%2C12927744%2C12927838%2C12927922%2C12928066%2C12928149%2C12928164%2C12928182%2C12929571%2C12929597%2C12929716%2C12929815%2C12929978%2C12929989%2C12930024%2C12930043%2C12930100%2C12930131%2C12930164%2C12934254%2C12934305%2C12934411%2C12934440%2C12934450%2C12934452%2C12934495%2C12934513%2C12934588%2C12934594%2C12934611%2C12934639%2C12934673%2C12934687%2C12934696%2C12934700%2C12934710%2C12934763%2C12934815%2C12934845%2C12935224%2C12935234%2C12935279%2C12935281%2C12935317%2C12935345%2C12935397%2C12935507%2C12935534%2C12935633%2C12935860%2C12935899%2C12935934%2C12935954%2C12935966%2C12936000%2C12936069%2C12936101%2C12936983%2C12937233%2C12937283%2C12937313%2C12937393%2C12937404%2C12937424%2C12937904%2C12937962%2C12938122%2C12938523%2C12938579%2C12938617%2C12938638%2C12938691%2C12939517%2C12940043%2C12940181%2C12940372%2C12940871%2C12947134%2C12947167%2C12947207%2C12947216%2C12948248%2C12948375%2C12948428%2C12948498%2C12948741%2C12948794%2C12950687%2C12953811%2C12953815%2C12953843%2C12954030%2C12969597%2C12969640%2C12971115%2C12971765%2C12971885%2C12983798%2C12983859%2C12986083%2C12986160%2C12986291%2C12986844%2C12987733%2C12996965%2C12997777%2C12997845%2C12997849%2C13008703%2C13008708%2C13009209%2C13011063%2C13011066%2C13012364%2C13020630%2C13021375%2C13022053%2C13022072%2C13037641%2C13037645%2C13037884%2C13046784%2C13056244%2C13059704%2C13059741%2C13115728%2C13135619%2C13136828%2C13158557%2C13158567%2C13158580%2C13158584%2C13173610%2C13175848%2C13175893%2C13175937%2C13175972%2C13176001%2C13176069%2C13176161%2C13176365%2C13176390%2C13176420%2C13176558%2C13180060%2C13201287%2C13201333%2C13201431%2C13227834%2C13227878%2C13227899%2C13228461%2C13228467%2C13228472%2C13229742%2C13229964%2C13230150%2C13230158%2C13247905%2C13379501%2C13379527%2C13404253%2C13404255%2C13404256%2C13426762%2C13426768%2C13442957%2C13444808%2C13445193%2C13499528%2C13499558%2C13499559%2C13509560%2C13519091%2C13521499%2C13562887%2C13576597%2C13581270%2C13585037%2C13585042%2C13586704%2C13586711%2C13586718%2C13586720%2C13590402%2C13590478%2C13590485%2C13590826%2C13590912%2C13591338%2C13591340%2C13591456%2C13593057%2C13593120%2C13593124%2C13593413%2C13593470%2C13593489%2C13593491%2C13593492%2C13593952%2C13593953%2C13593955%2C13595060%2C13595186%2C13595202%2C13595232%2C13595280%2C13604577%2C13604579%2C13611236%2C13611921%2C13611926%2C13611928%2C13611930%2C13611932%2C13611935%2C13611950%2C13611955%2C13611957%2C13611959%2C13611960%2C13611961%2C13611962%2C13611980%2C13611981%2C13611990%2C13612010%2C13612013%2C13612026%2C13612030%2C13612056%2C13612507%2C13612510%2C13612514%2C13612515%2C13615293%2C13615363%2C13624271%2C13624335%2C13624366%2C13627530%2C13637445%2C13637541%2C13639429%2C13639559%2C13639822%2C13639829%2C13643700%2C13643723%2C13643732%2C13643747%2C13643753%2C13643758%2C13643773%2C13646588%2C13646593%2C13648302%2C13648333%2C13648334%2C13648335%2C13648336%2C13648337%2C13648338%2C13648396%2C13648398%2C13648400%2C13648401%2C13651559%2C13651660%2C13651676%2C13651682%2C13651716%2C13651764%2C13651797%2C13651823%2C13651854%2C13651874%2C13651905%2C13652073%2C13652074%2C13652082%2C13652086%2C13652091%2C13652092%2C13652097%2C13652098%2C13652406%2C13652414%2C13652431%2C13652432%2C13652441%2C13652458%2C13652463%2C13652502%2C13652504%2C13652553%2C13652554%2C13652652%2C13652667%2C13652685%2C13652686%2C13652691%2C13652693%2C13652706%2C13652707%2C13652888%2C13655571%2C13655675%2C13655677%2C13655748%2C13655759%2C13655772%2C13655774%2C13655815%2C13655816%2C13655928%2C13655929%2C13656062%2C13656068%2C13656075%2C13656076%2C13656137%2C13656139%2C13656166%2C13656167%2C13656224%2C13656403%2C13656413%2C13656414%2C13656698%2C13656703%2C13656715%2C13656731%2C13657593%2C13657599%2C13657611%2C13657612%2C13657646%2C13657863%2C13657864%2C13657881%2C13657883%2C13657884%2C13657887%2C13657908%2C13657921%2C13660900%2C13660902%2C13660918%2C13660927%2C13660928%2C13660964%2C13660965%2C13661137%2C13661139%2C13661201%2C13661204%2C13661205%2C13661212%2C13661213%2C13661995%2C13662002%2C13662009%2C13662012%2C13662013%2C13662086%2C13662102%2C13662113%2C13662132%2C13662133%2C13662145%2C13662146%2C13662230%2C13662241%2C13662276%2C13662293%2C13662295%2C13663428%2C13663432%2C13663437%2C13663450%2C13684419%2C13684437%2C13703524%2C13703900%2C13703963%2C13704004%2C13726085%2C13726630%2C13728187%2C13728188%2C13728189%2C13729253%2C13737386%2C13746660%2C13754902%2C13755175%2C13755177%2C13755793%2C13756319%2C13759146%2C13759454%2C13759508%2C13759747%2C13783001%2C13783005%2C13783013%2C13783058%2C13788357%2C13789606%2C13790210%2C13790356%2C13790443%2C13790445%2C13790446%2C13822025%2C13827326%2C13827616%2C13828767%2C13828768%2C13828769%2C13828942%2C13828948%2C13828950%2C13832725%2C13832749%2C13849058%2C13849117%2C13850343%2C13850357%2C13850393%2C13850549%2C13850802%2C13850854%2C13850880%2C13850899%2C13850948%2C13851106%2C13854071%2C13886580%2C13889445%2C13889455%2C13889486%2C13889961%2C13889975%2C13889994%2C13890227%2C13890239%2C13890240%2C13890241%2C13890463%2C13895571%2C13895572%2C13897024%2C13905793%2C13906529%2C13906564%2C13906592%2C13917417%2C13918132%2C13918133%2C13919181%2C13919183%2C13930356%2C13931368%2C13933484%2C13944490%2C13944551%2C13944643%2C13951734%2C13951831%2C13955623%2C13955624%2C13962873%2C13962978%2C13964343%2C13964344%2C13970253%2C13970255%2C14004524%2C14006771%2C14011339%2C14012185%2C14012197%2C14012277%2C14012280%2C14020547%2C14023284%2C14045762%2C14045763%2C14045764%2C14077128%2C14077134%2C14184460%5D%2C%22i%22%3A7%2C%22c%22%3A7%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=5189423&xur=lp.clevernetwork.pt%2F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A0%2C%22page_url%22%3A%22%22%2C%22dm%22%3A%22%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A0%2C%22frst_vis_ts%22%3A1615424111%2C%22prev_vis_ts%22%3A0%2C%22curr_vis_ts%22%3A1615424111%2C%22total_page_cnt%22%3A0%2C%22prev_page_cnt%22%3A0%2C%22curr_page_cnt%22%3A1%7D%7D
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.192.104 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
tradelab.fr
Software
nginx/1.17.6 / Tradelab ITS / node4.tradelab.fr
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:11 GMT
Server
nginx/1.17.6
X-Powered-By
Tradelab ITS / node4.tradelab.fr
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
px
secure.adnxs.com/ Frame 973D
43 B
969 B
Image
General
Full URL
https://secure.adnxs.com/px?id=645001&t=2
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:11 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.69:80
AN-X-Request-Uuid
b866f353-74fb-4ba0-afb3-fc06e8d54240
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
seg
secure.adnxs.com/ Frame 973D
43 B
1 KB
Image
General
Full URL
https://secure.adnxs.com/seg?add=4232218&t=2
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:11 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.134:80
AN-X-Request-Uuid
146d6e8c-a588-471a-82ad-4938460e04c1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
its.tradelab.fr/ Frame 973D
43 B
885 B
Image
General
Full URL
https://its.tradelab.fr/?type=fseg&uuid2=3838662649262320631&sid=4232218&val=undefined&fun=825&step=1&siev=4232212&fp=0&advid=5189423&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F89.0.4389.72%2520Safari%252F537.36&ur=https%253A%252F%252Flp.clevernetwork.pt%252F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A0%2C%22page_url%22%3A%22%22%2C%22dm%22%3A%22%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A0%2C%22frst_vis_ts%22%3A1615424111%2C%22prev_vis_ts%22%3A0%2C%22curr_vis_ts%22%3A1615424111%2C%22total_page_cnt%22%3A0%2C%22prev_page_cnt%22%3A0%2C%22curr_page_cnt%22%3A1%7D%7D
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.192.104 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
tradelab.fr
Software
nginx/1.17.6 / Tradelab ITS / node5.tradelab.fr
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:11 GMT
Server
nginx/1.17.6
X-Powered-By
Tradelab ITS / node5.tradelab.fr
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
4824.js
cdn.tradelab.fr/fseg/ Frame 973D
7 KB
3 KB
Script
General
Full URL
https://cdn.tradelab.fr/fseg/4824.js?add=25237860
Requested by
Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/tag/c292f111f4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (amc/BC5C) /
Resource Hash
e70dd2b13f3165a85a871f1863b5f17c7a68e961e2a2788a0921a630edf01bcc

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:11 GMT
content-encoding
gzip
last-modified
Mon, 25 Jan 2021 13:20:52 GMT
server
ECAcc (amc/BC5C)
age
687
etag
"1bc0-5b9b9683b9159-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length
2596
expires
Thu, 11 Mar 2021 01:25:11 GMT
seg.js
cdn.tradelab.fr/ Frame 973D
3 KB
1 KB
Script
General
Full URL
https://cdn.tradelab.fr/seg.js?add=25695650
Requested by
Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/tag/c292f111f4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (amc/BC5B) /
Resource Hash
4bcdad591e993084f420f4d2e05541355f3ef0a185dbe15b2cd1e8fd614039b7

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:11 GMT
content-encoding
gzip
last-modified
Wed, 06 Sep 2017 13:08:13 GMT
server
ECAcc (amc/BC5B)
age
604
etag
"a7c-558850954180e-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length
1107
expires
Thu, 11 Mar 2021 01:25:11 GMT
/
its.tradelab.fr/ Frame 973D
Redirect Chain
  • https://its.tradelab.fr/?type=tp&advid=5189423&uuid=0&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1615424111%2C%22page_url%22%3A%22lp.clevernetwork.pt%2F%22%2C%22dm%22%3A%22pokers...
  • https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm
  • https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEOP-pQTLZUzUa0mn_7DeOSg&google_cver=1
43 B
578 B
Image
General
Full URL
https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEOP-pQTLZUzUa0mn_7DeOSg&google_cver=1
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.192.104 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
tradelab.fr
Software
nginx/1.17.6 / Tradelab ITS / node5.tradelab.fr
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:11 GMT
Server
nginx/1.17.6
X-Powered-By
Tradelab ITS / node5.tradelab.fr
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*

Redirect headers

pragma
no-cache
date
Thu, 11 Mar 2021 00:55:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEOP-pQTLZUzUa0mn_7DeOSg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
seg
secure.adnxs.com/ Frame 973D
43 B
1 KB
Image
General
Full URL
https://secure.adnxs.com/seg?add=25695650&t=2
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:11 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.48:80
AN-X-Request-Uuid
25e6a5ef-d6fb-488e-ac5e-586468be91c6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
its.tradelab.fr/ Frame 973D
43 B
570 B
Image
General
Full URL
https://its.tradelab.fr/?type=seg&uuid2=3838662649262320631&sid=25695650&val=null&fp=0&advid=5189423&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F89.0.4389.72%2520Safari%252F537.36&ur=https%253A%252F%252Flp.clevernetwork.pt%252F
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.192.104 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
tradelab.fr
Software
nginx/1.17.6 / Tradelab ITS / node1.tradelab.fr
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:11 GMT
Server
nginx/1.17.6
X-Powered-By
Tradelab ITS / node1.tradelab.fr
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
d9core
d9.flashtalking.com/ Frame 7E72
11 KB
4 KB
Script
General
Full URL
https://d9.flashtalking.com/d9core
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=105097354712665&ft_referrer=https%3A//www.pokerstars.eu/&ns=https%3A//lp.clevernetwork.pt/&cb=703418.7285725914
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.136.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-136-43.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
fbd16e3494bc364c05b8e7222c2945a6fd0f9665bf8c36cd801bbf442599bccf

Request headers

Referer
https://servedby.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:10 GMT
Content-Encoding
gzip
Server
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
ETag
c1371f93b03ae0af7d575e3774a51128
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
d9.flashtalking.com
Cache-Control
private, must-revalidate, proxy-revalidate, max-age=172800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript;charset=utf-8
Content-Length
3903
/
servedby.flashtalking.com/spot/1/18308;120607;12865/ Frame 7E72
42 B
354 B
Image
General
Full URL
https://servedby.flashtalking.com/spot/1/18308;120607;12865/?U7=105097354712665&ft_referrer=https%3A//www.pokerstars.eu/&ns=https%3A//lp.clevernetwork.pt/&cb=703418.7285725914&ft_guid=48188FEABBAD17&ft_log=1&ft_trackID=16154241-1118-77A3-401B-85230A599103&ft_guidCreated=1
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=105097354712665&ft_referrer=https%3A//www.pokerstars.eu/&ns=https%3A//lp.clevernetwork.pt/&cb=703418.7285725914
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
prod-xre-app2.lhr11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=105097354712665&ft_referrer=https%3A//www.pokerstars.eu/&ns=https%3A//lp.clevernetwork.pt/&cb=703418.7285725914
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:11 GMT
Server
prod-xre-app2.lhr11
X-HW
1615424111.dop036.lo4.shc,1615424111.dop036.lo4.t,1615424111.cds213.lo4.sc,1615424111.cds213.lo4.p
Content-Type
image/gif
Cache-Control
no-cache,no-store
Connection
Keep-Alive
Content-Length
42
1
tapestry.tapad.com/tapestry/ Frame 7E72
95 B
516 B
Image
General
Full URL
https://tapestry.tapad.com/tapestry/1?ta_partner_id=2035&ta_partner_did=48188FEABBAD17&ta_format=png
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=105097354712665&ft_referrer=https%3A//www.pokerstars.eu/&ns=https%3A//lp.clevernetwork.pt/&cb=703418.7285725914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://servedby.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:11 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/png
alt-svc
clear
content-length
95
1432216.js
cdn.tradelab.fr/conv/ Frame 973D
6 KB
2 KB
Script
General
Full URL
https://cdn.tradelab.fr/conv/1432216.js
Requested by
Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/fseg/4824.js?add=25237860
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (amc/BC67) /
Resource Hash
ada252a5027cb94afd932d75902dc2a4d8d1099db00dbf130187a7a980a5c8e6

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:11 GMT
content-encoding
gzip
last-modified
Wed, 10 Mar 2021 15:52:37 GMT
server
ECAcc (amc/BC67)
age
1323
etag
"194c-5bd30a7ee30ed-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length
2180
expires
Thu, 11 Mar 2021 01:25:11 GMT
dc_pre=CKavwOKDp-8CFULXEQgdcmYIyA;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7177934446110.81
adservice.google.com/ddm/fls/z/ Frame 9D6E
42 B
118 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CKavwOKDp-8CFULXEQgdcmYIyA;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7177934446110.81
Requested by
Host: 8526803.fls.doubleclick.net
URL: https://8526803.fls.doubleclick.net/activityi;dc_pre=CKavwOKDp-8CFULXEQgdcmYIyA;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7177934446110.81?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8526803.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 00:55:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F
8954552.fls.doubleclick.net/ddm/fls/r/ Frame CF60
Redirect Chain
  • https://adservice.google.de/ddm/fls/i/dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F
  • https://8954552.fls.doubleclick.net/ddm/fls/r/dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F
1 KB
614 B
Document
General
Full URL
https://8954552.fls.doubleclick.net/ddm/fls/r/dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
cafe /
Resource Hash
d1d8136d1aad75c695d17abb706c7c90dad18047f6244b3951fdac264ca51387
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8954552.fls.doubleclick.net
:scheme
https
:path
/ddm/fls/r/dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adservice.google.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUltjs4m1z9Iv6TlPiY8CZcbGEaW3auNHfutqKTi-g3JVfc4bBbairT_V149zS0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adservice.google.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 11 Mar 2021 00:55:11 GMT
expires
Thu, 11 Mar 2021 00:55:11 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
549
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 11 Mar 2021 00:55:11 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
location
https://8954552.fls.doubleclick.net/ddm/fls/r/dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
/
its.tradelab.fr/ Frame 973D
43 B
423 B
Image
General
Full URL
https://its.tradelab.fr/?type=convr&x=1&cdata=%7B%22a%22%3A1432216%2C%22l%22%3A%5B14084295%2C14084296%2C14084297%2C14084298%2C14084299%2C14084300%2C14084301%2C14084302%2C14084303%2C14084304%2C14087289%2C14087695%2C14087696%2C14087698%2C14087699%2C14087700%2C14087701%2C14087702%2C14087703%2C14087704%2C14087705%2C14087707%2C14087758%2C14088588%2C14088589%2C14088590%2C14088591%2C14088592%2C14088614%2C14088615%2C14088616%2C14088617%2C14088618%2C14088619%2C14088620%2C14088621%2C14088833%2C14088834%2C14088835%2C14088836%2C14088837%2C14088838%2C14088839%2C14088840%2C14088841%2C14088842%2C14088843%2C14088844%2C14088845%2C14088846%2C14088928%2C14088929%2C14088930%2C14088931%2C14088932%2C14088933%2C14088934%2C14088935%2C14088956%2C14088967%2C14089013%2C14089014%2C14089015%2C14089016%2C14089018%2C14089019%2C14089020%2C14089021%2C14089022%2C14089023%2C14089024%2C14089025%2C14089026%2C14106411%2C14106423%2C14106427%2C14106492%2C14106500%2C14106573%2C14106589%2C14106618%2C14106626%2C14106699%2C14106700%2C14106701%2C14106702%2C14106703%2C14106704%2C14106705%2C14106706%2C14106707%2C14106708%2C14106715%2C14106716%2C14106717%2C14108528%2C14108530%2C14108531%2C14108532%2C14108535%2C14108536%2C14108537%2C14108538%2C14108539%2C14108560%2C14108561%2C14108562%2C14108563%2C14108564%2C14108565%2C14108566%2C14108567%2C14108568%2C14108569%2C14108570%2C14108571%2C14108572%2C14108573%2C14108574%2C14108575%2C14108577%2C14108578%2C14108579%2C14108580%2C14108581%2C14108582%2C14108583%2C14108584%2C14108592%2C14108593%2C14108594%2C14108595%2C14108596%2C14108597%2C14108598%2C14108599%2C14108600%2C14108601%2C14109150%2C14109155%2C14109156%2C14109160%2C14109222%2C14109223%2C14109224%2C14109237%2C14109530%2C14112294%2C14112295%2C14112546%2C14112938%2C14112963%2C14113045%2C14130627%2C14137247%2C14137698%2C14137742%2C14137930%2C14138477%2C14138483%2C14138729%2C14138767%2C14138806%2C14139071%2C14139135%2C14140278%2C14143076%2C14151598%2C14151682%2C14151686%2C14163673%2C14163674%2C14177818%2C14177819%2C14177820%2C14177821%2C14177822%2C14177823%2C14177824%2C14177825%2C14177826%2C14177827%2C14180354%2C14180355%2C14180356%2C14180357%2C14186170%2C14186245%2C14199460%2C14199680%2C14199691%5D%2C%22i%22%3A7%2C%22c%22%3A30%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=5189423&xur=lp.clevernetwork.pt%2F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1615424111%2C%22page_url%22%3A%22lp.clevernetwork.pt%2F%22%2C%22dm%22%3A%22pokerstars.eu%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1615424111%2C%22prev_vis_ts%22%3A1615424111%2C%22curr_vis_ts%22%3A1615424111%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.192.104 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
tradelab.fr
Software
nginx/1.17.6 / Tradelab ITS / node5.tradelab.fr
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:11 GMT
Server
nginx/1.17.6
X-Powered-By
Tradelab ITS / node5.tradelab.fr
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
px
secure.adnxs.com/ Frame 973D
43 B
968 B
Image
General
Full URL
https://secure.adnxs.com/px?id=1432216&t=2
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:11 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.8:80
AN-X-Request-Uuid
989aaff6-bcb4-41a2-9a58-303e6e4b84f6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
seg
secure.adnxs.com/ Frame 973D
43 B
1 KB
Image
General
Full URL
https://secure.adnxs.com/seg?add=25237860&t=2
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:11 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.75:80
AN-X-Request-Uuid
977b019e-8312-43c9-aebe-0a6751cd29a2
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
its.tradelab.fr/ Frame 973D
43 B
893 B
Image
General
Full URL
https://its.tradelab.fr/?type=fseg&uuid2=3838662649262320631&sid=25237860&val=undefined&fun=4824&step=1&siev=25237855&fp=0&advid=5189423&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F89.0.4389.72%2520Safari%252F537.36&ur=https%253A%252F%252Flp.clevernetwork.pt%252F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1615424111%2C%22page_url%22%3A%22lp.clevernetwork.pt%2F%22%2C%22dm%22%3A%22pokerstars.eu%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1615424111%2C%22prev_vis_ts%22%3A1615424111%2C%22curr_vis_ts%22%3A1615424111%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.192.104 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
tradelab.fr
Software
nginx/1.17.6 / Tradelab ITS / node4.tradelab.fr
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:11 GMT
Server
nginx/1.17.6
X-Powered-By
Tradelab ITS / node4.tradelab.fr
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
conversion.js
www.googleadservices.com/pagead/ Frame CF60
39 KB
15 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: 8954552.fls.doubleclick.net
URL: https://8954552.fls.doubleclick.net/ddm/fls/r/dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
bafc3d5b61836609f4006bbe16a977dc98f8ef68895a6c8641565544364d2107
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8954552.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15351
x-xss-protection
0
server
cafe
etag
4610657118567105023
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 11 Mar 2021 00:55:11 GMT
lgc
d9.flashtalking.com/ Frame 7E72
103 B
748 B
XHR
General
Full URL
https://d9.flashtalking.com/lgc
Requested by
Host: d9.flashtalking.com
URL: https://d9.flashtalking.com/d9core
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.136.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-136-43.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
f23689a7dbcbc9f1706726e8f15d19963a09b7e0d775eebc6d6ab0c77a462ef6

Request headers

Referer
https://servedby.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Thu, 11 Mar 2021 00:55:11 GMT
Content-Encoding
gzip
Server
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
https://servedby.flashtalking.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=ISO-8859-1
Content-Length
79
tag
s.thebrighttag.com/ Frame 973D
130 B
718 B
Script
General
Full URL
https://s.thebrighttag.com/tag?site=G58M8eX&H=-35niau0&referrer=https%3A%2F%2Fwww.pokerstars.eu%2F&docReferrer=https%3A%2F%2Flp.clevernetwork.pt%2F&mode=v2&cf=6854607%2C7470537%2C7177087&_cb_bt_data(%27pstrkidmanager%20mediamath%20uid%27)=01206049-6a6e-4f00-bc26-b04394b367c4&_cb_bt_data(%27signal%20id%27)=105097354712665&_cb_bt_data(%27pstrkidmanager%20wid%27)=&_cb_bt_data(%27siteid%27)=EU&_cb_bt_data(%27currentdomain%27)=pokerstars.eu&btpdb.G58M8eX.dGZjLjc0Mzg0OTM=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjUzMTk1MDY=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjc0ODMyNzE=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjM2NjE5ODM=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjYyMjcwNjQ=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjc0OTUyNjI=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjc0ODczNTg=U0VTU0lPTg
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
167df85974100aea7cf289532b803307bcd0ff778fb1c9695e4f76d422069f4e

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:11 GMT
content-encoding
gzip
Server
nginx
ETag
743fa0d731a95d93d1184830b20b8b14
P3P
CP=NOI DSP COR NID
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Type
text/javascript
Content-Length
149
X-BT-RequestId
6ed2c940-8204-11eb-b91c-0000ac1509c1
tag
s.thebrighttag.com/ Frame 973D
0
543 B
Script
General
Full URL
https://s.thebrighttag.com/tag?site=G58M8eX&H=-35niau0&referrer=https%3A%2F%2Fwww.pokerstars.eu%2F&docReferrer=https%3A%2F%2Flp.clevernetwork.pt%2F&mode=v2&cf=7470537%2C7487903%2C7487904&_cb_bt_data(%27pstrkidmanager%20wid%27)=&_cb_bt_data(%27signal%20id%27)=105097354712665&_cb_bt_data(%27pstrkidmanager%20mediamath%20uid%27)=01206049-6a6e-4f00-bc26-b04394b367c4&_cb_bt_data(%27pstrkidmanager%20fbpid%27)=&_cb_bt_data(%27pstrkidmanager%20fbclid%27)=&btpdb.G58M8eX.dGZjLjc0Mzg0OTM=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjUzMTk1MDY=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjc0ODMyNzE=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjM2NjE5ODM=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjYyMjcwNjQ=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjc0OTUyNjI=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjc0ODczNTg=U0VTU0lPTg
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:11 GMT
Server
nginx
ETag
d41d8cd98f00b204e9800998ecf8427e
P3P
CP=NOI DSP COR NID
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Type
text/javascript
Content-Length
0
X-BT-RequestId
6ed2c940-8204-11eb-bf16-0000ac150819
BrightTag.jquery-1.5.1.js
s.btstatic.com/ Frame 973D
82 KB
29 KB
Script
General
Full URL
https://s.btstatic.com/BrightTag.jquery-1.5.1.js
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.17.187.116 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-187-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1d878d54b9a998f52c94a6956310423cba9996302c42f60d9b7fe81da51992c7

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:11 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Mar 2021 16:29:08 GMT
Server
nginx
Vary
Accept-Encoding
P3P
CP=NOI DSP COR NID
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
29695
/
www.googleadservices.com/pagead/conversion/752674712/ Frame CF60
2 KB
2 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/752674712/?random=1615424111565&cv=9&fst=1615424111565&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMqauOKDp-8CFRoE4AodSA0DNQ%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D105097354712665%3Bord%3D4664647398926.674%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.eu%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
c2aceae209aff6daed697ee189f85c9ed203cc591570851c9fed65029c79784e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8954552.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 00:55:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1221
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/702974000/ Frame CF60
2 KB
1 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/702974000/?random=1615424111571&cv=9&fst=1615424111565&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMqauOKDp-8CFRoE4AodSA0DNQ%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D105097354712665%3Bord%3D4664647398926.674%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.eu%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ee1f073e89c63a228e41a4f8d73c36c70fee4e22e5968925c58e51cbd4c48b08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8954552.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 00:55:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1226
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tag
s.thebrighttag.com/ Frame 973D
112 B
796 B
XHR
General
Full URL
https://s.thebrighttag.com/tag
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/BrightTag.jquery-1.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
eb65022d3365665a5c58df649ca016fb880b7de98c7c1c4b12b31f8f5c88efea

Request headers

Accept
*/*
Referer
https://www.pokerstars.eu/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:11 GMT
content-encoding
gzip
Server
nginx
ETag
cff9bb4fe55fe915c849783b817dbf26
P3P
CP=NOI DSP COR NID
Access-Control-Allow-Origin
https://www.pokerstars.eu
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript
Content-Length
131
X-BT-RequestId
6edc8d41-8204-11eb-a216-0000ac1508e9
tag
s.thebrighttag.com/ Frame
0
0
Preflight
General
Full URL
https://s.thebrighttag.com/tag
Protocol
HTTP/1.1
Server
52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-requested-with
Origin
https://www.pokerstars.eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Thu, 11 Mar 2021 00:55:11 GMT
Content-Length
0
Connection
keep-alive
ETag
d41d8cd98f00b204e9800998ecf8427e
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, must-revalidate
X-BT-RequestId
6ed7ab40-8204-11eb-a227-0000ac1509da
Access-Control-Max-Age
86400
Access-Control-Allow-Origin
https://www.pokerstars.eu
Access-Control-Allow-Headers
X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Credentials
true
P3P
CP=NOI DSP COR NID
tag
s.thebrighttag.com/ Frame
0
0
Preflight
General
Full URL
https://s.thebrighttag.com/tag
Protocol
HTTP/1.1
Server
52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-requested-with
Origin
https://www.pokerstars.eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Thu, 11 Mar 2021 00:55:11 GMT
Content-Length
0
Connection
keep-alive
ETag
d41d8cd98f00b204e9800998ecf8427e
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, must-revalidate
X-BT-RequestId
6edc8d40-8204-11eb-8220-0000ac150819
Access-Control-Max-Age
86400
Access-Control-Allow-Origin
https://www.pokerstars.eu
Access-Control-Allow-Headers
X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Credentials
true
P3P
CP=NOI DSP COR NID
tag
s.thebrighttag.com/ Frame 973D
112 B
796 B
XHR
General
Full URL
https://s.thebrighttag.com/tag
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/BrightTag.jquery-1.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
eb65022d3365665a5c58df649ca016fb880b7de98c7c1c4b12b31f8f5c88efea

Request headers

Accept
*/*
Referer
https://www.pokerstars.eu/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:11 GMT
content-encoding
gzip
Server
nginx
ETag
cff9bb4fe55fe915c849783b817dbf26
P3P
CP=NOI DSP COR NID
Access-Control-Allow-Origin
https://www.pokerstars.eu
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript
Content-Length
131
X-BT-RequestId
6ee1e470-8204-11eb-b0aa-0000ac150857
tag
s.thebrighttag.com/ Frame 973D
0
639 B
XHR
General
Full URL
https://s.thebrighttag.com/tag
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/BrightTag.jquery-1.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://www.pokerstars.eu/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:11 GMT
Server
nginx
ETag
d41d8cd98f00b204e9800998ecf8427e
P3P
CP=NOI DSP COR NID
Access-Control-Allow-Origin
https://www.pokerstars.eu
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript
Content-Length
0
X-BT-RequestId
6ee62a30-8204-11eb-8437-0000ac150972
tag
s.thebrighttag.com/ Frame
0
0
Preflight
General
Full URL
https://s.thebrighttag.com/tag
Protocol
HTTP/1.1
Server
52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-requested-with
Origin
https://www.pokerstars.eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Thu, 11 Mar 2021 00:55:11 GMT
Content-Length
0
Connection
keep-alive
ETag
d41d8cd98f00b204e9800998ecf8427e
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, must-revalidate
X-BT-RequestId
6ee14830-8204-11eb-a227-0000ac1509da
Access-Control-Max-Age
86400
Access-Control-Allow-Origin
https://www.pokerstars.eu
Access-Control-Allow-Headers
X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Credentials
true
P3P
CP=NOI DSP COR NID
/
servedby.flashtalking.com/track/120607;12865;403;16154241-1118-77A3-401B-85230A599103/ Frame 7E72
42 B
515 B
Image
General
Full URL
https://servedby.flashtalking.com/track/120607;12865;403;16154241-1118-77A3-401B-85230A599103/?ft_data=d9:c9a0b13f4d43408487a9d0cc460a3e41;d9s:c9a0b13f4d43408487a9d0cc460a3e41&cachebuster=195757.03891598238
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
prod-xre-app12.lhr11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=105097354712665&ft_referrer=https%3A//www.pokerstars.eu/&ns=https%3A//lp.clevernetwork.pt/&cb=703418.7285725914
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:11 GMT
Server
prod-xre-app12.lhr11
X-HW
1615424111.dop036.lo4.shc,1615424111.dop036.lo4.t,1615424111.cds213.lo4.sc,1615424111.cds213.lo4.p
P3P
policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Type
image/gif
Content-Length
42
Expires
Fri, 01 Jan 1990 00:00:00 GMT
1
tapestry.tapad.com/tapestry/ Frame 7E72
95 B
336 B
Image
General
Full URL
https://tapestry.tapad.com/tapestry/1?ta_partner_id=2176&ta_partner_did=c9a0b13f4d43408487a9d0cc460a3e41&ta_format=png
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://servedby.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:11 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/png
alt-svc
clear
content-length
95
/
www.google.de/pagead/1p-conversion/702974000/ Frame CF60
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/702974000/?random=1348709411&cv=9&fst=1615424111565&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_...
  • https://www.google.com/pagead/1p-conversion/702974000/?random=1348709411&cv=9&fst=1615424111565&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw...
  • https://www.google.de/pagead/1p-conversion/702974000/?random=1348709411&cv=9&fst=1615424111565&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=...
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-conversion/702974000/?random=1348709411&cv=9&fst=1615424111565&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMqauOKDp-8CFRoE4AodSA0DNQ%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D105097354712665%3Bord%3D4664647398926.674%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.eu%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=b2pJYIuvJpmxx_APhMSswAo&cid=CAQSKQCNIrLMQKKDlWbvvrYVsKJfH8aFku-JtzC15uxsaMCLoe1BVB-EDbfu&random=476051964&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: 8954552.fls.doubleclick.net
URL: https://8954552.fls.doubleclick.net/ddm/fls/r/dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8954552.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 00:55:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Mar 2021 00:55:11 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/702974000/?random=1348709411&cv=9&fst=1615424111565&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMqauOKDp-8CFRoE4AodSA0DNQ%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D105097354712665%3Bord%3D4664647398926.674%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.eu%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=b2pJYIuvJpmxx_APhMSswAo&cid=CAQSKQCNIrLMQKKDlWbvvrYVsKJfH8aFku-JtzC15uxsaMCLoe1BVB-EDbfu&random=476051964&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/752674712/ Frame CF60
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/752674712/?random=168098372&cv=9&fst=1615424111565&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w...
  • https://www.google.com/pagead/1p-conversion/752674712/?random=168098372&cv=9&fst=1615424111565&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=...
  • https://www.google.de/pagead/1p-conversion/752674712/?random=168098372&cv=9&fst=1615424111565&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1...
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-conversion/752674712/?random=168098372&cv=9&fst=1615424111565&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMqauOKDp-8CFRoE4AodSA0DNQ%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D105097354712665%3Bord%3D4664647398926.674%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.eu%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=b2pJYIOxJvuBx_AP3MyCwAE&cid=CAQSKQCNIrLMmxyP6sKWBdenaJMj2dUNFDllmtxZM6IpgUMSb9oCkW9faH7I&random=2936703643&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: 8954552.fls.doubleclick.net
URL: https://8954552.fls.doubleclick.net/ddm/fls/r/dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8954552.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 00:55:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Mar 2021 00:55:11 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/752674712/?random=168098372&cv=9&fst=1615424111565&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMqauOKDp-8CFRoE4AodSA0DNQ%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D105097354712665%3Bord%3D4664647398926.674%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.eu%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=b2pJYIOxJvuBx_AP3MyCwAE&cid=CAQSKQCNIrLMmxyP6sKWBdenaJMj2dUNFDllmtxZM6IpgUMSb9oCkW9faH7I&random=2936703643&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame 973D
44 B
147 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1152875091428286&ev=Microdata&dl=https%3A%2F%2Fwww.pokerstars.eu%2F&rl=https%3A%2F%2Flp.clevernetwork.pt%2F&if=true&ts=1615424112712&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Online%20Poker%20%E2%80%93%20Play%20Poker%20Games%20at%20PokerStars%22%2C%22meta%3Adescription%22%3A%22Join%20PokerStars%20today%20-%20the%20world%27s%20best%20online%20poker%20room%20and%20the%20biggest%20tournaments%20anywhere%20online.%20Great%20offers%20for%20new%20players%2C%20don%27t%20miss%20out!%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&ud[external_id]=ccf5e4ade05e252c6cfcf82a3b3864e7a26cb6b8ea2f6905c0e1dccc8519614d&v=2.9.33&r=stable&ec=1&o=30&it=1615424111154&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:12 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 11 Mar 2021 00:55:12 GMT
summary.json.js
www.psimg.com/datafeed/dyn_banners/ Frame 973D
526 B
837 B
Script
General
Full URL
https://www.psimg.com/datafeed/dyn_banners/summary.json.js?callback=netcount
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.87.180.198 , Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
Apache /
Resource Hash
10c91b608c04301346f7b7af371bb3d832659df935884796dc30647c46d713a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:15 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Mar 2021 00:54:49 GMT
Server
Apache
ETag
"20e-5bd383b061571-gzip"
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=235
Content-Length
277
825.js
cdn.tradelab.fr/fseg/ Frame 973D
8 KB
3 KB
Script
General
Full URL
https://cdn.tradelab.fr/fseg/825.js?add=4232220
Requested by
Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/tag/c292f111f4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (amc/BC8E) /
Resource Hash
a77b03ac59bedd835e6261c2e0243a81824107314f736763c991f74f6c9528c4

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:16 GMT
content-encoding
gzip
last-modified
Thu, 26 Mar 2020 14:24:44 GMT
server
ECAcc (amc/BC8E)
age
104
etag
"20b1-5a1c2bf055fd2-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length
2723
expires
Thu, 11 Mar 2021 01:25:16 GMT
645002.js
cdn.tradelab.fr/conv/ Frame 973D
17 KB
7 KB
Script
General
Full URL
https://cdn.tradelab.fr/conv/645002.js
Requested by
Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/fseg/825.js?add=4232220
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (amc/BC71) /
Resource Hash
45b71a7a36718d83840240c4b86fc9dd385f797bea63b3ee3b625e25163e8458

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:16 GMT
content-encoding
gzip
last-modified
Wed, 24 Feb 2021 16:09:24 GMT
server
ECAcc (amc/BC71)
age
730
etag
"459e-5bc1742308e32-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length
6609
expires
Thu, 11 Mar 2021 01:25:16 GMT
/
its.tradelab.fr/ Frame 973D
43 B
423 B
Image
General
Full URL
https://its.tradelab.fr/?type=convr&x=1&cdata=%7B%22a%22%3A645002%2C%22l%22%3A%5B2911043%2C3374860%2C3374870%2C3374871%2C3375631%2C3375634%2C3375636%2C3375869%2C3485777%2C3610728%2C4139570%2C4139577%2C5229563%2C5512754%2C5523904%2C5527627%2C5577407%2C5577415%2C5683612%2C5707327%2C5707518%2C5729834%2C5751995%2C5752074%2C5772094%2C5772112%2C5772126%2C5772157%2C5772186%2C5772205%2C5772383%2C5772421%2C5807843%2C5812186%2C5894602%2C5907913%2C5933676%2C5969498%2C5969642%2C5969671%2C5969675%2C5971810%2C5971880%2C5992671%2C5992999%2C5993021%2C6000363%2C6001937%2C6002209%2C6002253%2C6002382%2C6002507%2C6140505%2C6154762%2C6154871%2C6159236%2C6159578%2C6162984%2C6162989%2C6163852%2C6164009%2C6164071%2C6164072%2C6164436%2C6164437%2C6193482%2C6195004%2C6195041%2C6195042%2C6195043%2C6195531%2C6195532%2C6195533%2C6195609%2C6214062%2C6214063%2C6214064%2C6214094%2C6214097%2C6214101%2C6214202%2C6214204%2C6214208%2C6221015%2C6221229%2C6222282%2C6226174%2C6226212%2C6226218%2C6226221%2C6226226%2C6226446%2C6226454%2C6226458%2C6226476%2C6226484%2C6226643%2C6226796%2C6226877%2C6226880%2C6227027%2C6227558%2C6234208%2C6234214%2C6234248%2C6234255%2C6234287%2C6234366%2C6234427%2C6234545%2C6235523%2C6235651%2C6237797%2C6237800%2C6237832%2C6237857%2C6291044%2C6291049%2C6291104%2C6291106%2C6291111%2C6291118%2C6291124%2C6291138%2C6291946%2C6291953%2C6291969%2C6311673%2C6318389%2C6330471%2C6330749%2C6331140%2C6331216%2C6331277%2C6331301%2C6357110%2C6357745%2C6357758%2C6357771%2C6364697%2C6364707%2C6386022%2C6386029%2C6422150%2C6422153%2C6455878%2C6455884%2C6471290%2C6471292%2C6479718%2C6479764%2C6526614%2C6563367%2C6563414%2C6590178%2C6776590%2C6778340%2C6779076%2C6779365%2C6806511%2C6807202%2C6816216%2C6816242%2C6816247%2C6816326%2C6816335%2C6816341%2C6842289%2C6842296%2C6842320%2C6842381%2C6842396%2C6842507%2C6851735%2C6860538%2C6875822%2C6876078%2C6878676%2C6886610%2C6889819%2C6889820%2C6889829%2C6895218%2C6895221%2C6895281%2C6895289%2C6902404%2C6902406%2C6906372%2C6914830%2C6914832%2C6914833%2C6917298%2C6917319%2C6917321%2C6917325%2C6917329%2C6917415%2C7018738%2C7037742%2C7037747%2C7037879%2C7043219%2C7043221%2C7043222%2C7043223%2C7043356%2C7043359%2C7043387%2C7050757%2C7050810%2C7054802%2C7054821%2C7054845%2C7055172%2C7055180%2C7055199%2C7055243%2C7055269%2C7055280%2C7055313%2C7055360%2C7055754%2C7057671%2C7057780%2C7059421%2C7073089%2C7081770%2C7081774%2C7081869%2C7081871%2C7082029%2C7082088%2C7082091%2C7082175%2C7082177%2C7089154%2C7089369%2C7089726%2C7089791%2C7089907%2C7090617%2C7090621%2C7090626%2C7090631%2C7098648%2C7098649%2C7098654%2C7098664%2C7098673%2C7125571%2C7209540%2C7209542%2C7209543%2C7209544%2C7209546%2C7209548%2C7209549%2C7209550%2C7209995%2C7209997%2C7209999%2C7210001%2C7210195%2C7210198%2C7210208%2C7215834%2C7226638%2C7226689%2C7226691%2C7226766%2C7226777%2C7226784%2C7226796%2C7226942%2C7227046%2C7227047%2C7228256%2C7228261%2C7228262%2C7228265%2C7228268%2C7228270%2C7228272%2C7228273%2C7228277%2C7228284%2C7228285%2C7228289%2C7228298%2C7228299%2C7228300%2C7228302%2C7228320%2C7228331%2C7291167%2C7292156%2C7307100%2C7307264%2C7359086%2C7361643%2C7365559%2C7462205%2C7481343%2C7525396%2C7525559%2C7525623%2C7525690%2C7525745%2C7525847%2C7526713%2C7536183%2C7536493%2C7537492%2C7537579%2C7538501%2C7538532%2C7538638%2C7538719%2C7538977%2C7539323%2C7539357%2C7539424%2C7539466%2C7539475%2C7539506%2C7542691%2C7542814%2C7542908%2C7542924%2C7544348%2C7544399%2C7544474%2C7544514%2C7544544%2C7549646%2C7549719%2C7549749%2C7550152%2C7550161%2C7550213%2C7572162%2C7716684%2C7717144%2C7717791%2C7717812%2C7717827%2C7717839%2C7717845%2C7717929%2C7717945%2C7791362%2C7791430%2C7791447%2C7831211%2C7831225%2C7831261%2C7831271%2C7831809%2C7831811%2C7831815%2C7831831%2C7945977%2C7954109%2C8016142%2C8016159%2C8016171%2C8016175%2C8016181%2C8016206%2C8016306%2C8016315%2C8016332%2C8016350%2C8016357%2C8016364%2C8018483%2C8018490%2C8018538%2C8018546%2C8018559%2C8018567%2C8019394%2C8019396%2C8025229%2C8025244%2C8025246%2C8025250%2C8032818%2C8032824%2C8032827%2C8035172%2C8035174%2C8035175%2C8035176%2C8035180%2C8035184%2C8035188%2C8035190%2C8049459%2C8049473%2C8049493%2C8049509%2C8081387%2C8081422%2C8081425%2C8083336%2C8097798%2C8097803%2C8097831%2C8097833%2C8110565%2C8110587%2C8110595%2C8110599%2C8124939%2C8124944%2C8124953%2C8124960%2C8178320%2C8178327%2C8178331%2C8178333%2C8211948%2C8359406%2C8359412%2C8359420%2C8359431%2C8359441%2C8359637%2C8365506%2C8392744%2C8505019%2C8643514%2C8643560%2C8643589%2C8643686%2C8643748%2C8643808%2C8643881%2C8643903%2C8643943%2C8643973%2C8644038%2C8648496%2C8648497%2C8648502%2C8761737%2C8771359%2C8813308%2C8813343%2C8813346%2C8813349%2C8896437%2C8896445%2C8896457%2C8897484%2C8897495%2C8897500%2C8897529%2C8897530%2C8897532%2C8897533%2C8897534%2C8897535%2C8897869%2C8903049%2C8903064%2C8903076%2C8903099%2C8903103%2C8903105%2C8903122%2C8903123%2C8903125%2C8903128%2C8903132%2C8903531%2C8903539%2C8903563%2C8903568%2C8903594%2C8903599%2C8904004%2C8904014%2C8904020%2C8904031%2C8904037%2C8904056%2C8904059%2C8904063%2C9104939%2C9130903%2C9131544%2C9139541%2C9203023%2C9203067%2C9203116%2C9278395%2C9351038%2C9387947%2C9397722%2C9409325%2C9514351%2C9514357%2C9612423%2C9612517%2C9612648%2C9629921%2C9696006%2C9696064%2C9696100%2C9703331%2C9703486%2C9703627%2C9719551%2C9720613%2C9721538%2C9721695%2C9721702%2C9721705%2C9721709%2C9721710%2C9755110%2C9755385%2C9854757%2C9906851%2C9910363%2C9990666%2C9990685%2C9990686%2C10095057%2C10095363%2C10095797%2C10096001%2C10193236%2C10193384%2C10193807%2C10310290%2C10476464%2C10476611%2C10477525%2C10502301%2C10503758%2C10503885%2C10522118%2C10535412%2C10588065%2C10588071%2C10588162%2C10635997%2C10651842%2C10685105%2C10686491%2C10686495%2C10697806%2C10697843%2C10769787%2C10919956%2C10953320%2C10997851%2C10997980%2C10998089%2C10998386%2C10998397%2C10998435%2C10998569%2C10998579%2C11057024%2C11152558%2C11154187%2C11194193%2C11245943%2C11332680%2C11346958%2C11350004%2C11350005%2C11387804%2C11395097%2C11395212%2C11396897%2C11396924%2C11396962%2C11397033%2C11397135%2C11397140%2C11397143%2C11397144%2C11397147%2C11397214%2C11397215%2C11397216%2C11397217%2C11397218%2C11397960%2C11400745%2C11401196%2C11401197%2C11401392%2C11401427%2C11401493%2C11401640%2C11401724%2C11401976%2C11402069%2C11402079%2C11402096%2C11403979%2C11404377%2C11404384%2C11408351%2C11414595%2C11415196%2C11415197%2C11416031%2C11416034%2C11416120%2C11416161%2C11416324%2C11416553%2C11416714%2C11416754%2C11416984%2C11417111%2C11417621%2C11417683%2C11417716%2C11417751%2C11418099%2C11418103%2C11421607%2C11421608%2C11421620%2C11428320%2C11428379%2C11428382%2C11455715%2C11460659%2C11460890%2C11460892%2C11460901%2C11461357%2C11461368%2C11461404%2C11461722%2C11468652%2C11468653%2C11468655%2C11468676%2C11468681%2C11468684%2C11475669%2C11475694%2C11476530%2C11481965%2C11487671%2C11488866%2C11490520%2C11490827%2C11490868%2C11496300%2C11496628%2C11496649%2C11497244%2C11497486%2C11497968%2C11515690%2C11517479%2C11517532%2C11543793%2C11543906%2C11549890%2C11550201%2C11550202%2C11550203%2C11577232%2C11584353%2C11584887%2C11585480%2C11589019%2C11589113%2C11589120%2C11597342%2C11597367%2C11597472%2C11609630%2C11610899%2C11611100%2C11611338%2C11614059%2C11615411%2C11615420%2C11615446%2C11615498%2C11615501%2C11615504%2C11621887%2C11623768%2C11629337%2C11629339%2C11629401%2C11629580%2C11635203%2C11635277%2C11639299%2C11644447%2C11645614%2C11645616%2C11645617%2C11645658%2C11645659%2C11645660%2C11646244%2C11646540%2C11646635%2C11646660%2C11646737%2C11646758%2C11646798%2C11646818%2C11646842%2C11662987%2C11666805%2C11666880%2C11666886%2C11666910%2C11666918%2C11666976%2C11666994%2C11676263%2C11676270%2C11676293%2C11676312%2C11676368%2C11676415%2C11676451%2C11676455%2C11683311%2C11684178%2C11689123%2C11697904%2C11708513%2C11723817%2C11723818%2C11723861%2C11734201%2C11735165%2C11735305%2C11762514%2C11762691%2C11783343%2C11784015%2C11784931%2C11784993%2C11785011%2C11798208%2C11800129%2C11815343%2C11815391%2C11830759%2C11830841%2C11830975%2C11831346%2C11831372%2C11831539%2C11831549%2C11844423%2C11844425%2C11850207%2C11850209%2C11868176%2C11877510%2C11878882%2C11903230%2C11923402%2C11923553%2C11923569%2C11923571%2C11923657%2C11923673%2C11923736%2C11923737%2C11923739%2C11933607%2C11950397%2C11959998%2C11960028%2C11965353%2C11965440%2C11966901%2C11969715%2C11969801%2C11969866%2C11998069%2C11998156%2C12018471%2C12018822%2C12019250%2C12040619%2C12040854%2C12051550%2C12085845%2C12085852%2C12085930%2C12086375%2C12086624%2C12086628%2C12089273%2C12089504%2C12097231%2C12097501%2C12097542%2C12112378%2C12123555%2C12147846%2C12148109%2C12148144%2C12149117%2C12152120%2C12153186%2C12167992%2C12192400%2C12259785%2C12260127%2C12265565%2C12281316%2C12295255%2C12313833%2C12313922%2C12339057%2C12341877%2C12352272%2C12352686%2C12354121%2C12354122%2C12360312%2C12360381%2C12360409%2C12360462%2C12361864%2C12363145%2C12386789%2C12398074%2C12398113%2C12398378%2C12398381%2C12398504%2C12398509%2C12420753%2C12422577%2C12422611%2C12431515%2C12431517%2C12431978%2C12431992%2C12439905%2C12439907%2C12439909%2C12439912%2C12441386%2C12441481%2C12441510%2C12441534%2C12449202%2C12475965%2C12476042%2C12478711%2C12485943%2C12486269%2C12491060%2C12491062%2C12491069%2C12496885%2C12496889%2C12496896%2C12496903%2C12509636%2C12509663%2C12509666%2C12511664%2C12511728%2C12512481%2C12512497%2C12514254%2C12514258%2C12514259%2C12523410%2C12524165%2C12524190%2C12531093%2C12531215%2C12532951%2C12537147%2C12540453%2C12540458%2C12540504%2C12540622%2C12540637%2C12540684%2C12540821%2C12540930%2C12540932%2C12540934%2C12540935%2C12540941%2C12540942%2C12540944%2C12541090%2C12541116%2C12547910%2C12548079%2C12563220%2C12563442%2C12569091%2C12569109%2C12569915%2C12569976%2C12577340%2C12582312%2C12582536%2C12602522%2C12602557%2C12605925%2C12605958%2C12606093%2C12606151%2C12606168%2C12606214%2C12606227%2C12615985%2C12619760%2C12619773%2C12619803%2C12619812%2C12640901%2C12641206%2C12641243%2C12641682%2C12641809%2C12664238%2C12664319%2C12664996%2C12665004%2C12665396%2C12665413%2C12665421%2C12665439%2C12665455%2C12665461%2C12665475%2C12665487%2C12665495%2C12665500%2C12665503%2C12665525%2C12665546%2C12665547%2C12665597%2C12665601%2C12665607%2C12673380%2C12673381%2C12673382%2C12673464%2C12673465%2C12673466%2C12678055%2C12678172%2C12678221%2C12678226%2C12678237%2C12678299%2C12678359%2C12678463%2C12678488%2C12679930%2C12679980%2C12680219%2C12680220%2C12680222%2C12680286%2C12680287%2C12680288%2C12680289%2C12680415%2C12680416%2C12680421%2C12680422%2C12680547%2C12680555%2C12680601%2C12680602%2C12680650%2C12680663%2C12680669%2C12680670%2C12680738%2C12680769%2C12680771%2C12684229%2C12711824%2C12711834%2C12711888%2C12711901%2C12711998%2C12712007%2C12756221%2C12756544%2C12759543%2C12772370%2C12789220%2C12819638%2C12819641%2C12819731%2C12819732%2C12821228%2C12821232%2C12832058%2C12832408%2C12832429%2C12833471%2C12833555%2C12833582%2C12850910%2C12850918%2C12850920%2C12851887%2C12855587%2C12855588%2C12855593%2C12856316%2C12856317%2C12856352%2C12856353%2C12865755%2C12866030%2C12866078%2C12866196%2C12881237%2C12881625%2C12882278%2C12882663%2C12882964%2C12883397%2C12885363%2C12885422%2C12885453%2C12885505%2C12885592%2C12885613%2C12885663%2C12885862%2C12885905%2C12885918%2C12885923%2C12885927%2C12885985%2C12885990%2C12886005%2C12886680%2C12907847%2C12909272%2C12909273%2C12912682%2C12921648%2C12921769%2C12921826%2C12921855%2C12922024%2C12922087%2C12923143%2C12923684%2C12923704%2C12923773%2C12923936%2C12923939%2C12923998%2C12924001%2C12924874%2C12924902%2C12924912%2C12924956%2C12924975%2C12924990%2C12925005%2C12925090%2C12925181%2C12925195%2C12925241%2C12925261%2C12925400%2C12925442%2C12925508%2C12925517%2C12925633%2C12925873%2C12926843%2C12926883%2C12926944%2C12926953%2C12926973%2C12926981%2C12927175%2C12927332%2C12927414%2C12927418%2C12927744%2C12927838%2C12927922%2C12928066%2C12928095%2C12928107%2C12928149%2C12928164%2C12928182%2C12929571%2C12929597%2C12929716%2C12929815%2C12929978%2C12929989%2C12930024%2C12930043%2C12930100%2C12930131%2C12930164%2C12934254%2C12934305%2C12934411%2C12934440%2C12934450%2C12934452%2C12934495%2C12934513%2C12934588%2C12934594%2C12934611%2C12934639%2C12934673%2C12934687%2C12934696%2C12934700%2C12934710%2C12934763%2C12934815%2C12934845%2C12935224%2C12935234%2C12935279%2C12935281%2C12935317%2C12935345%2C12935397%2C12935507%2C12935534%2C12935633%2C12935860%2C12935899%2C12935934%2C12935954%2C12935966%2C12936000%2C12936069%2C12936101%2C12936983%2C12937233%2C12937283%2C12937313%2C12937393%2C12937404%2C12937424%2C12937904%2C12937962%2C12938523%2C12938579%2C12938617%2C12938638%2C12938691%2C12939517%2C12940043%2C12940181%2C12940372%2C12940871%2C12947134%2C12947167%2C12947207%2C12947216%2C12948248%2C12948375%2C12948428%2C12948498%2C12948741%2C12948794%2C12950687%2C12953811%2C12953815%2C12953843%2C12954030%2C12969597%2C12969640%2C12971115%2C12971765%2C12971885%2C12983798%2C12983859%2C12986083%2C12986160%2C12986291%2C12986844%2C12987733%2C12996965%2C12997777%2C12997845%2C12997849%2C13008703%2C13008708%2C13009209%2C13011063%2C13011066%2C13012364%2C13020630%2C13021375%2C13022053%2C13022072%2C13037641%2C13037645%2C13037884%2C13046784%2C13056244%2C13059704%2C13059733%2C13059741%2C13115728%2C13135619%2C13136828%2C13158557%2C13158567%2C13158580%2C13158584%2C13173610%2C13175848%2C13175893%2C13175937%2C13175972%2C13176001%2C13176069%2C13176161%2C13176365%2C13176390%2C13176420%2C13176558%2C13180060%2C13228461%2C13228467%2C13228472%2C13229742%2C13229964%2C13230150%2C13230158%2C13379501%2C13379527%2C13404253%2C13404255%2C13404256%2C13426762%2C13426768%2C13442957%2C13444808%2C13445193%2C13499528%2C13499558%2C13499559%2C13509560%2C13519091%2C13521499%2C13562887%2C13576597%2C13581270%2C13585037%2C13585042%2C13586704%2C13586711%2C13586718%2C13586720%2C13590402%2C13590478%2C13590485%2C13590826%2C13590912%2C13591338%2C13591340%2C13591456%2C13593057%2C13593413%2C13593470%2C13593489%2C13593491%2C13593492%2C13593952%2C13593953%2C13593955%2C13604577%2C13604579%2C13611921%2C13611926%2C13611928%2C13611930%2C13611932%2C13611935%2C13611950%2C13611955%2C13611957%2C13611959%2C13611960%2C13611961%2C13611962%2C13611980%2C13611981%2C13611990%2C13612010%2C13612013%2C13612026%2C13612030%2C13612056%2C13612507%2C13612510%2C13612514%2C13612515%2C13615293%2C13615363%2C13624271%2C13624335%2C13624366%2C13627530%2C13637445%2C13639429%2C13639559%2C13639822%2C13639829%2C13651559%2C13651660%2C13651676%2C13651682%2C13651716%2C13651764%2C13651797%2C13651823%2C13651854%2C13651874%2C13651905%2C13652073%2C13652074%2C13652082%2C13652086%2C13652091%2C13652092%2C13652097%2C13652098%2C13652406%2C13652414%2C13652431%2C13652432%2C13652441%2C13652458%2C13652463%2C13652502%2C13652504%2C13652553%2C13652554%2C13652652%2C13652667%2C13652685%2C13652686%2C13652691%2C13652693%2C13652706%2C13652707%2C13652888%2C13655571%2C13655675%2C13655677%2C13655748%2C13655759%2C13655772%2C13655774%2C13655815%2C13655816%2C13655928%2C13655929%2C13656062%2C13656068%2C13656075%2C13656076%2C13656137%2C13656139%2C13656166%2C13656167%2C13656224%2C13656403%2C13656413%2C13656414%2C13656703%2C13656715%2C13656731%2C13657593%2C13657599%2C13657611%2C13657612%2C13657646%2C13657863%2C13657864%2C13657881%2C13657883%2C13657887%2C13657908%2C13657921%2C13660900%2C13660902%2C13660918%2C13660927%2C13660928%2C13661137%2C13661139%2C13661201%2C13661204%2C13661205%2C13661212%2C13661213%2C13661995%2C13662002%2C13662009%2C13662012%2C13662013%2C13662086%2C13662102%2C13662113%2C13662132%2C13662133%2C13662145%2C13662146%2C13662230%2C13662241%2C13662276%2C13662293%2C13662295%2C13663428%2C13663432%2C13663437%2C13663450%2C13703524%2C13703900%2C13703963%2C13704004%2C13728187%2C13728188%2C13728189%2C13729253%2C13746660%2C13754902%2C13755175%2C13755177%2C13755793%2C13756319%2C13759454%2C13759508%2C13759747%2C13788357%2C13789606%2C13790210%2C13790356%2C13790443%2C13790445%2C13790446%2C13827326%2C13827616%2C13828942%2C13828948%2C13854071%2C13889445%2C13889455%2C13889486%2C13889961%2C13889975%2C13889994%2C13890227%2C13890239%2C13890240%2C13890241%2C13897024%2C13906529%2C13906564%2C13906592%2C13917417%2C13918132%2C13918133%2C13919181%2C13919183%2C13931368%2C13944643%2C13951734%2C13951831%2C13955623%2C13955624%2C13970253%2C13970255%2C14012185%2C14012197%2C14020547%2C14045762%2C14045763%2C14045764%2C14077128%2C14077134%5D%2C%22i%22%3A7%2C%22c%22%3A7%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=5189423&xur=lp.clevernetwork.pt%2F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1615424111%2C%22page_url%22%3A%22lp.clevernetwork.pt%2F%22%2C%22dm%22%3A%22pokerstars.eu%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1615424111%2C%22prev_vis_ts%22%3A1615424111%2C%22curr_vis_ts%22%3A1615424111%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.192.104 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
tradelab.fr
Software
nginx/1.17.6 / Tradelab ITS / node3.tradelab.fr
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:16 GMT
Server
nginx/1.17.6
X-Powered-By
Tradelab ITS / node3.tradelab.fr
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
px
secure.adnxs.com/ Frame 973D
43 B
970 B
Image
General
Full URL
https://secure.adnxs.com/px?id=645002&t=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:16 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.155:80
AN-X-Request-Uuid
1b609f14-b53f-4aff-8a78-a096ab304d98
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
seg
secure.adnxs.com/ Frame 973D
43 B
1 KB
Image
General
Full URL
https://secure.adnxs.com/seg?add=4232220&t=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:16 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.71:80
AN-X-Request-Uuid
89f02892-f2b2-4937-9417-0d546deb3e25
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
its.tradelab.fr/ Frame 973D
43 B
929 B
Image
General
Full URL
https://its.tradelab.fr/?type=fseg&uuid2=3838662649262320631&sid=4232220&val=undefined&fun=825&step=2&siev=4232213&fp=0&advid=5189423&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F89.0.4389.72%2520Safari%252F537.36&ur=https%253A%252F%252Flp.clevernetwork.pt%252F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1615424111%2C%22page_url%22%3A%22lp.clevernetwork.pt%2F%22%2C%22dm%22%3A%22pokerstars.eu%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1615424111%2C%22prev_vis_ts%22%3A1615424111%2C%22curr_vis_ts%22%3A1615424111%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.192.104 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
tradelab.fr
Software
nginx/1.17.6 / Tradelab ITS / node4.tradelab.fr
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:16 GMT
Server
nginx/1.17.6
X-Powered-By
Tradelab ITS / node4.tradelab.fr
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
4824.js
cdn.tradelab.fr/fseg/ Frame 973D
7 KB
3 KB
Script
General
Full URL
https://cdn.tradelab.fr/fseg/4824.js?add=25237863
Requested by
Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/tag/c292f111f4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (amc/BC5C) /
Resource Hash
e70dd2b13f3165a85a871f1863b5f17c7a68e961e2a2788a0921a630edf01bcc

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:16 GMT
content-encoding
gzip
last-modified
Mon, 25 Jan 2021 13:20:52 GMT
server
ECAcc (amc/BC5C)
age
692
etag
"1bc0-5b9b9683b9159-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length
2596
expires
Thu, 11 Mar 2021 01:25:16 GMT
1432217.js
cdn.tradelab.fr/conv/ Frame 973D
6 KB
2 KB
Script
General
Full URL
https://cdn.tradelab.fr/conv/1432217.js
Requested by
Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/fseg/4824.js?add=25237863
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (amc/BC28) /
Resource Hash
7a19c4f0ba3cacf7fbc25df5012b6c54006d235e882d26441beea3a3e587ebab

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:16 GMT
content-encoding
gzip
last-modified
Wed, 10 Mar 2021 15:52:37 GMT
server
ECAcc (amc/BC28)
age
873
etag
"1811-5bd30a7fab419-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length
2096
expires
Thu, 11 Mar 2021 01:25:16 GMT
/
its.tradelab.fr/ Frame 973D
43 B
423 B
Image
General
Full URL
https://its.tradelab.fr/?type=convr&x=1&cdata=%7B%22a%22%3A1432217%2C%22l%22%3A%5B14084295%2C14084296%2C14084297%2C14084298%2C14084299%2C14084300%2C14084301%2C14084302%2C14084303%2C14084304%2C14087289%2C14087695%2C14087696%2C14087698%2C14087699%2C14087700%2C14087701%2C14087702%2C14087703%2C14087704%2C14087705%2C14087707%2C14087758%2C14088588%2C14088589%2C14088590%2C14088591%2C14088592%2C14088614%2C14088615%2C14088616%2C14088617%2C14088618%2C14088619%2C14088620%2C14088621%2C14088833%2C14088834%2C14088835%2C14088836%2C14088837%2C14088838%2C14088839%2C14088840%2C14088841%2C14088842%2C14088843%2C14088844%2C14088845%2C14088846%2C14088928%2C14088929%2C14088930%2C14088931%2C14088932%2C14088933%2C14088934%2C14088935%2C14088956%2C14088967%2C14089013%2C14089014%2C14089015%2C14089016%2C14089018%2C14089019%2C14089020%2C14089021%2C14089022%2C14089023%2C14089024%2C14089025%2C14089026%2C14106411%2C14106423%2C14106427%2C14106492%2C14106500%2C14106573%2C14106589%2C14106618%2C14106626%2C14106699%2C14106700%2C14106701%2C14106702%2C14106703%2C14106704%2C14106705%2C14106706%2C14106707%2C14106708%2C14106715%2C14106716%2C14106717%2C14108528%2C14108530%2C14108531%2C14108532%2C14108535%2C14108536%2C14108537%2C14108538%2C14108539%2C14108581%2C14109150%2C14109155%2C14109156%2C14109160%2C14109222%2C14109223%2C14109224%2C14109237%2C14112294%2C14112295%2C14112546%2C14112938%2C14112963%2C14130627%2C14137247%2C14137698%2C14137742%2C14137930%2C14138477%2C14138483%2C14138729%2C14138767%2C14138806%2C14139071%2C14139135%2C14140278%2C14143076%2C14151598%2C14151682%2C14151686%2C14163673%2C14163674%2C14177818%2C14177819%2C14177820%2C14177821%2C14177822%2C14177823%2C14177824%2C14177825%2C14177826%2C14177827%2C14180354%2C14180355%2C14180356%2C14180357%2C14186170%2C14186245%2C14199460%2C14199680%2C14199691%5D%2C%22i%22%3A7%2C%22c%22%3A30%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=5189423&xur=lp.clevernetwork.pt%2F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1615424111%2C%22page_url%22%3A%22lp.clevernetwork.pt%2F%22%2C%22dm%22%3A%22pokerstars.eu%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1615424111%2C%22prev_vis_ts%22%3A1615424111%2C%22curr_vis_ts%22%3A1615424111%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.192.104 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
tradelab.fr
Software
nginx/1.17.6 / Tradelab ITS / node5.tradelab.fr
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:16 GMT
Server
nginx/1.17.6
X-Powered-By
Tradelab ITS / node5.tradelab.fr
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
px
secure.adnxs.com/ Frame 973D
43 B
970 B
Image
General
Full URL
https://secure.adnxs.com/px?id=1432217&t=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:16 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.139:80
AN-X-Request-Uuid
92bd3a26-7ebc-4e99-bf6a-6e313fd0dc74
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
seg
secure.adnxs.com/ Frame 973D
43 B
1 KB
Image
General
Full URL
https://secure.adnxs.com/seg?add=25237863&t=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:16 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.76:80
AN-X-Request-Uuid
9f631c00-6de3-4fdf-8994-3cdbf25951ad
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
its.tradelab.fr/ Frame 973D
43 B
925 B
Image
General
Full URL
https://its.tradelab.fr/?type=fseg&uuid2=3838662649262320631&sid=25237863&val=undefined&fun=4824&step=2&siev=25237856&fp=0&advid=5189423&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F89.0.4389.72%2520Safari%252F537.36&ur=https%253A%252F%252Flp.clevernetwork.pt%252F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1615424111%2C%22page_url%22%3A%22lp.clevernetwork.pt%2F%22%2C%22dm%22%3A%22pokerstars.eu%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1615424111%2C%22prev_vis_ts%22%3A1615424111%2C%22curr_vis_ts%22%3A1615424111%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.192.104 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
tradelab.fr
Software
nginx/1.17.6 / Tradelab ITS / node4.tradelab.fr
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 00:55:16 GMT
Server
nginx/1.17.6
X-Powered-By
Tradelab ITS / node4.tradelab.fr
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Primary Request Cookie set consorcio-de-imoveis
www.portoseguro.com.br/
190 KB
30 KB
Document
General
Full URL
https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Apache /
Resource Hash
3260a95ba05201238878633b2342c2bf0aff806a0b09445265d46aef12e3d04c
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
X-Xss-Protection 1; mode=block

Request headers

Host
www.portoseguro.com.br
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://bityli.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://bityli.com/

Response headers

Date
Thu, 11 Mar 2021 00:55:21 GMT
Server
Apache
Content-Security-Policy
frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Set-Cookie
ADRUM_BTa=R:19|g:02bdcc1c-11ff-4318-98b6-0384c7accad5; expires=Thu, 11-Mar-2021 00:55:52 GMT; path=/ ADRUM_BTa=R:19|g:02bdcc1c-11ff-4318-98b6-0384c7accad5|n:customer1_8523277e-e17d-4e16-b78b-e0e2da12f0ee; expires=Thu, 11-Mar-2021 00:55:52 GMT; path=/ JSESSIONID=lHQex-pDZydaMz19nGUa2siUxri8baDxeeCqwewCUBQ6_HCxzZCk!1906660820; path=/; secure; HttpOnly ADRUM_BT1=R:19|i:27247; expires=Thu, 11-Mar-2021 00:55:52 GMT; path=/ ADRUM_BT1=R:19|i:27247|e:1241; expires=Thu, 11-Mar-2021 00:55:52 GMT; path=/ ADRUM_BT1=R:19|i:27247|e:1241|d:980; expires=Thu, 11-Mar-2021 00:55:52 GMT; path=/ novoportal=!BFKAunWYYDuTxmfpYgKpZp2+8/6hEZo2EjMCLOZV+Nb+s+YxLma6BwNFStxQwM2FknlOgfHufSLoSgs=; path=/; Httponly; Secure
Content-Language
en-US
Vary
Accept-Encoding,Origin
Content-Encoding
gzip
Accept-Ranges
none
X-UA-Compatible
IE=Edge,chrome=1
X-XSS-Protection
1; mode=block
Access-Control-Allow-Origin
Keep-Alive
timeout=60, max=896
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
summary.json.js
www.psimg.com/datafeed/dyn_banners/ Frame 973D
526 B
840 B
Script
General
Full URL
https://www.psimg.com/datafeed/dyn_banners/summary.json.js?callback=netcount
Requested by
Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.87.180.198 , Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:20 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Mar 2021 00:55:19 GMT
Server
Apache
ETag
W/"20e-5bd383cd11bec-gzip"
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=214
Content-Length
278
img
pixel.mathtag.com/misc/ Frame 973D
43 B
489 B
Image
General
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-207.deploy.static.akamaitechnologies.com
Software
MT3 3611 f10363c master cdg-pixel-x28 /
Resource Hash

Request headers

Referer
https://www.pokerstars.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:21 GMT
Server
MT3 3611 f10363c master cdg-pixel-x28
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 11 Mar 2021 00:56:05 GMT
adrum-porto.js
www.portoseguro.com.br/NovoInstitucional/static_files/AppDynamics/
2 KB
2 KB
Script
General
Full URL
https://www.portoseguro.com.br/NovoInstitucional/static_files/AppDynamics/adrum-porto.js
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Apache /
Resource Hash
3aa7cc1550dee03b3a04bc4ce6c5f4969f3945e40d9b84969adc099922f22dbe
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;

Request headers

Referer
https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:23 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Apr 2018 18:38:16 GMT
Server
Apache
Vary
Accept-Encoding,Origin
Content-Type
application/javascript
Access-Control-Allow-Origin
Content-Security-Policy
frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection
Keep-Alive
Accept-Ranges
none
Keep-Alive
timeout=60, max=864
Content-Length
806
vgn-ext-templating-delivery.css
www.portoseguro.com.br/sites/styles/
3 KB
2 KB
Stylesheet
General
Full URL
https://www.portoseguro.com.br/sites/styles/vgn-ext-templating-delivery.css
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Apache /
Resource Hash
5d6ad50706b8eefbe1739e9f1a4ad3a5780933bccf8d2488c30e353820e46a5c
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Jan 2018 18:56:10 GMT
Server
Apache
Vary
Accept-Encoding,Origin
Content-Type
text/css
Access-Control-Allow-Origin
Transfer-Encoding
chunked
Content-Security-Policy
frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection
Keep-Alive
Accept-Ranges
none
Keep-Alive
timeout=60, max=897
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge,chrome=1
ajax.jsp
www.portoseguro.com.br/sites/scripts/async/
993 B
2 KB
Script
General
Full URL
https://www.portoseguro.com.br/sites/scripts/async/ajax.jsp
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Apache /
Resource Hash
529e70795dc427b8f853861d2ae1bcd14b72af7af1aa6f23a9603d5b0d96ceb5
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:23 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding,Origin
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
Transfer-Encoding
chunked
Content-Security-Policy
frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection
Keep-Alive
Accept-Ranges
none
Keep-Alive
timeout=60, max=896
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge,chrome=1
ps-lib.full-min.css
www.portoseguro.com.br/NovoInstitucional/static_files/visual/v.1/css/
369 KB
133 KB
Stylesheet
General
Full URL
https://www.portoseguro.com.br/NovoInstitucional/static_files/visual/v.1/css/ps-lib.full-min.css
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Apache /
Resource Hash
adf676b2c552070f266f9924cdadcf94c71e37a494031fdfe155296481108100
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;

Request headers

Referer
https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:23 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Jul 2020 13:35:18 GMT
Server
Apache
Vary
Accept-Encoding,Origin
Content-Type
text/css
Access-Control-Allow-Origin
Transfer-Encoding
chunked
Content-Security-Policy
frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection
Keep-Alive
Accept-Ranges
none
Keep-Alive
timeout=60, max=841
temp.css
www.portoseguro.com.br/NovoInstitucional/static_files/styles/
3 KB
2 KB
Stylesheet
General
Full URL
https://www.portoseguro.com.br/NovoInstitucional/static_files/styles/temp.css
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Apache /
Resource Hash
1b98cccd8bc0de6824320ceb8ddf4075f733b45285ad7c4226a7bd86d842f759
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;

Request headers

Referer
https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 Nov 2020 05:32:55 GMT
Server
Apache
Vary
Accept-Encoding,Origin
Upgrade
h2,h2c
Access-Control-Allow-Origin
Content-Security-Policy
frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection
Upgrade, Keep-Alive
Accept-Ranges
none
Content-Type
text/css
Keep-Alive
timeout=60, max=900
Content-Length
1083
portal.css
www.portoseguro.com.br/NovoInstitucional/static_files/styles/
144 KB
24 KB
Stylesheet
General
Full URL
https://www.portoseguro.com.br/NovoInstitucional/static_files/styles/portal.css
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Apache /
Resource Hash
a7d2d708b65024cf75a44c5fd691ad3f9013017f6385265a28f8f2af2c337a18
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;

Request headers

Referer
https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:23 GMT
Content-Encoding
gzip
Last-Modified
Sun, 21 Feb 2021 20:01:22 GMT
Server
Apache
Vary
Accept-Encoding,Origin
Content-Type
text/css
Access-Control-Allow-Origin
Content-Security-Policy
frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection
Keep-Alive
Accept-Ranges
none
Keep-Alive
timeout=60, max=887
Content-Length
23293
inovation.css
www.portoseguro.com.br/NovoInstitucional/static_files/styles/
58 KB
11 KB
Stylesheet
General
Full URL
https://www.portoseguro.com.br/NovoInstitucional/static_files/styles/inovation.css
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Apache /
Resource Hash
7a6aa567b485360458b3724d168dba80e92e77f1e94df3119360064e4f570fe6
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;

Request headers

Referer
https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:23 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Mar 2021 17:17:42 GMT
Server
Apache
Vary
Accept-Encoding,Origin
Content-Type
text/css
Access-Control-Allow-Origin
Content-Security-Policy
frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection
Keep-Alive
Accept-Ranges
none
Keep-Alive
timeout=60, max=864
Content-Length
10641
onetrust.js
www.portoseguro.com.br/static-files/js/
430 B
1 KB
Script
General
Full URL
https://www.portoseguro.com.br/static-files/js/onetrust.js
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Apache /
Resource Hash
04fdc9b2e28dccaccc6ab266fed68a6a6eaa6f8e725e917a6dd92fe21c9fb29e
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;

Request headers

Referer
https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 21 Jul 2020 21:57:35 GMT
Server
Apache
Vary
Accept-Encoding,Origin
Content-Type
application/javascript
Access-Control-Allow-Origin
Content-Security-Policy
frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection
Keep-Alive
Accept-Ranges
none
Keep-Alive
timeout=60, max=899
Content-Length
292
porto-seguro-logo-minimal.svg
www.portoseguro.com.br/static-files/Institucional/Icones/NovoHeader/
1 KB
2 KB
Image
General
Full URL
https://www.portoseguro.com.br/static-files/Institucional/Icones/NovoHeader/porto-seguro-logo-minimal.svg
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Apache /
Resource Hash
92d2375f223c8596bae2d4170d41e7df14e6c7f0fc0aa25b77026a876b69c560
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;

Request headers

Referer
https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:24 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Apr 2020 19:33:29 GMT
Server
Apache
Vary
Accept-Encoding,Origin
Content-Type
image/svg+xml
Access-Control-Allow-Origin
Content-Security-Policy
frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection
Keep-Alive
Accept-Ranges
none
Keep-Alive
timeout=60, max=893
Content-Length
759
person-login.svg
www.portoseguro.com.br/static-files/Institucional/Icones/NovoHeader/
2 KB
2 KB
Image
General
Full URL
https://www.portoseguro.com.br/static-files/Institucional/Icones/NovoHeader/person-login.svg
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Apache /
Resource Hash
a0145e19189d170d55eb4c9f4d13b9160b0dcadbd9d3448d65193131f103953f
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;

Request headers

Referer
https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:24 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Apr 2020 19:33:26 GMT
Server
Apache
Vary
Accept-Encoding,Origin
Content-Type
image/svg+xml
Access-Control-Allow-Origin
Content-Security-Policy
frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection
Keep-Alive
Accept-Ranges
none
Keep-Alive
timeout=60, max=840
Content-Length
906
Header_Site_Consorcio_1920x505px_Imovel-PortoSeguro.jpg
www.portoseguro.com.br/NovoInstitucional/static_files/images/capas/
252 KB
0
Image
General
Full URL
https://www.portoseguro.com.br/NovoInstitucional/static_files/images/capas/Header_Site_Consorcio_1920x505px_Imovel-PortoSeguro.jpg
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;

Request headers

Referer
https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:24 GMT
Content-Encoding
gzip
Last-Modified
Tue, 01 Sep 2020 14:39:11 GMT
Server
Apache
Vary
Accept-Encoding,Origin
Content-Type
image/jpeg
Access-Control-Allow-Origin
Transfer-Encoding
chunked
Content-Security-Policy
frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection
Keep-Alive
Accept-Ranges
none
Keep-Alive
timeout=60, max=885
consorcio-reforma-casa-de-praia.jpg
www.portoseguro.com.br/NovoInstitucional/static_files/images/thumbnail/
8 KB
9 KB
Image
General
Full URL
https://www.portoseguro.com.br/NovoInstitucional/static_files/images/thumbnail/consorcio-reforma-casa-de-praia.jpg
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Apache /
Resource Hash
f3efd97a67b8cc191db6f90437b1a27a0985467f17685ce583221ed142e32ccb
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;

Request headers

Referer
https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Mar 2018 18:05:39 GMT
Server
Apache
Vary
Accept-Encoding,Origin
Content-Type
image/jpeg
Access-Control-Allow-Origin
Content-Security-Policy
frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection
Keep-Alive
Accept-Ranges
none
Keep-Alive
timeout=60, max=896
Content-Length
8108
consorcio-terreno.jpg
www.portoseguro.com.br/NovoInstitucional/static_files/images/thumbnail/
8 KB
9 KB
Image
General
Full URL
https://www.portoseguro.com.br/NovoInstitucional/static_files/images/thumbnail/consorcio-terreno.jpg
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Apache /
Resource Hash
b2824d3ceb3f4777d268002bd420e8be66e76455611d4f09c50e861d69147948
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;

Request headers

Referer
https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Mar 2018 18:05:40 GMT
Server
Apache
Vary
Accept-Encoding,Origin
Content-Type
image/jpeg
Access-Control-Allow-Origin
Content-Security-Policy
frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection
Keep-Alive
Accept-Ranges
none
Keep-Alive
timeout=60, max=894
Content-Length
8493
consorcio-apartamento.jpg
www.portoseguro.com.br/NovoInstitucional/static_files/images/thumbnail/
6 KB
7 KB
Image
General
Full URL
https://www.portoseguro.com.br/NovoInstitucional/static_files/images/thumbnail/consorcio-apartamento.jpg
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Apache /
Resource Hash
1f6a1cf2e91acc38ed64e08c989fc1fbba96c56faec61940f4c98f9e1de8fd83
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;

Request headers

Referer
https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Mar 2018 18:05:39 GMT
Server
Apache
Vary
Accept-Encoding,Origin
Content-Type
image/jpeg
Access-Control-Allow-Origin
Content-Security-Policy
frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection
Keep-Alive
Accept-Ranges
none
Keep-Alive
timeout=60, max=897
Content-Length
6470
consorcio-casa.jpg
www.portoseguro.com.br/NovoInstitucional/static_files/images/thumbnail/
11 KB
12 KB
Image
General
Full URL
https://www.portoseguro.com.br/NovoInstitucional/static_files/images/thumbnail/consorcio-casa.jpg
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Apache /
Resource Hash
62312d0b5f3bbf0f854286160e729c089c19367ba58531ec6b4826463811345c
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;

Request headers

Referer
https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Mar 2018 18:05:39 GMT
Server
Apache
Vary
Accept-Encoding,Origin
Content-Type
image/jpeg
Access-Control-Allow-Origin
Content-Security-Policy
frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection
Keep-Alive
Accept-Ranges
none
Keep-Alive
timeout=60, max=861
Content-Length
11017
porto-seguro-consorcio-como-funciona-604x230.jpg
www.portoseguro.com.br/NovoInstitucional/static_files/images/videos/
10 KB
11 KB
Image
General
Full URL
https://www.portoseguro.com.br/NovoInstitucional/static_files/images/videos/porto-seguro-consorcio-como-funciona-604x230.jpg
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Apache /
Resource Hash
efc22b04e25b2cacbfee0c782c0a187f819d125077ed3aaceee18925fbf26cd8
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;

Request headers

Referer
https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Mar 2018 14:57:39 GMT
Server
Apache
Vary
Accept-Encoding,Origin
Content-Type
image/jpeg
Access-Control-Allow-Origin
Content-Security-Policy
frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection
Keep-Alive
Accept-Ranges
none
Keep-Alive
timeout=60, max=839
Content-Length
10097
porto-seguro-consorcio-investimento-286x230.jpg
www.portoseguro.com.br/NovoInstitucional/static_files/images/videos/
9 KB
9 KB
Image
General
Full URL
https://www.portoseguro.com.br/NovoInstitucional/static_files/images/videos/porto-seguro-consorcio-investimento-286x230.jpg
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Apache /
Resource Hash
f7af6828311223e42e7a0b42821e8008337ac3b8f5d8a77fd21aca267a1d76b5
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;

Request headers

Referer
https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Mar 2018 14:57:41 GMT
Server
Apache
Vary
Accept-Encoding,Origin
Content-Type
image/jpeg
Access-Control-Allow-Origin
Content-Security-Policy
frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection
Keep-Alive
Accept-Ranges
none
Keep-Alive
timeout=60, max=892
Content-Length
8748
porto-seguro-consorcio-beneficio-286x230.jpg
www.portoseguro.com.br/NovoInstitucional/static_files/images/videos/
5 KB
6 KB
Image
General
Full URL
https://www.portoseguro.com.br/NovoInstitucional/static_files/images/videos/porto-seguro-consorcio-beneficio-286x230.jpg
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Apache /
Resource Hash
6d48934602242193b6f52f8c71206f80f2249749cf7a1e500b6b14dd4a5169a3
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;

Request headers

Referer
https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Mar 2018 14:57:40 GMT
Server
Apache
Vary
Accept-Encoding,Origin
Content-Type
image/jpeg
Access-Control-Allow-Origin
Content-Security-Policy
frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection
Keep-Alive
Accept-Ranges
none
Keep-Alive
timeout=60, max=893
Content-Length
4755
porto-seguro-consorcio-mitos-e-verdades-286x230.jpg
www.portoseguro.com.br/NovoInstitucional/static_files/images/videos/
4 KB
4 KB
Image
General
Full URL
https://www.portoseguro.com.br/NovoInstitucional/static_files/images/videos/porto-seguro-consorcio-mitos-e-verdades-286x230.jpg
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Apache /
Resource Hash
898b995d997e877b51b2531304b2e8c79de68f2e8edcbfdd4eecceea17ca528c
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;

Request headers

Referer
https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Mar 2018 14:57:42 GMT
Server
Apache
Vary
Accept-Encoding,Origin
Content-Type
image/jpeg
Access-Control-Allow-Origin
Content-Security-Policy
frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection
Keep-Alive
Accept-Ranges
none
Keep-Alive
timeout=60, max=862
Content-Length
3370
porto-seguro-consorcio-lance-ou-sorteio-286x230.jpg
www.portoseguro.com.br/NovoInstitucional/static_files/images/videos/
7 KB
7 KB
Image
General
Full URL
https://www.portoseguro.com.br/NovoInstitucional/static_files/images/videos/porto-seguro-consorcio-lance-ou-sorteio-286x230.jpg
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Apache /
Resource Hash
9db28ce81bb2d059a0e4f2aa53bc2934821a007f17887039cd0d7033a4edee89
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;

Request headers

Referer
https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:25 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Mar 2018 14:57:41 GMT
Server
Apache
Vary
Accept-Encoding,Origin
Content-Type
image/jpeg
Access-Control-Allow-Origin
Content-Security-Policy
frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection
Keep-Alive
Accept-Ranges
none
Keep-Alive
timeout=60, max=838
Content-Length
6552
porto-seguro-consorcio-meu-consorcio-286x230.jpg
www.portoseguro.com.br/NovoInstitucional/static_files/images/videos/
4 KB
4 KB
Image
General
Full URL
https://www.portoseguro.com.br/NovoInstitucional/static_files/images/videos/porto-seguro-consorcio-meu-consorcio-286x230.jpg
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Apache /
Resource Hash
324afb0ae0633fc10bc7498d83be88f44cf0746a6eef18c8dbc33acf0d390de8
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;

Request headers

Referer
https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:25 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Mar 2018 14:57:40 GMT
Server
Apache
Vary
Accept-Encoding,Origin
Content-Type
image/jpeg
Access-Control-Allow-Origin
Content-Security-Policy
frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection
Keep-Alive
Accept-Ranges
none
Keep-Alive
timeout=60, max=892
Content-Length
3656
porto-seguro-consorcio-fuicontemplado-286x230.jpg
www.portoseguro.com.br/NovoInstitucional/static_files/images/videos/
5 KB
6 KB
Image
General
Full URL
https://www.portoseguro.com.br/NovoInstitucional/static_files/images/videos/porto-seguro-consorcio-fuicontemplado-286x230.jpg
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Apache /
Resource Hash
6b4d18e360e543bb5e995b47c1e0650579e2bc2bc6343e98e8269fca994391b8
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;

Request headers

Referer
https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:25 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Mar 2018 14:57:41 GMT
Server
Apache
Vary
Accept-Encoding,Origin
Content-Type
image/jpeg
Access-Control-Allow-Origin
Content-Security-Policy
frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection
Keep-Alive
Accept-Ranges
none
Keep-Alive
timeout=60, max=860
Content-Length
5238
porto-seguro-consorcio-credito-imovel-286x230.jpg
www.portoseguro.com.br/NovoInstitucional/static_files/images/videos/
7 KB
7 KB
Image
General
Full URL
https://www.portoseguro.com.br/NovoInstitucional/static_files/images/videos/porto-seguro-consorcio-credito-imovel-286x230.jpg
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Apache /
Resource Hash
aedaf3d4df6444d8d74e44d1b8f012c14c0e6487af7145ce5a9ac42eb5a50751
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;

Request headers

Referer
https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:25 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Mar 2018 18:05:02 GMT
Server
Apache
Vary
Accept-Encoding,Origin
Content-Type
image/jpeg
Access-Control-Allow-Origin
Content-Security-Policy
frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection
Keep-Alive
Accept-Ranges
none
Keep-Alive
timeout=60, max=891
Content-Length
6704
bootstrap.js
www.portoseguro.com.br/NovoInstitucional/static_files/scripts/
24 KB
5 KB
Script
General
Full URL
https://www.portoseguro.com.br/NovoInstitucional/static_files/scripts/bootstrap.js
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Apache /
Resource Hash
5ab91df0a724b5126111ca02c6fa8e83dd6bd75296f37626ad39c0e3bb737c71
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;

Request headers

Referer
https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Mar 2021 20:21:51 GMT
Server
Apache
Vary
Accept-Encoding,Origin
Content-Type
application/javascript
Access-Control-Allow-Origin
Content-Security-Policy
frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection
Keep-Alive
Accept-Ranges
none
Keep-Alive
timeout=60, max=862
Content-Length
4493
adrum.js
www.portoseguro.com.br/NovoInstitucional/static_files/AppDynamics/
44 KB
15 KB
Script
General
Full URL
https://www.portoseguro.com.br/NovoInstitucional/static_files/AppDynamics/adrum.js
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/NovoInstitucional/static_files/AppDynamics/adrum-porto.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Apache /
Resource Hash
1ed86d2809048c0b343c0f73a8e4c8fb5b9e80f65679eb062e7e3366d41309cf
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;

Request headers

Referer
https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:23 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Apr 2018 18:38:28 GMT
Server
Apache
Vary
Accept-Encoding,Origin
Content-Type
application/javascript
Access-Control-Allow-Origin
Content-Security-Policy
frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection
Keep-Alive
Accept-Ranges
none
Keep-Alive
timeout=60, max=863
Content-Length
14608
hotjar-114520.js
static.hotjar.com/c/
6 KB
2 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-114520.js?sv=6
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.96.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
80847e537d71457418d62c3c7934ccb971155309ae71b333db4fd86584d76710
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.portoseguro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:24 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
PRG50-C1
etag
W/ae6b48c6939631652d63ca7d7ad0c6ed
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-cache-hit
1
content-length
1865
via
1.1 3da92f19744e3229b09a019ec66be172.cloudfront.net (CloudFront)
x-amz-cf-id
x5QVMW2jvcfxpuHVP0VpzzQKvtiGoaPnPk2JoCog1aai6Q33GVGsxw==
analytics.js
www.google-analytics.com/
46 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.portoseguro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
3169
date
Thu, 11 Mar 2021 00:02:35 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Thu, 11 Mar 2021 02:02:35 GMT
bg.png
s3-sa-east-1.amazonaws.com/frame-image-br/
0
516 B
Image
General
Full URL
https://s3-sa-east-1.amazonaws.com/frame-image-br/bg.png?x-id=PSGO&x-r=https://bityli.com/
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.165.10 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-sa-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.portoseguro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:26 GMT
Last-Modified
Thu, 04 May 2017 08:21:21 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:502/gname:staff/uname:user/gid:20/mode:33188/mtime:1493416832/atime:1493796970/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1493416832
x-amz-request-id
309AEF1D0FC97C3B
ETag
"d41d8cd98f00b204e9800998ecf8427e"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
0
x-amz-id-2
OA6NPzhjw4jlQNJ3MJB7IeVjDpdAH4s6NNgh8O7ObxgUWtmo7KGzK2I8U8rAWVQp/HdJfSVubsA=
vquery.min.js
www.portoseguro.com.br/sites/scripts/vquery/
84 KB
30 KB
Script
General
Full URL
https://www.portoseguro.com.br/sites/scripts/vquery/vquery.min.js
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/sites/scripts/async/ajax.jsp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Apache /
Resource Hash
e49e6b6fee72091bf2131600d498a180560f12fd3f8d480da4992ab10f3fbae5
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Jan 2018 18:56:10 GMT
Server
Apache
Vary
Accept-Encoding,Origin
Content-Type
text/javascript
Access-Control-Allow-Origin
Transfer-Encoding
chunked
Content-Security-Policy
frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection
Keep-Alive
Accept-Ranges
none
Keep-Alive
timeout=60, max=894
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge,chrome=1
ajaxlib.js
www.portoseguro.com.br/sites/scripts/async/
406 B
1 KB
Script
General
Full URL
https://www.portoseguro.com.br/sites/scripts/async/ajaxlib.js
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/sites/scripts/async/ajax.jsp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Apache /
Resource Hash
960fa5f6ec47c992645b99ca5e3a7becb3bb23e6352499b018e532fea148baaa
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Jan 2018 18:56:06 GMT
Server
Apache
Vary
Accept-Encoding,Origin
Content-Type
text/javascript
Access-Control-Allow-Origin
Transfer-Encoding
chunked
Content-Security-Policy
frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection
Keep-Alive
Accept-Ranges
none
Keep-Alive
timeout=60, max=895
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge,chrome=1
wem-ajax-min.js
www.portoseguro.com.br/sites/scripts/async/
2 KB
2 KB
Script
General
Full URL
https://www.portoseguro.com.br/sites/scripts/async/wem-ajax-min.js
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/sites/scripts/async/ajax.jsp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Apache /
Resource Hash
a079b424dc8e9ab3d958b2fb25332ea047536dbab5364823389094453333bc5f
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Jan 2018 19:00:00 GMT
Server
Apache
Vary
Accept-Encoding,Origin
Content-Type
text/javascript
Access-Control-Allow-Origin
Transfer-Encoding
chunked
Content-Security-Policy
frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection
Keep-Alive
Accept-Ranges
none
Keep-Alive
timeout=60, max=898
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge,chrome=1
wem-messaging-min.js
www.portoseguro.com.br/sites/scripts/messaging/
6 KB
3 KB
Script
General
Full URL
https://www.portoseguro.com.br/sites/scripts/messaging/wem-messaging-min.js
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/sites/scripts/async/ajax.jsp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Apache /
Resource Hash
8258e8f9962e8072a6110a7f875f919bb968d61ce995e148ba319f2e0eb8b38e
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Jan 2018 19:00:00 GMT
Server
Apache
Vary
Accept-Encoding,Origin
Content-Type
text/javascript
Access-Control-Allow-Origin
Transfer-Encoding
chunked
Content-Security-Policy
frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection
Keep-Alive
Accept-Ranges
none
Keep-Alive
timeout=60, max=843
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge,chrome=1
vcm32266.js
www.portoseguro.com.br/sites/scripts/
125 B
1 KB
Script
General
Full URL
https://www.portoseguro.com.br/sites/scripts/vcm32266.js
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/sites/scripts/async/ajax.jsp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Apache /
Resource Hash
2ca0afe5bd8de2b0493bdafe899994cd59cecc1e6c81e2ccebd00e1691622485
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Jan 2018 18:56:08 GMT
Server
Apache
Vary
Accept-Encoding,Origin
Content-Type
text/javascript
Access-Control-Allow-Origin
Transfer-Encoding
chunked
Content-Security-Policy
frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection
Keep-Alive
Accept-Ranges
none
Keep-Alive
timeout=60, max=886
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge,chrome=1
Cookie set check-logged-in
cliente.portoseguro.com.br/portal/site/portaldecliente/ Frame 1978
0
0
Document
General
Full URL
https://cliente.portoseguro.com.br/portal/site/portaldecliente/check-logged-in
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.211.179.211 , Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15553000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Host
cliente.portoseguro.com.br
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.portoseguro.com.br/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
portal=pdc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.portoseguro.com.br/

Response headers

Date
Thu, 11 Mar 2021 00:55:26 GMT
Server
Apache
Strict-Transport-Security
max-age=15553000; includeSubDomains; preload
X-XSS-Protection
1; mode=block
Cache-Control
no-cache
OT-force-Account-Verify
true
Set-Cookie
ADRUM_BTa=R:31|g:c7385c44-fe81-4859-8af6-48281f145562; expires=Thu, 11-Mar-2021 00:55:56 GMT; path=/ ADRUM_BTa=R:31|g:c7385c44-fe81-4859-8af6-48281f145562|n:customer1_8523277e-e17d-4e16-b78b-e0e2da12f0ee; expires=Thu, 11-Mar-2021 00:55:56 GMT; path=/ JSESSIONID=zn0ex_xYInP-uzhzE5M7_blL_OPmhMenNGVHwet1LxuWKWRmWXCH!-1098722287!-1082683355; path=/; secure; HttpOnly ADRUM_BT1=R:31|i:17377; expires=Thu, 11-Mar-2021 00:55:56 GMT; path=/ ADRUM_BT1=R:31|i:17377|e:0; expires=Thu, 11-Mar-2021 00:55:56 GMT; path=/ ADRUM_BT1=R:31|i:17377|e:0|d:10; expires=Thu, 11-Mar-2021 00:55:56 GMT; path=/ portaldocliente=!6WzxNoJSa/TlWTQtPa/RZwo0ZvMSsKHBNNT8YW/PIKzcgT8kfL4NM4R+AU7D0VSLUVxUaiD7rvUZBQ==; path=/; Httponly; Secure
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=5, max=100
Connection
close
Content-Type
text/html; charset=UTF-8
mem5YaGs126MiZpBA-UNirkOUuhs.ttf
fonts.gstatic.com/s/opensans/v17/
27 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhs.ttf
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/NovoInstitucional/static_files/visual/v.1/css/ps-lib.full-min.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23fea0a987694a487d5e053345c610b6c2b0cee5943e6c54dffa8c4d3b8c2a27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.portoseguro.com.br
Referer
https://www.portoseguro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 12:03:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
478290
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18834
x-xss-protection
0
last-modified
Tue, 23 Jul 2019 19:31:10 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Mar 2022 12:03:54 GMT
mem8YaGs126MiZpBA-UFVZ0e.ttf
fonts.gstatic.com/s/opensans/v17/
26 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0e.ttf
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/NovoInstitucional/static_files/visual/v.1/css/ps-lib.full-min.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5669ca033ab68625c0cae6bcf1abb2722c02ea43a0d65323b2f7b023c7afa35e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.portoseguro.com.br
Referer
https://www.portoseguro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 06:52:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
151390
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18276
x-xss-protection
0
last-modified
Tue, 23 Jul 2019 19:30:44 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Mar 2022 06:52:14 GMT
mem5YaGs126MiZpBA-UN_r8OUuhs.ttf
fonts.gstatic.com/s/opensans/v17/
28 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhs.ttf
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/NovoInstitucional/static_files/visual/v.1/css/ps-lib.full-min.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbf567ab82eeff26676787e317e68b11d7546b2ac57543c34e6d3639faedd2f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.portoseguro.com.br
Referer
https://www.portoseguro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 18:18:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
196643
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18834
x-xss-protection
0
last-modified
Tue, 23 Jul 2019 19:30:45 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 08 Mar 2022 18:18:01 GMT
truncated
/
111 KB
111 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d5293af5929f4bf7d3b5b958854c714a151f715308e05ba96b4fa2e38608ab26

Request headers

Origin
https://www.portoseguro.com.br
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/x-font-ttf;charset=utf-8
kLYStLxCc6Y
www.youtube.com/embed/ Frame 5F15
50 KB
21 KB
Document
General
Full URL
https://www.youtube.com/embed/kLYStLxCc6Y?rel=0&showinfo=0
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f930b92434e71139102f53dca14116f360d7685bf344deb13a1f1a746a051154
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/kLYStLxCc6Y?rel=0&showinfo=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.portoseguro.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.portoseguro.com.br/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 11 Mar 2021 00:55:24 GMT
strict-transport-security
max-age=31536000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=ZqReOQrOFGM; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=xgI9PGEqkTw; Domain=.youtube.com; Expires=Tue, 07-Sep-2021 00:55:24 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+876; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
A9xQ5hQ4gr4
www.youtube.com/embed/ Frame 4009
50 KB
21 KB
Document
General
Full URL
https://www.youtube.com/embed/A9xQ5hQ4gr4?rel=0&showinfo=0
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b8360d5b4e174d1cd0ebbc287d2ed75e7d996c838b19aafb8ad2fcd19b28d75b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/A9xQ5hQ4gr4?rel=0&showinfo=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.portoseguro.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.portoseguro.com.br/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 11 Mar 2021 00:55:24 GMT
strict-transport-security
max-age=31536000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=2W8dJw612AY; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=oQj123f8Nv4; Domain=.youtube.com; Expires=Tue, 07-Sep-2021 00:55:24 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+177; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
4TNPi3q_tPs
www.youtube.com/embed/ Frame D4E4
50 KB
21 KB
Document
General
Full URL
https://www.youtube.com/embed/4TNPi3q_tPs?rel=0&showinfo=0
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eca2c979f9bdfd06ec0ddc133a25559832fabf4bd4981f31f37f56b262b8561c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/4TNPi3q_tPs?rel=0&showinfo=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.portoseguro.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.portoseguro.com.br/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 11 Mar 2021 00:55:24 GMT
strict-transport-security
max-age=31536000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=sXOV_NgLy6o; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=puUV0yiZXT0; Domain=.youtube.com; Expires=Tue, 07-Sep-2021 00:55:24 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+883; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
lP_1qjb9Gxo
www.youtube.com/embed/ Frame 98EB
50 KB
21 KB
Document
General
Full URL
https://www.youtube.com/embed/lP_1qjb9Gxo?rel=0&showinfo=0
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0ea92ffcda54933c1ee1058f427ba36fa05551ae83d298a7a2e144f2098200e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/lP_1qjb9Gxo?rel=0&showinfo=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.portoseguro.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.portoseguro.com.br/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 11 Mar 2021 00:55:24 GMT
strict-transport-security
max-age=31536000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=K6wUBhgrCL0; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=4wDRKivXgu8; Domain=.youtube.com; Expires=Tue, 07-Sep-2021 00:55:24 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+034; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
_N6Jdu-wLO4
www.youtube.com/embed/ Frame 403C
50 KB
21 KB
Document
General
Full URL
https://www.youtube.com/embed/_N6Jdu-wLO4?rel=0&showinfo=0
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5c9e639e1861bb61335b926277ece5e10a9691f5ef996458c602d46f445c34d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/_N6Jdu-wLO4?rel=0&showinfo=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.portoseguro.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.portoseguro.com.br/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 11 Mar 2021 00:55:24 GMT
strict-transport-security
max-age=31536000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=_7sxXn99Ca8; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=zrQxpi-H7J4; Domain=.youtube.com; Expires=Tue, 07-Sep-2021 00:55:24 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+493; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
8to6cULY1as
www.youtube.com/embed/ Frame 130F
50 KB
21 KB
Document
General
Full URL
https://www.youtube.com/embed/8to6cULY1as?rel=0&showinfo=0
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
544034188f1aae6c19a4b049230ddda418c341d1561f5084fc2145ac1abcdfb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/8to6cULY1as?rel=0&showinfo=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.portoseguro.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.portoseguro.com.br/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 11 Mar 2021 00:55:24 GMT
strict-transport-security
max-age=31536000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=0kRXKZzoPHc; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=r4GuX4p0Ns0; Domain=.youtube.com; Expires=Tue, 07-Sep-2021 00:55:24 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+095; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
RuPBLGEP3eU
www.youtube.com/embed/ Frame E78F
50 KB
21 KB
Document
General
Full URL
https://www.youtube.com/embed/RuPBLGEP3eU?rel=0&showinfo=0
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
542667f2f586ff549d2d100049d6497ded1fc240df94f292830c2af35d787381
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/RuPBLGEP3eU?rel=0&showinfo=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.portoseguro.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.portoseguro.com.br/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 11 Mar 2021 00:55:24 GMT
strict-transport-security
max-age=31536000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=VcFZyAbJUoY; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=yeMhFKrgAb0; Domain=.youtube.com; Expires=Tue, 07-Sep-2021 00:55:24 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+636; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
NJ2yRGIktsc
www.youtube.com/embed/ Frame 1ADB
50 KB
21 KB
Document
General
Full URL
https://www.youtube.com/embed/NJ2yRGIktsc?rel=0&showinfo=0
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4089c54aaba3ab55c62fa8ae702011559c4493eda3f7de14a580968c96ca956a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/NJ2yRGIktsc?rel=0&showinfo=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.portoseguro.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.portoseguro.com.br/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 11 Mar 2021 00:55:24 GMT
strict-transport-security
max-age=31536000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=MtzXUwH24j0; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=M3rIXC-_wBk; Domain=.youtube.com; Expires=Tue, 07-Sep-2021 00:55:24 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+371; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
play.svg
www.portoseguro.com.br/NovoInstitucional/static_files/images/
2 KB
2 KB
Image
General
Full URL
https://www.portoseguro.com.br/NovoInstitucional/static_files/images/play.svg
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/NovoInstitucional/static_files/styles/portal.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Apache /
Resource Hash
fa854f36de2533eb57f0eb0275329939e32cb79fdd781e33a370d14ff75da275
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;

Request headers

Referer
https://www.portoseguro.com.br/NovoInstitucional/static_files/styles/portal.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Mar 2018 22:53:58 GMT
Server
Apache
Vary
Accept-Encoding,Origin
Content-Type
image/svg+xml
Access-Control-Allow-Origin
Content-Security-Policy
frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection
Keep-Alive
Accept-Ranges
none
Keep-Alive
timeout=60, max=842
Content-Length
775
require.js
www.portoseguro.com.br/NovoInstitucional/static_files/scripts/
15 KB
7 KB
Script
General
Full URL
https://www.portoseguro.com.br/NovoInstitucional/static_files/scripts/require.js
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/NovoInstitucional/static_files/scripts/bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Apache /
Resource Hash
299223a6aa7fe04a1c3e37c81adc15997b353814d9ecd8a4a25b55e70d9b7aec
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;

Request headers

Referer
https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 00:55:25 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Jan 2019 18:32:05 GMT
Server
Apache
Vary
Accept-Encoding,Origin
Content-Type
application/javascript
Access-Control-Allow-Origin
Content-Security-Policy
frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection
Keep-Alive
Accept-Ranges
none
Keep-Alive
timeout=60, max=890
Content-Length
6460
js
www.google-analytics.com/gtm/
87 KB
35 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-T28PS8J&cid=245540650.1615424125
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1ae51bee5ad2e217245384f62bf389a2eaa0760032f71e581e62f49f9ab3081d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.portoseguro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:24 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35120
x-xss-protection
0
last-modified
Thu, 11 Mar 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 11 Mar 2021 00:55:24 GMT
www-player-webp.css
www.youtube.com/s/player/d91669a4/ Frame 5F15
340 KB
51 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/d91669a4/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/kLYStLxCc6Y?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbe0caad9e694346ebc2e2cc991047f92dd8ae4fb06c87e4d002ea6c3b9a27bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/kLYStLxCc6Y?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:45:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
202187
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52174
x-xss-protection
0
expires
Tue, 08 Mar 2022 16:45:37 GMT
www-embed-player.js
www.youtube.com/s/player/d91669a4/www-embed-player.vflset/ Frame 5F15
158 KB
57 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/kLYStLxCc6Y?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5183db3dd5ebd330a49f1f51ce3b69800775d193adc6699d76637b0bfeeef98a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/kLYStLxCc6Y?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 12:16:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
45512
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58727
x-xss-protection
0
expires
Thu, 10 Mar 2022 12:16:52 GMT
base.js
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 5F15
2 MB
503 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/kLYStLxCc6Y?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
973cf225de45ec42ec32d1bee3fe4242405f8c7318aca095cb0928f4d4ba3701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/kLYStLxCc6Y?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:48:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
202001
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
514953
x-xss-protection
0
expires
Tue, 08 Mar 2022 16:48:43 GMT
fetch-polyfill.js
www.youtube.com/s/player/d91669a4/fetch-polyfill.vflset/ Frame 5F15
8 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/kLYStLxCc6Y?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/kLYStLxCc6Y?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 09:09:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
56784
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3027
x-xss-protection
0
expires
Thu, 10 Mar 2022 09:09:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5F15
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/kLYStLxCc6Y?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 19:41:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
537239
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Fri, 04 Mar 2022 19:41:25 GMT
www-player-webp.css
www.youtube.com/s/player/d91669a4/ Frame D4E4
340 KB
51 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/d91669a4/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/4TNPi3q_tPs?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbe0caad9e694346ebc2e2cc991047f92dd8ae4fb06c87e4d002ea6c3b9a27bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/4TNPi3q_tPs?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:45:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
202187
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52174
x-xss-protection
0
expires
Tue, 08 Mar 2022 16:45:37 GMT
www-embed-player.js
www.youtube.com/s/player/d91669a4/www-embed-player.vflset/ Frame D4E4
158 KB
57 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/4TNPi3q_tPs?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5183db3dd5ebd330a49f1f51ce3b69800775d193adc6699d76637b0bfeeef98a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/4TNPi3q_tPs?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 12:16:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
45512
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58727
x-xss-protection
0
expires
Thu, 10 Mar 2022 12:16:52 GMT
base.js
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame D4E4
2 MB
503 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/4TNPi3q_tPs?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
973cf225de45ec42ec32d1bee3fe4242405f8c7318aca095cb0928f4d4ba3701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/4TNPi3q_tPs?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:48:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
202001
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
514953
x-xss-protection
0
expires
Tue, 08 Mar 2022 16:48:43 GMT
fetch-polyfill.js
www.youtube.com/s/player/d91669a4/fetch-polyfill.vflset/ Frame D4E4
8 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/4TNPi3q_tPs?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/4TNPi3q_tPs?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 09:09:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
56784
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3027
x-xss-protection
0
expires
Thu, 10 Mar 2022 09:09:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D4E4
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/4TNPi3q_tPs?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 19:41:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
537239
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Fri, 04 Mar 2022 19:41:25 GMT
www-player-webp.css
www.youtube.com/s/player/d91669a4/ Frame E78F
340 KB
51 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/d91669a4/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/RuPBLGEP3eU?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbe0caad9e694346ebc2e2cc991047f92dd8ae4fb06c87e4d002ea6c3b9a27bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/RuPBLGEP3eU?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:45:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
202187
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52174
x-xss-protection
0
expires
Tue, 08 Mar 2022 16:45:37 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E78F
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/RuPBLGEP3eU?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 19:41:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
537239
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Fri, 04 Mar 2022 19:41:25 GMT
www-embed-player.js
www.youtube.com/s/player/d91669a4/www-embed-player.vflset/ Frame E78F
158 KB
57 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/RuPBLGEP3eU?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5183db3dd5ebd330a49f1f51ce3b69800775d193adc6699d76637b0bfeeef98a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/RuPBLGEP3eU?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 12:16:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
45512
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58727
x-xss-protection
0
expires
Thu, 10 Mar 2022 12:16:52 GMT
base.js
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame E78F
2 MB
503 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/RuPBLGEP3eU?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
973cf225de45ec42ec32d1bee3fe4242405f8c7318aca095cb0928f4d4ba3701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/RuPBLGEP3eU?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:48:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
202001
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
514953
x-xss-protection
0
expires
Tue, 08 Mar 2022 16:48:43 GMT
fetch-polyfill.js
www.youtube.com/s/player/d91669a4/fetch-polyfill.vflset/ Frame E78F
8 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/RuPBLGEP3eU?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/RuPBLGEP3eU?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 09:09:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
56784
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3027
x-xss-protection
0
expires
Thu, 10 Mar 2022 09:09:00 GMT
www-player-webp.css
www.youtube.com/s/player/d91669a4/ Frame 98EB
340 KB
51 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/d91669a4/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/lP_1qjb9Gxo?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbe0caad9e694346ebc2e2cc991047f92dd8ae4fb06c87e4d002ea6c3b9a27bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/lP_1qjb9Gxo?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:45:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
202187
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52174
x-xss-protection
0
expires
Tue, 08 Mar 2022 16:45:37 GMT
www-embed-player.js
www.youtube.com/s/player/d91669a4/www-embed-player.vflset/ Frame 98EB
158 KB
57 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/lP_1qjb9Gxo?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5183db3dd5ebd330a49f1f51ce3b69800775d193adc6699d76637b0bfeeef98a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/lP_1qjb9Gxo?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 12:16:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
45512
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58727
x-xss-protection
0
expires
Thu, 10 Mar 2022 12:16:52 GMT
base.js
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 98EB
2 MB
503 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/lP_1qjb9Gxo?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
973cf225de45ec42ec32d1bee3fe4242405f8c7318aca095cb0928f4d4ba3701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/lP_1qjb9Gxo?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:48:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
202001
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
514953
x-xss-protection
0
expires
Tue, 08 Mar 2022 16:48:43 GMT
fetch-polyfill.js
www.youtube.com/s/player/d91669a4/fetch-polyfill.vflset/ Frame 98EB
8 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/lP_1qjb9Gxo?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/lP_1qjb9Gxo?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 09:09:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
56784
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3027
x-xss-protection
0
expires
Thu, 10 Mar 2022 09:09:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 98EB
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/lP_1qjb9Gxo?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 19:41:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
537239
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Fri, 04 Mar 2022 19:41:25 GMT
www-player-webp.css
www.youtube.com/s/player/d91669a4/ Frame 4009
340 KB
51 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/d91669a4/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/A9xQ5hQ4gr4?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbe0caad9e694346ebc2e2cc991047f92dd8ae4fb06c87e4d002ea6c3b9a27bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/A9xQ5hQ4gr4?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:45:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
202187
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52174
x-xss-protection
0
expires
Tue, 08 Mar 2022 16:45:37 GMT
www-embed-player.js
www.youtube.com/s/player/d91669a4/www-embed-player.vflset/ Frame 4009
158 KB
57 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/A9xQ5hQ4gr4?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5183db3dd5ebd330a49f1f51ce3b69800775d193adc6699d76637b0bfeeef98a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/A9xQ5hQ4gr4?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 12:16:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
45512
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58727
x-xss-protection
0
expires
Thu, 10 Mar 2022 12:16:52 GMT
base.js
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 4009
2 MB
503 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/A9xQ5hQ4gr4?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
973cf225de45ec42ec32d1bee3fe4242405f8c7318aca095cb0928f4d4ba3701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/A9xQ5hQ4gr4?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:48:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
202001
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
514953
x-xss-protection
0
expires
Tue, 08 Mar 2022 16:48:43 GMT
fetch-polyfill.js
www.youtube.com/s/player/d91669a4/fetch-polyfill.vflset/ Frame 4009
8 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/A9xQ5hQ4gr4?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/A9xQ5hQ4gr4?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 09:09:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
56784
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3027
x-xss-protection
0
expires
Thu, 10 Mar 2022 09:09:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4009
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/A9xQ5hQ4gr4?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 19:41:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
537239
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Fri, 04 Mar 2022 19:41:25 GMT
www-player-webp.css
www.youtube.com/s/player/d91669a4/ Frame 130F
340 KB
51 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/d91669a4/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8to6cULY1as?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbe0caad9e694346ebc2e2cc991047f92dd8ae4fb06c87e4d002ea6c3b9a27bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/8to6cULY1as?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:45:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
202187
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52174
x-xss-protection
0
expires
Tue, 08 Mar 2022 16:45:37 GMT
www-embed-player.js
www.youtube.com/s/player/d91669a4/www-embed-player.vflset/ Frame 130F
158 KB
57 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8to6cULY1as?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5183db3dd5ebd330a49f1f51ce3b69800775d193adc6699d76637b0bfeeef98a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/8to6cULY1as?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 12:16:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
45512
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58727
x-xss-protection
0
expires
Thu, 10 Mar 2022 12:16:52 GMT
base.js
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 130F
2 MB
503 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8to6cULY1as?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
973cf225de45ec42ec32d1bee3fe4242405f8c7318aca095cb0928f4d4ba3701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/8to6cULY1as?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:48:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
202001
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
514953
x-xss-protection
0
expires
Tue, 08 Mar 2022 16:48:43 GMT
fetch-polyfill.js
www.youtube.com/s/player/d91669a4/fetch-polyfill.vflset/ Frame 130F
8 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8to6cULY1as?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/8to6cULY1as?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 09:09:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
56784
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3027
x-xss-protection
0
expires
Thu, 10 Mar 2022 09:09:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 130F
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8to6cULY1as?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 19:41:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
537239
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Fri, 04 Mar 2022 19:41:25 GMT
www-player-webp.css
www.youtube.com/s/player/d91669a4/ Frame 403C
340 KB
51 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/d91669a4/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/_N6Jdu-wLO4?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbe0caad9e694346ebc2e2cc991047f92dd8ae4fb06c87e4d002ea6c3b9a27bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/_N6Jdu-wLO4?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:45:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
202187
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52174
x-xss-protection
0
expires
Tue, 08 Mar 2022 16:45:37 GMT
www-embed-player.js
www.youtube.com/s/player/d91669a4/www-embed-player.vflset/ Frame 403C
158 KB
57 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/_N6Jdu-wLO4?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5183db3dd5ebd330a49f1f51ce3b69800775d193adc6699d76637b0bfeeef98a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/_N6Jdu-wLO4?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 12:16:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
45512
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58727
x-xss-protection
0
expires
Thu, 10 Mar 2022 12:16:52 GMT
base.js
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 403C
2 MB
503 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/_N6Jdu-wLO4?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
973cf225de45ec42ec32d1bee3fe4242405f8c7318aca095cb0928f4d4ba3701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/_N6Jdu-wLO4?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:48:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
202001
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
514953
x-xss-protection
0
expires
Tue, 08 Mar 2022 16:48:43 GMT
fetch-polyfill.js
www.youtube.com/s/player/d91669a4/fetch-polyfill.vflset/ Frame 403C
8 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/_N6Jdu-wLO4?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/_N6Jdu-wLO4?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 09:09:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
56784
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3027
x-xss-protection
0
expires
Thu, 10 Mar 2022 09:09:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 403C
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/_N6Jdu-wLO4?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 19:41:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
537239
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Fri, 04 Mar 2022 19:41:25 GMT
www-player-webp.css
www.youtube.com/s/player/d91669a4/ Frame 1ADB
340 KB
51 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/d91669a4/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NJ2yRGIktsc?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbe0caad9e694346ebc2e2cc991047f92dd8ae4fb06c87e4d002ea6c3b9a27bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/NJ2yRGIktsc?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:45:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
202187
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52174
x-xss-protection
0
expires
Tue, 08 Mar 2022 16:45:37 GMT
www-embed-player.js
www.youtube.com/s/player/d91669a4/www-embed-player.vflset/ Frame 1ADB
158 KB
57 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NJ2yRGIktsc?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5183db3dd5ebd330a49f1f51ce3b69800775d193adc6699d76637b0bfeeef98a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/NJ2yRGIktsc?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 12:16:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
45512
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58727
x-xss-protection
0
expires
Thu, 10 Mar 2022 12:16:52 GMT
base.js
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 1ADB
2 MB
503 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NJ2yRGIktsc?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
973cf225de45ec42ec32d1bee3fe4242405f8c7318aca095cb0928f4d4ba3701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/NJ2yRGIktsc?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:48:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
202001
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
514953
x-xss-protection
0
expires
Tue, 08 Mar 2022 16:48:43 GMT
fetch-polyfill.js
www.youtube.com/s/player/d91669a4/fetch-polyfill.vflset/ Frame 1ADB
8 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NJ2yRGIktsc?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/NJ2yRGIktsc?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 09:09:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
56784
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3027
x-xss-protection
0
expires
Thu, 10 Mar 2022 09:09:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1ADB
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NJ2yRGIktsc?rel=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 19:41:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
537239
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Fri, 04 Mar 2022 19:41:25 GMT
modules.33a772c48beaa5222edf.js
script.hotjar.com/
217 KB
58 KB
Script
General
Full URL
https://script.hotjar.com/modules.33a772c48beaa5222edf.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-114520.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.96.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
9bd71240933790c0dc85d69741a3b0bcfef32a44b46ce8893d2541ecaee2db72
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.portoseguro.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 16:20:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
462916
x-cache
Hit from cloudfront
content-length
58652
access-control-allow-origin
*
last-modified
Fri, 05 Mar 2021 16:19:37 GMT
etag
"a93d27db17b2296071120e76a2ccbea0"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 cb11ca2ff3db5adbe7df4bca70e51594.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
PRG50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
73SVwScm1TRHP9B8madpzfn5qdbnRRjOzB71bU2uWfJc58FiL_TU0Q==
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 97FC
2 KB
1 KB
Document
General
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-114520.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-100.dus51.r.cloudfront.net
Software
/
Resource Hash
66f396314193bfe4809457b6c8004d026e3c503befe550e29ea068667f84ce39

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.portoseguro.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.portoseguro.com.br/

Response headers

content-type
text/html
content-length
851
date
Mon, 23 Nov 2020 17:01:03 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified
Mon, 23 Nov 2020 15:41:01 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 375e9ad5042f2098d2251daf2e517c52.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
-hPOMrqDBMSbkQ47vqmjYriyT0utrKpW4xfeHFV8t0jZlt0HeOM3NQ==
age
9273262
id
googleads.g.doubleclick.net/pagead/ Frame D4E4
113 B
705 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de637d400a492104d7b34fed1180dd9ad1057717fa01a74653a5f2a0472b4fb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame D4E4
29 B
91 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:41:04 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
861
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Thu, 11 Mar 2021 00:56:04 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 98EB
113 B
160 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
07562aa37f9734188d527a1489939bd943deb9ebf923c83b7acda7d013266c18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 98EB
29 B
394 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:41:04 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
861
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Thu, 11 Mar 2021 00:56:04 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 130F
113 B
160 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13f4a684053e5aa68c8c592099b99ea8ff11debd8940ca6f8c11b43653ec32ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 130F
29 B
54 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:41:04 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
861
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Thu, 11 Mar 2021 00:56:04 GMT
id
googleads.g.doubleclick.net/pagead/ Frame E78F
113 B
160 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9afb9fcdc9c99fb6aa2041dc67e1891b2c7bc9a8a1e7d7eba0726ab2ea6a6b50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame E78F
29 B
54 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:41:04 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
861
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Thu, 11 Mar 2021 00:56:04 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 5F15
113 B
160 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
211942e178536f1e24e495d0b0eee3ce73dbcbb90d9854774c0d09f46d9b63d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 5F15
29 B
54 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:41:04 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
861
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Thu, 11 Mar 2021 00:56:04 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 4009
113 B
160 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19b492166f59163adda2abf6ff48ff8198bfb9efdd5bc5c9de769ee0e222ac6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 4009
29 B
54 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:41:04 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
861
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Thu, 11 Mar 2021 00:56:04 GMT
remote.js
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame D4E4
97 KB
32 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94a61589533c48ea8a22085bd3c59c0b481fe10000526580f3d12692527db719
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/4TNPi3q_tPs?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 13:40:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
126892
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32703
x-xss-protection
0
expires
Wed, 09 Mar 2022 13:40:33 GMT
gYCzj-4M8Ect_HrGpifqy4m-MJzktZmRntqmlBTHKuc.js
www.google.com/js/bg/ Frame D4E4
14 KB
6 KB
Script
General
Full URL
https://www.google.com/js/bg/gYCzj-4M8Ect_HrGpifqy4m-MJzktZmRntqmlBTHKuc.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8180b38fee0cf0472dfc7ac6a627eacb89be309ce4b599919edaa69414c72ae7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 18:49:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:00:00 GMT
server
sffe
age
21950
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6234
x-xss-protection
0
expires
Thu, 10 Mar 2022 18:49:35 GMT
embed.js
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame D4E4
29 KB
10 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
511cdd61289cf319534352bebef72dbbc72e26de252a86bdb7471f01f7e24f23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/4TNPi3q_tPs?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:49:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
201931
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9691
x-xss-protection
0
expires
Tue, 08 Mar 2022 16:49:54 GMT
remote.js
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 98EB
97 KB
32 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94a61589533c48ea8a22085bd3c59c0b481fe10000526580f3d12692527db719
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/lP_1qjb9Gxo?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 13:40:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
126892
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32703
x-xss-protection
0
expires
Wed, 09 Mar 2022 13:40:33 GMT
ZDoFSjlC6WOxM06dCm0rjuyFyk1e0QlbI07811h2i4s.js
www.google.com/js/th/ Frame 98EB
33 KB
14 KB
Script
General
Full URL
https://www.google.com/js/th/ZDoFSjlC6WOxM06dCm0rjuyFyk1e0QlbI07811h2i4s.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
643a054a3942e963b1334e9d0a6d2b8eec85ca4d5ed1095b234efcd758768b8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:46:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:00:00 GMT
server
sffe
age
122926
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14344
x-xss-protection
0
expires
Wed, 09 Mar 2022 14:46:39 GMT
embed.js
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 98EB
29 KB
9 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
511cdd61289cf319534352bebef72dbbc72e26de252a86bdb7471f01f7e24f23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/lP_1qjb9Gxo?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:49:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
201931
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9691
x-xss-protection
0
expires
Tue, 08 Mar 2022 16:49:54 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 403C
113 B
160 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c3f3651d2b0b796ac26b8bae64325b6d045b5f831aacd485e0388de61e49550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 403C
29 B
54 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:41:04 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
861
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Thu, 11 Mar 2021 00:56:04 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 1ADB
113 B
160 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f1182e846940d1a03991506671a1222f95ac00f57bf1e1c07b1f0a9e4756a45f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 1ADB
29 B
54 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:41:04 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
861
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Thu, 11 Mar 2021 00:56:04 GMT
remote.js
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 130F
97 KB
32 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94a61589533c48ea8a22085bd3c59c0b481fe10000526580f3d12692527db719
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/8to6cULY1as?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 13:40:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
126892
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32703
x-xss-protection
0
expires
Wed, 09 Mar 2022 13:40:33 GMT
ZDoFSjlC6WOxM06dCm0rjuyFyk1e0QlbI07811h2i4s.js
www.google.com/js/th/ Frame 130F
33 KB
14 KB
Script
General
Full URL
https://www.google.com/js/th/ZDoFSjlC6WOxM06dCm0rjuyFyk1e0QlbI07811h2i4s.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
643a054a3942e963b1334e9d0a6d2b8eec85ca4d5ed1095b234efcd758768b8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:46:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:00:00 GMT
server
sffe
age
122926
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14344
x-xss-protection
0
expires
Wed, 09 Mar 2022 14:46:39 GMT
embed.js
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 130F
29 KB
9 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
511cdd61289cf319534352bebef72dbbc72e26de252a86bdb7471f01f7e24f23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/8to6cULY1as?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:49:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
201931
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9691
x-xss-protection
0
expires
Tue, 08 Mar 2022 16:49:54 GMT
remote.js
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame E78F
97 KB
32 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94a61589533c48ea8a22085bd3c59c0b481fe10000526580f3d12692527db719
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/RuPBLGEP3eU?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 13:40:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
126892
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32703
x-xss-protection
0
expires
Wed, 09 Mar 2022 13:40:33 GMT
ZDoFSjlC6WOxM06dCm0rjuyFyk1e0QlbI07811h2i4s.js
www.google.com/js/th/ Frame E78F
33 KB
14 KB
Script
General
Full URL
https://www.google.com/js/th/ZDoFSjlC6WOxM06dCm0rjuyFyk1e0QlbI07811h2i4s.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
643a054a3942e963b1334e9d0a6d2b8eec85ca4d5ed1095b234efcd758768b8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:46:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:00:00 GMT
server
sffe
age
122926
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14344
x-xss-protection
0
expires
Wed, 09 Mar 2022 14:46:39 GMT
embed.js
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame E78F
29 KB
9 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
511cdd61289cf319534352bebef72dbbc72e26de252a86bdb7471f01f7e24f23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/RuPBLGEP3eU?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:49:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
201931
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9691
x-xss-protection
0
expires
Tue, 08 Mar 2022 16:49:54 GMT
remote.js
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 5F15
97 KB
32 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94a61589533c48ea8a22085bd3c59c0b481fe10000526580f3d12692527db719
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/kLYStLxCc6Y?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 13:40:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
126892
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32703
x-xss-protection
0
expires
Wed, 09 Mar 2022 13:40:33 GMT
ZDoFSjlC6WOxM06dCm0rjuyFyk1e0QlbI07811h2i4s.js
www.google.com/js/th/ Frame 5F15
33 KB
14 KB
Script
General
Full URL
https://www.google.com/js/th/ZDoFSjlC6WOxM06dCm0rjuyFyk1e0QlbI07811h2i4s.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
643a054a3942e963b1334e9d0a6d2b8eec85ca4d5ed1095b234efcd758768b8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:46:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:00:00 GMT
server
sffe
age
122926
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14344
x-xss-protection
0
expires
Wed, 09 Mar 2022 14:46:39 GMT
embed.js
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 5F15
29 KB
9 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
511cdd61289cf319534352bebef72dbbc72e26de252a86bdb7471f01f7e24f23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/kLYStLxCc6Y?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:49:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
201931
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9691
x-xss-protection
0
expires
Tue, 08 Mar 2022 16:49:54 GMT
remote.js
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 4009
97 KB
32 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94a61589533c48ea8a22085bd3c59c0b481fe10000526580f3d12692527db719
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/A9xQ5hQ4gr4?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 13:40:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
126892
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32703
x-xss-protection
0
expires
Wed, 09 Mar 2022 13:40:33 GMT
gYCzj-4M8Ect_HrGpifqy4m-MJzktZmRntqmlBTHKuc.js
www.google.com/js/bg/ Frame 4009
14 KB
6 KB
Script
General
Full URL
https://www.google.com/js/bg/gYCzj-4M8Ect_HrGpifqy4m-MJzktZmRntqmlBTHKuc.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8180b38fee0cf0472dfc7ac6a627eacb89be309ce4b599919edaa69414c72ae7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 18:49:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:00:00 GMT
server
sffe
age
21950
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6234
x-xss-protection
0
expires
Thu, 10 Mar 2022 18:49:35 GMT
embed.js
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 4009
29 KB
9 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
511cdd61289cf319534352bebef72dbbc72e26de252a86bdb7471f01f7e24f23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/A9xQ5hQ4gr4?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:49:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
201931
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9691
x-xss-protection
0
expires
Tue, 08 Mar 2022 16:49:54 GMT
remote.js
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 403C
97 KB
32 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94a61589533c48ea8a22085bd3c59c0b481fe10000526580f3d12692527db719
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/_N6Jdu-wLO4?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 13:40:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
126892
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32703
x-xss-protection
0
expires
Wed, 09 Mar 2022 13:40:33 GMT
ZDoFSjlC6WOxM06dCm0rjuyFyk1e0QlbI07811h2i4s.js
www.google.com/js/th/ Frame 403C
33 KB
14 KB
Script
General
Full URL
https://www.google.com/js/th/ZDoFSjlC6WOxM06dCm0rjuyFyk1e0QlbI07811h2i4s.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
643a054a3942e963b1334e9d0a6d2b8eec85ca4d5ed1095b234efcd758768b8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:46:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:00:00 GMT
server
sffe
age
122926
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14344
x-xss-protection
0
expires
Wed, 09 Mar 2022 14:46:39 GMT
embed.js
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 403C
29 KB
9 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
511cdd61289cf319534352bebef72dbbc72e26de252a86bdb7471f01f7e24f23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/_N6Jdu-wLO4?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:49:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
201931
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9691
x-xss-protection
0
expires
Tue, 08 Mar 2022 16:49:54 GMT
remote.js
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 1ADB
97 KB
32 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94a61589533c48ea8a22085bd3c59c0b481fe10000526580f3d12692527db719
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/NJ2yRGIktsc?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 13:40:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
126892
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32703
x-xss-protection
0
expires
Wed, 09 Mar 2022 13:40:33 GMT
ZDoFSjlC6WOxM06dCm0rjuyFyk1e0QlbI07811h2i4s.js
www.google.com/js/th/ Frame 1ADB
33 KB
14 KB
Script
General
Full URL
https://www.google.com/js/th/ZDoFSjlC6WOxM06dCm0rjuyFyk1e0QlbI07811h2i4s.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
643a054a3942e963b1334e9d0a6d2b8eec85ca4d5ed1095b234efcd758768b8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:46:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:00:00 GMT
server
sffe
age
122926
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14344
x-xss-protection
0
expires
Wed, 09 Mar 2022 14:46:39 GMT
embed.js
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 1ADB
29 KB
9 KB
Script
General
Full URL
https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
511cdd61289cf319534352bebef72dbbc72e26de252a86bdb7471f01f7e24f23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/NJ2yRGIktsc?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:49:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
201931
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9691
x-xss-protection
0
expires
Tue, 08 Mar 2022 16:49:54 GMT
app.js
www.portoseguro.com.br/NovoInstitucional/static_files/scripts/app/
0
0

cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame D4E4
4 KB
0
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
expires
Thu, 11 Mar 2021 00:55:25 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 98EB
4 KB
0
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
expires
Thu, 11 Mar 2021 00:55:25 GMT
generate_204
www.youtube.com/ Frame D4E4
0
38 B
Image
General
Full URL
https://www.youtube.com/generate_204?GDRMIw
Requested by
Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.youtube.com/embed/4TNPi3q_tPs?rel=0&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:55:25 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
www.youtube.com/ Frame 98EB
0
0

cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 130F
0
0

cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame E78F
0
0

generate_204
www.youtube.com/ Frame 130F
0
0

generate_204
www.youtube.com/ Frame E78F
0
0

cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 5F15
0
0

generate_204
www.youtube.com/ Frame 5F15
0
0

cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 4009
0
0

generate_204
www.youtube.com/ Frame 4009
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
livedados.com
URL
https://livedados.com/js/script.js
Domain
www.portoseguro.com.br
URL
https://www.portoseguro.com.br/NovoInstitucional/static_files/scripts/app/app.js
Domain
www.youtube.com
URL
https://www.youtube.com/generate_204?_8Mk8g
Domain
www.gstatic.com
URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Domain
www.gstatic.com
URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Domain
www.youtube.com
URL
https://www.youtube.com/generate_204?zMC5cg
Domain
www.youtube.com
URL
https://www.youtube.com/generate_204?6B53Bw
Domain
www.gstatic.com
URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Domain
www.youtube.com
URL
https://www.youtube.com/generate_204?gu6ReQ
Domain
www.gstatic.com
URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Domain
www.youtube.com
URL
https://www.youtube.com/generate_204?GmqSPw

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated

22 Cookies

Domain/Path Name / Value
www.pokerstars.eu/ Name: btpdb.G58M8eX.dGZjLjc0OTM0Mzc
Value: U0VTU0lPTg
www.pokerstars.eu/ Name: btpdb.G58M8eX.dGZjLjcxNzcwODc
Value: VVNFUg
www.pokerstars.eu/ Name: btpdb.G58M8eX.dGZjLjc0OTUyNjI
Value: U0VTU0lPTg
.pokerstars.eu/ Name: _gid
Value: GA1.2.460375100.1615424111
.pokerstars.eu/ Name: _ga
Value: GA1.2.1763940289-1615424110
.flashtalking.com/ Name: _D9J
Value: bb2ddd5561c74d96991d323d2068cfa9
www.pokerstars.eu/ Name: btpdb.G58M8eX.dGZjLjc0ODczNTg
Value: U0VTU0lPTg
www.pokerstars.eu/ Name: btpdb.G58M8eX.dGZjLjYyMjcwNjQ
Value: U0VTU0lPTg
.bityli.com/ Name: _gid
Value: GA1.2.837807942.1615424109
www.pokerstars.eu/ Name: btpdb.G58M8eX.dGZjLjc0Mzg0OTM
Value: U0VTU0lPTg
bityli.com/ Name: PHPSESSID
Value: 3a366181407c99d18ec4a2a36eac2bd4
bityli.com/ Name: hstpcount45417
Value: eyJDbGljayI6MCwiQ291bnRlciI6MX0%3D
.doubleclick.net/ Name: IDE
Value: AHWqTUltjs4m1z9Iv6TlPiY8CZcbGEaW3auNHfutqKTi-g3JVfc4bBbairT_V149zS0
www.pokerstars.eu/ Name: btpdb.G58M8eX.dGZjLjM2NjE5ODM
Value: U0VTU0lPTg
.bityli.com/ Name: _ga
Value: GA1.2.1777478963.1615424109
bityli.com/ Name: lasttrack45417
Value: 1
bityli.com/ Name: hstpconfig
Value: eyJJRCI6IjIzODYyNjM5dWk2MDQ5NmE2Y2FiOTRlIiwiQ1RSIjoiTkwiLCJSZWdpb24iOm51bGwsIkJyb3dzZXIiOiJDaHJvbWUiLCJQbGF0Zm9ybSI6IldpbmRvd3MiLCJNb2JpbGUiOjAsIkJvdCI6MCwicmVtb3RlX2FkZHIiOjMxMTc3MjI0MzUsIkxhc3RVcGRhdGUiOjE2MTU0MjQxMDgsIm5vY2FjaGUiOnRydWUsImVycm9yIjpmYWxzZSwibGFzdFRyYWNrZXIiOjF9
.bityli.com/ Name: _gat_gtag_UA_146760796_1
Value: 1
.flashtalking.com/ Name: flashtalkingad1
Value: "GUID=48188FEABBAD17"
www.pokerstars.eu/ Name: btpdb.G58M8eX.dGZjLjUzMTk1MDY
Value: U0VTU0lPTg
www.pokerstars.eu/ Name: btpdb.G58M8eX.dGZjLjc0ODMyNzE
Value: U0VTU0lPTg
.bityli.com/ Name: __cfduid
Value: d761692af86ca6efcc9b88cb11a91c76e1615424106

19 Console Messages

Source Level URL
Text
console-api log URL: https://s.btstatic.com/lib/a0e0a2ff7ef8bd1133b01d9a743feb46beda5723.js?v=2(Line 984)
Message:
on non-fb sites, tracking as usual
console-api log URL: https://www.psimg.com/ga/trk.core.idm.js(Line 1)
Message:
trk.core - requestIdReadyEvent(pstrkIdmMediamathReady_TrkCore)
console-api log URL: https://www.psimg.com/ga/trk.core.idm.js(Line 1)
Message:
trk.core - set mediamath_id dim
console-api log URL: https://www.psimg.com/ga/trk.core.idm.js(Line 1)
Message:
trk.core - bPVPushed = false
console-api log URL: https://s.btstatic.com/tag.js(Line 2)
Message:
Signal: error: {"type":"dbe","message":"ReferenceError: wbid is not defined","dbe.name":"pstrkidmanager wbid","pageId":4034996}
console-api warning URL: https://cashier.rationalcdn.com/ram/2.2.47/vendor.js(Line 1)
Message:
This browser does not support Web Storage!
console-api log (Line 2)
Message:
ok a jour global 2
console-api log (Line 39)
Message:
in custom tag: position 1
console-api log (Line 59)
Message:
in custom tag: position 2
console-api log (Line 44)
Message:
sigGetIds: pstrkIdManager is present.....requesting IdReadyEvent....
console-api log (Line 14)
Message:
SmartCustom Event Listener: pstrkIdManagerMediamathReady event captured in smart tag
console-api log (Line 15)
Message:
SmartCustom Event Listener: Mediamath ID:01206049-6a6e-4f00-bc26-b04394b367c4
console-api log (Line 30)
Message:
SmartCustom Event Listener: PstrkIdManagerSignalIDReady event captured in smart tag
console-api log (Line 31)
Message:
SmartCustom Event Listener: signal_id:105097354712665
console-api log (Line 30)
Message:
SmartCustom Event Listener: PstrkIdManagerSignalIDReady event captured in smart tag
console-api log (Line 31)
Message:
SmartCustom Event Listener: signal_id:105097354712665
console-api log (Line 35)
Message:
SmartCustom Event Listener: pstrkIdManagergauidReady event captured in smart tag
console-api log (Line 36)
Message:
SmartCustom Event Listener: pstrk.gid:
console-api log URL: https://www.portoseguro.com.br/NovoInstitucional/static_files/scripts/bootstrap.js(Line 328)
Message:
Properties: prod

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8526803.fls.doubleclick.net
8954552.fls.doubleclick.net
adservice.google.com
adservice.google.de
ajax.cloudflare.com
ajax.googleapis.com
api.miniature.io
bityli.com
cashier.rationalcdn.com
cdn.tradelab.fr
cdnjs.cloudflare.com
clevernt.com
cliente.portoseguro.com.br
cm.g.doubleclick.net
cmsstorage.rationalcdn.com
connect.facebook.net
d9.flashtalking.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
its.tradelab.fr
livedados.com
lp.clevernetwork.pt
pixel.mathtag.com
ram.pokerstars.eu
rewards.starsaccount.com
s.btstatic.com
s.thebrighttag.com
s3-sa-east-1.amazonaws.com
s4.rationalcdn.com
script.hotjar.com
secure.adnxs.com
secure.starsaffiliateclub.com
sender.clevernt.com
servedby.flashtalking.com
service.maxymiser.net
starscrm.com
static.doubleclick.net
static.hotjar.com
sync-tm.everesttech.net
sync.mathtag.com
tag.device9.com
tapestry.tapad.com
ui.clevernt.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.pokerstars.eu
www.portoseguro.com.br
www.psimg.com
www.youtube.com
livedados.com
www.gstatic.com
www.portoseguro.com.br
www.youtube.com
104.109.74.148
13.226.159.100
142.250.185.198
142.250.185.66
142.250.186.130
142.250.74.198
148.69.64.109
148.69.64.76
151.101.114.49
152.199.20.219
184.30.20.207
185.29.135.190
2.17.187.116
200.211.179.211
200.230.161.212
205.185.216.10
217.182.76.191
23.37.44.205
23.79.136.111
2606:4700:20::681a:a75
2606:4700:20::681a:af8
2606:4700:3033::ac43:c0cf
2606:4700::6810:125e
2606:4700::6810:a823
2a00:1450:4001:800::2003
2a00:1450:4001:801::2003
2a00:1450:4001:801::200e
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2002
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.251.104.84
35.227.248.159
37.252.172.249
37.252.173.38
52.208.178.181
52.48.136.43
52.95.165.10
65.9.96.124
65.9.96.51
77.87.178.197
77.87.179.149
77.87.179.68
77.87.180.198
77.87.181.72
85.17.192.104
91.92.196.187
00a44a4041102b06c7304b576ed5327f1b9f46a5ef79fb03009c4d974a3c8325
03f57788464aacc762395c050df417bcab6f9f8159c15e237fbec864c93895c0
04fdc9b2e28dccaccc6ab266fed68a6a6eaa6f8e725e917a6dd92fe21c9fb29e
063d8d9dd28ae87cfa41724da6afe5931c3dccb4b7f8f04cafb51efe8eff5393
06f3af3fe52542d40ad9bc14ec03e04deaabd09ec369221cc8f536db1c72bf55
07562aa37f9734188d527a1489939bd943deb9ebf923c83b7acda7d013266c18
0809079a0df54cccbea6c5171eb66ced5cb708e24ae9a477939955f68ce37524
08e5970dcee7ecf02ab04df2d6be02568a71594f4923491e9f3e8ae3306a853f
0977875c5974eb789be0e9ffe818ec53a6c9a67cb9a22390b618b8316e9a5c5a
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7
0ea92ffcda54933c1ee1058f427ba36fa05551ae83d298a7a2e144f2098200e9
0f2d69704a49ce1914361c4e1d9e7adc325d30967ab8518a0c087545c2f9c9c8
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10c91b608c04301346f7b7af371bb3d832659df935884796dc30647c46d713a8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
128fbaa9e18cacff8b560ee5e1ddaf8b8646904a2195b85ccc8030006b91ed2f
137e4d3d675eaf33f19407ccb1b72948d5669883329c020103f551c7a463fc4f
13c2341b441b258bd27d374aeeda9ddc3ac6f3b34c6da8d36756dcb629bf78b5
13f4a684053e5aa68c8c592099b99ea8ff11debd8940ca6f8c11b43653ec32ee
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
14a4c5164ea7f47bccc702e8e5744681e8aa0a21d513a820e231f3d921e14c0b
1536a4fcb5484555abbe06364bdcc0715a7ad07cdd81dea52fc0cb459bf216b7
167df85974100aea7cf289532b803307bcd0ff778fb1c9695e4f76d422069f4e
16a7b2007ea6375a98b53b67e626f89f26415cf82eb3b120f5426fcbbe62cde2
171ca22825d9d3284a7e20e85120854bc2bf6fb15b821ce6bed382f14ff51c29
1760cd328d3f336d3501133d9ecdf357483011c1d8f06be2a773ee394c142718
19b492166f59163adda2abf6ff48ff8198bfb9efdd5bc5c9de769ee0e222ac6a
1ae51bee5ad2e217245384f62bf389a2eaa0760032f71e581e62f49f9ab3081d
1b98cccd8bc0de6824320ceb8ddf4075f733b45285ad7c4226a7bd86d842f759
1d878d54b9a998f52c94a6956310423cba9996302c42f60d9b7fe81da51992c7
1ed86d2809048c0b343c0f73a8e4c8fb5b9e80f65679eb062e7e3366d41309cf
1f6a1cf2e91acc38ed64e08c989fc1fbba96c56faec61940f4c98f9e1de8fd83
1f7244cb694f7f667a5f3668a79844fc6159e3922363f0423d9b09872680f372
21061765237c66c10b48e236063a3497c22d33629e98f8654d1a3b860fa48700
211942e178536f1e24e495d0b0eee3ce73dbcbb90d9854774c0d09f46d9b63d3
22ff6b53dc60a7ec3f1ad5621c3558d6a9aeb2a5cb8ef9914db8b98987d5d1cb
23fea0a987694a487d5e053345c610b6c2b0cee5943e6c54dffa8c4d3b8c2a27
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
2703733c5cba99ca399ca5f3fd76472ff518fb36fd5bba427dbea8dc233f44cc
299223a6aa7fe04a1c3e37c81adc15997b353814d9ecd8a4a25b55e70d9b7aec
29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1
2ad59c1d743dfdc4868486432203929ffd6e2885264c5bb69d51c3bf67c40374
2ca0afe5bd8de2b0493bdafe899994cd59cecc1e6c81e2ccebd00e1691622485
2cbfe45236b67669eb7067497b9e88b109f17057d88ca2c8ff6c6c86dc971b3c
2d2602ee72623f30e96034575c2ee454a48f24338bf5bd40c6e09d877be41696
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
315e17341889b49df782825122e591e3b9be6080269cd899049f2a33336d9a4a
324afb0ae0633fc10bc7498d83be88f44cf0746a6eef18c8dbc33acf0d390de8
3260a95ba05201238878633b2342c2bf0aff806a0b09445265d46aef12e3d04c
327d787d84d02c84f75a9b130f7e778bb25ab8994fdd3b6ed2665667fdbe27fe
32c37dc9434bdf2e6543b6bffaf90c5846c1515f2e2480d115fd865e9240b3c3
33fced4e196b8568ac416675e55f9fdbd36cc9c69ade70f52a527c4d28ce2f75
3549c3b2c33fc2f981c8349b96c348a44cba698450525533be7d16fb97b205ec
357a9f9be68be9e860cd648f2edee77a8d1b2dbcdab6659afe983ede2db5229b
37406e702700804191263694d80f23af99441f8f2add8d30d9c176265c9daa0e
37dd1e25d8ce3db5ce2d3a76064ee6063058bbd5f1555ea55ad002d083402dc7
381328efe0f3a184401768b1d6f253af88b06961bf3d7caed91f66d9b70bc5ae
3aa7cc1550dee03b3a04bc4ce6c5f4969f3945e40d9b84969adc099922f22dbe
3bca67455c27a03bbaa0a91d29cbf8d2080c9c46e81f914d380528dd2e8c23cb
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
3c19df610d2b937c34facbe5517c48054fd3695a18e69fa1ac94084aa61d5079
3c3f3651d2b0b796ac26b8bae64325b6d045b5f831aacd485e0388de61e49550
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4089c54aaba3ab55c62fa8ae702011559c4493eda3f7de14a580968c96ca956a
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
433674676291fa4acfb1be7f6e458c43afc5f44d96ddba17e0a186677c75ab0b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44a012a4ad2f32024e0be67c17b7e1c19f92229b3f4431f55269947fb2e5a2ba
45024d41846a2594d90f9942d9e3b4f068eed7e2b33761e53a4aca99a372e720
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
45b71a7a36718d83840240c4b86fc9dd385f797bea63b3ee3b625e25163e8458
46289d29d992c5c7210ae2e100ad185f10858b2db61859fa2eadddca78ad829e
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b78eadc03cee4c5ad476d3df8de773727e25c4952cc4d615fa5203d439c8095
4bcdad591e993084f420f4d2e05541355f3ef0a185dbe15b2cd1e8fd614039b7
4bfcd81b1c8cb16dbef3943b9e226283221681bd87a4ebd2ffd169bcd9586597
4c0f29539692165c3704acc7f7e2565f01a47f36bfd4938ebf76113b1b49d1eb
511cdd61289cf319534352bebef72dbbc72e26de252a86bdb7471f01f7e24f23
5183db3dd5ebd330a49f1f51ce3b69800775d193adc6699d76637b0bfeeef98a
529e70795dc427b8f853861d2ae1bcd14b72af7af1aa6f23a9603d5b0d96ceb5
52c386cb8b28fcdc069b847d6a7f686a77ec8e678dee41307bc8c7d66bda29f8
53289bc177e9dbf73eaf23404a01e76d2237941bf9e4cca32713b6a979f8e387
53738c67f8690689a3a6b8eacba10507214031bb2f533133d05d202b080e1e58
542667f2f586ff549d2d100049d6497ded1fc240df94f292830c2af35d787381
544034188f1aae6c19a4b049230ddda418c341d1561f5084fc2145ac1abcdfb6
5669ca033ab68625c0cae6bcf1abb2722c02ea43a0d65323b2f7b023c7afa35e
5677bfe81b3c8ac24882e1c9b6b53f629e150f6124730061898c8409130c866c
56a58692a9ce6410e6dcf268ebe05e95fbef95ede4c37aae1ad824fdbad6b16e
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
5ab91df0a724b5126111ca02c6fa8e83dd6bd75296f37626ad39c0e3bb737c71
5b821c106c787bdae441b9414fbd4d1e53716e6f564e4352d3800de38f642b53
5c7e07dfb2d7437793e8b1ed577739a8bd55558df14aa7234714675ba53f71ee
5c9e639e1861bb61335b926277ece5e10a9691f5ef996458c602d46f445c34d5
5d6ad50706b8eefbe1739e9f1a4ad3a5780933bccf8d2488c30e353820e46a5c
5ff86f271c2c50f1074477420ba9679ed243b281f5cfb7f66129bdf5eea43c24
6102d725c22f9bf27ef542ceae070843153f3e0926b89820a75f29b107e33cb2
622b2acb1b2c8d4eba45b028583b297a195b839f4684fc02d6906c84779f763d
62312d0b5f3bbf0f854286160e729c089c19367ba58531ec6b4826463811345c
62d354ffc611b04d6f424a170012a988fefe4618084f17c78a529c4408f46285
642619f247ce7848d2f6b03725fb331d0ed3472de781e24c98e305dbcc06b083
643a054a3942e963b1334e9d0a6d2b8eec85ca4d5ed1095b234efcd758768b8b
64796d852c2396b0cf83789e9047c36eb71ce0226ac63214f453b4548f42e021
6595ed9a8039c01943074b0bf83cc08f0fcd5d4a01bcfbff36e2737c65722feb
6597ce6eb365c2b6270851e541b54bb0d50774c9082ea529639d16b8311fb452
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66f396314193bfe4809457b6c8004d026e3c503befe550e29ea068667f84ce39
6899805b9d366f25306b0a3c56724777e4f3b4a3c58447479836eedc8eb3c9af
6aa11e842888cd75c787ba6e59d03d8139f93af3da4876c39b7d1600124a126c
6b4d18e360e543bb5e995b47c1e0650579e2bc2bc6343e98e8269fca994391b8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d48934602242193b6f52f8c71206f80f2249749cf7a1e500b6b14dd4a5169a3
70bf070ead0b1c4728fa295b5e98b14cf9b228c8ede128e726d4311654fcc585
71d5e02da18d269fd345e5741358606a56af9c4709a53185242d5989b78abc1c
744f85a7207ab76af9bea325844f5c39d6b3ae642acfbb4076e1e29d5cc10d57
74d66add22660b12e57cf4a9e1c2fe4fcc8708e052ec75b62b1e9428968fc90d
781f29dcc6e03cbf0c62e3a9b0956dd06447878e5e0ed38ed349fabcd9c4b2d4
7836cf85eaa098ab43a96109a682e08f077eba5ee7451866040d47417724d6bb
7860b542cd2448a7ff2601a39d8817bf569fe078d2518e40236030abce5310da
7a19c4f0ba3cacf7fbc25df5012b6c54006d235e882d26441beea3a3e587ebab
7a6aa567b485360458b3724d168dba80e92e77f1e94df3119360064e4f570fe6
7d3dc2b66cb88ddf9888e885a03a236b515cb7e0de4f9542644a7ad6e8ee65d7
7db055cbb1d8d048dde5759adefa774ae430836523a466a5e351c69db5220862
7e8158695e0e4cf90e8ee1ac3fd76572a677909d6969df84086026841e84b1fe
80847e537d71457418d62c3c7934ccb971155309ae71b333db4fd86584d76710
8180b38fee0cf0472dfc7ac6a627eacb89be309ce4b599919edaa69414c72ae7
8258e8f9962e8072a6110a7f875f919bb968d61ce995e148ba319f2e0eb8b38e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8461d16dc5f56ee0d99897735abac9c47be6d3808e47a967ba546f69b89a2215
877de2ffab95719d6ff1f1048fa912e70ee31879a2a31f868eb5b1770252d8fb
87c34ac385475b568c6186c57988d07ea6ff53848e46194e32a9d0687b34e2aa
8878fe76a9d5f812136977a768b0292a70190104050ce601f84fd75c92c2f35d
898b995d997e877b51b2531304b2e8c79de68f2e8edcbfdd4eecceea17ca528c
8c1aa1fc1b2c3981ac9d3d98fa124a90a6261986aa520225d1ffe027f8fa1ec0
923920a271ecace64fbb9b2a62cc13c005a17cd651540557358b653fccc6b037
92d2375f223c8596bae2d4170d41e7df14e6c7f0fc0aa25b77026a876b69c560
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
94a61589533c48ea8a22085bd3c59c0b481fe10000526580f3d12692527db719
960d3c7144bd7d1695869610cb719fa0d30c5ca692eb76e1497a96f0c7ee001c
960fa5f6ec47c992645b99ca5e3a7becb3bb23e6352499b018e532fea148baaa
973cf225de45ec42ec32d1bee3fe4242405f8c7318aca095cb0928f4d4ba3701
9758131604411364017f6f7e517a004fd46c54ff8dc605d4c2af7ee42e2a8400
9ad6fe0711c70264492055641abfe29212f21d9f3231547ca93c48308d46d33f
9afb9fcdc9c99fb6aa2041dc67e1891b2c7bc9a8a1e7d7eba0726ab2ea6a6b50
9bd71240933790c0dc85d69741a3b0bcfef32a44b46ce8893d2541ecaee2db72
9db28ce81bb2d059a0e4f2aa53bc2934821a007f17887039cd0d7033a4edee89
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a0145e19189d170d55eb4c9f4d13b9160b0dcadbd9d3448d65193131f103953f
a079b424dc8e9ab3d958b2fb25332ea047536dbab5364823389094453333bc5f
a0b65098ced25c5e297bad2d15d60bb699e598fae6f80faae7a0a6903e59d21d
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833
a3568fab3fd530fc35c9f674ba12058852e3390ae36ef8393140b5c82432a782
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25
a75925f253b90c84783b51260f8b9a213a2796f5050d82b3790b9ced63be42a0
a77b03ac59bedd835e6261c2e0243a81824107314f736763c991f74f6c9528c4
a7c3e55eaa9ecaa4ca4a2ebffc199b1d3b5c4c568e832a107811ca61db66bcbb
a7d2d708b65024cf75a44c5fd691ad3f9013017f6385265a28f8f2af2c337a18
a898f00aabf0e5632b47a59e092c4662c8cbda0c33ea6d0d424cbced57e3ee72
a89fc8b93ffad843dd466830b83527543c50d90dad2a2a10bd53dd34dc3711e4
a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2
a923b3ea0ecb81905ee68b897fd3e2a1ba5b42feef35f648539e9c4b1da3320d
aa1158b44f51119c26a4cdc3be24e7180797346aa5d835d7e61dad271cb59f59
ada252a5027cb94afd932d75902dc2a4d8d1099db00dbf130187a7a980a5c8e6
adf676b2c552070f266f9924cdadcf94c71e37a494031fdfe155296481108100
ae31abd20931ac70ca57381ebeed30009c8343f1fb257f0d90e64b6b137262ea
aedaf3d4df6444d8d74e44d1b8f012c14c0e6487af7145ce5a9ac42eb5a50751
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16975fe48dabe2e4674d67d3541badf178ed468241a34c1c6631b5a71e573c0
b2824d3ceb3f4777d268002bd420e8be66e76455611d4f09c50e861d69147948
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
b7e327a33ffec79dd819a9186c549ad959f9f7184d5f9c10faec851b5210c064
b8360d5b4e174d1cd0ebbc287d2ed75e7d996c838b19aafb8ad2fcd19b28d75b
bafc3d5b61836609f4006bbe16a977dc98f8ef68895a6c8641565544364d2107
bd205ffe59aa5dbad8d578251c5f0a3af93f88dafaa33628f00d99ffc3eca7c4
c15c5491059d973562247f8126972afc1ba58eee0f4ae29a12b77e83224adf68
c2aceae209aff6daed697ee189f85c9ed203cc591570851c9fed65029c79784e
c452dbda60c56a8e6583f9d582b02c1a7bd39e437bf137bf076cd41bd9725533
c59d882e3530622289705fd1e3d0b192a62debfcde1027fe90b3e11dd3a981d3
c65c4b1dcc3c11c6915571a25e4fe32162717f669d2cfa28517285b17bf2cdc6
c6efa78726a5e3d7a90a6d12e2d24be3bc1e01b7396460430cbca38627c6fe3b
c6ff6d4624a5c8140cbc19107aa372a233907f8e6e4d55d002d20cae682a575f
c714ebb416fa0b15b725220bca8fbe1cbe2899605b8ef833f1de1f4f66169122
c8429a6ffbbbe9bf668f8309c48d76ccb7fd19856ae638274c7c492415b39f7f
c93591cccd94f2254d20f66f7f091497f30c9f249714e6fa1b5c9d81c8cedcfe
cace0a2687006def3765aa8443ffc58d003a1897b6d69abcff0d4a3112c45ec3
cbe0caad9e694346ebc2e2cc991047f92dd8ae4fb06c87e4d002ea6c3b9a27bb
d1d8136d1aad75c695d17abb706c7c90dad18047f6244b3951fdac264ca51387
d5293af5929f4bf7d3b5b958854c714a151f715308e05ba96b4fa2e38608ab26
d6b343dd44b156260d11cca3b623daad756f879cf3d6524e8c5e30c7bea6d20a
d8453c0d4be5e4379a0620dc5c8a7a1d3a410a5f78ba0c379c5b840f7d9ae19c
d8a2fc19b3c25b470b6b7a2cb69be14e22328bc0bf9adfe709f0b1477fc61525
dbad85147b47c3c3e23ec704c9e572676c3b4481eff7e77b6765fea11f252b9d
dbf567ab82eeff26676787e317e68b11d7546b2ac57543c34e6d3639faedd2f3
dc420bfbeb7f621a48d230cde485c0d3b86922a107b6d5b8bac405f025d4b206
de2d174b8956ce02c80601c3f05b3033fd83b4607df0b2700b919d9d12653365
de637d400a492104d7b34fed1180dd9ad1057717fa01a74653a5f2a0472b4fb1
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
df28e74af5e5c9edd4508a8964586703c5760f3b6899ab13750bee9412310eb9
df35392ebe2722ddcafc180639031db9a8ed65c3d5f5e94833fdb74435d1a77a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49e6b6fee72091bf2131600d498a180560f12fd3f8d480da4992ab10f3fbae5
e4e5ba893ca49051e5a82e47c800e2e6caab9c96505d58ebc2ccb5ff099032fc
e527e6fb033ab7789f691a772a1c400c759c1fb6decc5c0b2995c43670114216
e5e8a081c33e64578de89d2fe9f37aeca106246d4fbd2c0b9ba2f2520cd0edb5
e70dd2b13f3165a85a871f1863b5f17c7a68e961e2a2788a0921a630edf01bcc
ea544a92a4ce65207a88fef5d09e0f9d0519582c00066992366ceca4d5d2b175
ea9e305e3294b9b1075f91e45198cb25f8fe0b03618776c08cf0f37b67c1d605
eb65022d3365665a5c58df649ca016fb880b7de98c7c1c4b12b31f8f5c88efea
ebdb2a9839cc6fbf9a05e4282c7d6e7a965f0165a7c84909d9770c1028a1ce8c
eca2c979f9bdfd06ec0ddc133a25559832fabf4bd4981f31f37f56b262b8561c
edb0e4cf9be90dfbe2da6e6415afb682a484cfeba0869c89a94345e2ba0ae3a0
ee1f073e89c63a228e41a4f8d73c36c70fee4e22e5968925c58e51cbd4c48b08
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef185414671f302413d96fd8a5af007c5ebb91f7a0df916dfc623f0505d72822
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc22b04e25b2cacbfee0c782c0a187f819d125077ed3aaceee18925fbf26cd8
f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347
f1182e846940d1a03991506671a1222f95ac00f57bf1e1c07b1f0a9e4756a45f
f23689a7dbcbc9f1706726e8f15d19963a09b7e0d775eebc6d6ab0c77a462ef6
f3efd97a67b8cc191db6f90437b1a27a0985467f17685ce583221ed142e32ccb
f77f0ca0a011af69f54c878b3c3d7501b7d2b73ef0cf146829f2e5c90d532445
f7af6828311223e42e7a0b42821e8008337ac3b8f5d8a77fd21aca267a1d76b5
f868f7272a6343236c494e22590d72775e956ce48b403b5fe7da3d3b887b321a
f930b92434e71139102f53dca14116f360d7685bf344deb13a1f1a746a051154
fa077f324b5f296d626561e5ee83b7c393e224f2ce5580f1f27befc411b6297a
fa854f36de2533eb57f0eb0275329939e32cb79fdd781e33a370d14ff75da275
fbd16e3494bc364c05b8e7222c2945a6fd0f9665bf8c36cd801bbf442599bccf
fc703dab29722d073f46611612fb3475b73ad131ce2113a0505ee34571afad91
fc9ffaa978a0594b8d6f5dda0a295185fd19044f1bd4b49c7e00929328cc4d05
fcfe8718632767474e43758fad2a1f98cdd3665a66e34a81c9d65140109d56f2