www.portoseguro.com.br Open in urlscan Pro
200.230.161.212 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Effective URL:
https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indi...
Submission: On March 11 via api (March 11th 2021, 12:55:31 am UTC) from BR

Summary HTTP 367 Redirects Behaviour Indicators

Summary

This website contacted 50 IPs in 9 countries across 36 domains to perform 367 HTTP transactions. The main IP is 200.230.161.212, located in Guarulhos, Brazil and belongs to CLARO S.A., BR. The main domain is www.portoseguro.com.br.
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on October 16th 2020. Valid for: a year.

This is the only time www.portoseguro.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 27	2606:4700:303... 2606:4700:3033::ac43:c0cf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
10	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	217.182.76.191 217.182.76.191	16276 (OVH) (OVH)
1	2606:4700:20:... 2606:4700:20::681a:a75	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	148.69.64.109 148.69.64.109	12353 (VODAFONE-...) (VODAFONE-PT Vodafone Portugal)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1 1	148.69.64.76 148.69.64.76	12353 (VODAFONE-...) (VODAFONE-PT Vodafone Portugal)
15	2606:4700:20:... 2606:4700:20::681a:af8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a823	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	91.92.196.187 91.92.196.187	49882 (SKRILL) (SKRILL)
1 2	77.87.181.72 77.87.181.72	43338 (RATIONAL-AS) (RATIONAL-AS)
32	23.37.44.205 23.37.44.205	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.79.136.111 23.79.136.111	16625 (AKAMAI-AS) (AKAMAI-AS)
1	77.87.179.68 77.87.179.68	43338 (RATIONAL-AS) (RATIONAL-AS)
7	2.17.187.116 2.17.187.116	16625 (AKAMAI-AS) (AKAMAI-AS)
4	184.30.20.207 184.30.20.207	16625 (AKAMAI-AS) (AKAMAI-AS)
8	104.109.74.148 104.109.74.148	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	77.87.179.149 77.87.179.149	43338 (RATIONAL-AS) (RATIONAL-AS)
4	77.87.180.198 77.87.180.198	43338 (RATIONAL-AS) (RATIONAL-AS)
17	52.208.178.181 52.208.178.181	16509 (AMAZON-02) (AMAZON-02)
1	77.87.178.197 77.87.178.197	43338 (RATIONAL-AS) (RATIONAL-AS)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
12	152.199.20.219 152.199.20.219	15133 (EDGECAST) (EDGECAST)
1 3	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
2 6	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
2 13	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
5 5	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 1	185.29.135.190 185.29.135.190	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	34.251.104.84 34.251.104.84	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
2 2	37.252.173.38 37.252.173.38	29990 (ASN-APPNEX) (ASN-APPNEX)
3 17	85.17.192.104 85.17.192.104	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	52.48.136.43 52.48.136.43	16509 (AMAZON-02) (AMAZON-02)
2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2 10	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
33	200.230.161.212 200.230.161.212	4230 (CLARO S.A.) (CLARO S.A.)
1	65.9.96.124 65.9.96.124	16509 (AMAZON-02) (AMAZON-02)
1	52.95.165.10 52.95.165.10	16509 (AMAZON-02) (AMAZON-02)
1	200.211.179.211 200.211.179.211	4230 (CLARO S.A.) (CLARO S.A.)
8	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
49	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	65.9.96.51 65.9.96.51	16509 (AMAZON-02) (AMAZON-02)
1	13.226.159.100 13.226.159.100	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
367	50

27 2606:4700:3033::ac43:c0cf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bityli.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.182.76.191 (Poledno, Poland)

ASN16276 (OVH, FR)
PTR: edge01.devgrid.net

api.miniature.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:a75 (United States)

ASN13335 (CLOUDFLARENET, US)

clevernt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.69.64.109 (Porto, Portugal)

ASN12353 (VODAFONE-PT Vodafone Portugal, PT)
PTR: host-109.clevernetwork.pt

ui.clevernt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.69.64.76 (Porto, Portugal) 1 redirects

ASN12353 (VODAFONE-PT Vodafone Portugal, PT)

sender.clevernt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:20::681a:af8 (United States)

ASN13335 (CLOUDFLARENET, US)

lp.clevernetwork.pt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.92.196.187 (United Kingdom) 2 redirects

ASN49882 (SKRILL, GB)

secure.starsaffiliateclub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.87.181.72 (Isle Of Man) 1 redirects

ASN43338 (RATIONAL-AS, IM)

www.pokerstars.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 23.37.44.205 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-44-205.deploy.static.akamaitechnologies.com

cmsstorage.rationalcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.79.136.111 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-136-111.deploy.static.akamaitechnologies.com

service.maxymiser.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.87.179.68 (Onchan, Isle Of Man)

ASN43338 (RATIONAL-AS, IM)

starscrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.17.187.116 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-187-116.deploy.static.akamaitechnologies.com

s.btstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.20.207 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.109.74.148 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-109-74-148.deploy.static.akamaitechnologies.com

cashier.rationalcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s4.rationalcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 77.87.179.149 (Onchan, Isle Of Man)

ASN43338 (RATIONAL-AS, IM)

ram.pokerstars.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 77.87.180.198 (Isle Of Man)

ASN43338 (RATIONAL-AS, IM)

www.psimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 52.208.178.181 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-178-181.eu-west-1.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.87.178.197 (Isle Of Man)

ASN43338 (RATIONAL-AS, IM)

rewards.starsaccount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 152.199.20.219 (United States)

ASN15133 (EDGECAST, US)

cdn.tradelab.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

8954552.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 205.185.216.10 (United States) 2 redirects

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 37.252.172.249 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.130 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.135.190 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.104.84 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

tag.device9.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

8526803.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.38 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 85.17.192.104 (The Hague, Netherlands) 3 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: tradelab.fr

its.tradelab.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.136.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-136-43.eu-west-1.compute.amazonaws.com

d9.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

tapestry.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 200.230.161.212 (Guarulhos, Brazil)

ASN4230 (CLARO S.A., BR)

www.portoseguro.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.96.124 (United States)

ASN16509 (AMAZON-02, US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.95.165.10 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: s3-sa-east-1.amazonaws.com

s3-sa-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 200.211.179.211 (Brazil)

ASN4230 (CLARO S.A., BR)

cliente.portoseguro.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.96.51 (United States)

ASN16509 (AMAZON-02, US)

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-100.dus51.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	youtube.com www.youtube.com	5 MB
40	rationalcdn.com cmsstorage.rationalcdn.com cashier.rationalcdn.com s4.rationalcdn.com	6 MB
34	portoseguro.com.br www.portoseguro.com.br cliente.portoseguro.com.br	370 KB
29	tradelab.fr 3 redirects cdn.tradelab.fr its.tradelab.fr	50 KB
28	doubleclick.net 9 redirects 8954552.fls.doubleclick.net cm.g.doubleclick.net 8526803.fls.doubleclick.net googleads.g.doubleclick.net static.doubleclick.net	9 KB
27	bityli.com 1 redirects bityli.com	204 KB
25	gstatic.com fonts.gstatic.com www.gstatic.com	370 KB
17	thebrighttag.com s.thebrighttag.com	16 KB
15	adnxs.com 4 redirects secure.adnxs.com ib.adnxs.com	15 KB
15	clevernetwork.pt lp.clevernetwork.pt	178 KB
12	google.com 2 redirects adservice.google.com www.google.com	99 KB
11	cloudflare.com cdnjs.cloudflare.com ajax.cloudflare.com	41 KB
8	flashtalking.com 2 redirects servedby.flashtalking.com d9.flashtalking.com	27 KB
8	googleapis.com fonts.googleapis.com ajax.googleapis.com	34 KB
7	btstatic.com s.btstatic.com	77 KB
7	pokerstars.eu 1 redirects www.pokerstars.eu ram.pokerstars.eu	17 KB
6	google-analytics.com www.google-analytics.com	91 KB
5	mathtag.com 1 redirects pixel.mathtag.com sync.mathtag.com	3 KB
4	psimg.com www.psimg.com	9 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	61 KB
3	googleadservices.com www.googleadservices.com	18 KB
3	google.de 1 redirects adservice.google.de www.google.de	473 B
3	facebook.net connect.facebook.net	98 KB
3	clevernt.com 1 redirects clevernt.com ui.clevernt.com sender.clevernt.com	52 KB
2	tapad.com tapestry.tapad.com	852 B
2	facebook.com www.facebook.com	408 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	596 B
2	maxymiser.net service.maxymiser.net	6 KB
2	starsaffiliateclub.com 2 redirects secure.starsaffiliateclub.com	1 KB
1	amazonaws.com s3-sa-east-1.amazonaws.com	516 B
1	device9.com 1 redirects tag.device9.com	643 B
1	starsaccount.com rewards.starsaccount.com	347 B
1	starscrm.com starscrm.com	429 B
1	miniature.io api.miniature.io	23 KB
1	googletagmanager.com www.googletagmanager.com	39 KB
0	livedados.com Failed livedados.com Failed
367	36

	Domain	Requested by
57	www.youtube.com	www.portoseguro.com.br www.youtube.com
33	www.portoseguro.com.br	bityli.com www.portoseguro.com.br
32	cmsstorage.rationalcdn.com	www.pokerstars.eu bityli.com cmsstorage.rationalcdn.com
27	bityli.com	1 redirects bityli.com
23	fonts.gstatic.com	fonts.googleapis.com www.portoseguro.com.br www.youtube.com
17	its.tradelab.fr	3 redirects bityli.com
17	s.thebrighttag.com	s.btstatic.com bityli.com
15	lp.clevernetwork.pt	bityli.com lp.clevernetwork.pt
13	secure.adnxs.com	2 redirects bityli.com
12	cdn.tradelab.fr	s.btstatic.com cdn.tradelab.fr
10	www.google.com	2 redirects www.youtube.com
10	googleads.g.doubleclick.net	2 redirects www.youtube.com
10	cdnjs.cloudflare.com	bityli.com
8	static.doubleclick.net	www.youtube.com
7	cashier.rationalcdn.com	www.pokerstars.eu cmsstorage.rationalcdn.com cashier.rationalcdn.com
7	s.btstatic.com	cmsstorage.rationalcdn.com s.btstatic.com
7	fonts.googleapis.com	bityli.com lp.clevernetwork.pt www.pokerstars.eu cashier.rationalcdn.com
6	servedby.flashtalking.com	2 redirects bityli.com servedby.flashtalking.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com s.btstatic.com www.portoseguro.com.br
5	cm.g.doubleclick.net	5 redirects
5	ram.pokerstars.eu	cmsstorage.rationalcdn.com cashier.rationalcdn.com
4	www.psimg.com	bityli.com s.btstatic.com
4	pixel.mathtag.com	cmsstorage.rationalcdn.com s.btstatic.com bityli.com
3	www.googleadservices.com	8954552.fls.doubleclick.net www.googleadservices.com
3	8954552.fls.doubleclick.net	1 redirects s.btstatic.com adservice.google.com
3	connect.facebook.net	bityli.com connect.facebook.net
2	www.gstatic.com	www.youtube.com
2	www.google.de	8954552.fls.doubleclick.net
2	tapestry.tapad.com	servedby.flashtalking.com bityli.com
2	d9.flashtalking.com	servedby.flashtalking.com d9.flashtalking.com
2	adservice.google.com	8954552.fls.doubleclick.net 8526803.fls.doubleclick.net
2	www.facebook.com	bityli.com
2	ib.adnxs.com	2 redirects
2	8526803.fls.doubleclick.net	1 redirects bityli.com
2	sync-tm.everesttech.net	2 redirects
2	service.maxymiser.net	www.pokerstars.eu service.maxymiser.net
2	www.pokerstars.eu	1 redirects bityli.com
2	secure.starsaffiliateclub.com	2 redirects
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	cliente.portoseguro.com.br	www.portoseguro.com.br
1	s3-sa-east-1.amazonaws.com	www.portoseguro.com.br
1	static.hotjar.com	www.portoseguro.com.br
1	adservice.google.de	1 redirects
1	tag.device9.com	1 redirects
1	sync.mathtag.com	1 redirects
1	rewards.starsaccount.com	cmsstorage.rationalcdn.com
1	s4.rationalcdn.com	cmsstorage.rationalcdn.com
1	starscrm.com	cmsstorage.rationalcdn.com
1	ajax.cloudflare.com	lp.clevernetwork.pt
1	sender.clevernt.com	1 redirects
1	ui.clevernt.com	bityli.com
1	clevernt.com	bityli.com
1	api.miniature.io	bityli.com
1	www.googletagmanager.com	bityli.com
1	ajax.googleapis.com	bityli.com
0	livedados.com Failed	bityli.com
367	57

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-02-22` - `2022-02-21`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
miniature.io R3	`2021-01-22` - `2021-04-22`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.clevernt.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-23` - `2022-02-23`	a year	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
www.pokerstars.eu DigiCert TLS RSA SHA256 2020 CA1	`2021-01-26` - `2022-02-26`	a year	crt.sh
rationalcdn.com GeoTrust RSA CA 2018	`2020-09-28` - `2021-08-13`	10 months	crt.sh
*.maxymiser.net DigiCert SHA2 Secure Server CA	`2020-03-04` - `2021-06-03`	a year	crt.sh
starscrm.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2021-12-20`	a year	crt.sh
s.btstatic.com DigiCert SHA2 Secure Server CA	`2020-02-10` - `2022-02-17`	2 years	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2021-07-15`	a year	crt.sh
www.psimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-26` - `2022-02-26`	a year	crt.sh
*.signal.co Entrust Certification Authority - L1K	`2021-01-26` - `2022-02-25`	a year	crt.sh
rewards.starsaccount.com DigiCert SHA2 Secure Server CA	`2019-05-21` - `2021-05-25`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
crealab.cdn.tradelab-apps.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-01-27` - `2021-10-09`	8 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-04` - `2022-02-22`	a year	crt.sh
*.tradelab.fr Go Daddy Secure Certificate Authority - G2	`2019-07-30` - `2021-09-28`	2 years	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
tag.device9.com Go Daddy Secure Certificate Authority - G2	`2020-08-06` - `2021-09-17`	a year	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
portoseguro.com.br GlobalSign GCC R3 DV TLS CA 2020	`2020-10-16` - `2021-11-17`	a year	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.s3-sa-east-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-27` - `2021-09-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Frame ID: A2EF1FF6C010D698DE63A1F7B75FAD55
Requests: 96 HTTP requests in this frame

Frame: https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
Frame ID: 349369E6620C08EFF2755E18FFB35EFB
Requests: 18 HTTP requests in this frame

Frame: https://www.pokerstars.eu/
Frame ID: 973D7223B5CE576FA83365B8DBDE01C8
Requests: 134 HTTP requests in this frame

Frame: https://8954552.fls.doubleclick.net/activityi;dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F
Frame ID: 7E2A5691AE238021895CD37E6901BFEB
Requests: 1 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=105097354712665&ft_referrer=https%3A//www.pokerstars.eu/&ns=https%3A//lp.clevernetwork.pt/&cb=703418.7285725914
Frame ID: 7E722B33D04D98428FB74F5C01C6DA89
Requests: 7 HTTP requests in this frame

Frame: https://8526803.fls.doubleclick.net/activityi;dc_pre=CKavwOKDp-8CFULXEQgdcmYIyA;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7177934446110.81
Frame ID: 9D6E69433CAB488A19883C62575FB424
Requests: 2 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/container/29;71832;7464;iframe/?g=48188FEABBAD17
Frame ID: 5FCE151B11D81F777BA3BD846BD0F80D
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F
Frame ID: 70756295310DFB46526CD73AB4007A54
Requests: 1 HTTP requests in this frame

Frame: https://8954552.fls.doubleclick.net/ddm/fls/r/dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F
Frame ID: CF60CC792110001402236EFC63BDB2D3
Requests: 6 HTTP requests in this frame

Frame: https://cliente.portoseguro.com.br/portal/site/portaldecliente/check-logged-in
Frame ID: 19787290F06934832666F05386A2F934
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/kLYStLxCc6Y?rel=0&showinfo=0
Frame ID: 5F151FCDCEDBBE44A495E19983CC6C5F
Requests: 13 HTTP requests in this frame

Frame: https://www.youtube.com/embed/A9xQ5hQ4gr4?rel=0&showinfo=0
Frame ID: 40095025D460E55DBFAE581AEFBC195D
Requests: 13 HTTP requests in this frame

Frame: https://www.youtube.com/embed/4TNPi3q_tPs?rel=0&showinfo=0
Frame ID: D4E498C0B6084FE7E429563458B255BF
Requests: 13 HTTP requests in this frame

Frame: https://www.youtube.com/embed/lP_1qjb9Gxo?rel=0&showinfo=0
Frame ID: 98EBF178B78873BECD260D4D4F27D7DF
Requests: 13 HTTP requests in this frame

Frame: https://www.youtube.com/embed/_N6Jdu-wLO4?rel=0&showinfo=0
Frame ID: 403CD94787134C580FDCD91A1E887C8F
Requests: 11 HTTP requests in this frame

Frame: https://www.youtube.com/embed/8to6cULY1as?rel=0&showinfo=0
Frame ID: 130F39A7B1E0C6967A04C1B761423B5F
Requests: 13 HTTP requests in this frame

Frame: https://www.youtube.com/embed/RuPBLGEP3eU?rel=0&showinfo=0
Frame ID: E78F71C93D13F73504FCE9F91FC62FD5
Requests: 13 HTTP requests in this frame

Frame: https://www.youtube.com/embed/NJ2yRGIktsc?rel=0&showinfo=0
Frame ID: 1ADB5BDF217B4763125F127076A76ECE
Requests: 11 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 97FC89E56A26A2EBCA0B4E6DFA526AB6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU Page URL
https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_88... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

367
Requests

97 %
HTTPS

40 %
IPv6

36
Domains

57
Subdomains

50
IPs

9
Countries

13772 kB
Transfer

31884 kB
Size

22
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU Page URL
https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://bityli.com/pkvHy/i HTTP 302
https://api.miniature.io/?width=800&height=600&screen=1024&url=https%3A%2F%2Fwww.portoseguro.com.br%2Fconsorcio-de-imoveis%3Futm_source%3Dmeuportoseguro%26utm_medium%3Droberta_machado_8800%26utm_campaign%3Dindicacao%26utm_content%3Dsite_candidato%26codigoParceiroExterno%3D900011%26codigoRepresentanteParceiroExterno%3Droberta_machado_8800

Request Chain 49

https://sender.clevernt.com/transporter/45417.php?ppuc=1&ppu=0&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&ruri=&r=427379269&tok=542811100321118245&iv=-1&ctr=NL&sz=1200&wn=&res=1600x1200&landing=1&hei=360&ts=0.17 HTTP 302
https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=

Request Chain 69

https://secure.starsaffiliateclub.com/C.ashx?btag=a_174457b_2708c_&affid=2356410&siteid=174457&adid=2708&c=SNAAEQARCBBAAWP HTTP 302
https://secure.starsaffiliateclub.com/C.ashx?btag=a_174457b_2708c_&affid=2356410&siteid=174457&adid=2708&c=SNAAEQARCBBAAWP&AutoR=1 HTTP 302
https://www.pokerstars.eu/?btag=a_174457b_2708c_SNAAEQARCBBAAWP HTTP 301
https://www.pokerstars.eu/

Request Chain 140

https://8954552.fls.doubleclick.net/activityi;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F HTTP 302
https://8954552.fls.doubleclick.net/activityi;dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F

Request Chain 142

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.thebrighttag.com%2Fcs?btt=0&tp=an&uid=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.thebrighttag.com%252Fcs%3Fbtt%3D0%26tp%3Dan%26uid%3D%24UID HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=an&uid=3838662649262320631

Request Chain 143

https://sync-tm.everesttech.net/upi/pid/epROgTTp/?redir=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3D0WCbX0j%26uid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/epROgTTp/?redir=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3D0WCbX0j%26uid%3D%24%7BTM_USER_ID%7D&_test=YElqbwAAAK7HYVLS HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=0WCbX0j&uid=YElqbwAAAK7HYVLS&_test=YElqbwAAAK7HYVLS

Request Chain 144

https://cm.g.doubleclick.net/pixel?google_nid=signal_dmp&google_cm&btt=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=signal_dmp&google_cm=&btt=0&google_tc= HTTP 302
https://s.thebrighttag.com/cs?tp=gcms&btt=0&google_gid=CAESEApvBkDhe2K_ADcNTOylt38&google_cver=1

Request Chain 145

https://sync.mathtag.com/sync/js?redir=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Ftp%3Dmm%26uid%3D%5BMM_UUID%5D%26btt%3D0 HTTP 302
https://s.thebrighttag.com/cs?tp=mm&uid=01206049-6a6e-4f00-bc26-b04394b367c4&btt=0

Request Chain 146

https://servedby.flashtalking.com/map/?key=s3lJXta567k8G63uyekk63hUj6k11&url=https://s.thebrighttag.com/cs?btt=0&tp=dJNjEOZ&uid=[%FT_GUID%] HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=dJNjEOZ&uid=48188FEABBAD17

Request Chain 147

https://tag.device9.com/img/img.png?D9v.Version=1&D9v.Tag=1&D9r.DeviceID=true&D9v.AdvID=14708&D9v.SiteId=1&D9c=ftSync&D9c.dest=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dv0HKuXG%26uid%3D%5BD9ID%5D HTTP 307
https://s.thebrighttag.com/cs?btt=0&tp=v0HKuXG&uid=f2a191dc93844daaa4560408392229e7

Request Chain 158

https://8526803.fls.doubleclick.net/activityi;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7177934446110.81 HTTP 302
https://8526803.fls.doubleclick.net/activityi;dc_pre=CKavwOKDp-8CFULXEQgdcmYIyA;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7177934446110.81

Request Chain 160

https://ib.adnxs.com/getuid?//its.tradelab.fr/?type=tlsync&uuid2=$UID&callback=tl_sync HTTP 302
https://its.tradelab.fr/?type=tlsync&uuid2=3838662649262320631&callback=tl_sync

Request Chain 161

https://its.tradelab.fr/?type=tp&advid=727265&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1615424111%2C%22page_url%22%3A%22lp.clevernetwork.pt%2F%22%2C%22dm%22%3A%22pokerstars.eu%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1615424111%2C%22prev_vis_ts%22%3A1615424111%2C%22curr_vis_ts%22%3A1615424111%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm HTTP 302
https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEFLgpwY6LeAtbaGIjUlEL1I&google_cver=1

Request Chain 171

https://ib.adnxs.com/getuid?//its.tradelab.fr/?type=seg&uuid2=$UID&sid=25072242&val=null&fp=0&advid=727265&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F89.0.4389.72%2520Safari%252F537.36&ur=https%253A%252F%252Flp.clevernetwork.pt%252F HTTP 302
https://its.tradelab.fr/?type=seg&uuid2=3838662649262320631&sid=25072242&val=null&fp=0&advid=727265&isregen=0&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&ur=https%3A%2F%2Flp.clevernetwork.pt%2F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm HTTP 302
https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESELpQZs9GdkeCeuJKxvQbDxY&google_cver=1

Request Chain 172

https://servedby.flashtalking.com/map/?key=a7rAgh52909gAgrTaAporDg928888&url=https://servedby.flashtalking.com/container/29;71832;7464;iframe/?g=[%FT_GUID%] HTTP 302
https://servedby.flashtalking.com/container/29;71832;7464;iframe/?g=48188FEABBAD17

Request Chain 181

https://its.tradelab.fr/?type=tp&advid=5189423&uuid=0&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1615424111%2C%22page_url%22%3A%22lp.clevernetwork.pt%2F%22%2C%22dm%22%3A%22pokerstars.eu%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1615424111%2C%22prev_vis_ts%22%3A1615424111%2C%22curr_vis_ts%22%3A1615424111%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm HTTP 302
https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEOP-pQTLZUzUa0mn_7DeOSg&google_cver=1

Request Chain 189

https://adservice.google.de/ddm/fls/i/dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F HTTP 302
https://8954552.fls.doubleclick.net/ddm/fls/r/dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F

Request Chain 209

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/702974000/?random=1348709411&cv=9&fst=1615424111565&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMqauOKDp-8CFRoE4AodSA0DNQ%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D105097354712665%3Bord%3D4664647398926.674%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.eu%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=b2pJYIuvJpmxx_APhMSswAo&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/702974000/?random=1348709411&cv=9&fst=1615424111565&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMqauOKDp-8CFRoE4AodSA0DNQ%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D105097354712665%3Bord%3D4664647398926.674%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.eu%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=b2pJYIuvJpmxx_APhMSswAo&cid=CAQSKQCNIrLMQKKDlWbvvrYVsKJfH8aFku-JtzC15uxsaMCLoe1BVB-EDbfu&random=476051964&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/702974000/?random=1348709411&cv=9&fst=1615424111565&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMqauOKDp-8CFRoE4AodSA0DNQ%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D105097354712665%3Bord%3D4664647398926.674%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.eu%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=b2pJYIuvJpmxx_APhMSswAo&cid=CAQSKQCNIrLMQKKDlWbvvrYVsKJfH8aFku-JtzC15uxsaMCLoe1BVB-EDbfu&random=476051964&resp=GooglemKTybQhCsO&ipr=y

Request Chain 210

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/752674712/?random=168098372&cv=9&fst=1615424111565&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMqauOKDp-8CFRoE4AodSA0DNQ%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D105097354712665%3Bord%3D4664647398926.674%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.eu%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=b2pJYIOxJvuBx_AP3MyCwAE&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/752674712/?random=168098372&cv=9&fst=1615424111565&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMqauOKDp-8CFRoE4AodSA0DNQ%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D105097354712665%3Bord%3D4664647398926.674%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.eu%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=b2pJYIOxJvuBx_AP3MyCwAE&cid=CAQSKQCNIrLMmxyP6sKWBdenaJMj2dUNFDllmtxZM6IpgUMSb9oCkW9faH7I&random=2936703643&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/752674712/?random=168098372&cv=9&fst=1615424111565&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMqauOKDp-8CFRoE4AodSA0DNQ%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D105097354712665%3Bord%3D4664647398926.674%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.eu%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=b2pJYIOxJvuBx_AP3MyCwAE&cid=CAQSKQCNIrLMmxyP6sKWBdenaJMj2dUNFDllmtxZM6IpgUMSb9oCkW9faH7I&random=2936703643&resp=GooglemKTybQhCsO&ipr=y

367 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 pkvHy Show response
bityli.com/ 16 KB
5 KB 1464ms
1441ms Document
text/html 2606:4700:3033::ac43:c0cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8429a6ffbbbe9bf668f8309c48d76ccb7fd19856ae638274c7c492415b39f7f

Request headers

:method: GET
:authority: bityli.com
:scheme: https
:path: /pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:07 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d761692af86ca6efcc9b88cb11a91c76e1615424106; expires=Sat, 10-Apr-21 00:55:06 GMT; path=/; domain=.bityli.com; HttpOnly; SameSite=Lax; Secure PHPSESSID=3a366181407c99d18ec4a2a36eac2bd4; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
cf-request-id: 08c060c6b900002c4e9028e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6egkKXmeLpNQBOYO0SRFF2ekn%2FXLfv4algcZodxnVMYX0tUqM1YAaDiJ%2FCCrAR4BCuai2PUTGiLiy2vUU%2FcrBHy2caBMMd1%2FglJiG7%2FDAAqJ0uVZsAeY"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 62e0d0b78d472c4e-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 3 KB
526 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Requested by

Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e8158695e0e4cf90e8ee1ac3fd76572a677909d6969df84086026841e84b1fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bityli.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 00:28:21 GMT
server: ESF
date: Thu, 11 Mar 2021 00:55:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Mar 2021 00:55:07 GMT

GET
H2 200 bootstrap.min.css
bityli.com/themes/saas/assets1/css/ 156 KB
21 KB 21ms
18ms Stylesheet
text/css 2606:4700:3033::ac43:c0cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bityli.com/themes/saas/assets1/css/bootstrap.min.css
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Request headers

Referer: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 07 Nov 2020 00:03:50 GMT
server: cloudflare
age: 2399
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nYAceXOyegv70SjWT592n4aqL7zK1Z8272NhQEGzJuFK%2FofZ3OM%2BnCnG%2Be6vF5sjqnurHs0R7KMae5xrJOjm4G4LRa2X1CfxpJRyPfW0iVFBvgqMjyD3"}],"max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 62e0d0c09c952c4e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c060cc6000002c4e69143000000001

GET
H2 200 slick.css
bityli.com/themes/saas/assets1/css/ 1 KB
745 B 15ms
12ms Stylesheet
text/css 2606:4700:3033::ac43:c0cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bityli.com/themes/saas/assets1/css/slick.css
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21061765237c66c10b48e236063a3497c22d33629e98f8654d1a3b860fa48700

Request headers

Referer: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2399
cf-polished: origSize=1776
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c060cc6000002c4ed692c000000001
last-modified: Sun, 03 May 2020 19:56:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9vTZa0nAvuXKZGvzZkbpZ8adQddKZzGT0Pxw80VqK%2FLFwTKp6IUY9J4zSxGW3tajcKdIlcsIpo08aj9VPHfghuL0AT6faNhUeVzNNvnkdAk%2FufBnOYMh"}],"max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 62e0d0c09c962c4e-FRA
cf-bgj: minify

GET
H2 200 LineIcons.css
bityli.com/themes/saas/assets1/fonts/lineicons/font-css/ 22 KB
4 KB 23ms
19ms Stylesheet
text/css 2606:4700:3033::ac43:c0cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bityli.com/themes/saas/assets1/fonts/lineicons/font-css/LineIcons.css
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0b65098ced25c5e297bad2d15d60bb699e598fae6f80faae7a0a6903e59d21d

Request headers

Referer: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2399
cf-polished: origSize=28260
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c060cc6200002c4e9bb48000000001
last-modified: Sun, 23 Feb 2020 11:45:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4ercR%2Fa2sM%2BqBnsxiV9IFV08g1A0ui8rMndpGR3b6J6XKqfXNYmwi%2B8ys2SreXe07LYjdLUz2KOLavCAeMFg63Rpg2JZAQTqECEa5fTAav9bPw%2FDxsoa"}],"max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 62e0d0c09c982c4e-FRA
cf-bgj: minify

GET
H2 200 LineIcons.css
bityli.com/themes/saas/assets1/css/ 22 KB
4 KB 15ms
11ms Stylesheet
text/css 2606:4700:3033::ac43:c0cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bityli.com/themes/saas/assets1/css/LineIcons.css
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0b65098ced25c5e297bad2d15d60bb699e598fae6f80faae7a0a6903e59d21d

Request headers

Referer: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2399
cf-polished: origSize=28260
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c060cc6200002c4e660fa000000001
last-modified: Sun, 03 May 2020 19:56:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Qb4z4uSnn%2FiGpBf5l7jCFPZncvMNLhjcNE1oK7iKYTz337kkiHhLPasMjHwF6FExGwThjgTDkmSTn5S%2B14wiP%2FMhmGMpAA5Hf3rjCdOVonPk2aNxAuOm"}],"max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 62e0d0c09c992c4e-FRA
cf-bgj: minify

GET
H2 200 default.css
bityli.com/themes/saas/assets1/css/ 8 KB
1 KB 19ms
14ms Stylesheet
text/css 2606:4700:3033::ac43:c0cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bityli.com/themes/saas/assets1/css/default.css
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c59d882e3530622289705fd1e3d0b192a62debfcde1027fe90b3e11dd3a981d3

Request headers

Referer: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2399
cf-polished: origSize=11304
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c060cc6300002c4ed03d1000000001
last-modified: Sun, 03 May 2020 19:56:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cfuE8VUDRRz2fYPEGE5xIxVt8vwcCh5fpX1CrACGiCraVwXgJFmuKqStiNsDb50ROFptdiQ44zCZOvlEc63f%2BghxtR%2ByYEGi58%2FfEOMdI7In86HA3aR5"}],"max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 62e0d0c09c9b2c4e-FRA
cf-bgj: minify

GET
H2 200 style.css
bityli.com/themes/saas/assets1/css/ 50 KB
8 KB 22ms
18ms Stylesheet
text/css 2606:4700:3033::ac43:c0cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bityli.com/themes/saas/assets1/css/style.css
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46289d29d992c5c7210ae2e100ad185f10858b2db61859fa2eadddca78ad829e

Request headers

Referer: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2399
cf-polished: origSize=69891
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c060cc6300002c4eab9c2000000001
last-modified: Sat, 30 Jan 2021 14:44:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bB%2BQTSVQHnIRC5rYGPQLm2KxjhxCNvL1EZOxVNUWWldwFg67FBj2DPOffuhXChyrrmsZ%2FZSN0b4G0qsmbVIBfccL15%2BTHM6Ut4Jd0RGHgh%2BUEUPtwO%2Bg"}],"max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 62e0d0c09c9c2c4e-FRA
cf-bgj: minify

GET
H2 200 style.css
bityli.com/themes/saas/ 91 KB
14 KB 27ms
23ms Stylesheet
text/css 2606:4700:3033::ac43:c0cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bityli.com/themes/saas/style.css
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53289bc177e9dbf73eaf23404a01e76d2237941bf9e4cca32713b6a979f8e387

Request headers

Referer: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2398
cf-polished: origSize=113589
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c060cc6300002c4e88972000000001
last-modified: Fri, 13 Nov 2020 21:15:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ajVzucdpiapuRnt0KkrA1q9PTFQh%2FWo013%2BORIURgovdTH9PotTeqfEraCwGNE8Kdoq6pXoPh6UYQRWgeV0vRhZkXzf8w2zwVLaRH5GnoKDniXJKYFl3"}],"max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 62e0d0c09c9d2c4e-FRA
cf-bgj: minify

GET
H2 200 components.min.css
bityli.com/static/css/ 19 KB
3 KB 18ms
13ms Stylesheet
text/css 2606:4700:3033::ac43:c0cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bityli.com/static/css/components.min.css
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c19df610d2b937c34facbe5517c48054fd3695a18e69fa1ac94084aa61d5079

Request headers

Referer: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 10 Jan 2021 20:51:08 GMT
server: cloudflare
age: 2398
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C9rG2OygKNQZZ3fTLupZFkahQ8EYeSVrJyFMtzZCX6D0lPmhnTXTd7zI2z73FvxyolvGQdIbA50UV%2FuhkoGmbsxLy%2Br%2BMxlWT%2BPfK6ipQnVjcP4duFdi"}],"max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 62e0d0c09c9e2c4e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c060cc6300002c4ea6092000000001

GET
H2 200 fa-all.min.css
bityli.com/static/css/ 56 KB
12 KB 19ms
14ms Stylesheet
text/css 2606:4700:3033::ac43:c0cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bityli.com/static/css/fa-all.min.css
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74d66add22660b12e57cf4a9e1c2fe4fcc8708e052ec75b62b1e9428968fc90d

Request headers

Referer: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 10 Jan 2021 20:51:08 GMT
server: cloudflare
age: 2398
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VrZ0qf91kWYYo7w9TctZqsIjPTsOd6zzN1Cr9ezHT32YeayPfm%2BsFIMvvtea8mngHV%2B9UBaeU6cluY%2B6QeoNHCcHwsUtcsFmY9pMYMyuvVke4M5QofFI"}],"max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 62e0d0c09c9f2c4e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c060cc6400002c4ebe398000000001

GET
H2 404 components.min.css
bityli.com/themes/saas/assets/css/ 0
0 723ms
719ms Stylesheet
text/html 2606:4700:3033::ac43:c0cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bityli.com/themes/saas/assets/css/components.min.css
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 00:55:08 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=J5xHdms1x%2Fft2P2A8pT6Lzel3t%2FtUPZTWR8odtuwokWhiExasNLMJZwstaBsr3%2FtYFnqeU9O9sgRiC3oeB5xsl%2FYkELUsZB4HeLLnUSQY0vidGrbS9gF"}],"max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 62e0d0c09ca02c4e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c060cc6400002c4e5d10f000000001
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 404 animate.min.css
bityli.com/themes/saas/assets/css/ 0
0 826ms
822ms Stylesheet
text/html 2606:4700:3033::ac43:c0cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bityli.com/themes/saas/assets/css/animate.min.css
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 00:55:08 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=urYm3TB%2FR0WFnhhgAIwqvD27Cu5eajlLqN0akVeJ694L%2BAIHeHdBoB5fwnMErIASkp%2FAnHd3K8uhG9YLX9ncMZCdfxh%2FNG3Zhr6N6XKmKF3CksJtl1UA"}],"max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 62e0d0c0aca22c4e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c060cc6500002c4ea73bc000000001
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.0.3/ 82 KB
29 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js

Requested by

Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bityli.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 08:38:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 145021
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29440
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Mar 2022 08:38:06 GMT

GET
H2 200 bootstrap.min.js Show response
bityli.com/static/ 3 KB
1 KB 25ms
21ms Script
application/javascript 2606:4700:3033::ac43:c0cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bityli.com/static/bootstrap.min.js
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f7244cb694f7f667a5f3668a79844fc6159e3922363f0423d9b09872680f372

Request headers

Referer: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 10 Jan 2021 20:51:08 GMT
server: cloudflare
age: 2395
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hgdXAfT9RDCeQ8GwgH0OIami6tjoBCelFXBtZbkdelV23ynZRsw6%2BlpY70nXr5LcRpg5fn5VqmmSdJV2OkOCEzmhKuReQHXgwJ3rYvyQDYl5NxUSK0PJ"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 62e0d0c0aca32c4e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c060cc6600002c4e6face000000001

GET
H2 200 application.fn.js Show response
bityli.com/static/ 3 KB
1 KB 17ms
13ms Script
application/javascript 2606:4700:3033::ac43:c0cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bityli.com/static/application.fn.js
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 877de2ffab95719d6ff1f1048fa912e70ee31879a2a31f868eb5b1770252d8fb

Request headers

Referer: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2395
cf-polished: origSize=4495
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c060cc6600002c4e722f3000000001
last-modified: Sun, 10 Jan 2021 20:51:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4%2Fg00mxfdJiyq0GcC7x5U7VBIW%2FTt4EE0sUh99qvnCqNajK29sJ1SM%2FR8Loc9c4O1IRmiJxda86BlLwUn2iZu29dGC1hgTZ9Xtie9RmtZwNAjViSTs8Y"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 62e0d0c0aca42c4e-FRA
cf-bgj: minify

GET
H2 200 jquery-1.12.4.min.js Show response
bityli.com/themes/saas/assets1/js/vendor/ 95 KB
32 KB 25ms
21ms Script
application/javascript 2606:4700:3033::ac43:c0cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bityli.com/themes/saas/assets1/js/vendor/jquery-1.12.4.min.js
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 06 Sep 2018 13:54:46 GMT
server: cloudflare
age: 2395
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Q5vcCzhEL3YppSWh6wKuBparY9UrnoEnNm4QdZg2QG70cCoEueapOKUop6ljvb%2FX4QFJyHbitmjynhTnZVMB0TqhhT%2BNGI%2BPOqpB9w%2BnjE46G8gzb%2Bu6"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 62e0d0c0aca52c4e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c060cc6600002c4e853d9000000001

GET
H2 200 bootstrap.min.js Show response
bityli.com/themes/saas/assets1/js/ 59 KB
15 KB 22ms
18ms Script
application/javascript 2606:4700:3033::ac43:c0cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bityli.com/themes/saas/assets1/js/bootstrap.min.js
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548

Request headers

Referer: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 28 Nov 2019 13:08:56 GMT
server: cloudflare
age: 2394
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iV83vpOgJU4JTZj%2FJ2Pszr%2B%2Ff3MfPX4gXJVH7xUzywgy6Xooiwe1EuM%2Btz03ps%2F4JGd6BkVtcg5OpsOiYo6O%2BX3PzsglS7BFk2K0UJsiP5hjovQe3hV%2B"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 62e0d0c0aca62c4e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c060cc6600002c4e7d815000000001

GET
H2 200 slick.min.js Show response
bityli.com/themes/saas/assets1/js/ 42 KB
10 KB 24ms
20ms Script
application/javascript 2606:4700:3033::ac43:c0cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bityli.com/themes/saas/assets1/js/slick.min.js
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

Referer: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 03 May 2020 19:56:34 GMT
server: cloudflare
age: 2394
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5KN46z%2FBuNb5bEQ8O7Yz%2FCx%2FvlUFzqnl%2Fwn5svjDQisp8mIP%2Ba4BlA5aa%2BCUfkrKiBGir%2BA0%2BaBpNDuLZxNbeaANGY74Hk8fannQfq4BK%2BT5SxTW0%2Fw7"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 62e0d0c0aca72c4e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c060cc6600002c4ec3078000000001

GET
H2 404 components.js
bityli.com/themes/saas/assets/js/ 0
0 849ms
846ms Script
text/html 2606:4700:3033::ac43:c0cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bityli.com/themes/saas/assets/js/components.js
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 00:55:08 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ANRoL4UhA47HzkRNkOid0SUFI5nQ0hvM4tZc8E9zbKY5TllFMZCAKCzg6PnAg0H2vjtIdJBGdnQX6th7mGAK%2FCEAufyqw%2FAU3l5XI9t07Uf36g3LLmxE"}],"max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 62e0d0c0aca82c4e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c060cc6700002c4e951da000000001
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 waypoints.min.js Show response
cdnjs.cloudflare.com/ajax/libs/waypoints/2.0.3/ 8 KB
3 KB 15ms
11ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/waypoints/2.0.3/waypoints.min.js

Requested by

Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://bityli.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1821910
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2331
cf-request-id: 08c060cc6500004a7f85866000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:51 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb0402f-1f6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C7NDSG0VopHRD%2B48RWZl0toN7gYcNqbOX3mbxID1olgJbjQRUmADt9R8jGKeLV%2FjExz39GJpT%2F%2F%2FLSpp1Kw%2F7SpH6JKtmvvpnTrFNMtdY1jFppDXNVRy0NiNguoHDBILbw%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62e0d0c0aa5a4a7f-FRA
expires: Tue, 01 Mar 2022 00:55:07 GMT

GET script.js
livedados.com/js/ 0
0

GET
H2 200 blockadblock.min.js Show response
cdnjs.cloudflare.com/ajax/libs/blockadblock/3.2.1/ 5 KB
2 KB 15ms
12ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/blockadblock/3.2.1/blockadblock.min.js?v=3.2.1

Requested by

Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df35392ebe2722ddcafc180639031db9a8ed65c3d5f5e94833fdb74435d1a77a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://bityli.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 616847
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1309
cf-request-id: 08c060cc6500004a7f73995000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:35 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8b-1289"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5xcPHR1tyGHxW3hsMSInbC6vO6nPexgSDR4VSQeo%2BbKM2Yc%2FvmcLuwHyV709mzX0Eb1hK7KtEWQmr9h63JySD%2B6Ib49xa6inSp288xWOK9ylF%2FqqclGDzKEsIoxWqNwaZg%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62e0d0c0aa5b4a7f-FRA
expires: Tue, 01 Mar 2022 00:55:07 GMT

GET
H2 200 detect.app.js Show response
bityli.com/static/ 386 B
684 B 17ms
14ms Script
application/javascript 2606:4700:3033::ac43:c0cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bityli.com/static/detect.app.js
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e527e6fb033ab7789f691a772a1c400c759c1fb6decc5c0b2995c43670114216

Request headers

Referer: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1096
cf-polished: origSize=440
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c060cc6700002c4e7b100000000001
last-modified: Sun, 10 Jan 2021 20:51:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hkA9HwYDp0aJupKV3KT5Y%2BIyPEMY%2F66W%2B3cr22J0fykI5BlX4T0ZHeRbIoxeEVktYQaN%2Firk4JWd6x1gLzvMiR7nF4YHxXfANlohrAF0UOcaJYjIERge"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 62e0d0c0aca92c4e-FRA
cf-bgj: minify

GET
H2 200 chosen.jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/chosen/1.1.0/ 26 KB
6 KB 15ms
12ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/chosen/1.1.0/chosen.jquery.min.js?v=1.1.0

Requested by

Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c7e07dfb2d7437793e8b1ed577739a8bd55558df14aa7234714675ba53f71ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://bityli.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3649675
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5483
cf-request-id: 08c060cc6500004a7f31911000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e23-6956"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=apmWqsbyCATHxRrDMtJFMa21KZlenq1m3X8AeHZT273SYGLQPQKynOtv%2FkxaPVmTbPg%2FX35ccwlT1KrcuND4i9sWf1wYx0v3FvCYM82OQYnzpKHJRHQSdnYXNpXMfShXYA%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62e0d0c0aa5c4a7f-FRA
expires: Tue, 01 Mar 2022 00:55:07 GMT

GET
H2 200 icheck.min.js Show response
cdnjs.cloudflare.com/ajax/libs/iCheck/1.0.1/ 4 KB
2 KB 13ms
10ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/iCheck/1.0.1/icheck.min.js?v=1.0.1

Requested by

Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6102d725c22f9bf27ef542ceae070843153f3e0926b89820a75f29b107e33cb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://bityli.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1961180
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1911
cf-request-id: 08c060cc6500004a7f3b155000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:10 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e9e-11a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZRWo8CVEkbPUZnJd5XHvmEC5v6p9k3ecEm7Y7KovgV8Bcw1M5EtZyLsvqKtnvm2mNrbGdJOpmcn%2F%2BHhs8ppE%2BEmAKrINruZcr4Ibm643lJzylfdhktS4w23cVMUw3PKjTw%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62e0d0c0aa5d4a7f-FRA
expires: Tue, 01 Mar 2022 00:55:07 GMT

GET
H2 200 clipboard.min.js Show response
cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.5.15/ 10 KB
3 KB 18ms
15ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.5.15/clipboard.min.js?v=1.5.15

Requested by

Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08e5970dcee7ecf02ab04df2d6be02568a71594f4923491e9f3e8ae3306a853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://bityli.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4845740
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2906
cf-request-id: 08c060cc6500004a7f1aa7b000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e29-2824"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LMdBxWxK55JzZrdz4t14iR4aIujfjVk19oJtTvDtkLhcgWXm8CtcfJGvVDxQWbVEEQCNyySYTkDqjqURS13894eRfa%2FCZjT82xmpYc45oS0%2B%2FWfrn2xNW6vqniw4g1OXqA%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62e0d0c0aa5e4a7f-FRA
expires: Tue, 01 Mar 2022 00:55:07 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 19 KB
6 KB 13ms
11ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js?v=3.0.3

Requested by

Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://bityli.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1961218
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5676
cf-request-id: 08c060cc6500004a7f2736a000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-4d5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SBQhw7ravNQQc%2BoCbStlLeyYM%2FOh%2FYPxAvdMaLIlss53dXnMbwrpabwAbMI4LFKHIQjrkRSo9Dfb3WMVjBcx77W84eQQdP%2BotnEo8Snl070RTQarypmTjJ%2FqcHUcr7MhwA%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62e0d0c0aa5f4a7f-FRA
expires: Tue, 01 Mar 2022 00:55:07 GMT

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 4 KB
1 KB 12ms
10ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css?v=3.0.3

Requested by

Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://bityli.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1219890
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 948
cf-request-id: 08c060cc6400004a7f688e1000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-f62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RE5prsBG18t1b7Wu1hLQB60S5K3qdTA2YUm1XYS9Ka%2FoEffZ32nea8GhDut3COf44msqz4EB6%2F5%2FfsDmdFxR3m92MnPqnOMXz47yPkMx51YjVdrRb53uiAJ2Ouusru35kA%3D%3D"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62e0d0c0aa594a7f-FRA
expires: Tue, 01 Mar 2022 00:55:07 GMT

GET
H2 200 jquery.autocomplete.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.devbridge-autocomplete/1.4.10/ 13 KB
4 KB 17ms
15ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.devbridge-autocomplete/1.4.10/jquery.autocomplete.min.js?v=1.1.5

Requested by

Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6ff6d4624a5c8140cbc19107aa372a233907f8e6e4d55d002d20cae682a575f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://bityli.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3640099
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3860
cf-request-id: 08c060cc6500004a7f1804d000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-331b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SEfFPffJf7Spmc6pSQKlKw6vtM%2FNVIz6dfo2jmpQv90j5xbZuUmk38EmfmMIEADj7JToU%2B9gsS9VsKDzt%2FaO2LxlS0iYkbKioEKdEQ%2FM5O8hYuxWQXNMmq4hGgKPPbJ7zw%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62e0d0c0aa604a7f-FRA
expires: Tue, 01 Mar 2022 00:55:07 GMT

GET
H2 200 pace.js Show response
cdnjs.cloudflare.com/ajax/libs/pace/0.4.17/ 25 KB
6 KB 18ms
15ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/pace/0.4.17/pace.js?v=0.4.17

Requested by

Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a898f00aabf0e5632b47a59e092c4662c8cbda0c33ea6d0d424cbced57e3ee72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://bityli.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2422009
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5158
cf-request-id: 08c060cc6500004a7f533cf000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f40-621b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rCMCQr%2FOeCCp61erZ4%2BWukl%2FgGWpNr7Reond6%2BoJqliu%2FgK7TksYtIsEEJAN9p%2FkYrzdLtobRg9F%2Fj0WxFd%2FEMTcAnBzhRy%2FP76duEGZ30GDWDxJ3Vdb9PuC86QiHGIxBQ%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62e0d0c0aa614a7f-FRA
expires: Tue, 01 Mar 2022 00:55:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
39 KB 20ms
18ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-146760796-1

Requested by

Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0f2d69704a49ce1914361c4e1d9e7adc325d30967ab8518a0c087545c2f9c9c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://bityli.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39824
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 00:35:04 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Mar 2021 00:55:08 GMT

GET
H2 200 application.js Show response
bityli.com/static/ 15 KB
4 KB 19ms
17ms Script
application/javascript 2606:4700:3033::ac43:c0cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bityli.com/static/application.js
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 171ca22825d9d3284a7e20e85120854bc2bf6fb15b821ce6bed382f14ff51c29

Request headers

Referer: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2393
cf-polished: origSize=20067
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c060cc6700002c4e8034e000000001
last-modified: Sun, 10 Jan 2021 20:51:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Xkv2XJgzzxTGRup7CbqFa5ljTmpyqo8%2BVT8Regawh8vxcyHSoaMnsvWE7osDm7HR4TNPt8C55hCMu%2FTCMoOlroY4YLdrD%2BvCymEsvWy7CajUxAYSRxEm"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 62e0d0c0acaa2c4e-FRA
cf-bgj: minify

GET
H2 200 server.js Show response
bityli.com/static/ 8 KB
2 KB 21ms
19ms Script
application/javascript 2606:4700:3033::ac43:c0cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bityli.com/static/server.js
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7c3e55eaa9ecaa4ca4a2ebffc199b1d3b5c4c568e832a107811ca61db66bcbb

Request headers

Referer: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2393
cf-polished: origSize=12439
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c060cc6700002c4e8c081000000001
last-modified: Sun, 10 Jan 2021 20:51:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8USrY0tK%2BwgwzUYYzBPgRA%2FyjbDqeLd2lp%2FmfN6ziTp6MjfcZHk6DNljRlbFhpA1eEfaZg4eu5E3bDwlE7CDg%2BbX1c8iSm9NR7TjrbVndMCGtLXQ53VP"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 62e0d0c0acab2c4e-FRA
cf-bgj: minify

GET
H2 200 auto_site_logo.png
bityli.com/content/ 4 KB
4 KB 11ms
10ms Image
image/png 2606:4700:3033::ac43:c0cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bityli.com/content/auto_site_logo.png
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a923b3ea0ecb81905ee68b897fd3e2a1ba5b42feef35f648539e9c4b1da3320d

Request headers

Referer: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:08 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2393
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4238
cf-request-id: 08c060cfbe00002c4e8036b000000001
last-modified: Wed, 03 Mar 2021 23:57:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1Zn7EG%2BPDlV86qJ%2BUYbGNTgq7yxvVmKEj6oNtt1B8ysJUyvVlj%2BqpBrvpAWB6ieW7EHGwGexpLchHpN%2Fh5HqfQhzjl2ojEm8uU9NFO4E00mAciMbvF8z"}],"max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 62e0d0c5f8c62c4e-FRA

GET
H3-Q050 200 css
fonts.googleapis.com/ 8 KB
1 KB 43ms
28ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:300,400,600,700,800&display=swap

Requested by

Host: bityli.com
URL: https://bityli.com/themes/saas/assets1/css/style.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e5e8a081c33e64578de89d2fe9f37aeca106246d4fbd2c0b9ba2f2520cd0edb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bityli.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 23:42:37 GMT
server: ESF
date: Thu, 11 Mar 2021 00:55:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Mar 2021 00:55:07 GMT

GET
H2 200 icons.css
bityli.com/themes/saas/assets/css/ 14 KB
3 KB 11ms
11ms Stylesheet
text/css 2606:4700:3033::ac43:c0cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bityli.com/themes/saas/assets/css/icons.css
Requested by: Host: bityli.com
URL: https://bityli.com/themes/saas/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5677bfe81b3c8ac24882e1c9b6b53f629e150f6124730061898c8409130c866c

Request headers

Referer: https://bityli.com/themes/saas/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1992
cf-polished: origSize=16435
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c060cc8c00002c4ea73bd000000001
last-modified: Fri, 23 May 2014 18:31:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1nJ3Mo0WweA6lHAeaz1R1YvhXV0IpH9RC%2FYimM2DYzquUuX2zKoa%2B0xkV2hSrQMCty2L08C6k9WAmwOx%2BCKk0LteR%2BHNOA9EzaNJPDiyAJlKGpRD3vZb"}],"max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 62e0d0c0eccc2c4e-FRA
cf-bgj: minify

GET
H2 200 responsive.css
bityli.com/themes/saas/assets/css/ 0
304 B 11ms
11ms Stylesheet
text/css 2606:4700:3033::ac43:c0cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bityli.com/themes/saas/assets/css/responsive.css
Requested by: Host: bityli.com
URL: https://bityli.com/themes/saas/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bityli.com/themes/saas/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:07 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1991
cf-polished: origSize=581
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 08c060cc8c00002c4e6facf000000001
last-modified: Wed, 23 Jan 2019 22:25:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ihrzN9yCx35EWE%2FsZL1Xccg9pvsxGckGqiq2CP6z4Dz3GYT7cTGqORJA871Mm%2FXFLkaPIde4Jis%2FnfC4FTD7fvsLPfCDDUYThdHzU7I0SpU16eGEKGEw"}],"max_age":604800}
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 62e0d0c0eccd2c4e-FRA
cf-bgj: minify

GET
H2

200

/
api.miniature.io/
Redirect Chain

https://bityli.com/pkvHy/i
https://api.miniature.io/?width=800&height=600&screen=1024&url=https%3A%2F%2Fwww.portoseguro.com.br%2Fconsorcio-de-imoveis%3Futm_source%3Dmeuportoseguro%26utm_medium%3Droberta_machado_8800%26utm_ca...

23 KB
23 KB

151ms
40ms

Image
image/png

217.182.76.191
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.miniature.io/?width=800&height=600&screen=1024&url=https%3A%2F%2Fwww.portoseguro.com.br%2Fconsorcio-de-imoveis%3Futm_source%3Dmeuportoseguro%26utm_medium%3Droberta_machado_8800%26utm_campaign%3Dindicacao%26utm_content%3Dsite_candidato%26codigoParceiroExterno%3D900011%26codigoRepresentanteParceiroExterno%3Droberta_machado_8800
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.182.76.191 Poledno, Poland, ASN16276 (OVH, FR),
Reverse DNS: edge01.devgrid.net
Software: openresty /
Resource Hash: 45024d41846a2594d90f9942d9e3b4f068eed7e2b33761e53a4aca99a372e720

Request headers

Referer: https://bityli.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:09 GMT
server: openresty
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-response-type: content
cache-control: max-age=86400
access-control-allow-headers: X-Requested-With

Redirect headers

pragma: no-cache
date: Thu, 11 Mar 2021 00:55:09 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=P7HHGmRI%2FF%2Bn3%2Fz9M5o32qf%2BjvfyDP9hz4BcJxCDixAwpGNBaIOp1uEMF42jy6pU4c4qYzNR3Q8wThfWsScMYy3cX1vt3Tq%2FGTslEYq4tZCg%2BEuSWIuh"}],"max_age":604800}
content-type: text/html; charset=UTF-8
location: https://api.miniature.io/?width=800&height=600&screen=1024&url=https%3A%2F%2Fwww.portoseguro.com.br%2Fconsorcio-de-imoveis%3Futm_source%3Dmeuportoseguro%26utm_medium%3Droberta_machado_8800%26utm_campaign%3Dindicacao%26utm_content%3Dsite_candidato%26codigoParceiroExterno%3D900011%26codigoRepresentanteParceiroExterno%3Droberta_machado_8800
cache-control: no-store, no-cache, must-revalidate
cf-ray: 62e0d0c5f8c72c4e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c060cfbe00002c4e8898d000000001
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 typed.min.js Show response
cdnjs.cloudflare.com/ajax/libs/typed.js/2.0.6/ 11 KB
3 KB 11ms
11ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/typed.js/2.0.6/typed.min.js

Requested by

Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

960d3c7144bd7d1695869610cb719fa0d30c5ca692eb76e1497a96f0c7ee001c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://bityli.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1958926
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3045
cf-request-id: 08c060cf9b00004a7f7f1a6000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04010-2cc5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pU0kyyxx6%2FUXPwayoZPu9SmaIirsAUohh148P%2BcL8IhlC%2FsABwqSgcytKMvs4yQDQBKDgCgDR89O2EoOJYF7nCHHaXAxW0RHUdz37oxQfHUP3AnSc34%2BV%2FCHA%2Bd3rIHDVg%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62e0d0c5ced04a7f-FRA
expires: Tue, 01 Mar 2022 00:55:08 GMT

GET
H2 200 main.js Show response
bityli.com/themes/saas/assets/js/ 3 KB
1 KB 15ms
14ms Script
application/javascript 2606:4700:3033::ac43:c0cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bityli.com/themes/saas/assets/js/main.js
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3568fab3fd530fc35c9f674ba12058852e3390ae36ef8393140b5c82432a782

Request headers

Referer: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1991
cf-polished: origSize=3609
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c060cfae00002c4eb3261000000001
last-modified: Thu, 31 Jan 2019 00:31:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vHRgkySNeGvLwJ4luUXKtF5kv%2FFsPg31SNYnBCEAMfRPuqn3JfEbhm3tMAppjlMfONa9Tiwd5f9A1I9P%2FDCPqdjEeDRW7OgFCpd7XuIeAPF8cVLiB%2Bti"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 62e0d0c5e8b52c4e-FRA
cf-bgj: minify

GET
H2 200 9d136f8caa99b4fa79d868ae9a2b9cf7.min.js Show response
clevernt.com/scripts/ 127 KB
50 KB 43ms
20ms Script
text/javascript 2606:4700:20::681a:a75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clevernt.com/scripts/9d136f8caa99b4fa79d868ae9a2b9cf7.min.js?20200913=1615424108476
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc9ffaa978a0594b8d6f5dda0a295185fd19044f1bd4b49c7e00929328cc4d05

Request headers

Referer: https://bityli.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1096
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 7J6VCHEK8Y8G8W5M
x-amz-id-2: GwpVmEnXjxR9WbenKe50DPvgVjOGOgu2EbKsTPh6S/UomF0D6FiXbBXtMRYylyVUQyT5BxEZh8Y=
last-modified: Wed, 10 Mar 2021 11:44:51 GMT
server: cloudflare
etag: W/"ac8a8c43031b033175ef3069141d2947"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7qZGwEHcrotUGXb7jH3VtVQk%2Bce4ZMGJON8lEWtHDE64aJRls1EAphBJKRRcpfGFz0EBZK6x%2B40%2BajfaDQP%2BwEF7kzcNNNni9jmZ2nGWw9m4wusT8CBDY6w%3D"}],"max_age":604800}
content-type: text/javascript
cache-control: max-age=1800
cf-request-id: 08c060cfd5000032483302f000000001
cf-ray: 62e0d0c62fad3248-FRA

GET
H2 200 XRXW3I6Li01BKofA6sKUYevI.woff2
fonts.gstatic.com/s/nunito/v16/ 19 KB
19 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofA6sKUYevI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:300,400,600,700,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8a2fc19b3c25b470b6b7a2cb69be14e22328bc0bf9adfe709f0b1477fc61525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bityli.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 19:41:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 Nov 2020 02:44:29 GMT
server: sffe
age: 537223
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19248
x-xss-protection: 0
expires: Fri, 04 Mar 2022 19:41:25 GMT

GET
H2 200 XRXW3I6Li01BKofAjsOUYevI.woff2
fonts.gstatic.com/s/nunito/v16/ 19 KB
19 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofAjsOUYevI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:300,400,600,700,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

622b2acb1b2c8d4eba45b028583b297a195b839f4684fc02d6906c84779f763d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bityli.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 22:37:29 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 Nov 2020 02:44:23 GMT
server: sffe
age: 8259
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19088
x-xss-protection: 0
expires: Thu, 10 Mar 2022 22:37:29 GMT

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v16/ 19 KB
19 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v16/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:300,400,600,700,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06f3af3fe52542d40ad9bc14ec03e04deaabd09ec369221cc8f536db1c72bf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bityli.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:25:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 Nov 2020 02:44:35 GMT
server: sffe
age: 1785
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18972
x-xss-protection: 0
expires: Fri, 11 Mar 2022 00:25:23 GMT

GET
H2 200 themify.woff
bityli.com/themes/saas/assets/css/fonts/ 55 KB
55 KB 10ms
10ms Font
font/woff 2606:4700:3033::ac43:c0cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bityli.com/themes/saas/assets/css/fonts/themify.woff?-fvbane
Requested by: Host: bityli.com
URL: https://bityli.com/themes/saas/assets/css/icons.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7

Request headers

Origin: https://bityli.com
Referer: https://bityli.com/themes/saas/assets/css/icons.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:08 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1990
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56108
cf-request-id: 08c060cfc900002c4ea60ac000000001
last-modified: Fri, 23 May 2014 18:31:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9IucOU%2FtSQj9Uk1cGBOoY4CJoUkK0HQwcwtYXHa1GZqI2M8iHgUBk6SmGxlSorgJzrabM%2FLV8t%2FKdwp2euDpR%2FdFreIF1inx81jnAvlbUbgpu%2BUedF3R"}],"max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 62e0d0c608d32c4e-FRA

GET
H2 200 docallbackinfoa60f7e5344174d36a83bfa6dd438bc04.js Show response
ui.clevernt.com/ 695 B
1018 B 154ms
53ms Script
text/javascript 148.69.64.109
VODAFONE-PT Vodaf...

General

Check archive.org

Show headers Download Go to

Full URL

https://ui.clevernt.com/docallbackinfoa60f7e5344174d36a83bfa6dd438bc04.js

Requested by

Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

148.69.64.109 Porto, Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),

Reverse DNS

host-109.clevernetwork.pt

Software

nginx /

Resource Hash

44a012a4ad2f32024e0be67c17b7e1c19f92229b3f4431f55269947fb2e5a2ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://bityli.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: cache
date: Thu, 11 Mar 2021 00:55:08 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
strict-transport-security: max-age=15768000
expires: Thu, 11 Mar 2021 01:55:08 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-146760796-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bityli.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 5203
date: Wed, 10 Mar 2021 23:28:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Thu, 11 Mar 2021 01:28:25 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
61 B 13ms
12ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=616681465&t=pageview&_s=1&dl=https%3A%2F%2Fbityli.com%2FpkvHy%3Ffbclid%3DIwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU&ul=en-us&de=UTF-8&dt=Cons%C3%B3rcio%20de%20im%C3%B3veis%20%7C%20Porto%20Seguro%20-%20Encurtador%20de%20URL%20-%20Encurtador%20de%20Link%20-%20Bityli&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1649431026&gjid=1737869633&cid=1777478963.1615424109&tid=UA-146760796-1&_gid=837807942.1615424109&_r=1&gtm=2ou330&z=177818625

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bityli.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 00:55:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bityli.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/ Show response
lp.clevernetwork.pt/pokerstars/aa/ Frame 3493
Redirect Chain

https://sender.clevernt.com/transporter/45417.php?ppuc=1&ppu=0&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJr...
https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=4...

5 KB
2 KB

100ms
73ms

Document
text/html

2606:4700:20::681a:af8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52c386cb8b28fcdc069b847d6a7f686a77ec8e678dee41307bc8c7d66bda29f8

Request headers

:method: GET
:authority: lp.clevernetwork.pt
:scheme: https
:path: /pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bityli.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bityli.com/

Response headers

date: Thu, 11 Mar 2021 00:55:09 GMT
content-type: text/html
set-cookie: __cfduid=df719aa891d1f322f63506c28061aaab21615424108; expires=Sat, 10-Apr-21 00:55:08 GMT; path=/; domain=.clevernetwork.pt; HttpOnly; SameSite=Lax; Secure
x-amz-id-2: QqiOuP4H1myv1tYBgu+KQtJbSi9lgoxZJnlwHP75v7f/4mqQwXAGkXeY6jnPGy4I89mhtW47N1A=
x-amz-request-id: XSY9V1PFPP8T9K1Q
last-modified: Wed, 10 Mar 2021 22:22:31 GMT
cache-control: max-age=1800
cf-cache-status: MISS
cf-request-id: 08c060d18a00002b41e1bf4000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ioetYZLpv3xQDaOp3J%2B3Al9vZEZDUVsLYHwbCysR6Fr165eKRVFG5TQi%2B%2FSJDUFzNDQvcLGnhL4GZ%2Bocyk1K95OIMebpI18a%2BYV2AGBXAGIRzaQlpIWO9AV2ClMmx4BB"}],"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 62e0d0c8ddee2b41-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

server: nginx
date: Thu, 11 Mar 2021 00:55:08 GMT
content-type: text/html; charset=UTF-8
location: https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
set-cookie: hstpv4user=eyJJRCI6IjQ3MzQ0MTk0d2FuNjA0OTZhNmNkNDRhZCIsIkNUUiI6Ik5MIiwiUmVnaW9uIjpudWxsLCJCcm93c2VyIjoiQ2hyb21lIiwiUGxhdGZvcm0iOiJXaW5kb3dzIiwiTW9iaWxlIjowLCJCb3QiOjAsInJlbW90ZV9hZGRyIjoiMzExNzcyMjQzNSIsIkxhc3RVcGRhdGUiOjE2MTU0MjQxMDh9; expires=1646960108; path=/; domain=.clevernt.com; SameSite=None; Secure
expires: Fri, 27 Jun 1986 23:00:00 GMT
last-modified: Thu, 11 Mar 2021 00:55:08 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
pragma: no-cache

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32c37dc9434bdf2e6543b6bffaf90c5846c1515f2e2480d115fd865e9240b3c3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 16 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 16a7b2007ea6375a98b53b67e626f89f26415cf82eb3b120f5426fcbbe62cde2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 style.css
lp.clevernetwork.pt/pokerstars/aa/ Frame 3493 7 KB
1 KB 14ms
14ms Stylesheet
text/css 2606:4700:20::681a:af8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.clevernetwork.pt/pokerstars/aa/style.css?v=2
Requested by: Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b78eadc03cee4c5ad476d3df8de773727e25c4952cc4d615fa5203d439c8095

Request headers

Referer: https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3535
cf-polished: origSize=7159
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 2A75BB253D1AD99F
x-amz-id-2: Of3/EYDrNSny4iwRROUpgoCx3AHRHTz2BnMKhQhCEt41fz02RhELDmBPmN0Q6aOsLUbcexq7m3I=
last-modified: Thu, 18 Feb 2021 11:54:26 GMT
server: cloudflare
etag: W/"c56149724e0ef3794776547dd9150296"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7E3YxrPb2c%2BEoh3Tlyy6OQUaiILQbfoYoqgNYNwwviZb3W50LhQ6OCKAjb3DCQ%2BykVxRz%2F0jENzOTvxMNRuVWDjVy1GaR7rTCQ1f6V%2FBgq3fSOSLZXUI7Jd%2BEksIAgxn"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=1800
cf-request-id: 08c060d1d700002b41938c9000000001
cf-ray: 62e0d0c95e312b41-FRA
cf-bgj: minify

GET
H2 200 logo.png
lp.clevernetwork.pt/pokerstars/aa/imgs/ Frame 3493 7 KB
8 KB 10ms
10ms Image
image/png 2606:4700:20::681a:af8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.clevernetwork.pt/pokerstars/aa/imgs/logo.png?v=2
Requested by: Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 744f85a7207ab76af9bea325844f5c39d6b3ae642acfbb4076e1e29d5cc10d57

Request headers

Referer: https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:09 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1366
cf-ray: 62e0d0c95e322b41-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7460
x-amz-id-2: zW5z7gZk8Q1SzFMvb5CTiKsGs/VVHc+gPby92FGey71d06EmxssnHx/ydxT3XZz31eWPnOLGnXA=
last-modified: Thu, 18 Feb 2021 11:54:26 GMT
server: cloudflare
etag: "df1c65e3078c82895a1eb424b29af06b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JGF6UqDauAho4pMKJjcEjPn293knYLHDTvFSwWMM5GJqbiJa8YrJlZ19C69sxg%2BCbmT2Ggyk17ydjpbQgIaCHB4uQ1M8LqGhmBhY8E26EFS4vj%2F6d6th4aQegGywXbHP"}],"group":"cf-nel"}
x-amz-request-id: 5A008AE798A0CA43
cache-control: max-age=1800
cf-request-id: 08c060d1d700002b41e380d000000001
accept-ranges: bytes
content-type: image/png

GET
H2 200 copy1-bannermobile.svg
lp.clevernetwork.pt/pokerstars/aa/imgs/ Frame 3493 13 KB
5 KB 19ms
17ms Image
image/svg+xml 2606:4700:20::681a:af8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.clevernetwork.pt/pokerstars/aa/imgs/copy1-bannermobile.svg?v=2
Requested by: Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1760cd328d3f336d3501133d9ecdf357483011c1d8f06be2a773ee394c142718

Request headers

Referer: https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1366
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: BA3DFD0AA442E943
x-amz-id-2: 3TnPRgwlEZcw+1pfzF92N1FKRR5cIphz6QqFyFpcS0KtN/TxLwc5sz7mANLtYIyYQvNOJLB618s=
last-modified: Thu, 18 Feb 2021 11:54:26 GMT
server: cloudflare
etag: W/"5f5445912d9549b9e290e44d55e5ff54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WjOvnP00k44Soq0C4K6H8hE5%2BNQFXhIWBpAgvqKde2QIOZ3PdrXnmL%2BTZlNKeZeWfc6soPOrWyEgICma1FPLjZioaUnf9ZSNCOBVWeamrn4eFoszIXlkP4W%2FL067KguH"}],"group":"cf-nel"}
content-type: image/svg+xml
cache-control: max-age=1800
cf-request-id: 08c060d1d900002b419dbae000000001
cf-ray: 62e0d0c95e352b41-FRA

GET
H2 200 copy1-mobile.svg
lp.clevernetwork.pt/pokerstars/aa/imgs/ Frame 3493 10 KB
4 KB 12ms
10ms Image
image/svg+xml 2606:4700:20::681a:af8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.clevernetwork.pt/pokerstars/aa/imgs/copy1-mobile.svg?v=2
Requested by: Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1536a4fcb5484555abbe06364bdcc0715a7ad07cdd81dea52fc0cb459bf216b7

Request headers

Referer: https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1366
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 2F5C57DA65F18E28
x-amz-id-2: RMz4zUYJiTek827NqSErS6zHVulX6eg1JksQDAQTDSnlZgc3H7+3YiOyPXnvYtP/rjMqvouVh8E=
last-modified: Thu, 18 Feb 2021 11:54:26 GMT
server: cloudflare
etag: W/"f51291e7901209034e77976142cfc72f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kf7S6UUqk3HM28BjRRxoPmX9YdFlTppZQYJK%2FFxUpQZKhHNHbHwDw1JwboyjIVTPb82TnCkgxcfuRg3Qus0MIv7%2BMjhMiLikB49RhBowqljqY0BqwaT6WuklB3WHYjYS"}],"group":"cf-nel"}
content-type: image/svg+xml
cache-control: max-age=1800
cf-request-id: 08c060d1d900002b41e4862000000001
cf-ray: 62e0d0c95e362b41-FRA

GET
H2 200 copy1-Interstitial.svg
lp.clevernetwork.pt/pokerstars/aa/imgs/ Frame 3493 12 KB
4 KB 21ms
19ms Image
image/svg+xml 2606:4700:20::681a:af8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.clevernetwork.pt/pokerstars/aa/imgs/copy1-Interstitial.svg?v=2
Requested by: Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c1aa1fc1b2c3981ac9d3d98fa124a90a6261986aa520225d1ffe027f8fa1ec0

Request headers

Referer: https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1366
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 69FFBDCD4B660FA6
x-amz-id-2: AodlDJW/518oyc9sh4FqxAyxsiv9qjpzcXEmG9qHbZNmt11BFfq5ySpW46x3Zsf27xr1N5zykAA=
last-modified: Thu, 18 Feb 2021 11:54:26 GMT
server: cloudflare
etag: W/"efc9661aad028e1bd55e561bdd8da455"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NHjwwGhjf%2FXQBrNYCc9eFLlSL%2BFy3L%2Ba9C%2BFNLIkSyzDAJ9bsHPcRQ4ux%2FFSW%2F01bPCpu0qc2H0%2FdrFJVpJG63VrYZKU2Haa2wlCZlTYe2jbZs3SmriLeoihsWybFhMm"}],"group":"cf-nel"}
content-type: image/svg+xml
cache-control: max-age=1800
cf-request-id: 08c060d1df00002b41cebc6000000001
cf-ray: 62e0d0c95e372b41-FRA

GET
H2 200 copy2-Interstitial.svg
lp.clevernetwork.pt/pokerstars/aa/imgs/ Frame 3493 9 KB
4 KB 15ms
13ms Image
image/svg+xml 2606:4700:20::681a:af8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.clevernetwork.pt/pokerstars/aa/imgs/copy2-Interstitial.svg?v=2
Requested by: Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53738c67f8690689a3a6b8eacba10507214031bb2f533133d05d202b080e1e58

Request headers

Referer: https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1366
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 300C12F3D571D475
x-amz-id-2: uHVv2CLzBJgAljYbsjWNB8TBF/U4ZDylGTJp3lQAZ6E/0ABHS/H7HSjrSjYW0xSAliwTmi3H1e0=
last-modified: Thu, 18 Feb 2021 11:54:26 GMT
server: cloudflare
etag: W/"e1ad1a0b652586cf0558a24e5b9265e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wUsOhAev1C0o9MwPMvcLLFci4RhbDVclnk0kz7HJtBry4xynOjO5qQ%2FYNUeaDuGVWimpMP%2BjO79lNDh1M2ztz65lWFPH%2BuG0ZYBAGTLxXHCQiNWsKy6ASjcxN8NzDBqW"}],"group":"cf-nel"}
content-type: image/svg+xml
cache-control: max-age=1800
cf-request-id: 08c060d1da00002b418eb4f000000001
cf-ray: 62e0d0c95e382b41-FRA

GET
H2 200 copy3.svg
lp.clevernetwork.pt/pokerstars/aa/imgs/ Frame 3493 36 KB
7 KB 14ms
12ms Image
image/svg+xml 2606:4700:20::681a:af8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.clevernetwork.pt/pokerstars/aa/imgs/copy3.svg?v=2
Requested by: Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b16975fe48dabe2e4674d67d3541badf178ed468241a34c1c6631b5a71e573c0

Request headers

Referer: https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1366
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 662430A65ADE8C49
x-amz-id-2: 3kh3qcLXXaQLBbTy1Sl+7hlPNYS0CRbBNh7MgD/R/SDPRWT0vN3GTKxzqU3oiW+kYT9Zd2EnXZY=
last-modified: Sat, 20 Feb 2021 16:30:36 GMT
server: cloudflare
etag: W/"c78d32fc90a18c43f6d57144bcf0b5da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8DLZBYXw%2FQD%2B5KJzETAV50C%2BbcA6h%2Fg%2FMoO8OJBg1Yfk1ALpmvCcn%2FV1%2B80TTRpxXHHL%2BqB9eFMrBYdXBHu7cN5wG71t%2FgrUYbVyIcoyFbuPKIRRJLvrTPG4AMWnrKvc"}],"group":"cf-nel"}
content-type: image/svg+xml
cache-control: max-age=1800
cf-request-id: 08c060d1da00002b41c9805000000001
cf-ray: 62e0d0c95e392b41-FRA

GET
H2 200 cta.svg
lp.clevernetwork.pt/pokerstars/aa/imgs/ Frame 3493 3 KB
2 KB 13ms
11ms Image
image/svg+xml 2606:4700:20::681a:af8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.clevernetwork.pt/pokerstars/aa/imgs/cta.svg?v=2
Requested by: Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c0f29539692165c3704acc7f7e2565f01a47f36bfd4938ebf76113b1b49d1eb

Request headers

Referer: https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1366
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 449941FDE6F96494
x-amz-id-2: 4ojEsmolgXyJSgaYAcwmz8T3CqE+bZel80lwq9A/d7XHCI8sP9KB9fiXrpCHK0l+Ro5jUNCnnHQ=
last-modified: Thu, 18 Feb 2021 11:54:26 GMT
server: cloudflare
etag: W/"c969960e47c2a5f7629d16407ff624d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gnF%2FOtVQ9yKIeBUL%2FGPFq2HdY1mAODdGUyipSfOf7Sk4jQkP1e88ih2NN0GefjS%2FnCinYDTM5c%2FoJBJa9fjktA1WmEKn49cgvIetW3krM6C2oGVH3al3jv0aaU1rrjJT"}],"group":"cf-nel"}
content-type: image/svg+xml
cache-control: max-age=1800
cf-request-id: 08c060d1da00002b41fa0c7000000001
cf-ray: 62e0d0c95e3a2b41-FRA

GET
H2 200 cta-mobile.svg
lp.clevernetwork.pt/pokerstars/aa/imgs/ Frame 3493 3 KB
2 KB 13ms
12ms Image
image/svg+xml 2606:4700:20::681a:af8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.clevernetwork.pt/pokerstars/aa/imgs/cta-mobile.svg?v=2
Requested by: Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7db055cbb1d8d048dde5759adefa774ae430836523a466a5e351c69db5220862

Request headers

Referer: https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1366
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: E83A0B3B7F33E413
x-amz-id-2: /KD4XvcBU+nVkIEXS3Mb+LhNzZkKFl1JCWpAwIM3sEamLHhEJkG/1YFbQljk9b642fN21XiNnnM=
last-modified: Thu, 18 Feb 2021 11:54:26 GMT
server: cloudflare
etag: W/"fd02d53e6bde89c52d91248822edba6f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=W%2FuebA%2FikNWjUEFWKd%2F8aVxNNXoyHcbjkR0ciEYkj%2F6d1CEbr1R61nEcOabRQxM8gz%2F6t17wt6LOGbLeusCNoqOHmJpF%2Br13Q85W64gJvdUdsTvmJ%2Fy5B2ImxFY8wDz%2F"}],"group":"cf-nel"}
content-type: image/svg+xml
cache-control: max-age=1800
cf-request-id: 08c060d1da00002b418ba8c000000001
cf-ray: 62e0d0c95e3b2b41-FRA

GET
H2 200 steps1-mobile.svg
lp.clevernetwork.pt/pokerstars/aa/imgs/ Frame 3493 83 KB
15 KB 17ms
16ms Image
image/svg+xml 2606:4700:20::681a:af8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.clevernetwork.pt/pokerstars/aa/imgs/steps1-mobile.svg?v=2
Requested by: Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc420bfbeb7f621a48d230cde485c0d3b86922a107b6d5b8bac405f025d4b206

Request headers

Referer: https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1366
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 1456D1102939CF4B
x-amz-id-2: 0VbZJPKb7ewNBka3hLS/0HVPF8gqAzobv0pKQY4zkxtW2lAjnz1RQbGZ+EdWGwF8YqO0Nb+Ga28=
last-modified: Thu, 18 Feb 2021 11:54:26 GMT
server: cloudflare
etag: W/"12e5320899dd41f4174bc9a8d4f8fc01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=no6ZS76TikqTMBqGumyudOxjCiuboHNKTMqKtuhuyaA9wa34D7bW%2FrdU48aEsHUliUVd2Lsz8zMUgs7Q%2Fjxk7MhNJWg0sAUsnXMTA3ka5bA2Xl5L6y1ZTEakdL2r2MrE"}],"group":"cf-nel"}
content-type: image/svg+xml
cache-control: max-age=1800
cf-request-id: 08c060d1da00002b410a223000000001
cf-ray: 62e0d0c95e3c2b41-FRA

GET
H2 200 steps1-Interstitial.svg
lp.clevernetwork.pt/pokerstars/aa/imgs/ Frame 3493 82 KB
14 KB 15ms
13ms Image
image/svg+xml 2606:4700:20::681a:af8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.clevernetwork.pt/pokerstars/aa/imgs/steps1-Interstitial.svg?v=2
Requested by: Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87c34ac385475b568c6186c57988d07ea6ff53848e46194e32a9d0687b34e2aa

Request headers

Referer: https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1366
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 6E842AB5A8B905D9
x-amz-id-2: 6+rSm1o5lLVpJ+FLya7qT9KajqkQb75ll2u6Ka19prNaWmJ3XgmL4gRh+5DSUGMRBqIwET5YEFY=
last-modified: Thu, 18 Feb 2021 11:54:26 GMT
server: cloudflare
etag: W/"f57478f63dd3d044e8369215339a8541"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s6ZzVng%2Fj3FNbZTunxEj%2FvkA9k0866R4mgHPaemUhuNSHR%2FQnMmw7Id9qnvuKK83daHho5WVm3hD5p5mAumtBW%2Bykjm%2FHEUVBcNncb0zRPacGsKkGab8KcdIKw%2BlBxIO"}],"group":"cf-nel"}
content-type: image/svg+xml
cache-control: max-age=1800
cf-request-id: 08c060d1da00002b41d7194000000001
cf-ray: 62e0d0c95e3d2b41-FRA

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ Frame 3493 12 KB
5 KB 29ms
8ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/?group=45417&id=477391&ref=aHR0cHM6Ly9iaXR5bGkuY29tL3Brdkh5P2ZiY2xpZD1Jd0FSMHR1Q0h5RGhWNjhfV1JyRHdJeU1mVlhfT05SUzdvVjdOTmxBWHZIb29WYTVoMFNYV3lEZmJrS1ZV&r=427379269&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1N2JfMjcwOGNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1NyZhZGlkPTI3MDgmYz1TTkFBRVFBUkNCQkFBV1A=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://lp.clevernetwork.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 08c060d1ed00004e132d1f4000000001
last-modified: Thu, 04 Mar 2021 10:30:05 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"6040b6ad-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cPKEifYed3y0s1DcfopwQuCHyenzivL3GyVc%2FBZkgZOxA%2BnolYd3QIqIUFbqkd%2Bwe7ZznOJAD%2BnHKPdo6QNAPbIkKMTCTg5FQbvQ%2FRttkvcM%2BYRWyXEbpUaOzDm8UMkE"}]}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 62e0d0c97c3d4e13-FRA
expires: Sat, 13 Mar 2021 00:55:09 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 3493 7 KB
759 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap

Requested by

Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/style.css?v=2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ebdb2a9839cc6fbf9a05e4282c7d6e7a965f0165a7c84909d9770c1028a1ce8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://lp.clevernetwork.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 00:28:50 GMT
server: ESF
date: Thu, 11 Mar 2021 00:55:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Mar 2021 00:55:09 GMT

GET
H2 200 bg-bannermobile.jpg
lp.clevernetwork.pt/pokerstars/aa/imgs/ Frame 3493 9 KB
9 KB 15ms
15ms Image
image/jpeg 2606:4700:20::681a:af8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.clevernetwork.pt/pokerstars/aa/imgs/bg-bannermobile.jpg?v=2
Requested by: Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/style.css?v=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0809079a0df54cccbea6c5171eb66ced5cb708e24ae9a477939955f68ce37524

Request headers

Referer: https://lp.clevernetwork.pt/pokerstars/aa/style.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:09 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1365
cf-ray: 62e0d0c9ae632b41-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9059
x-amz-id-2: i64C108pWcAHnwamDC+B1XrArkRQCxt5JILF8vLgZnef8ciAN7uusaiYvgB5C8zyxnQ+6o4pG5o=
last-modified: Thu, 18 Feb 2021 11:54:26 GMT
server: cloudflare
etag: "805c2bb7cd82577894c350a9bbb17824"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=V8DDm1rxD8QtNKwGZkqBG%2BWGklAwbjn4Bon5Uc%2FfKhB7wa%2BjZX9aRNAHA3IuSTc5z5%2BgOMeaoZViS%2BZga7RhP9NxfHkrtbN5z%2FeX4tUA%2FPBRL7wxqspaGdM8IpuasD4o"}],"group":"cf-nel"}
x-amz-request-id: 0F29FC0284D77C33
cache-control: max-age=1800
cf-request-id: 08c060d20800002b41c202e000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H3-Q050 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 3493 15 KB
15 KB 28ms
14ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://lp.clevernetwork.pt
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:24:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:47 GMT
server: sffe
age: 1853
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14880
x-xss-protection: 0
expires: Fri, 11 Mar 2022 00:24:16 GMT

GET
H/1.1

200
OK

Cookie set / Show response
www.pokerstars.eu/ Frame 973D
Redirect Chain

https://secure.starsaffiliateclub.com/C.ashx?btag=a_174457b_2708c_&affid=2356410&siteid=174457&adid=2708&c=SNAAEQARCBBAAWP
https://secure.starsaffiliateclub.com/C.ashx?btag=a_174457b_2708c_&affid=2356410&siteid=174457&adid=2708&c=SNAAEQARCBBAAWP&AutoR=1
https://www.pokerstars.eu/?btag=a_174457b_2708c_SNAAEQARCBBAAWP
https://www.pokerstars.eu/

42 KB
8 KB

27ms
27ms

Document
text/html

77.87.181.72
RATIONAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pokerstars.eu/

Requested by

Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

77.87.181.72 , Isle Of Man, ASN43338 (RATIONAL-AS, IM),

Reverse DNS

Software

Apache /

Resource Hash

ea9e305e3294b9b1075f91e45198cb25f8fe0b03618776c08cf0f37b67c1d605

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: www.pokerstars.eu
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://lp.clevernetwork.pt/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://lp.clevernetwork.pt/

Response headers

Date: Thu, 11 Mar 2021 00:55:09 GMT
Server: Apache
Set-Cookie: geoip_country=NL; path=/; domain=www.pokerstars.eu NSC_hfofsbmIptut-8001_xjui_tjhnb4-5=ffffffff0943140945525d5f4f58455e445a4a422971;expires=Thu, 11-Mar-2021 00:57:09 GMT;path=/;secure;httponly
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7630
Keep-Alive: timeout=5, max=147
Connection: Keep-Alive
Content-Type: text/html
Strict-Transport-Security: max-age=31536000

Redirect headers

Date: Thu, 11 Mar 2021 00:55:09 GMT
Server: Apache
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Set-Cookie: geoip_country=NL; path=/; domain=www.pokerstars.eu sti=NWJ0G34bLDMTAgxocwJhKi0rJC8xMH1UBy4pLX8YJQh2TWc8RUldPS5xayxQDExDVDxBfHVqazxUPW1EVSZ2YTVgaCkTUnJzeDxXZE8uVSVCHFRKTGRjaQh1NW4bF0VyXktQAWQQPWtUSCYrJyo2MH5RBjAkFxxySHQERjRpJzctNGwxfl0SVBceRRBmU0ZYAAhgZXxCWVpbRksJUBg2fkEgLH4RPgl3T2QGLwo%3D; path=/ pti=NWJ0G34bLDMTAgxocwJhKi0rJC8xMH1UBy4pLX8YJQh2TWc8RUldPS5xayxQDExDVDxBfHVqazxUPW1EVSZ2YTVgaCkTUnJzeDxXZE8uVSVCHFRKTGRjaQh1NW4bF0VyXktQAWQQPWtUSCYrJyo2MH5RBjAkFxxySHQERjRpJzctNGwxfl0SVBceRRBmU0ZYAAhgZXxCWVpbRksJUBg2fkEgLH4RPgl3T2QGLwo%3D; path=/; expires=Fri, 11-Mar-2022 00:55:09 GMT promo_ia=a_174457b_2708c_SNAAEQARCBBAAWP; path=/; expires=Fri, 11-Mar-2022 00:55:09 GMT sti2=NWJ0G34bLDMTAgxocwJhKi0rJC8xMH1UBy4pLX8YJQh2TWc8RUldPS5xayxQDExDVDxBfHVqazxUPW1EVSZ2YTVgaCkTUnJzeDxXZE8uVSVCHFRKTGRjaQh1NW4bF0VyXktQAWQQPWtUSCYrJyo2MH5RBjAkFxxySHQERjRpJzctNGwxfl0SVBceRRBmU0ZYAAhgZXxCWVpbRksJUBg2fkEgLH4RPgl3T2QGLwo%3D; domain=.pokerstars.eu; path=/ pti2=NWJ0G34bLDMTAgxocwJhKi0rJC8xMH1UBy4pLX8YJQh2TWc8RUldPS5xayxQDExDVDxBfHVqazxUPW1EVSZ2YTVgaCkTUnJzeDxXZE8uVSVCHFRKTGRjaQh1NW4bF0VyXktQAWQQPWtUSCYrJyo2MH5RBjAkFxxySHQERjRpJzctNGwxfl0SVBceRRBmU0ZYAAhgZXxCWVpbRksJUBg2fkEgLH4RPgl3T2QGLwo%3D; domain=.pokerstars.eu; path=/; expires=Fri, 11-Mar-2022 00:55:09 GMT stiram=NWJ0G34bLDMTAgxocwJhKi0rJC8xMH1UBy4pLX8YJQh2TWc8RUldPS5xayxQDExDVDxBfHVqazxUPW1EVSZ2YTVgaCkTUnJzeDxXZE8uVSVCHFRKTGRjaQhjL3MbdA54F1JPDGQQPXZSTiZ2YTVgaCkTUnJzeDxXZE8uVSVCHEdaTBBCITMqN3N1G34DLDItd20QBwYKT0lZWFo%2BZRNUADQpKH9CVA9yS21VSVNXQRhDTUNyIGVkZw5iTQ1NEQpodgIxLSovJSk3NXxcPQ%3D%3D; domain=pokerstars.eu; path=/ ptiram=NWJ0G34bLDMTAgxocwJhKi0rJC8xMH1UBy4pLX8YJQh2TWc8RUldPS5xayxQDExDVDxBfHVqazxUPW1EVSZ2YTVgaCkTUnJzeDxXZE8uVSVCHFRKTGRjaQhjL3MbdA54F1JPDGQQPXZSTiZ2YTVgaCkTUnJzeDxXZE8uVSVCHEdaTBBCITMqN3N1G34DLDItd20QBwYKT0lZWFo%2BZRNUADQpKH9CVA9yS21VSVNXQRhDTUNyIGVkZw5iTQ1NEQpodgIxLSovJSk3NXxcPQ%3D%3D; domain=pokerstars.eu; path=/; expires=Fri, 11-Mar-2022 00:55:09 GMT NSC_hfofsbmIptut-8001_xjui_tjhnb4-5=ffffffff0943140945525d5f4f58455e445a4a422971;expires=Thu, 11-Mar-2021 00:57:09 GMT;path=/;secure;httponly
Location: https://www.pokerstars.eu/
Keep-Alive: timeout=5, max=148
Connection: Keep-Alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000

GET
H2 200 bg-pushmobile.jpg
lp.clevernetwork.pt/pokerstars/aa/imgs/ Frame 3493 14 KB
15 KB 10ms
10ms Image
image/jpeg 2606:4700:20::681a:af8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.clevernetwork.pt/pokerstars/aa/imgs/bg-pushmobile.jpg?v=2
Requested by: Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/style.css?v=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc703dab29722d073f46611612fb3475b73ad131ce2113a0505ee34571afad91

Request headers

Referer: https://lp.clevernetwork.pt/pokerstars/aa/style.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:09 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1161
cf-ray: 62e0d0cacf122b41-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14692
x-amz-id-2: SycupF7xZcJ+JUHFQo6v8laoA4oNhbqJ082O8dPHYqJLUUE45XmNgdxeZtmo06RGf6xsIMdb4X0=
last-modified: Thu, 18 Feb 2021 11:54:26 GMT
server: cloudflare
etag: "f0dcf95c34e65053e107f1e901bfdb59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wVYPZPOqfjIYUrvZ%2B3Yje%2FKTYh3gcr9TJTumulIRlSIZfYehjJdu0bKfS3zmhWqYiIv1bs%2BSHHV%2F39O4gXTYQrU9VQ1llJgVos03gzmUeKyL7pFJmkXkBwck7zMuCvG7"}],"group":"cf-nel"}
x-amz-request-id: D81EA2DDBF531DE1
cache-control: max-age=1800
cf-request-id: 08c060d2ba00002b418ba92000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 bg-pushdown.jpg
lp.clevernetwork.pt/pokerstars/aa/imgs/ Frame 3493 85 KB
86 KB 11ms
11ms Image
image/jpeg 2606:4700:20::681a:af8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.clevernetwork.pt/pokerstars/aa/imgs/bg-pushdown.jpg?v=2
Requested by: Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/style.css?v=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 315e17341889b49df782825122e591e3b9be6080269cd899049f2a33336d9a4a

Request headers

Referer: https://lp.clevernetwork.pt/pokerstars/aa/style.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:09 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3533
cf-ray: 62e0d0cadf242b41-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 87472
x-amz-id-2: aRbp7BcaHmgXEhy1+ZlbCOZwcDgyioHOlUR8m1yHrrxvZ7zz5tXuM7jTrpJcE+VwoYVsJ7ys8sc=
last-modified: Thu, 18 Feb 2021 11:54:26 GMT
server: cloudflare
etag: "0a79740c152cd5134504758708f1d955"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VCmqstaLELOKOPhp2kXv6bJRUppD2YiyLOf8Oo6Lovl%2BGgyQwVVtWk%2B0Uqh76QsiG6Yug9P4m2%2BMsK4mZ0gAuVBC1l3q5012%2BfClVp%2FvnDaHLBiTAG8xBWrTzR7W4r3O"}],"group":"cf-nel"}
x-amz-request-id: 17DCD18F57ACDB0D
cache-control: max-age=1800
cf-request-id: 08c060d2ca00002b41ab915000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 bootstrap.min.css
cmsstorage.rationalcdn.com/assets/ps/assets/common/bootstrap/css/ Frame 973D 21 KB
5 KB 79ms
21ms Stylesheet
text/css 23.37.44.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/bootstrap/css/bootstrap.min.css
Requested by: Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-205.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8878fe76a9d5f812136977a768b0292a70190104050ce601f84fd75c92c2f35d

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:09 GMT
content-encoding: gzip
last-modified: Thu, 12 Nov 2015 11:26:08 GMT
server: Apache
etag: "54f2-5245635907400"
ntcoent-length: 21746
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: private, max-age=225400
accept-ranges: bytes
content-length: 4529

GET
H2 200 lib.js Show response
cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/ Frame 973D 117 KB
42 KB 91ms
33ms Script
application/javascript 23.37.44.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/lib.js?v=2
Requested by: Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-205.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 70bf070ead0b1c4728fa295b5e98b14cf9b228c8ede128e726d4311654fcc585

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:09 GMT
content-encoding: gzip
last-modified: Mon, 15 Feb 2021 15:15:47 GMT
server: Apache
etag: "1d377-5bb6175da0ec0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 42733

GET
H2 200 config.js Show response
cmsstorage.rationalcdn.com/assets/ps/assets/data/ps_eu/en-us/ Frame 973D 13 KB
6 KB 91ms
33ms Script
application/javascript 23.37.44.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/data/ps_eu/en-us/config.js
Requested by: Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-205.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 56a58692a9ce6410e6dcf268ebe05e95fbef95ede4c37aae1ad824fdbad6b16e

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:09 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 15:28:06 GMT
server: Apache
etag: "3520-5ba8459a52d80"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 5708

GET
H2 200 casino.assetwrapper.js Show response
cmsstorage.rationalcdn.com/assets/psc/assets/common/scripts/cross-ux/ Frame 973D 2 KB
1 KB 79ms
21ms Script
application/javascript 23.37.44.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cmsstorage.rationalcdn.com/assets/psc/assets/common/scripts/cross-ux/casino.assetwrapper.js
Requested by: Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-205.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 64796d852c2396b0cf83789e9047c36eb71ce0226ac63214f453b4548f42e021

Request headers

Origin: https://www.pokerstars.eu
Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:09 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 09:30:51 GMT
server: Apache
etag: "83e-5b62cf2bf68c0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 865

GET
H2 200 cvl-active.js Show response
cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/cross-ux/ Frame 973D 2 KB
878 B 79ms
22ms Script
application/javascript 23.37.44.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/cross-ux/cvl-active.js
Requested by: Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-205.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 37406e702700804191263694d80f23af99441f8f2add8d30d9c176265c9daa0e

Request headers

Origin: https://www.pokerstars.eu
Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:09 GMT
content-encoding: gzip
last-modified: Mon, 22 May 2017 08:28:36 GMT
server: Apache
etag: "8e8-55018a843b500"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 696

GET
H2 200 PstrkIdManager.js Show response
cmsstorage.rationalcdn.com/assets/ps/assets/tracking/ Frame 973D 15 KB
5 KB 99ms
42ms Script
application/javascript 23.37.44.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/tracking/PstrkIdManager.js
Requested by: Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-205.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7860b542cd2448a7ff2601a39d8817bf569fe078d2518e40236030abce5310da

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:09 GMT
content-encoding: gzip
last-modified: Mon, 08 Feb 2021 15:55:57 GMT
server: Apache
etag: "3a45-5bad5349c1d40"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 4985

GET
H2 200 mmcore.js Show response
service.maxymiser.net/cdn/pokerstarseu/js/ Frame 973D 15 KB
6 KB 77ms
25ms Script
application/x-javascript 23.79.136.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://service.maxymiser.net/cdn/pokerstarseu/js/mmcore.js
Requested by: Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.136.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-136-111.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 00a44a4041102b06c7304b576ed5327f1b9f46a5ef79fb03009c4d974a3c8325

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:09 GMT
content-encoding: gzip
last-modified: Wed, 10 Feb 2021 14:38:49 GMT
server: AkamaiNetStorage
etag: "94a7ee0a7d4a006465eeeb9942553461:1612967930.81822"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
content-length: 5907

GET
H2 200 homepage.css
cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/ Frame 973D 70 KB
13 KB 80ms
23ms Stylesheet
text/css 23.37.44.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Requested by: Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-205.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b7e327a33ffec79dd819a9186c549ad959f9f7184d5f9c10faec851b5210c064

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cteonnt-length: 71481
date: Thu, 11 Mar 2021 00:55:09 GMT
content-encoding: gzip
last-modified: Tue, 24 Nov 2020 17:13:49 GMT
server: Apache
etag: "11739-5b4dd6f24ad40"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: private, max-age=121067
accept-ranges: bytes
content-length: 12788

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 973D 8 KB
734 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,greek,vietnamese

Requested by

Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ae31abd20931ac70ca57381ebeed30009c8343f1fb257f0d90e64b6b137262ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 00:47:58 GMT
server: ESF
date: Thu, 11 Mar 2021 00:55:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Mar 2021 00:55:09 GMT

GET
H2 200 ps_eu_en-us.css
cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/overrides/ Frame 973D 119 B
294 B 83ms
27ms Stylesheet
text/css 23.37.44.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/overrides/ps_eu_en-us.css
Requested by: Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-205.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d6b343dd44b156260d11cca3b623daad756f879cf3d6524e8c5e30c7bea6d20a

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:09 GMT
content-encoding: gzip
last-modified: Tue, 11 Dec 2018 15:05:56 GMT
server: Apache
etag: "77-57cc06b1a3d00"
ntcoent-length: 119
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: private, max-age=490937
accept-ranges: bytes
content-length: 108

GET
H2 200 loading-frame-1.jpg
cmsstorage.rationalcdn.com/assets/ps/assets/common/videos/ Frame 973D 95 KB
95 KB 22ms
22ms Image
image/jpeg 23.37.44.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/videos/loading-frame-1.jpg
Requested by: Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-205.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 063d8d9dd28ae87cfa41724da6afe5931c3dccb4b7f8f04cafb51efe8eff5393

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:09 GMT
last-modified: Mon, 18 Jan 2021 17:20:54 GMT
server: Apache
etag: "17c76-5b92ff1bf4980"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 97398

GET
H2 200 community-twitch.jpg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/global-one-col/ Frame 973D 40 KB
40 KB 31ms
31ms Image
image/jpeg 23.37.44.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/global-one-col/community-twitch.jpg
Requested by: Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-205.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d8453c0d4be5e4379a0620dc5c8a7a1d3a410a5f78ba0c379c5b840f7d9ae19c

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:09 GMT
last-modified: Tue, 20 Oct 2020 07:12:00 GMT
server: Apache
etag: "a044-5b214f26ef000"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 41028

GET
H2 200 community-ambassadors.jpg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/global-one-col/ Frame 973D 156 KB
156 KB 22ms
22ms Image
image/jpeg 23.37.44.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/global-one-col/community-ambassadors.jpg
Requested by: Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-205.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8461d16dc5f56ee0d99897735abac9c47be6d3808e47a967ba546f69b89a2215

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:10 GMT
last-modified: Mon, 25 Jan 2021 15:08:45 GMT
server: Apache
etag: "26f32-5b9baea07f940"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 159538

GET
H2 200 facebook.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/ Frame 973D 2 KB
1 KB 22ms
21ms Image
image/svg+xml 23.37.44.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/facebook.svg
Requested by: Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-205.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6aa11e842888cd75c787ba6e59d03d8139f93af3da4876c39b7d1600124a126c

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:10 GMT
content-encoding: gzip
last-modified: Tue, 27 Nov 2018 11:38:33 GMT
server: Apache
etag: "774-57ba3e3a9e040"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 913

GET
H2 200 twitter.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/ Frame 973D 3 KB
1 KB 24ms
22ms Image
image/svg+xml 23.37.44.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/twitter.svg
Requested by: Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-205.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5ff86f271c2c50f1074477420ba9679ed243b281f5cfb7f66129bdf5eea43c24

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:10 GMT
content-encoding: gzip
last-modified: Tue, 27 Nov 2018 11:38:34 GMT
server: Apache
etag: "a1a-57ba3e3b92280"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 1080

GET
H2 200 youtube.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/ Frame 973D 1 KB
895 B 24ms
22ms Image
image/svg+xml 23.37.44.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/youtube.svg
Requested by: Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-205.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3bca67455c27a03bbaa0a91d29cbf8d2080c9c46e81f914d380528dd2e8c23cb

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:10 GMT
content-encoding: gzip
last-modified: Tue, 27 Nov 2018 12:48:01 GMT
server: Apache
etag: "573-57ba4dc188240"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 718

GET
H2 200 twitch.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/ Frame 973D 2 KB
1 KB 50ms
49ms Image
image/svg+xml 23.37.44.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/twitch.svg
Requested by: Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-205.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 4bfcd81b1c8cb16dbef3943b9e226283221681bd87a4ebd2ffd169bcd9586597

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:10 GMT
content-encoding: gzip
last-modified: Tue, 27 Nov 2018 11:38:34 GMT
server: Apache
etag: "8cb-57ba3e3b92280"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 993

GET
H2 200 instagram.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/ Frame 973D 2 KB
1 KB 51ms
50ms Image
image/svg+xml 23.37.44.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/instagram.svg
Requested by: Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-205.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: de2d174b8956ce02c80601c3f05b3033fd83b4607df0b2700b919d9d12653365

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:10 GMT
content-encoding: gzip
last-modified: Tue, 27 Nov 2018 11:38:33 GMT
server: Apache
etag: "6b7-57ba3e3a9e040"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 899

GET
H/1.1 200
OK starscrm.config.json Show response
starscrm.com/ Frame 973D 77 B
429 B 149ms
47ms XHR
text/plain 77.87.179.68
RATIONAL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://starscrm.com/starscrm.config.json?bust=1615424109959
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/psc/assets/common/scripts/cross-ux/casino.assetwrapper.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.87.179.68 Onchan, Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software: Apache /
Resource Hash: 0977875c5974eb789be0e9ffe818ec53a6c9a67cb9a22390b618b8316e9a5c5a

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:10 GMT
Last-Modified: Tue, 19 Jan 2021 15:53:51 GMT
Server: Apache
MyHeader: member143
ETag: "4d-5b942d84601c0"
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With
Content-Length: 77
Keep-Alive: timeout=15, max=170

GET
H/1.1 200
OK tag.js Show response
s.btstatic.com/ Frame 973D 34 KB
13 KB 98ms
24ms Script
application/javascript 2.17.187.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.btstatic.com/tag.js
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/tracking/PstrkIdManager.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.187.116 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-187-116.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 03f57788464aacc762395c050df417bcab6f9f8159c15e237fbec864c93895c0

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 Dec 2020 19:32:39 GMT
Server: nginx
Vary: Accept-Encoding
P3P: CP=NOI DSP COR NID
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 12487

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/sync/ Frame 973D 252 B
722 B 87ms
34ms Script
text/javascript 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/js?cs_jsonp=pstrkIdManager.mmUuidSync&mt_nsync=1
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/tracking/PstrkIdManager.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 3611 f10363c master cdg-pixel-x27 /
Resource Hash: 6597ce6eb365c2b6270851e541b54bb0d50774c9082ea529639d16b8311fb452

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:10 GMT
Server: MT3 3611 f10363c master cdg-pixel-x27
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 252
Expires: Thu, 11 Mar 2021 00:55:54 GMT

GET
H2 200 / Show response
service.maxymiser.net/cg/v5/ Frame 973D 81 B
335 B 27ms
26ms Script
text/javascript 23.79.136.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://service.maxymiser.net/cg/v5/?fv=dmn%3Dpokerstars.eu%3Bref%3Dhttps%253A%252F%252Flp.clevernetwork.pt%252F%3Burl%3Dhttps%253A%252F%252Fwww.pokerstars.eu%252F%3Bscrw%3D1600%3Bscrh%3D1200%3Bclrd%3D24%3Bcok%3D0&lver=1.18&jsncl=mmRequestCallbacks%5B1%5D&ri=1&lto=60&jrt=s

Requested by

Host: service.maxymiser.net
URL: https://service.maxymiser.net/cdn/pokerstarseu/js/mmcore.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.79.136.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-79-136-111.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

13c2341b441b258bd27d374aeeda9ddc3ac6f3b34c6da8d36756dcb629bf78b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 00:55:09 GMT
x-content-type-options: nosniff
last-modified: 03/11/2021 00:55:09
server: nginx
p3p: CP="DEV IND NOI OTC OUR PSA PSD"
cache-control: no-store, no-cache, must-revalidate,post-check=0, pre-check=0
content-type: text/javascript; charset=utf-8
content-length: 81
expires: Sun, 06 Jan 1980 01:00:00 GMT

GET
H2 200 require.min.js Show response
cashier.rationalcdn.com/common/libs-2.1.20/ Frame 973D 15 KB
6 KB 147ms
46ms Script
application/javascript 104.109.74.148
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cashier.rationalcdn.com/common/libs-2.1.20/require.min.js
Requested by: Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-109-74-148.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 14a4c5164ea7f47bccc702e8e5744681e8aa0a21d513a820e231f3d921e14c0b

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:10 GMT
content-encoding: gzip
last-modified: Sun, 04 Sep 2016 11:39:34 GMT
server: Apache
etag: "3cc8-53bad04796980"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With
content-length: 6356

GET
H2 200 languages.xml Show response
cmsstorage.rationalcdn.com/assets/ps/assets/data/ps_eu/ Frame 973D 873 B
460 B 49ms
48ms XHR
application/xml 23.37.44.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/data/ps_eu/languages.xml?&sid=0.5840221109159789
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-205.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c6efa78726a5e3d7a90a6d12e2d24be3bc1e01b7396460430cbca38627c6fe3b

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:10 GMT
content-encoding: gzip
last-modified: Thu, 30 Jan 2020 09:42:27 GMT
server: Apache
etag: "369-59d58466106c0"
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 283

GET
H2 200 poker-txt-v2.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/360/ Frame 973D 1 KB
887 B 25ms
22ms Image
image/svg+xml 23.37.44.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/360/poker-txt-v2.svg
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-205.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 357a9f9be68be9e860cd648f2edee77a8d1b2dbcdab6659afe983ede2db5229b

Request headers

Referer: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:10 GMT
content-encoding: gzip
last-modified: Tue, 28 Apr 2020 09:38:27 GMT
server: Apache
etag: "542-5a45697f34ac0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 711

GET
H2 200 casino-txt-v2.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/360/ Frame 973D 1 KB
985 B 25ms
22ms Image
image/svg+xml 23.37.44.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/360/casino-txt-v2.svg
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-205.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e4e5ba893ca49051e5a82e47c800e2e6caab9c96505d58ebc2ccb5ff099032fc

Request headers

Referer: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:10 GMT
content-encoding: gzip
last-modified: Tue, 28 Apr 2020 09:38:27 GMT
server: Apache
etag: "575-5a45697f34ac0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 808

GET
H2 200 sports-txt-v2.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/360/ Frame 973D 2 KB
1 KB 27ms
25ms Image
image/svg+xml 23.37.44.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/360/sports-txt-v2.svg
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-205.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: df28e74af5e5c9edd4508a8964586703c5760f3b6899ab13750bee9412310eb9

Request headers

Referer: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:10 GMT
content-encoding: gzip
last-modified: Tue, 28 Apr 2020 09:38:27 GMT
server: Apache
etag: "6b3-5a45697f34ac0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 871

GET
H2 200 bars.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/ Frame 973D 1 KB
642 B 27ms
25ms Image
image/svg+xml 23.37.44.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/bars.svg
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-205.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c714ebb416fa0b15b725220bca8fbe1cbe2899605b8ef833f1de1f4f66169122

Request headers

Referer: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:10 GMT
content-encoding: gzip
last-modified: Fri, 27 Jul 2018 08:53:19 GMT
server: Apache
etag: "501-571f73e431dc0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 465

GET
H2 200 poker-m.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/ Frame 973D 2 KB
940 B 29ms
27ms Image
image/svg+xml 23.37.44.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/poker-m.svg
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-205.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: dbad85147b47c3c3e23ec704c9e572676c3b4481eff7e77b6765fea11f252b9d

Request headers

Referer: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:10 GMT
content-encoding: gzip
last-modified: Fri, 27 Jul 2018 09:08:36 GMT
server: Apache
etag: "69c-571f774eb6d00"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 763

GET
H2 200 close-black.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/ Frame 973D 1 KB
774 B 29ms
28ms Image
image/svg+xml 23.37.44.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/close-black.svg
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-205.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c65c4b1dcc3c11c6915571a25e4fe32162717f669d2cfa28517285b17bf2cdc6

Request headers

Referer: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:10 GMT
content-encoding: gzip
last-modified: Fri, 27 Jul 2018 08:53:19 GMT
server: Apache
etag: "54b-571f73e431dc0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 597

GET
H2 200 close.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/ Frame 973D 1 KB
775 B 30ms
30ms Image
image/svg+xml 23.37.44.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/close.svg
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-205.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 37dd1e25d8ce3db5ce2d3a76064ee6063058bbd5f1555ea55ad002d083402dc7

Request headers

Referer: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:10 GMT
content-encoding: gzip
last-modified: Wed, 25 Apr 2018 14:08:23 GMT
server: Apache
etag: "54b-56aaccdc963c0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 598

GET
H2 200 poker.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/360/ Frame 973D 3 KB
2 KB 30ms
30ms Image
image/svg+xml 23.37.44.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/360/poker.svg
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-205.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 137e4d3d675eaf33f19407ccb1b72948d5669883329c020103f551c7a463fc4f

Request headers

Referer: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:10 GMT
content-encoding: gzip
last-modified: Tue, 21 Jan 2020 09:18:30 GMT
server: Apache
etag: "c82-59ca2e427c580"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 1380

GET
H2 200 poker-txt.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/360/ Frame 973D 1 KB
944 B 31ms
31ms Image
image/svg+xml 23.37.44.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/360/poker-txt.svg
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-205.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: aa1158b44f51119c26a4cdc3be24e7180797346aa5d835d7e61dad271cb59f59

Request headers

Referer: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:10 GMT
content-encoding: gzip
last-modified: Fri, 24 Jan 2020 13:59:32 GMT
server: Apache
etag: "5a2-59ce32abb9900"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 767

GET
H2 200 casino-txt.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/360/ Frame 973D 1 KB
1 KB 31ms
31ms Image
image/svg+xml 23.37.44.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/360/casino-txt.svg
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-205.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: fa077f324b5f296d626561e5ee83b7c393e224f2ce5580f1f27befc411b6297a

Request headers

Referer: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:10 GMT
content-encoding: gzip
last-modified: Fri, 24 Jan 2020 14:00:12 GMT
server: Apache
etag: "5da-59ce32d1df300"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 858

GET
H2 200 sports-txt.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/360/ Frame 973D 2 KB
1 KB 33ms
33ms Image
image/svg+xml 23.37.44.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/360/sports-txt.svg
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-205.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2703733c5cba99ca399ca5f3fd76472ff518fb36fd5bba427dbea8dc233f44cc

Request headers

Referer: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:10 GMT
content-encoding: gzip
last-modified: Fri, 24 Jan 2020 14:01:46 GMT
server: Apache
etag: "713-59ce332b84680"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 870

GET
H2 200 questionmark.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/ Frame 973D 1 KB
932 B 34ms
33ms Image
image/svg+xml 23.37.44.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/questionmark.svg
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-205.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9758131604411364017f6f7e517a004fd46c54ff8dc605d4c2af7ee42e2a8400

Request headers

Referer: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:10 GMT
content-encoding: gzip
last-modified: Fri, 27 Jul 2018 08:53:19 GMT
server: Apache
etag: "594-571f73e431dc0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 755

GET
H2 200 right-arrow.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/ Frame 973D 1 KB
813 B 36ms
36ms Image
image/svg+xml 23.37.44.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/right-arrow.svg
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-205.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 781f29dcc6e03cbf0c62e3a9b0956dd06447878e5e0ed38ed349fabcd9c4b2d4

Request headers

Referer: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:10 GMT
content-encoding: gzip
last-modified: Fri, 27 Jul 2018 08:53:19 GMT
server: Apache
etag: "537-571f73e431dc0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 636

GET
H2 200 down-arrow.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/ Frame 973D 1 KB
814 B 31ms
30ms Image
image/svg+xml 23.37.44.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/down-arrow.svg
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-205.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: bd205ffe59aa5dbad8d578251c5f0a3af93f88dafaa33628f00d99ffc3eca7c4

Request headers

Referer: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:10 GMT
content-encoding: gzip
last-modified: Fri, 27 Jul 2018 08:53:19 GMT
server: Apache
etag: "533-571f73e431dc0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 637

GET
H2 200 footer-small.png
s4.rationalcdn.com/img/bg/estate/ Frame 973D 462 KB
464 KB 82ms
28ms Image
image/png 104.109.74.148
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4.rationalcdn.com/img/bg/estate/footer-small.png
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-109-74-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 433674676291fa4acfb1be7f6e458c43afc5f44d96ddba17e0a186677c75ab0b

Request headers

Referer: https://cmsstorage.rationalcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:10 GMT
last-modified: Thu, 29 Oct 2020 15:56:14 GMT
server: AkamaiNetStorage
etag: "994388838ca4d2b47dda0d453731e187:1603986974.361162"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 473455

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 973D 15 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,greek,vietnamese

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.pokerstars.eu
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 19:52:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
age: 18159
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
expires: Thu, 10 Mar 2022 19:52:31 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 973D 15 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,greek,vietnamese

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.pokerstars.eu
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 22:41:50 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:55 GMT
server: sffe
age: 8000
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15784
x-xss-protection: 0
expires: Thu, 10 Mar 2022 22:41:50 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 973D 16 KB
16 KB 12ms
12ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,greek,vietnamese

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.pokerstars.eu
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 18:27:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
age: 196051
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15872
x-xss-protection: 0
expires: Tue, 08 Mar 2022 18:27:39 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 973D 15 KB
15 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,greek,vietnamese

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.pokerstars.eu
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 18:51:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 194603
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15736
x-xss-protection: 0
expires: Tue, 08 Mar 2022 18:51:47 GMT

GET
H/1.1 200 resolveurls Show response
ram.pokerstars.eu/ram/info/ Frame 973D 143 B
975 B 180ms
97ms XHR
application/json 77.87.179.149
RATIONAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ram.pokerstars.eu/ram/info/resolveurls?tag=starsrewards_widgetservice

Requested by

Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/cross-ux/cvl-active.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

77.87.179.149 Onchan, Isle Of Man, ASN43338 (RATIONAL-AS, IM),

Reverse DNS

Software

app server /

Resource Hash

33fced4e196b8568ac416675e55f9fdbd36cc9c69ade70f52a527c4d28ce2f75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache, no-store
Access-Control-Allow-Headers: Content-Type
Server: app server
Date: Thu, 11 Mar 2021 00:55:09 GMT
X-Frame-Options: DENY
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.pokerstars.eu
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=60
Expires: -86400

GET
H2 206 homepage-casino-royale.mp4
cmsstorage.rationalcdn.com/assets/ps/assets/common/videos/ Frame 973D 5 MB
5 MB 50ms
49ms Media
video/mp4 23.37.44.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/videos/homepage-casino-royale.mp4
Requested by: Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-205.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c15c5491059d973562247f8126972afc1ba58eee0f4ae29a12b77e83224adf68

Request headers

Referer: https://www.pokerstars.eu/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 11 Mar 2021 00:55:10 GMT
last-modified: Mon, 18 Jan 2021 17:03:33 GMT
server: Apache
access-control-allow-origin: *
etag: "485b89-5b92fb3b2e340"
content-type: video/mp4
Content-Range: bytes 0-4742024/4742025
cache-control: public, max-age=84600
accept-ranges: bytes
Content-Length: 4742025

GET
H2 200 bundle-prod.min.js Show response
cashier.rationalcdn.com/starscrm/2.1.37/ Frame 973D 189 KB
62 KB 69ms
68ms Script
application/javascript 104.109.74.148
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cashier.rationalcdn.com/starscrm/2.1.37/bundle-prod.min.js
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/psc/assets/common/scripts/cross-ux/casino.assetwrapper.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-109-74-148.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: edb0e4cf9be90dfbe2da6e6415afb682a484cfeba0869c89a94345e2ba0ae3a0

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:10 GMT
content-encoding: gzip
last-modified: Tue, 19 Jan 2021 15:53:51 GMT
server: Apache
etag: "2f447-5b942d84601c0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With
content-length: 63286

GET
H/1.1 200
OK summary.json.js Show response
www.psimg.com/datafeed/dyn_banners/ Frame 973D 526 B
837 B 121ms
33ms Script
application/json 77.87.180.198
RATIONAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.psimg.com/datafeed/dyn_banners/summary.json.js?callback=netcount

Requested by

Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

77.87.180.198 , Isle Of Man, ASN43338 (RATIONAL-AS, IM),

Reverse DNS

Software

Apache /

Resource Hash

10c91b608c04301346f7b7af371bb3d832659df935884796dc30647c46d713a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:10 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Mar 2021 00:54:49 GMT
Server: Apache
ETag: "20e-5bd383b061571-gzip"
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=143
Content-Length: 277

GET
H/1.1 200
OK tag Show response
s.thebrighttag.com/ Frame 973D 34 KB
7 KB 350ms
38ms Script
text/javascript 52.208.178.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.thebrighttag.com/tag?site=G58M8eX&referrer=https%3A%2F%2Fwww.pokerstars.eu%2F&docReferrer=https%3A%2F%2Flp.clevernetwork.pt%2F&H=-35niau0
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7d3dc2b66cb88ddf9888e885a03a236b515cb7e0de4f9542644a7ad6e8ee65d7

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:10 GMT
content-encoding: gzip
Server: nginx
ETag: bc1057ab45c9234c623bc33ec3aa230f
P3P: CP=NOI DSP COR NID
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 6505
X-BT-RequestId: 6e3e5170-8204-11eb-98c5-0000ac1508e4

GET
H/1.1 200
OK ram-config.js Show response
ram.pokerstars.eu/ Frame 973D 1 KB
2 KB 343ms
31ms Script
application/x-javascript 77.87.179.149
RATIONAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ram.pokerstars.eu/ram-config.js

Requested by

Host: cashier.rationalcdn.com
URL: https://cashier.rationalcdn.com/common/libs-2.1.20/require.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

77.87.179.149 Onchan, Isle Of Man, ASN43338 (RATIONAL-AS, IM),

Reverse DNS

Software

Apache /

Resource Hash

22ff6b53dc60a7ec3f1ad5621c3558d6a9aeb2a5cb8ef9914db8b98987d5d1cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:10 GMT
Last-Modified: Tue, 02 Mar 2021 15:22:36 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Connection: Keep-Alive
MyHeader: member143
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=190
Content-Length: 1187

GET
H/1.1 200 resolveurls Show response
ram.pokerstars.eu/ram/info/ Frame 973D 131 B
963 B 95ms
94ms XHR
application/json 77.87.179.149
RATIONAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ram.pokerstars.eu/ram/info/resolveurls?tag=starsrewards_widget

Requested by

Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/cross-ux/cvl-active.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

77.87.179.149 Onchan, Isle Of Man, ASN43338 (RATIONAL-AS, IM),

Reverse DNS

Software

app server /

Resource Hash

327d787d84d02c84f75a9b130f7e778bb25ab8994fdd3b6ed2665667fdbe27fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache, no-store
Access-Control-Allow-Headers: Content-Type
Server: app server
Date: Thu, 11 Mar 2021 00:55:09 GMT
X-Frame-Options: DENY
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.pokerstars.eu
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=60
Expires: -86400

GET
H/1.1 200
OK srwrds-path.js Show response
rewards.starsaccount.com/widget/ Frame 973D 75 B
347 B 117ms
33ms XHR
application/x-javascript 77.87.178.197
RATIONAL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rewards.starsaccount.com/widget/srwrds-path.js
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/cross-ux/cvl-active.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.87.178.197 , Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software: Apache /
Resource Hash: f77f0ca0a011af69f54c878b3c3d7501b7d2b73ef0cf146829f2e5c90d532445

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:10 GMT
Last-Modified: Thu, 14 Jan 2021 13:07:31 GMT
Server: Apache
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Connection: close
MyHeader: member143
Accept-Ranges: bytes
Content-Length: 75

GET
H2 200 rewards-widget.min.js Show response
cashier.rationalcdn.com/widget/2.0.259/ Frame 973D 254 KB
69 KB 35ms
35ms Script
application/javascript 104.109.74.148
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cashier.rationalcdn.com/widget/2.0.259/rewards-widget.min.js
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/cross-ux/cvl-active.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-109-74-148.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3549c3b2c33fc2f981c8349b96c348a44cba698450525533be7d16fb97b205ec

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:10 GMT
content-encoding: gzip
last-modified: Thu, 11 Feb 2021 19:58:39 GMT
server: Apache
etag: "3f810-5bb14f21bc8c3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With
content-length: 69865

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 973D 7 KB
762 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700&subset=cyrillic,greek

Requested by

Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a89fc8b93ffad843dd466830b83527543c50d90dad2a2a10bd53dd34dc3711e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 00:35:04 GMT
server: ESF
date: Thu, 11 Mar 2021 00:55:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Mar 2021 00:55:10 GMT

GET
H/1.1 200
OK a0e0a2ff7ef8bd1133b01d9a743feb46beda5723.js Show response
s.btstatic.com/lib/ Frame 973D 40 KB
4 KB 22ms
22ms Script
application/javascript 2.17.187.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.btstatic.com/lib/a0e0a2ff7ef8bd1133b01d9a743feb46beda5723.js?v=2
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.187.116 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-187-116.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 62d354ffc611b04d6f424a170012a988fefe4618084f17c78a529c4408f46285

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Thu, 11 Mar 2021 00:55:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Jan 2021 15:48:35 GMT
Server: nginx
ETag: "d3c668fbc6a8b84cc3cdf91b0af1b3b3"
Vary: Accept-Encoding
P3P: CP=NOI DSP COR NID
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 3617

GET
H2 200 vendor.js Show response
cashier.rationalcdn.com/ram/2.2.47/ Frame 973D 208 KB
71 KB 23ms
23ms Script
application/javascript 104.109.74.148
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cashier.rationalcdn.com/ram/2.2.47/vendor.js
Requested by: Host: cashier.rationalcdn.com
URL: https://cashier.rationalcdn.com/common/libs-2.1.20/require.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-109-74-148.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7836cf85eaa098ab43a96109a682e08f077eba5ee7451866040d47417724d6bb

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:10 GMT
content-encoding: gzip
last-modified: Thu, 25 Feb 2021 16:00:47 GMT
server: Apache
etag: "33f84-5bc2b41333881"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With
content-length: 72739

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame 973D 46 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: s.btstatic.com
URL: https://s.btstatic.com/lib/a0e0a2ff7ef8bd1133b01d9a743feb46beda5723.js?v=2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 3155
date: Thu, 11 Mar 2021 00:02:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Thu, 11 Mar 2021 02:02:35 GMT

GET
H/1.1 200
OK trk.core.idm.js Show response
www.psimg.com/ga/ Frame 973D 16 KB
6 KB 26ms
25ms Script
application/javascript 77.87.180.198
RATIONAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.psimg.com/ga/trk.core.idm.js

Requested by

Host: s.btstatic.com
URL: https://s.btstatic.com/lib/a0e0a2ff7ef8bd1133b01d9a743feb46beda5723.js?v=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

77.87.180.198 , Isle Of Man, ASN43338 (RATIONAL-AS, IM),

Reverse DNS

Software

Apache /

Resource Hash

cace0a2687006def3765aa8443ffc58d003a1897b6d69abcff0d4a3112c45ec3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:10 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Aug 2020 13:38:58 GMT
Server: Apache
ETag: "4090-5ac8613a6e94f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=249
Content-Length: 6009

GET
H/1.1 200
OK 83539b7e8cea2296f498f1910b4810156f08e280.js Show response
s.btstatic.com/lib/ Frame 973D 1 KB
654 B 22ms
21ms Script
application/javascript 2.17.187.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.btstatic.com/lib/83539b7e8cea2296f498f1910b4810156f08e280.js?v=2
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.187.116 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-187-116.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 71d5e02da18d269fd345e5741358606a56af9c4709a53185242d5989b78abc1c

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Mar 2019 17:13:53 GMT
Server: nginx
ETag: "3d9b2a273f38ae9a6f683c41a0590a20"
Vary: Accept-Encoding
P3P: CP=NOI DSP COR NID
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 292

GET
H/1.1 200
OK b2e63ccb7863279b58e183884d5de07935db8fc9.js Show response
s.btstatic.com/lib/ Frame 973D 165 B
507 B 21ms
21ms Script
application/javascript 2.17.187.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.btstatic.com/lib/b2e63ccb7863279b58e183884d5de07935db8fc9.js?v=2
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.187.116 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-187-116.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c452dbda60c56a8e6583f9d582b02c1a7bd39e437bf137bf076cd41bd9725533

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Mar 2019 17:15:21 GMT
Server: nginx
ETag: "26753accd559a9a1bc40c1444e8a299f"
Vary: Accept-Encoding
P3P: CP=NOI DSP COR NID
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 145

GET
H2 200 ram.js Show response
cashier.rationalcdn.com/ram/2.2.47/ Frame 973D 2 MB
416 KB 23ms
23ms Script
application/javascript 104.109.74.148
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cashier.rationalcdn.com/ram/2.2.47/ram.js
Requested by: Host: cashier.rationalcdn.com
URL: https://cashier.rationalcdn.com/common/libs-2.1.20/require.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-109-74-148.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 923920a271ecace64fbb9b2a62cc13c005a17cd651540557358b653fccc6b037

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:10 GMT
content-encoding: gzip
last-modified: Thu, 25 Feb 2021 16:00:47 GMT
server: Apache
etag: "1bebd7-5bc2b413330b1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With
content-length: 424958

GET
H/1.1 200
OK a9f6f2226caa736f24989b8d804c241eb722c9e5.js Show response
s.btstatic.com/lib/ Frame 973D 159 B
507 B 21ms
21ms Script
application/javascript 2.17.187.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.btstatic.com/lib/a9f6f2226caa736f24989b8d804c241eb722c9e5.js?v=2
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.187.116 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-187-116.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2d2602ee72623f30e96034575c2ee454a48f24338bf5bd40c6e09d877be41696

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Mar 2019 17:15:04 GMT
Server: nginx
ETag: "153af72ab81781c27284642861df8d85"
Vary: Accept-Encoding
P3P: CP=NOI DSP COR NID
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 145

GET
H/1.1 200
OK BrightTag.jquery-1.5.1.js Show response
s.btstatic.com/ Frame 973D 82 KB
29 KB 26ms
26ms Script
application/javascript 2.17.187.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.btstatic.com/BrightTag.jquery-1.5.1.js
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.187.116 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-187-116.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1d878d54b9a998f52c94a6956310423cba9996302c42f60d9b7fe81da51992c7

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:10 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Mar 2021 16:29:08 GMT
Server: nginx
Vary: Accept-Encoding
P3P: CP=NOI DSP COR NID
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 29695

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 973D 8 KB
734 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese

Requested by

Host: www.pokerstars.eu
URL: https://www.pokerstars.eu/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ae31abd20931ac70ca57381ebeed30009c8343f1fb257f0d90e64b6b137262ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 00:41:59 GMT
server: ESF
date: Thu, 11 Mar 2021 00:55:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Mar 2021 00:55:10 GMT

GET
H2 200 en.js Show response
cashier.rationalcdn.com/ram/2.2.47/i18n/locales/ Frame 973D 310 KB
85 KB 23ms
23ms Script
application/javascript 104.109.74.148
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cashier.rationalcdn.com/ram/2.2.47/i18n/locales/en.js
Requested by: Host: cashier.rationalcdn.com
URL: https://cashier.rationalcdn.com/ram/2.2.47/vendor.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-109-74-148.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 128fbaa9e18cacff8b560ee5e1ddaf8b8646904a2195b85ccc8030006b91ed2f

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:10 GMT
content-encoding: gzip
last-modified: Thu, 25 Feb 2021 16:00:47 GMT
server: Apache
etag: "4d690-5bc2b41336761"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With
content-length: 86974

GET
H/1.1 200 resolvesite Show response
ram.pokerstars.eu/ram/info/ Frame 973D 567 B
1 KB 32ms
32ms XHR
application/json 77.87.179.149
RATIONAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ram.pokerstars.eu/ram/info/resolvesite

Requested by

Host: cashier.rationalcdn.com
URL: https://cashier.rationalcdn.com/ram/2.2.47/vendor.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

77.87.179.149 Onchan, Isle Of Man, ASN43338 (RATIONAL-AS, IM),

Reverse DNS

Software

app server /

Resource Hash

f868f7272a6343236c494e22590d72775e956ce48b403b5fe7da3d3b887b321a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache, no-store
Access-Control-Allow-Headers: Content-Type
Server: app server
Date: Thu, 11 Mar 2021 00:55:10 GMT
X-Frame-Options: DENY
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.pokerstars.eu
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=60
Expires: -86400

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 973D 597 B
921 B 35ms
34ms Script
text/javascript 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=398041&mt_adid=117394&
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 3611 f10363c master cdg-pixel-x28 /
Resource Hash: a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:11 GMT
Server: MT3 3611 f10363c master cdg-pixel-x28
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Thu, 11 Mar 2021 00:55:55 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 973D 91 KB
23 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: mLFDm0xfDfqGXANQorQbwT9aNQuKMexvYplH58M1tbbKM1a7gMq61x98CKhdd395BGljhKrCX6kOKHiOyLCprA==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 11 Mar 2021 00:55:11 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
origin-trial: AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 6859decf69.js Show response
cdn.tradelab.fr/tag/ Frame 973D 16 KB
6 KB 69ms
16ms Script
application/javascript 152.199.20.219
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tradelab.fr/tag/6859decf69.js
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (amc/BC93) /
Resource Hash: 381328efe0f3a184401768b1d6f253af88b06961bf3d7caed91f66d9b70bc5ae

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:11 GMT
content-encoding: gzip
last-modified: Mon, 01 Feb 2021 15:23:52 GMT
server: ECAcc (amc/BC93)
age: 724
etag: "3f77-5ba47f0ff127a-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length: 5369
expires: Thu, 11 Mar 2021 01:25:11 GMT

GET
H3-Q050

200

activityi;dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F Show response
8954552.fls.doubleclick.net/ Frame 7E2A
Redirect Chain

https://8954552.fls.doubleclick.net/activityi;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F
https://8954552.fls.doubleclick.net/activityi;dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F

466 B
976 B

74ms
45ms

Document
text/html

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8954552.fls.doubleclick.net/activityi;dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F

Requested by

Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

6899805b9d366f25306b0a3c56724777e4f3b4a3c58447479836eedc8eb3c9af

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8954552.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pokerstars.eu/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.pokerstars.eu/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 11 Mar 2021 00:55:11 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 374
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 11-Mar-2021 01:10:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 11 Mar 2021 00:55:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8954552.fls.doubleclick.net/activityi;dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK / Show response
servedby.flashtalking.com/container/18308;120606;12865;iframe/ Frame 7E72 19 KB
19 KB 94ms
28ms Document
text/html 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=105097354712665&ft_referrer=https%3A//www.pokerstars.eu/&ns=https%3A//lp.clevernetwork.pt/&cb=703418.7285725914
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: prod-xre-app17.lhr11 /
Resource Hash: 2cbfe45236b67669eb7067497b9e88b109f17057d88ca2c8ff6c6c86dc971b3c

Request headers

Host: servedby.flashtalking.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.pokerstars.eu/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.pokerstars.eu/

Response headers

Date: Thu, 11 Mar 2021 00:55:11 GMT
Connection: close
Cache-Control: no-cache, no-store
Content-Type: text/html
Server: prod-xre-app17.lhr11
Pragma: no-cache
X-HW: 1615424111.dop056.lo4.t,1615424111.cds220.lo4.shn,1615424111.dop056.lo4.t,1615424111.cds072.lo4.sc,1615424111.cds072.lo4.p

GET
H/1.1

200
OK

cs
s.thebrighttag.com/ Frame 973D
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.thebrighttag.com%2Fcs?btt=0&tp=an&uid=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.thebrighttag.com%252Fcs%3Fbtt%3D0%26tp%3Dan%26uid%3D%24UID
https://s.thebrighttag.com/cs?btt=0&tp=an&uid=3838662649262320631

35 B
717 B

81ms
31ms

Image
image/gif

52.208.178.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=an&uid=3838662649262320631
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:11 GMT
Server: nginx
P3P: CP=NOI DSP COR NID
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
X-BT-RequestId: 6ea9e480-8204-11eb-a6c2-0000ac1509c1

Redirect headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:11 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.149:80
AN-X-Request-Uuid: 5ef64eca-e8ca-4dbf-a32f-fba5826c697c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.thebrighttag.com/cs?btt=0&tp=an&uid=3838662649262320631
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

cs
s.thebrighttag.com/ Frame 973D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/epROgTTp/?redir=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3D0WCbX0j%26uid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/epROgTTp/?redir=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3D0WCbX0j%26uid%3D%24%7BTM_USER_ID%7D&_test=YElqbwAAAK7HYVLS
https://s.thebrighttag.com/cs?btt=0&tp=0WCbX0j&uid=YElqbwAAAK7HYVLS&_test=YElqbwAAAK7HYVLS

35 B
722 B

32ms
31ms

Image
image/gif

52.208.178.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=0WCbX0j&uid=YElqbwAAAK7HYVLS&_test=YElqbwAAAK7HYVLS
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:11 GMT
Server: nginx
P3P: CP=NOI DSP COR NID
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
X-BT-RequestId: 6ead18d0-8204-11eb-983a-0000ac1508e9

Redirect headers

pragma: no-cache
date: Thu, 11 Mar 2021 00:55:11 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1615424111.299242,VS0,VE0
x-served-by: cache-hhn4073-HHN
x-cache: HIT
location: https://s.thebrighttag.com/cs?btt=0&tp=0WCbX0j&uid=YElqbwAAAK7HYVLS&_test=YElqbwAAAK7HYVLS
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

cs
s.thebrighttag.com/ Frame 973D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=signal_dmp&google_cm&btt=0
https://cm.g.doubleclick.net/pixel?google_nid=signal_dmp&google_cm=&btt=0&google_tc=
https://s.thebrighttag.com/cs?tp=gcms&btt=0&google_gid=CAESEApvBkDhe2K_ADcNTOylt38&google_cver=1

35 B
741 B

33ms
33ms

Image
image/gif

52.208.178.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?tp=gcms&btt=0&google_gid=CAESEApvBkDhe2K_ADcNTOylt38&google_cver=1
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:11 GMT
Server: nginx
P3P: CP=NOI DSP COR NID
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
X-BT-RequestId: 6ead3fe0-8204-11eb-90e4-0000ac150838

Redirect headers

pragma: no-cache
date: Thu, 11 Mar 2021 00:55:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.thebrighttag.com/cs?tp=gcms&btt=0&google_gid=CAESEApvBkDhe2K_ADcNTOylt38&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 305
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

cs
s.thebrighttag.com/ Frame 973D
Redirect Chain

https://sync.mathtag.com/sync/js?redir=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Ftp%3Dmm%26uid%3D%5BMM_UUID%5D%26btt%3D0
https://s.thebrighttag.com/cs?tp=mm&uid=01206049-6a6e-4f00-bc26-b04394b367c4&btt=0

35 B
739 B

31ms
31ms

Image
image/gif

52.208.178.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?tp=mm&uid=01206049-6a6e-4f00-bc26-b04394b367c4&btt=0
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:11 GMT
Server: nginx
P3P: CP=NOI DSP COR NID
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
X-BT-RequestId: 6e96f8c0-8204-11eb-8437-0000ac150972

Redirect headers

Date: Thu, 11 Mar 2021 00:55:10 GMT
Server: MT3 3611 f10363c master cdg-pixel-x5
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://s.thebrighttag.com/cs?tp=mm&uid=01206049-6a6e-4f00-bc26-b04394b367c4&btt=0
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 11 Mar 2021 00:55:09 GMT

GET
H/1.1

200
OK

cs
s.thebrighttag.com/ Frame 973D
Redirect Chain

https://servedby.flashtalking.com/map/?key=s3lJXta567k8G63uyekk63hUj6k11&url=https://s.thebrighttag.com/cs?btt=0&tp=dJNjEOZ&uid=[%FT_GUID%]
https://s.thebrighttag.com/cs?btt=0&tp=dJNjEOZ&uid=48188FEABBAD17

35 B
722 B

50ms
31ms

Image
image/gif

52.208.178.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=dJNjEOZ&uid=48188FEABBAD17
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:11 GMT
Server: nginx
P3P: CP=NOI DSP COR NID
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
X-BT-RequestId: 6ea50280-8204-11eb-8711-0000ac150866

Redirect headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:11 GMT
Server: prod-xre-app19.lhr11
X-HW: 1615424111.dop209.lo4.t,1615424111.cds216.lo4.shn,1615424111.dop209.lo4.t,1615424111.cds236.lo4.sc,1615424111.cds236.lo4.p
P3P: policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://s.thebrighttag.com/cs?btt=0&tp=dJNjEOZ&uid=48188FEABBAD17
Cache-Control: no-cache, no-store
Connection: Keep-Alive
Content-Length: 0

GET
H/1.1

200
OK

cs
s.thebrighttag.com/ Frame 973D
Redirect Chain

https://tag.device9.com/img/img.png?D9v.Version=1&D9v.Tag=1&D9r.DeviceID=true&D9v.AdvID=14708&D9v.SiteId=1&D9c=ftSync&D9c.dest=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dv0HKuXG%26uid%3...
https://s.thebrighttag.com/cs?btt=0&tp=v0HKuXG&uid=f2a191dc93844daaa4560408392229e7

35 B
744 B

31ms
31ms

Image
image/gif

52.208.178.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=v0HKuXG&uid=f2a191dc93844daaa4560408392229e7
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:11 GMT
Server: nginx
P3P: CP=NOI DSP COR NID
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
X-BT-RequestId: 6eaeed90-8204-11eb-bd0f-0000ac1509da

Redirect headers

Date: Thu, 11 Mar 2021 00:55:10 GMT
Server: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
Access-Control-Allow-Origin: tag.device9.com
Access-Control-Allow-Methods: GET,POST,SERVER
P3P: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location: https://s.thebrighttag.com/cs?btt=0&tp=v0HKuXG&uid=f2a191dc93844daaa4560408392229e7
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

OPTIONS
H/1.1 200
OK tag
s.thebrighttag.com/ Frame 0
0 95ms
32ms Preflight 52.208.178.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.thebrighttag.com/tag
Protocol: HTTP/1.1
Server: 52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-requested-with
Origin: https://www.pokerstars.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 11 Mar 2021 00:55:11 GMT
Content-Length: 0
Connection: keep-alive
ETag: d41d8cd98f00b204e9800998ecf8427e
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
X-BT-RequestId: 6e99def0-8204-11eb-8960-0000ac150979
Access-Control-Max-Age: 86400
Access-Control-Allow-Origin: https://www.pokerstars.eu
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Credentials: true
P3P: CP=NOI DSP COR NID

POST
H/1.1 200
OK tag Show response
s.thebrighttag.com/ Frame 973D 4 KB
2 KB 40ms
39ms XHR
text/javascript 52.208.178.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.thebrighttag.com/tag
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/BrightTag.jquery-1.5.1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 642619f247ce7848d2f6b03725fb331d0ed3472de781e24c98e305dbcc06b083

Request headers

Accept: */*
Referer: https://www.pokerstars.eu/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:11 GMT
content-encoding: gzip
Server: nginx
ETag: 3fe20f25857971ae42a2090cfcf85d36
P3P: CP=NOI DSP COR NID
Access-Control-Allow-Origin: https://www.pokerstars.eu
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 1170
X-BT-RequestId: 6e9f0f10-8204-11eb-b092-0000ac1509c1

GET
H2 200 ram.css
cashier.rationalcdn.com/ram/2.2.47/styles/ Frame 973D 425 KB
154 KB 23ms
23ms Stylesheet
text/css 104.109.74.148
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cashier.rationalcdn.com/ram/2.2.47/styles/ram.css
Requested by: Host: cashier.rationalcdn.com
URL: https://cashier.rationalcdn.com/ram/2.2.47/vendor.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-109-74-148.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5b821c106c787bdae441b9414fbd4d1e53716e6f564e4352d3800de38f642b53

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cteonnt-length: 434724
date: Thu, 11 Mar 2021 00:55:11 GMT
content-encoding: gzip
last-modified: Thu, 25 Feb 2021 15:08:24 GMT
server: Apache
etag: "6a224-5bc2a85dc2a00"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: private, max-age=377522
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With
content-length: 156705

GET
H3-Q050 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ Frame 973D 2 KB
1001 B 7ms
6ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:16:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2324
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Thu, 11 Mar 2021 01:16:27 GMT

GET
H/1.1 200 sessionid Show response
ram.pokerstars.eu/ram/login/ Frame 973D 685 B
1 KB 31ms
31ms XHR
application/json 77.87.179.149
RATIONAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ram.pokerstars.eu/ram/login/sessionid

Requested by

Host: cashier.rationalcdn.com
URL: https://cashier.rationalcdn.com/ram/2.2.47/vendor.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

77.87.179.149 Onchan, Isle Of Man, ASN43338 (RATIONAL-AS, IM),

Reverse DNS

Software

app server /

Resource Hash

9ad6fe0711c70264492055641abfe29212f21d9f3231547ca93c48308d46d33f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache, no-store
Access-Control-Allow-Headers: Content-Type
Server: app server
Date: Thu, 11 Mar 2021 00:55:10 GMT
X-Frame-Options: DENY
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.pokerstars.eu
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=60
Expires: -86400

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ Frame 973D 11 KB
5 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.33

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 4673
x-fb-rlafr: 0
pragma: public
x-fb-debug: ACDHHHYRXfR5jv1CqNZpI26ytpcBAsi1/EGEl0J08RgUKNyQX42DF1k9jPdGUdZChX34GT3WMBnpJ4sdDP3vdg==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 11 Mar 2021 00:55:11 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
origin-trial: AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1152875091428286 Show response
connect.facebook.net/signals/config/ Frame 973D 241 KB
69 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1152875091428286?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ea544a92a4ce65207a88fef5d09e0f9d0519582c00066992366ceca4d5d2b175

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70955
x-fb-rlafr: 0
pragma: public
x-fb-debug: kiLyyBzBqBEd/fQRAJlbjuZImgHZqxubF2QEY4exjpUyoTgNVwoN4d5eKwjxhivjgE0M2ljH9JCLHJC//Ok6Ng==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Thu, 11 Mar 2021 00:55:11 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 973D 43 B
480 B 34ms
34ms Image
image/gif 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 3611 f10363c master cdg-pixel-x28 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:11 GMT
Server: MT3 3611 f10363c master cdg-pixel-x28
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 11 Mar 2021 00:55:55 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 973D 8 KB
780 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese

Requested by

Host: cashier.rationalcdn.com
URL: https://cashier.rationalcdn.com/ram/2.2.47/styles/ram.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ae31abd20931ac70ca57381ebeed30009c8343f1fb257f0d90e64b6b137262ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cashier.rationalcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 00:44:07 GMT
server: ESF
date: Thu, 11 Mar 2021 00:55:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Mar 2021 00:55:11 GMT

GET
H2 200 825.js Show response
cdn.tradelab.fr/fseg/ Frame 973D 8 KB
3 KB 17ms
17ms Script
application/javascript 152.199.20.219
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tradelab.fr/fseg/825.js?add=4232218
Requested by: Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/tag/6859decf69.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (amc/BC8E) /
Resource Hash: a77b03ac59bedd835e6261c2e0243a81824107314f736763c991f74f6c9528c4

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:11 GMT
content-encoding: gzip
last-modified: Thu, 26 Mar 2020 14:24:44 GMT
server: ECAcc (amc/BC8E)
age: 99
etag: "20b1-5a1c2bf055fd2-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length: 2723
expires: Thu, 11 Mar 2021 01:25:11 GMT

GET
H3-Q050

200

activityi;dc_pre=CKavwOKDp-8CFULXEQgdcmYIyA;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7177934446110.81 Show response
8526803.fls.doubleclick.net/ Frame 9D6E
Redirect Chain

https://8526803.fls.doubleclick.net/activityi;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7177934446110.81?
https://8526803.fls.doubleclick.net/activityi;dc_pre=CKavwOKDp-8CFULXEQgdcmYIyA;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7177934446110.81?

399 B
1 KB

79ms
51ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8526803.fls.doubleclick.net/activityi;dc_pre=CKavwOKDp-8CFULXEQgdcmYIyA;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7177934446110.81?

Requested by

Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

6595ed9a8039c01943074b0bf83cc08f0fcd5d4a01bcfbff36e2737c65722feb

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8526803.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CKavwOKDp-8CFULXEQgdcmYIyA;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7177934446110.81?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pokerstars.eu/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.pokerstars.eu/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 11 Mar 2021 00:55:11 GMT
expires: Thu, 11 Mar 2021 00:55:11 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 328
x-xss-protection: 0
set-cookie: IDE=AHWqTUltjs4m1z9Iv6TlPiY8CZcbGEaW3auNHfutqKTi-g3JVfc4bBbairT_V149zS0; expires=Tue, 05-Apr-2022 00:55:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 11 Mar 2021 00:55:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8526803.fls.doubleclick.net/activityi;dc_pre=CKavwOKDp-8CFULXEQgdcmYIyA;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7177934446110.81?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 seg.js Show response
cdn.tradelab.fr/ Frame 973D 3 KB
1 KB 18ms
17ms Script
application/javascript 152.199.20.219
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tradelab.fr/seg.js?add=25072242
Requested by: Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/tag/6859decf69.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (amc/BC5B) /
Resource Hash: 4bcdad591e993084f420f4d2e05541355f3ef0a185dbe15b2cd1e8fd614039b7

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:11 GMT
content-encoding: gzip
last-modified: Wed, 06 Sep 2017 13:08:13 GMT
server: ECAcc (amc/BC5B)
age: 604
etag: "a7c-558850954180e-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length: 1107
expires: Thu, 11 Mar 2021 01:25:11 GMT

GET
H/1.1

200
OK

/ Show response
its.tradelab.fr/ Frame 973D
Redirect Chain

https://ib.adnxs.com/getuid?//its.tradelab.fr/?type=tlsync&uuid2=$UID&callback=tl_sync
https://its.tradelab.fr/?type=tlsync&uuid2=3838662649262320631&callback=tl_sync

53 B
540 B

16ms
16ms

Script
application/javascript

85.17.192.104
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://its.tradelab.fr/?type=tlsync&uuid2=3838662649262320631&callback=tl_sync
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.17.192.104 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: tradelab.fr
Software: nginx/1.17.6 /
Resource Hash: 2ad59c1d743dfdc4868486432203929ffd6e2885264c5bb69d51c3bf67c40374

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:11 GMT
Server: nginx/1.17.6
Transfer-Encoding: chunked
P3p: CP="CAO PSA OUR"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0,post-check=0,pre-check=0
Connection: keep-alive
Content-Type: application/javascript

Redirect headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:11 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.51:80
AN-X-Request-Uuid: 39bf46d1-a203-495d-9ef2-a93cce328ae9
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: //its.tradelab.fr/?type=tlsync&uuid2=3838662649262320631&callback=tl_sync
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

/
its.tradelab.fr/ Frame 973D
Redirect Chain

https://its.tradelab.fr/?type=tp&advid=727265&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1615424111%2C%22page_url%22%3A%22lp.clevernetwork.pt%2F%22%2C%22dm%22%3A%22pokerstars.eu%...
https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm
https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEFLgpwY6LeAtbaGIjUlEL1I&google_cver=1

43 B
578 B

28ms
16ms

Image
image/gif

85.17.192.104
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEFLgpwY6LeAtbaGIjUlEL1I&google_cver=1
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.17.192.104 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: tradelab.fr
Software: nginx/1.17.6 / Tradelab ITS / node1.tradelab.fr
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:11 GMT
Server: nginx/1.17.6
X-Powered-By: Tradelab ITS / node1.tradelab.fr
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

Redirect headers

pragma: no-cache
date: Thu, 11 Mar 2021 00:55:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEFLgpwY6LeAtbaGIjUlEL1I&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 c292f111f4.js Show response
cdn.tradelab.fr/tag/ Frame 973D 11 KB
4 KB 18ms
17ms Script
application/javascript 152.199.20.219
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tradelab.fr/tag/c292f111f4.js
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (amc/BC87) /
Resource Hash: a75925f253b90c84783b51260f8b9a213a2796f5050d82b3790b9ced63be42a0

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:11 GMT
content-encoding: gzip
last-modified: Sun, 28 Feb 2021 18:28:09 GMT
server: ECAcc (amc/BC87)
age: 18
etag: "2bc5-5bc69a9cde728-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length: 3992
expires: Thu, 11 Mar 2021 01:25:11 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 973D 44 B
261 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1152875091428286&ev=PageView&dl=https%3A%2F%2Fwww.pokerstars.eu%2F&rl=https%3A%2F%2Flp.clevernetwork.pt%2F&if=true&ts=1615424111207&sw=1600&sh=1200&ud[external_id]=ccf5e4ade05e252c6cfcf82a3b3864e7a26cb6b8ea2f6905c0e1dccc8519614d&v=2.9.33&r=stable&ec=0&o=30&it=1615424111154&coo=false&rqm=GET

Requested by

Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 11 Mar 2021 00:55:11 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 973D 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.pokerstars.eu
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 22:41:50 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:55 GMT
server: sffe
age: 8001
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15784
x-xss-protection: 0
expires: Thu, 10 Mar 2022 22:41:50 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 973D 16 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.pokerstars.eu
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 18:27:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
age: 196052
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15872
x-xss-protection: 0
expires: Tue, 08 Mar 2022 18:27:39 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 973D 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.pokerstars.eu
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 18:51:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 194604
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15736
x-xss-protection: 0
expires: Tue, 08 Mar 2022 18:51:47 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 973D 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.pokerstars.eu
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 19:52:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
age: 18160
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
expires: Thu, 10 Mar 2022 19:52:31 GMT

GET
H/1.1 200
OK / Show response
its.tradelab.fr/ Frame 973D 2 B
357 B 31ms
16ms Script
text/html 85.17.192.104
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://its.tradelab.fr/?type=token&p=tlab&gtw=%2F%2Fs.thebrighttag.com%2Fapi%3Fsite%3DG58M8eX%26referrer%3Dtlabset%26signalid%3D105097354712665
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.17.192.104 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: tradelab.fr
Software: nginx/1.17.6 / Tradelab ITS / node1.tradelab.fr
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:11 GMT
Server: nginx/1.17.6
X-Powered-By: Tradelab ITS / node1.tradelab.fr
P3p: CP="CAO PSA OUR"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0,post-check=0,pre-check=0
Connection: keep-alive
Content-Type: text/html
Content-Length: 2

GET
H2 200 645001.js Show response
cdn.tradelab.fr/conv/ Frame 973D 19 KB
7 KB 17ms
17ms Script
application/javascript 152.199.20.219
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tradelab.fr/conv/645001.js
Requested by: Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/fseg/825.js?add=4232218
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (amc/BC58) /
Resource Hash: c93591cccd94f2254d20f66f7f091497f30c9f249714e6fa1b5c9d81c8cedcfe

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:11 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 07:08:57 GMT
server: ECAcc (amc/BC58)
age: 323
etag: "4a1c-5bd15395b19f9-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length: 7028
expires: Thu, 11 Mar 2021 01:25:11 GMT

GET
H/1.1 200
OK seg
secure.adnxs.com/ Frame 973D 43 B
1 KB 22ms
22ms Image
image/gif 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=25072242&t=2

Requested by

Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:11 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.51:80
AN-X-Request-Uuid: aee7afc2-0741-4e05-8994-6a4940dc3c2c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

/
its.tradelab.fr/ Frame 973D
Redirect Chain

https://ib.adnxs.com/getuid?//its.tradelab.fr/?type=seg&uuid2=$UID&sid=25072242&val=null&fp=0&advid=727265&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%252...
https://its.tradelab.fr/?type=seg&uuid2=3838662649262320631&sid=25072242&val=null&fp=0&advid=727265&isregen=0&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(...
https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm
https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESELpQZs9GdkeCeuJKxvQbDxY&google_cver=1

43 B
578 B

16ms
16ms

Image
image/gif

85.17.192.104
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESELpQZs9GdkeCeuJKxvQbDxY&google_cver=1
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.17.192.104 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: tradelab.fr
Software: nginx/1.17.6 / Tradelab ITS / node4.tradelab.fr
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:11 GMT
Server: nginx/1.17.6
X-Powered-By: Tradelab ITS / node4.tradelab.fr
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

Redirect headers

pragma: no-cache
date: Thu, 11 Mar 2021 00:55:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESELpQZs9GdkeCeuJKxvQbDxY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

/ Show response
servedby.flashtalking.com/container/29;71832;7464;iframe/ Frame 5FCE
Redirect Chain

https://servedby.flashtalking.com/map/?key=a7rAgh52909gAgrTaAporDg928888&url=https://servedby.flashtalking.com/container/29;71832;7464;iframe/?g=[%FT_GUID%]
https://servedby.flashtalking.com/container/29;71832;7464;iframe/?g=48188FEABBAD17

262 B
575 B

28ms
28ms

Document
text/html

205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://servedby.flashtalking.com/container/29;71832;7464;iframe/?g=48188FEABBAD17
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=105097354712665&ft_referrer=https%3A//www.pokerstars.eu/&ns=https%3A//lp.clevernetwork.pt/&cb=703418.7285725914
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: prod-xre-app14.lhr11 /
Resource Hash: fcfe8718632767474e43758fad2a1f98cdd3665a66e34a81c9d65140109d56f2

Request headers

Host: servedby.flashtalking.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=105097354712665&ft_referrer=https%3A//www.pokerstars.eu/&ns=https%3A//lp.clevernetwork.pt/&cb=703418.7285725914
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: flashtalkingad1="GUID=48188FEABBAD17"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=105097354712665&ft_referrer=https%3A//www.pokerstars.eu/&ns=https%3A//lp.clevernetwork.pt/&cb=703418.7285725914

Response headers

Date: Thu, 11 Mar 2021 00:55:11 GMT
Connection: close
Cache-Control: no-cache, no-store
Content-Type: text/html
Server: prod-xre-app14.lhr11
Pragma: no-cache
X-HW: 1615424111.dop209.lo4.t,1615424111.cds216.lo4.shn,1615424111.dop209.lo4.t,1615424111.cds236.lo4.sc,1615424111.cds236.lo4.p

Redirect headers

Date: Thu, 11 Mar 2021 00:55:11 GMT
Connection: Keep-Alive
Cache-Control: no-cache, no-store
Content-Length: 0
Server: prod-xre-app2.lhr11
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://servedby.flashtalking.com/container/29;71832;7464;iframe/?g=48188FEABBAD17
X-HW: 1615424111.dop209.lo4.t,1615424111.cds216.lo4.shn,1615424111.dop209.lo4.t,1615424111.cds236.lo4.sc,1615424111.cds236.lo4.p

GET
H2 200 dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F Show response
adservice.google.com/ddm/fls/i/ Frame 7075 465 B
444 B 74ms
74ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F

Requested by

Host: 8954552.fls.doubleclick.net
URL: https://8954552.fls.doubleclick.net/activityi;dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef185414671f302413d96fd8a5af007c5ebb91f7a0df916dfc623f0505d72822

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://8954552.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://8954552.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 11 Mar 2021 00:55:11 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 374
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK seg
secure.adnxs.com/ Frame 973D 43 B
1 KB 25ms
22ms Image
image/gif 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=2491894:31&t=2

Requested by

Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:11 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.43:80
AN-X-Request-Uuid: 8b317cd9-9311-4374-a69f-6b9ef998f915
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK /
its.tradelab.fr/ Frame 973D 43 B
423 B 32ms
31ms Image
image/gif 85.17.192.104
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://its.tradelab.fr/?type=convr&x=1&cdata=%7B%22a%22%3A645001%2C%22l%22%3A%5B2911043%2C3374860%2C3374870%2C3374871%2C3375631%2C3375634%2C3375636%2C3375869%2C3485777%2C3610728%2C4139570%2C4139577%2C5229563%2C5512754%2C5523904%2C5527627%2C5577407%2C5577415%2C5683612%2C5707327%2C5707518%2C5729834%2C5751995%2C5752074%2C5772094%2C5772112%2C5772126%2C5772157%2C5772186%2C5772205%2C5772383%2C5772421%2C5807843%2C5812186%2C5894602%2C5907913%2C5933676%2C5969498%2C5969642%2C5969671%2C5969675%2C5971810%2C5971880%2C5992671%2C5992999%2C5993021%2C6000363%2C6001937%2C6002209%2C6002253%2C6002382%2C6002507%2C6140505%2C6154762%2C6154871%2C6159236%2C6159578%2C6162984%2C6162989%2C6163852%2C6164009%2C6164071%2C6164072%2C6164436%2C6164437%2C6193482%2C6195004%2C6195041%2C6195042%2C6195043%2C6195531%2C6195532%2C6195533%2C6195609%2C6214062%2C6214063%2C6214064%2C6214094%2C6214097%2C6214101%2C6214202%2C6214204%2C6214208%2C6221015%2C6221229%2C6222282%2C6226174%2C6226212%2C6226218%2C6226221%2C6226226%2C6226446%2C6226454%2C6226458%2C6226476%2C6226484%2C6226643%2C6226796%2C6226877%2C6226880%2C6227027%2C6227558%2C6234208%2C6234214%2C6234248%2C6234255%2C6234287%2C6234366%2C6234427%2C6234545%2C6235523%2C6235651%2C6237797%2C6237800%2C6237832%2C6237857%2C6291044%2C6291049%2C6291104%2C6291106%2C6291111%2C6291118%2C6291124%2C6291138%2C6291946%2C6291953%2C6291969%2C6311673%2C6318389%2C6330471%2C6330749%2C6331140%2C6331216%2C6331277%2C6331301%2C6357110%2C6357745%2C6357758%2C6357771%2C6364697%2C6364707%2C6386022%2C6386029%2C6422150%2C6422153%2C6455878%2C6455884%2C6471290%2C6471292%2C6479718%2C6479764%2C6526614%2C6563367%2C6563414%2C6590178%2C6776590%2C6778340%2C6779076%2C6779365%2C6806511%2C6807202%2C6816216%2C6816242%2C6816247%2C6816326%2C6816335%2C6816341%2C6842289%2C6842296%2C6842320%2C6842381%2C6842396%2C6842507%2C6851735%2C6860538%2C6875822%2C6876078%2C6878676%2C6886610%2C6889819%2C6889820%2C6889829%2C6895218%2C6895221%2C6895281%2C6895289%2C6902404%2C6902406%2C6914830%2C6914832%2C6914833%2C6917298%2C6917319%2C6917321%2C6917325%2C6917329%2C6917415%2C7018738%2C7037742%2C7037747%2C7037879%2C7043219%2C7043221%2C7043222%2C7043223%2C7043356%2C7043359%2C7043387%2C7050757%2C7050810%2C7054802%2C7054821%2C7054845%2C7055172%2C7055180%2C7055199%2C7055243%2C7055269%2C7055280%2C7055313%2C7055360%2C7055754%2C7057671%2C7057780%2C7059421%2C7073089%2C7081770%2C7081774%2C7081869%2C7081871%2C7082029%2C7082088%2C7082091%2C7082175%2C7082177%2C7089154%2C7089369%2C7089726%2C7089791%2C7089907%2C7090617%2C7090621%2C7090626%2C7090631%2C7098648%2C7098649%2C7098654%2C7098664%2C7098673%2C7125571%2C7209540%2C7209542%2C7209543%2C7209544%2C7209546%2C7209548%2C7209549%2C7209550%2C7209995%2C7209997%2C7209999%2C7210001%2C7210195%2C7210198%2C7210208%2C7215834%2C7226638%2C7226689%2C7226691%2C7226766%2C7226777%2C7226784%2C7226796%2C7226942%2C7227046%2C7227047%2C7228256%2C7228261%2C7228262%2C7228265%2C7228268%2C7228270%2C7228272%2C7228273%2C7228277%2C7228284%2C7228285%2C7228289%2C7228298%2C7228299%2C7228300%2C7228302%2C7228320%2C7228331%2C7291167%2C7292156%2C7307100%2C7307264%2C7359086%2C7361643%2C7365559%2C7462205%2C7481343%2C7525396%2C7525559%2C7525623%2C7525690%2C7525745%2C7525847%2C7526713%2C7536183%2C7536493%2C7537492%2C7537579%2C7538501%2C7538532%2C7538638%2C7538719%2C7538977%2C7539323%2C7539357%2C7539424%2C7539466%2C7539475%2C7539506%2C7542691%2C7542814%2C7542908%2C7542924%2C7544348%2C7544399%2C7544474%2C7544514%2C7544544%2C7549646%2C7549719%2C7549749%2C7550152%2C7550161%2C7550213%2C7572162%2C7716684%2C7717144%2C7717791%2C7717812%2C7717827%2C7717839%2C7717845%2C7717929%2C7717945%2C7791362%2C7791430%2C7791447%2C7831211%2C7831225%2C7831261%2C7831271%2C7831809%2C7831811%2C7831815%2C7831831%2C7945977%2C7954109%2C8016142%2C8016159%2C8016171%2C8016175%2C8016181%2C8016206%2C8016306%2C8016315%2C8016332%2C8016350%2C8016357%2C8016364%2C8018483%2C8018490%2C8018538%2C8018546%2C8018559%2C8018567%2C8019394%2C8019396%2C8025229%2C8025244%2C8025246%2C8025250%2C8032818%2C8032824%2C8032827%2C8035172%2C8035174%2C8035175%2C8035176%2C8035180%2C8035184%2C8035188%2C8035190%2C8049459%2C8049473%2C8049493%2C8049509%2C8081387%2C8081422%2C8081425%2C8083336%2C8097798%2C8097803%2C8097831%2C8097833%2C8110565%2C8110587%2C8110595%2C8110599%2C8124939%2C8124944%2C8124953%2C8124960%2C8178320%2C8178327%2C8178331%2C8178333%2C8211948%2C8359406%2C8359412%2C8359420%2C8359431%2C8359441%2C8359637%2C8365506%2C8392744%2C8399097%2C8399099%2C8399111%2C8399112%2C8399130%2C8399132%2C8399133%2C8399134%2C8407979%2C8408076%2C8408078%2C8408084%2C8408087%2C8408090%2C8408092%2C8410453%2C8505019%2C8511659%2C8511660%2C8511661%2C8511662%2C8643514%2C8643560%2C8643589%2C8643686%2C8643748%2C8643808%2C8643881%2C8643903%2C8643943%2C8643973%2C8644038%2C8648496%2C8648497%2C8648502%2C8761737%2C8771359%2C8813308%2C8813343%2C8813346%2C8813349%2C8896437%2C8896445%2C8896457%2C8897484%2C8897495%2C8897500%2C8897529%2C8897530%2C8897532%2C8897533%2C8897534%2C8897535%2C8897869%2C8903049%2C8903064%2C8903076%2C8903099%2C8903103%2C8903105%2C8903122%2C8903123%2C8903125%2C8903128%2C8903132%2C8903531%2C8903539%2C8903563%2C8903568%2C8903594%2C8903599%2C8904004%2C8904014%2C8904020%2C8904031%2C8904037%2C8904056%2C8904059%2C8904063%2C9104939%2C9130903%2C9131544%2C9139541%2C9203023%2C9203067%2C9203116%2C9278395%2C9351038%2C9387947%2C9397722%2C9409325%2C9514351%2C9514357%2C9612423%2C9612517%2C9612648%2C9629921%2C9696006%2C9696064%2C9696100%2C9703331%2C9703486%2C9703627%2C9719551%2C9720613%2C9721538%2C9721695%2C9721702%2C9721705%2C9721709%2C9721710%2C9755110%2C9755385%2C9854757%2C9906851%2C9906874%2C9910363%2C9990666%2C9990685%2C9990686%2C10095363%2C10095797%2C10096001%2C10193236%2C10193384%2C10193807%2C10310290%2C10359145%2C10359204%2C10476365%2C10476464%2C10476611%2C10477525%2C10502301%2C10503758%2C10503885%2C10522118%2C10535412%2C10588065%2C10588071%2C10588162%2C10635997%2C10651842%2C10666631%2C10685105%2C10686491%2C10686495%2C10697806%2C10697843%2C10769787%2C10919956%2C10953320%2C10997851%2C10997980%2C10998089%2C10998386%2C10998397%2C10998435%2C10998569%2C10998579%2C11057024%2C11152558%2C11154187%2C11194193%2C11245943%2C11332680%2C11346958%2C11350004%2C11350005%2C11387804%2C11395097%2C11395212%2C11396897%2C11396924%2C11396962%2C11397033%2C11397135%2C11397140%2C11397143%2C11397144%2C11397147%2C11397214%2C11397215%2C11397216%2C11397217%2C11397218%2C11397960%2C11400745%2C11401196%2C11401197%2C11401392%2C11401427%2C11401493%2C11401640%2C11401724%2C11401976%2C11402069%2C11402079%2C11402096%2C11403979%2C11404377%2C11404384%2C11408351%2C11414595%2C11415196%2C11415197%2C11416031%2C11416034%2C11416120%2C11416161%2C11416324%2C11416553%2C11416714%2C11416754%2C11416984%2C11417111%2C11417621%2C11417683%2C11417716%2C11417751%2C11418099%2C11418103%2C11421607%2C11421608%2C11421620%2C11428320%2C11428379%2C11428382%2C11455715%2C11460659%2C11460890%2C11460892%2C11460901%2C11461357%2C11461368%2C11461404%2C11461722%2C11468652%2C11468653%2C11468655%2C11468676%2C11468681%2C11468684%2C11475669%2C11475694%2C11476530%2C11481965%2C11487671%2C11488866%2C11490520%2C11490827%2C11490868%2C11496300%2C11496628%2C11496649%2C11497244%2C11497486%2C11497968%2C11515690%2C11517479%2C11517532%2C11543793%2C11543906%2C11549890%2C11550201%2C11550202%2C11550203%2C11577232%2C11584353%2C11584887%2C11585480%2C11589019%2C11589113%2C11589120%2C11597342%2C11597367%2C11597472%2C11609630%2C11610899%2C11611100%2C11611338%2C11614059%2C11615411%2C11615420%2C11615446%2C11615498%2C11615501%2C11615504%2C11621887%2C11623768%2C11629337%2C11629339%2C11629401%2C11629580%2C11635203%2C11635277%2C11639299%2C11644447%2C11645614%2C11645616%2C11645617%2C11645658%2C11645659%2C11645660%2C11646244%2C11646540%2C11646635%2C11646660%2C11646737%2C11646758%2C11646798%2C11646818%2C11646842%2C11662987%2C11666805%2C11666880%2C11666886%2C11666910%2C11666918%2C11666976%2C11666994%2C11676263%2C11676270%2C11676293%2C11676312%2C11676368%2C11676415%2C11676451%2C11676455%2C11683311%2C11684178%2C11689123%2C11697904%2C11708513%2C11723817%2C11723818%2C11723861%2C11734201%2C11735165%2C11735305%2C11762514%2C11762691%2C11783343%2C11784015%2C11784931%2C11784993%2C11785011%2C11798208%2C11800129%2C11815343%2C11815391%2C11830759%2C11830841%2C11830975%2C11831346%2C11831372%2C11831539%2C11831549%2C11844423%2C11844425%2C11850207%2C11850209%2C11868176%2C11877510%2C11878882%2C11903230%2C11923402%2C11923553%2C11923569%2C11923571%2C11923657%2C11923673%2C11923736%2C11923737%2C11923739%2C11933607%2C11950397%2C11959998%2C11960028%2C11965353%2C11965440%2C11966901%2C11969715%2C11969801%2C11969866%2C11998069%2C11998156%2C12018471%2C12018822%2C12019250%2C12040619%2C12040854%2C12051550%2C12085845%2C12085852%2C12085930%2C12086375%2C12086624%2C12086628%2C12089273%2C12089504%2C12097231%2C12097501%2C12097542%2C12112378%2C12123555%2C12147846%2C12148109%2C12148144%2C12149117%2C12152120%2C12153186%2C12167992%2C12192400%2C12259785%2C12260127%2C12265565%2C12281316%2C12295255%2C12313833%2C12313922%2C12339057%2C12341877%2C12352272%2C12352686%2C12354121%2C12354122%2C12360312%2C12360381%2C12360409%2C12360462%2C12361864%2C12363145%2C12386789%2C12398074%2C12398113%2C12398378%2C12398381%2C12398504%2C12398509%2C12420753%2C12422577%2C12422611%2C12431515%2C12431517%2C12431978%2C12431992%2C12439905%2C12439907%2C12439909%2C12439912%2C12441386%2C12441481%2C12441510%2C12441534%2C12449202%2C12475965%2C12476042%2C12478711%2C12485943%2C12486269%2C12491060%2C12491062%2C12491069%2C12496885%2C12496889%2C12496896%2C12496903%2C12509636%2C12509663%2C12509666%2C12511664%2C12511728%2C12512481%2C12512497%2C12514254%2C12514258%2C12514259%2C12523410%2C12524165%2C12524190%2C12531093%2C12531215%2C12532951%2C12537147%2C12540453%2C12540458%2C12540504%2C12540622%2C12540637%2C12540684%2C12540821%2C12540930%2C12540932%2C12540934%2C12540935%2C12540941%2C12540942%2C12540944%2C12541090%2C12541116%2C12547910%2C12548079%2C12563220%2C12563442%2C12569091%2C12569109%2C12569915%2C12569976%2C12577340%2C12581719%2C12582312%2C12582313%2C12582329%2C12582452%2C12582536%2C12602522%2C12602557%2C12605925%2C12605958%2C12606093%2C12606151%2C12606168%2C12606214%2C12606227%2C12615985%2C12619760%2C12619773%2C12619803%2C12619812%2C12640901%2C12641206%2C12641243%2C12641682%2C12641809%2C12664238%2C12664319%2C12664996%2C12665004%2C12665396%2C12665413%2C12665421%2C12665439%2C12665455%2C12665461%2C12665475%2C12665487%2C12665495%2C12665500%2C12665503%2C12665525%2C12665546%2C12665547%2C12665597%2C12665601%2C12665607%2C12673380%2C12673381%2C12673382%2C12673464%2C12673465%2C12673466%2C12678055%2C12678172%2C12678221%2C12678226%2C12678237%2C12678299%2C12678359%2C12678463%2C12678488%2C12679930%2C12679980%2C12680219%2C12680220%2C12680222%2C12680286%2C12680287%2C12680288%2C12680289%2C12680415%2C12680416%2C12680421%2C12680422%2C12680547%2C12680555%2C12680601%2C12680602%2C12680650%2C12680663%2C12680669%2C12680670%2C12680738%2C12680769%2C12680771%2C12683429%2C12683434%2C12683503%2C12683505%2C12684229%2C12711824%2C12711834%2C12711888%2C12711901%2C12711998%2C12712007%2C12756221%2C12756544%2C12758212%2C12758217%2C12758706%2C12758709%2C12759543%2C12772370%2C12789220%2C12819638%2C12819641%2C12819731%2C12819732%2C12821228%2C12821232%2C12832058%2C12832408%2C12832429%2C12833471%2C12833555%2C12833582%2C12844715%2C12850910%2C12850918%2C12850920%2C12850967%2C12850982%2C12851052%2C12851887%2C12853335%2C12853406%2C12855587%2C12855588%2C12855593%2C12856316%2C12856317%2C12856352%2C12856353%2C12865755%2C12866030%2C12866078%2C12866196%2C12881237%2C12881625%2C12882278%2C12882663%2C12882964%2C12883397%2C12885363%2C12885422%2C12885453%2C12885505%2C12885592%2C12885613%2C12885663%2C12885862%2C12885905%2C12885918%2C12885923%2C12885927%2C12885985%2C12885990%2C12886005%2C12886680%2C12907847%2C12909272%2C12909273%2C12912682%2C12921648%2C12921769%2C12921826%2C12921855%2C12922024%2C12922087%2C12923143%2C12923684%2C12923704%2C12923773%2C12923936%2C12923939%2C12923998%2C12924001%2C12924874%2C12924902%2C12924912%2C12924956%2C12924975%2C12924990%2C12925005%2C12925090%2C12925181%2C12925195%2C12925241%2C12925261%2C12925400%2C12925442%2C12925508%2C12925517%2C12925633%2C12925873%2C12926824%2C12926843%2C12926883%2C12926944%2C12926953%2C12926973%2C12926981%2C12927175%2C12927269%2C12927332%2C12927414%2C12927418%2C12927744%2C12927838%2C12927922%2C12928066%2C12928149%2C12928164%2C12928182%2C12929571%2C12929597%2C12929716%2C12929815%2C12929978%2C12929989%2C12930024%2C12930043%2C12930100%2C12930131%2C12930164%2C12934254%2C12934305%2C12934411%2C12934440%2C12934450%2C12934452%2C12934495%2C12934513%2C12934588%2C12934594%2C12934611%2C12934639%2C12934673%2C12934687%2C12934696%2C12934700%2C12934710%2C12934763%2C12934815%2C12934845%2C12935224%2C12935234%2C12935279%2C12935281%2C12935317%2C12935345%2C12935397%2C12935507%2C12935534%2C12935633%2C12935860%2C12935899%2C12935934%2C12935954%2C12935966%2C12936000%2C12936069%2C12936101%2C12936983%2C12937233%2C12937283%2C12937313%2C12937393%2C12937404%2C12937424%2C12937904%2C12937962%2C12938122%2C12938523%2C12938579%2C12938617%2C12938638%2C12938691%2C12939517%2C12940043%2C12940181%2C12940372%2C12940871%2C12947134%2C12947167%2C12947207%2C12947216%2C12948248%2C12948375%2C12948428%2C12948498%2C12948741%2C12948794%2C12950687%2C12953811%2C12953815%2C12953843%2C12954030%2C12969597%2C12969640%2C12971115%2C12971765%2C12971885%2C12983798%2C12983859%2C12986083%2C12986160%2C12986291%2C12986844%2C12987733%2C12996965%2C12997777%2C12997845%2C12997849%2C13008703%2C13008708%2C13009209%2C13011063%2C13011066%2C13012364%2C13020630%2C13021375%2C13022053%2C13022072%2C13037641%2C13037645%2C13037884%2C13046784%2C13056244%2C13059704%2C13059741%2C13115728%2C13135619%2C13136828%2C13158557%2C13158567%2C13158580%2C13158584%2C13173610%2C13175848%2C13175893%2C13175937%2C13175972%2C13176001%2C13176069%2C13176161%2C13176365%2C13176390%2C13176420%2C13176558%2C13180060%2C13201287%2C13201333%2C13201431%2C13227834%2C13227878%2C13227899%2C13228461%2C13228467%2C13228472%2C13229742%2C13229964%2C13230150%2C13230158%2C13247905%2C13379501%2C13379527%2C13404253%2C13404255%2C13404256%2C13426762%2C13426768%2C13442957%2C13444808%2C13445193%2C13499528%2C13499558%2C13499559%2C13509560%2C13519091%2C13521499%2C13562887%2C13576597%2C13581270%2C13585037%2C13585042%2C13586704%2C13586711%2C13586718%2C13586720%2C13590402%2C13590478%2C13590485%2C13590826%2C13590912%2C13591338%2C13591340%2C13591456%2C13593057%2C13593120%2C13593124%2C13593413%2C13593470%2C13593489%2C13593491%2C13593492%2C13593952%2C13593953%2C13593955%2C13595060%2C13595186%2C13595202%2C13595232%2C13595280%2C13604577%2C13604579%2C13611236%2C13611921%2C13611926%2C13611928%2C13611930%2C13611932%2C13611935%2C13611950%2C13611955%2C13611957%2C13611959%2C13611960%2C13611961%2C13611962%2C13611980%2C13611981%2C13611990%2C13612010%2C13612013%2C13612026%2C13612030%2C13612056%2C13612507%2C13612510%2C13612514%2C13612515%2C13615293%2C13615363%2C13624271%2C13624335%2C13624366%2C13627530%2C13637445%2C13637541%2C13639429%2C13639559%2C13639822%2C13639829%2C13643700%2C13643723%2C13643732%2C13643747%2C13643753%2C13643758%2C13643773%2C13646588%2C13646593%2C13648302%2C13648333%2C13648334%2C13648335%2C13648336%2C13648337%2C13648338%2C13648396%2C13648398%2C13648400%2C13648401%2C13651559%2C13651660%2C13651676%2C13651682%2C13651716%2C13651764%2C13651797%2C13651823%2C13651854%2C13651874%2C13651905%2C13652073%2C13652074%2C13652082%2C13652086%2C13652091%2C13652092%2C13652097%2C13652098%2C13652406%2C13652414%2C13652431%2C13652432%2C13652441%2C13652458%2C13652463%2C13652502%2C13652504%2C13652553%2C13652554%2C13652652%2C13652667%2C13652685%2C13652686%2C13652691%2C13652693%2C13652706%2C13652707%2C13652888%2C13655571%2C13655675%2C13655677%2C13655748%2C13655759%2C13655772%2C13655774%2C13655815%2C13655816%2C13655928%2C13655929%2C13656062%2C13656068%2C13656075%2C13656076%2C13656137%2C13656139%2C13656166%2C13656167%2C13656224%2C13656403%2C13656413%2C13656414%2C13656698%2C13656703%2C13656715%2C13656731%2C13657593%2C13657599%2C13657611%2C13657612%2C13657646%2C13657863%2C13657864%2C13657881%2C13657883%2C13657884%2C13657887%2C13657908%2C13657921%2C13660900%2C13660902%2C13660918%2C13660927%2C13660928%2C13660964%2C13660965%2C13661137%2C13661139%2C13661201%2C13661204%2C13661205%2C13661212%2C13661213%2C13661995%2C13662002%2C13662009%2C13662012%2C13662013%2C13662086%2C13662102%2C13662113%2C13662132%2C13662133%2C13662145%2C13662146%2C13662230%2C13662241%2C13662276%2C13662293%2C13662295%2C13663428%2C13663432%2C13663437%2C13663450%2C13684419%2C13684437%2C13703524%2C13703900%2C13703963%2C13704004%2C13726085%2C13726630%2C13728187%2C13728188%2C13728189%2C13729253%2C13737386%2C13746660%2C13754902%2C13755175%2C13755177%2C13755793%2C13756319%2C13759146%2C13759454%2C13759508%2C13759747%2C13783001%2C13783005%2C13783013%2C13783058%2C13788357%2C13789606%2C13790210%2C13790356%2C13790443%2C13790445%2C13790446%2C13822025%2C13827326%2C13827616%2C13828767%2C13828768%2C13828769%2C13828942%2C13828948%2C13828950%2C13832725%2C13832749%2C13849058%2C13849117%2C13850343%2C13850357%2C13850393%2C13850549%2C13850802%2C13850854%2C13850880%2C13850899%2C13850948%2C13851106%2C13854071%2C13886580%2C13889445%2C13889455%2C13889486%2C13889961%2C13889975%2C13889994%2C13890227%2C13890239%2C13890240%2C13890241%2C13890463%2C13895571%2C13895572%2C13897024%2C13905793%2C13906529%2C13906564%2C13906592%2C13917417%2C13918132%2C13918133%2C13919181%2C13919183%2C13930356%2C13931368%2C13933484%2C13944490%2C13944551%2C13944643%2C13951734%2C13951831%2C13955623%2C13955624%2C13962873%2C13962978%2C13964343%2C13964344%2C13970253%2C13970255%2C14004524%2C14006771%2C14011339%2C14012185%2C14012197%2C14012277%2C14012280%2C14020547%2C14023284%2C14045762%2C14045763%2C14045764%2C14077128%2C14077134%2C14184460%5D%2C%22i%22%3A7%2C%22c%22%3A7%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=5189423&xur=lp.clevernetwork.pt%2F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A0%2C%22page_url%22%3A%22%22%2C%22dm%22%3A%22%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A0%2C%22frst_vis_ts%22%3A1615424111%2C%22prev_vis_ts%22%3A0%2C%22curr_vis_ts%22%3A1615424111%2C%22total_page_cnt%22%3A0%2C%22prev_page_cnt%22%3A0%2C%22curr_page_cnt%22%3A1%7D%7D
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.17.192.104 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: tradelab.fr
Software: nginx/1.17.6 / Tradelab ITS / node4.tradelab.fr
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:11 GMT
Server: nginx/1.17.6
X-Powered-By: Tradelab ITS / node4.tradelab.fr
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H/1.1 200
OK px
secure.adnxs.com/ Frame 973D 43 B
969 B 43ms
23ms Image
image/gif 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=645001&t=2

Requested by

Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:11 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.69:80
AN-X-Request-Uuid: b866f353-74fb-4ba0-afb3-fc06e8d54240
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK seg
secure.adnxs.com/ Frame 973D 43 B
1 KB 57ms
22ms Image
image/gif 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=4232218&t=2

Requested by

Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:11 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.134:80
AN-X-Request-Uuid: 146d6e8c-a588-471a-82ad-4938460e04c1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK /
its.tradelab.fr/ Frame 973D 43 B
885 B 33ms
17ms Image
image/gif 85.17.192.104
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://its.tradelab.fr/?type=fseg&uuid2=3838662649262320631&sid=4232218&val=undefined&fun=825&step=1&siev=4232212&fp=0&advid=5189423&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F89.0.4389.72%2520Safari%252F537.36&ur=https%253A%252F%252Flp.clevernetwork.pt%252F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A0%2C%22page_url%22%3A%22%22%2C%22dm%22%3A%22%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A0%2C%22frst_vis_ts%22%3A1615424111%2C%22prev_vis_ts%22%3A0%2C%22curr_vis_ts%22%3A1615424111%2C%22total_page_cnt%22%3A0%2C%22prev_page_cnt%22%3A0%2C%22curr_page_cnt%22%3A1%7D%7D
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.17.192.104 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: tradelab.fr
Software: nginx/1.17.6 / Tradelab ITS / node5.tradelab.fr
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:11 GMT
Server: nginx/1.17.6
X-Powered-By: Tradelab ITS / node5.tradelab.fr
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H2 200 4824.js Show response
cdn.tradelab.fr/fseg/ Frame 973D 7 KB
3 KB 17ms
17ms Script
application/javascript 152.199.20.219
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tradelab.fr/fseg/4824.js?add=25237860
Requested by: Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/tag/c292f111f4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (amc/BC5C) /
Resource Hash: e70dd2b13f3165a85a871f1863b5f17c7a68e961e2a2788a0921a630edf01bcc

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:11 GMT
content-encoding: gzip
last-modified: Mon, 25 Jan 2021 13:20:52 GMT
server: ECAcc (amc/BC5C)
age: 687
etag: "1bc0-5b9b9683b9159-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length: 2596
expires: Thu, 11 Mar 2021 01:25:11 GMT

GET
H2 200 seg.js Show response
cdn.tradelab.fr/ Frame 973D 3 KB
1 KB 16ms
15ms Script
application/javascript 152.199.20.219
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tradelab.fr/seg.js?add=25695650
Requested by: Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/tag/c292f111f4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (amc/BC5B) /
Resource Hash: 4bcdad591e993084f420f4d2e05541355f3ef0a185dbe15b2cd1e8fd614039b7

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:11 GMT
content-encoding: gzip
last-modified: Wed, 06 Sep 2017 13:08:13 GMT
server: ECAcc (amc/BC5B)
age: 604
etag: "a7c-558850954180e-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length: 1107
expires: Thu, 11 Mar 2021 01:25:11 GMT

GET
H/1.1

200
OK

/
its.tradelab.fr/ Frame 973D
Redirect Chain

https://its.tradelab.fr/?type=tp&advid=5189423&uuid=0&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1615424111%2C%22page_url%22%3A%22lp.clevernetwork.pt%2F%22%2C%22dm%22%3A%22pokers...
https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm
https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEOP-pQTLZUzUa0mn_7DeOSg&google_cver=1

43 B
578 B

17ms
16ms

Image
image/gif

85.17.192.104
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEOP-pQTLZUzUa0mn_7DeOSg&google_cver=1
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.17.192.104 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: tradelab.fr
Software: nginx/1.17.6 / Tradelab ITS / node5.tradelab.fr
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:11 GMT
Server: nginx/1.17.6
X-Powered-By: Tradelab ITS / node5.tradelab.fr
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

Redirect headers

pragma: no-cache
date: Thu, 11 Mar 2021 00:55:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEOP-pQTLZUzUa0mn_7DeOSg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK seg
secure.adnxs.com/ Frame 973D 43 B
1 KB 23ms
22ms Image
image/gif 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=25695650&t=2

Requested by

Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:11 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.48:80
AN-X-Request-Uuid: 25e6a5ef-d6fb-488e-ac5e-586468be91c6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK /
its.tradelab.fr/ Frame 973D 43 B
570 B 17ms
16ms Image
image/gif 85.17.192.104
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://its.tradelab.fr/?type=seg&uuid2=3838662649262320631&sid=25695650&val=null&fp=0&advid=5189423&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F89.0.4389.72%2520Safari%252F537.36&ur=https%253A%252F%252Flp.clevernetwork.pt%252F
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.17.192.104 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: tradelab.fr
Software: nginx/1.17.6 / Tradelab ITS / node1.tradelab.fr
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:11 GMT
Server: nginx/1.17.6
X-Powered-By: Tradelab ITS / node1.tradelab.fr
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H/1.1 200 d9core Show response
d9.flashtalking.com/ Frame 7E72 11 KB
4 KB 134ms
34ms Script
application/javascript 52.48.136.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d9.flashtalking.com/d9core
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=105097354712665&ft_referrer=https%3A//www.pokerstars.eu/&ns=https%3A//lp.clevernetwork.pt/&cb=703418.7285725914
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.136.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-136-43.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash: fbd16e3494bc364c05b8e7222c2945a6fd0f9665bf8c36cd801bbf442599bccf

Request headers

Referer: https://servedby.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:10 GMT
Content-Encoding: gzip
Server: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
ETag: c1371f93b03ae0af7d575e3774a51128
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,SERVER
P3P: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin: d9.flashtalking.com
Cache-Control: private, must-revalidate, proxy-revalidate, max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Content-Length: 3903

GET
H/1.1 200
OK /
servedby.flashtalking.com/spot/1/18308;120607;12865/ Frame 7E72 42 B
354 B 64ms
25ms Image
image/gif 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedby.flashtalking.com/spot/1/18308;120607;12865/?U7=105097354712665&ft_referrer=https%3A//www.pokerstars.eu/&ns=https%3A//lp.clevernetwork.pt/&cb=703418.7285725914&ft_guid=48188FEABBAD17&ft_log=1&ft_trackID=16154241-1118-77A3-401B-85230A599103&ft_guidCreated=1
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=105097354712665&ft_referrer=https%3A//www.pokerstars.eu/&ns=https%3A//lp.clevernetwork.pt/&cb=703418.7285725914
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: prod-xre-app2.lhr11 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=105097354712665&ft_referrer=https%3A//www.pokerstars.eu/&ns=https%3A//lp.clevernetwork.pt/&cb=703418.7285725914
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:11 GMT
Server: prod-xre-app2.lhr11
X-HW: 1615424111.dop036.lo4.shc,1615424111.dop036.lo4.t,1615424111.cds213.lo4.sc,1615424111.cds213.lo4.p
Content-Type: image/gif
Cache-Control: no-cache,no-store
Connection: Keep-Alive
Content-Length: 42

GET
H2 200 1
tapestry.tapad.com/tapestry/ Frame 7E72 95 B
516 B 52ms
20ms Image
image/png 35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tapestry.tapad.com/tapestry/1?ta_partner_id=2035&ta_partner_did=48188FEABBAD17&ta_format=png

Requested by

Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=105097354712665&ft_referrer=https%3A//www.pokerstars.eu/&ns=https%3A//lp.clevernetwork.pt/&cb=703418.7285725914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Jetty(9.4.28.v20200408) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://servedby.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:11 GMT
via: 1.1 google
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/png
alt-svc: clear
content-length: 95

GET
H2 200 1432216.js Show response
cdn.tradelab.fr/conv/ Frame 973D 6 KB
2 KB 17ms
17ms Script
application/javascript 152.199.20.219
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tradelab.fr/conv/1432216.js
Requested by: Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/fseg/4824.js?add=25237860
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (amc/BC67) /
Resource Hash: ada252a5027cb94afd932d75902dc2a4d8d1099db00dbf130187a7a980a5c8e6

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:11 GMT
content-encoding: gzip
last-modified: Wed, 10 Mar 2021 15:52:37 GMT
server: ECAcc (amc/BC67)
age: 1323
etag: "194c-5bd30a7ee30ed-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length: 2180
expires: Thu, 11 Mar 2021 01:25:11 GMT

GET
H2 200 dc_pre=CKavwOKDp-8CFULXEQgdcmYIyA;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7177934446110.81
adservice.google.com/ddm/fls/z/ Frame 9D6E 42 B
118 B 42ms
42ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKavwOKDp-8CFULXEQgdcmYIyA;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7177934446110.81

Requested by

Host: 8526803.fls.doubleclick.net
URL: https://8526803.fls.doubleclick.net/activityi;dc_pre=CKavwOKDp-8CFULXEQgdcmYIyA;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7177934446110.81?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8526803.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 00:55:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F Show response
8954552.fls.doubleclick.net/ddm/fls/r/ Frame CF60
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F
https://8954552.fls.doubleclick.net/ddm/fls/r/dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F

1 KB
614 B

32ms
32ms

Document
text/html

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8954552.fls.doubleclick.net/ddm/fls/r/dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

d1d8136d1aad75c695d17abb706c7c90dad18047f6244b3951fdac264ca51387

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8954552.fls.doubleclick.net
:scheme: https
:path: /ddm/fls/r/dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUltjs4m1z9Iv6TlPiY8CZcbGEaW3auNHfutqKTi-g3JVfc4bBbairT_V149zS0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 11 Mar 2021 00:55:11 GMT
expires: Thu, 11 Mar 2021 00:55:11 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 549
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 11 Mar 2021 00:55:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://8954552.fls.doubleclick.net/ddm/fls/r/dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK /
its.tradelab.fr/ Frame 973D 43 B
423 B 17ms
17ms Image
image/gif 85.17.192.104
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://its.tradelab.fr/?type=convr&x=1&cdata=%7B%22a%22%3A1432216%2C%22l%22%3A%5B14084295%2C14084296%2C14084297%2C14084298%2C14084299%2C14084300%2C14084301%2C14084302%2C14084303%2C14084304%2C14087289%2C14087695%2C14087696%2C14087698%2C14087699%2C14087700%2C14087701%2C14087702%2C14087703%2C14087704%2C14087705%2C14087707%2C14087758%2C14088588%2C14088589%2C14088590%2C14088591%2C14088592%2C14088614%2C14088615%2C14088616%2C14088617%2C14088618%2C14088619%2C14088620%2C14088621%2C14088833%2C14088834%2C14088835%2C14088836%2C14088837%2C14088838%2C14088839%2C14088840%2C14088841%2C14088842%2C14088843%2C14088844%2C14088845%2C14088846%2C14088928%2C14088929%2C14088930%2C14088931%2C14088932%2C14088933%2C14088934%2C14088935%2C14088956%2C14088967%2C14089013%2C14089014%2C14089015%2C14089016%2C14089018%2C14089019%2C14089020%2C14089021%2C14089022%2C14089023%2C14089024%2C14089025%2C14089026%2C14106411%2C14106423%2C14106427%2C14106492%2C14106500%2C14106573%2C14106589%2C14106618%2C14106626%2C14106699%2C14106700%2C14106701%2C14106702%2C14106703%2C14106704%2C14106705%2C14106706%2C14106707%2C14106708%2C14106715%2C14106716%2C14106717%2C14108528%2C14108530%2C14108531%2C14108532%2C14108535%2C14108536%2C14108537%2C14108538%2C14108539%2C14108560%2C14108561%2C14108562%2C14108563%2C14108564%2C14108565%2C14108566%2C14108567%2C14108568%2C14108569%2C14108570%2C14108571%2C14108572%2C14108573%2C14108574%2C14108575%2C14108577%2C14108578%2C14108579%2C14108580%2C14108581%2C14108582%2C14108583%2C14108584%2C14108592%2C14108593%2C14108594%2C14108595%2C14108596%2C14108597%2C14108598%2C14108599%2C14108600%2C14108601%2C14109150%2C14109155%2C14109156%2C14109160%2C14109222%2C14109223%2C14109224%2C14109237%2C14109530%2C14112294%2C14112295%2C14112546%2C14112938%2C14112963%2C14113045%2C14130627%2C14137247%2C14137698%2C14137742%2C14137930%2C14138477%2C14138483%2C14138729%2C14138767%2C14138806%2C14139071%2C14139135%2C14140278%2C14143076%2C14151598%2C14151682%2C14151686%2C14163673%2C14163674%2C14177818%2C14177819%2C14177820%2C14177821%2C14177822%2C14177823%2C14177824%2C14177825%2C14177826%2C14177827%2C14180354%2C14180355%2C14180356%2C14180357%2C14186170%2C14186245%2C14199460%2C14199680%2C14199691%5D%2C%22i%22%3A7%2C%22c%22%3A30%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=5189423&xur=lp.clevernetwork.pt%2F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1615424111%2C%22page_url%22%3A%22lp.clevernetwork.pt%2F%22%2C%22dm%22%3A%22pokerstars.eu%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1615424111%2C%22prev_vis_ts%22%3A1615424111%2C%22curr_vis_ts%22%3A1615424111%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.17.192.104 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: tradelab.fr
Software: nginx/1.17.6 / Tradelab ITS / node5.tradelab.fr
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:11 GMT
Server: nginx/1.17.6
X-Powered-By: Tradelab ITS / node5.tradelab.fr
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H/1.1 200
OK px
secure.adnxs.com/ Frame 973D 43 B
968 B 22ms
22ms Image
image/gif 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=1432216&t=2

Requested by

Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:11 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.8:80
AN-X-Request-Uuid: 989aaff6-bcb4-41a2-9a58-303e6e4b84f6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK seg
secure.adnxs.com/ Frame 973D 43 B
1 KB 22ms
22ms Image
image/gif 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=25237860&t=2

Requested by

Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:11 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.75:80
AN-X-Request-Uuid: 977b019e-8312-43c9-aebe-0a6751cd29a2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK /
its.tradelab.fr/ Frame 973D 43 B
893 B 17ms
16ms Image
image/gif 85.17.192.104
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://its.tradelab.fr/?type=fseg&uuid2=3838662649262320631&sid=25237860&val=undefined&fun=4824&step=1&siev=25237855&fp=0&advid=5189423&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F89.0.4389.72%2520Safari%252F537.36&ur=https%253A%252F%252Flp.clevernetwork.pt%252F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1615424111%2C%22page_url%22%3A%22lp.clevernetwork.pt%2F%22%2C%22dm%22%3A%22pokerstars.eu%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1615424111%2C%22prev_vis_ts%22%3A1615424111%2C%22curr_vis_ts%22%3A1615424111%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.17.192.104 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: tradelab.fr
Software: nginx/1.17.6 / Tradelab ITS / node4.tradelab.fr
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:11 GMT
Server: nginx/1.17.6
X-Powered-By: Tradelab ITS / node4.tradelab.fr
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame CF60 39 KB
15 KB 84ms
32ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: 8954552.fls.doubleclick.net
URL: https://8954552.fls.doubleclick.net/ddm/fls/r/dc_pre=CMqauOKDp-8CFRoE4AodSA0DNQ;src=8954552;type=rmcom0;cat=sg_we0;u27=105097354712665;ord=4664647398926.674;~oref=https%3A%2F%2Fwww.pokerstars.eu%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

bafc3d5b61836609f4006bbe16a977dc98f8ef68895a6c8641565544364d2107

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8954552.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15351
x-xss-protection: 0
server: cafe
etag: 4610657118567105023
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 11 Mar 2021 00:55:11 GMT

POST
H/1.1 200 lgc Show response
d9.flashtalking.com/ Frame 7E72 103 B
748 B 58ms
57ms XHR
application/json 52.48.136.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d9.flashtalking.com/lgc
Requested by: Host: d9.flashtalking.com
URL: https://d9.flashtalking.com/d9core
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.136.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-136-43.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash: f23689a7dbcbc9f1706726e8f15d19963a09b7e0d775eebc6d6ab0c77a462ef6

Request headers

Referer: https://servedby.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Thu, 11 Mar 2021 00:55:11 GMT
Content-Encoding: gzip
Server: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,SERVER
P3P: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin: https://servedby.flashtalking.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=ISO-8859-1
Content-Length: 79

GET
H/1.1 200
OK tag Show response
s.thebrighttag.com/ Frame 973D 130 B
718 B 41ms
40ms Script
text/javascript 52.208.178.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.thebrighttag.com/tag?site=G58M8eX&H=-35niau0&referrer=https%3A%2F%2Fwww.pokerstars.eu%2F&docReferrer=https%3A%2F%2Flp.clevernetwork.pt%2F&mode=v2&cf=6854607%2C7470537%2C7177087&_cb_bt_data(%27pstrkidmanager%20mediamath%20uid%27)=01206049-6a6e-4f00-bc26-b04394b367c4&_cb_bt_data(%27signal%20id%27)=105097354712665&_cb_bt_data(%27pstrkidmanager%20wid%27)=&_cb_bt_data(%27siteid%27)=EU&_cb_bt_data(%27currentdomain%27)=pokerstars.eu&btpdb.G58M8eX.dGZjLjc0Mzg0OTM=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjUzMTk1MDY=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjc0ODMyNzE=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjM2NjE5ODM=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjYyMjcwNjQ=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjc0OTUyNjI=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjc0ODczNTg=U0VTU0lPTg
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 167df85974100aea7cf289532b803307bcd0ff778fb1c9695e4f76d422069f4e

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:11 GMT
content-encoding: gzip
Server: nginx
ETag: 743fa0d731a95d93d1184830b20b8b14
P3P: CP=NOI DSP COR NID
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 149
X-BT-RequestId: 6ed2c940-8204-11eb-b91c-0000ac1509c1

GET
H/1.1 200
OK tag Show response
s.thebrighttag.com/ Frame 973D 0
543 B 41ms
41ms Script
text/javascript 52.208.178.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.thebrighttag.com/tag?site=G58M8eX&H=-35niau0&referrer=https%3A%2F%2Fwww.pokerstars.eu%2F&docReferrer=https%3A%2F%2Flp.clevernetwork.pt%2F&mode=v2&cf=7470537%2C7487903%2C7487904&_cb_bt_data(%27pstrkidmanager%20wid%27)=&_cb_bt_data(%27signal%20id%27)=105097354712665&_cb_bt_data(%27pstrkidmanager%20mediamath%20uid%27)=01206049-6a6e-4f00-bc26-b04394b367c4&_cb_bt_data(%27pstrkidmanager%20fbpid%27)=&_cb_bt_data(%27pstrkidmanager%20fbclid%27)=&btpdb.G58M8eX.dGZjLjc0Mzg0OTM=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjUzMTk1MDY=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjc0ODMyNzE=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjM2NjE5ODM=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjYyMjcwNjQ=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjc0OTUyNjI=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjc0ODczNTg=U0VTU0lPTg
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:11 GMT
Server: nginx
ETag: d41d8cd98f00b204e9800998ecf8427e
P3P: CP=NOI DSP COR NID
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 0
X-BT-RequestId: 6ed2c940-8204-11eb-bf16-0000ac150819

GET
H/1.1 200
OK BrightTag.jquery-1.5.1.js Show response
s.btstatic.com/ Frame 973D 82 KB
29 KB 25ms
24ms Script
application/javascript 2.17.187.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.btstatic.com/BrightTag.jquery-1.5.1.js
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.187.116 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-187-116.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1d878d54b9a998f52c94a6956310423cba9996302c42f60d9b7fe81da51992c7

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Mar 2021 16:29:08 GMT
Server: nginx
Vary: Accept-Encoding
P3P: CP=NOI DSP COR NID
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 29695

GET
H3-Q050 200 / Show response
www.googleadservices.com/pagead/conversion/752674712/ Frame CF60 2 KB
2 KB 73ms
44ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/752674712/?random=1615424111565&cv=9&fst=1615424111565&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMqauOKDp-8CFRoE4AodSA0DNQ%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D105097354712665%3Bord%3D4664647398926.674%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.eu%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

c2aceae209aff6daed697ee189f85c9ed203cc591570851c9fed65029c79784e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8954552.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 00:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1221
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
www.googleadservices.com/pagead/conversion/702974000/ Frame CF60 2 KB
1 KB 72ms
44ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/702974000/?random=1615424111571&cv=9&fst=1615424111565&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMqauOKDp-8CFRoE4AodSA0DNQ%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D105097354712665%3Bord%3D4664647398926.674%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.eu%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ee1f073e89c63a228e41a4f8d73c36c70fee4e22e5968925c58e51cbd4c48b08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8954552.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 00:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1226
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK tag Show response
s.thebrighttag.com/ Frame 973D 112 B
796 B 40ms
40ms XHR
text/javascript 52.208.178.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.thebrighttag.com/tag
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/BrightTag.jquery-1.5.1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: eb65022d3365665a5c58df649ca016fb880b7de98c7c1c4b12b31f8f5c88efea

Request headers

Accept: */*
Referer: https://www.pokerstars.eu/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:11 GMT
content-encoding: gzip
Server: nginx
ETag: cff9bb4fe55fe915c849783b817dbf26
P3P: CP=NOI DSP COR NID
Access-Control-Allow-Origin: https://www.pokerstars.eu
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 131
X-BT-RequestId: 6edc8d41-8204-11eb-a216-0000ac1508e9

OPTIONS
H/1.1 200
OK tag
s.thebrighttag.com/ Frame 0
0 32ms
32ms Preflight 52.208.178.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.thebrighttag.com/tag
Protocol: HTTP/1.1
Server: 52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-requested-with
Origin: https://www.pokerstars.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 11 Mar 2021 00:55:11 GMT
Content-Length: 0
Connection: keep-alive
ETag: d41d8cd98f00b204e9800998ecf8427e
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
X-BT-RequestId: 6ed7ab40-8204-11eb-a227-0000ac1509da
Access-Control-Max-Age: 86400
Access-Control-Allow-Origin: https://www.pokerstars.eu
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Credentials: true
P3P: CP=NOI DSP COR NID

OPTIONS
H/1.1 200
OK tag
s.thebrighttag.com/ Frame 0
0 63ms
33ms Preflight 52.208.178.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.thebrighttag.com/tag
Protocol: HTTP/1.1
Server: 52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-requested-with
Origin: https://www.pokerstars.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 11 Mar 2021 00:55:11 GMT
Content-Length: 0
Connection: keep-alive
ETag: d41d8cd98f00b204e9800998ecf8427e
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
X-BT-RequestId: 6edc8d40-8204-11eb-8220-0000ac150819
Access-Control-Max-Age: 86400
Access-Control-Allow-Origin: https://www.pokerstars.eu
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Credentials: true
P3P: CP=NOI DSP COR NID

POST
H/1.1 200
OK tag Show response
s.thebrighttag.com/ Frame 973D 112 B
796 B 44ms
44ms XHR
text/javascript 52.208.178.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.thebrighttag.com/tag
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/BrightTag.jquery-1.5.1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: eb65022d3365665a5c58df649ca016fb880b7de98c7c1c4b12b31f8f5c88efea

Request headers

Accept: */*
Referer: https://www.pokerstars.eu/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:11 GMT
content-encoding: gzip
Server: nginx
ETag: cff9bb4fe55fe915c849783b817dbf26
P3P: CP=NOI DSP COR NID
Access-Control-Allow-Origin: https://www.pokerstars.eu
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 131
X-BT-RequestId: 6ee1e470-8204-11eb-b0aa-0000ac150857

POST
H/1.1 200
OK tag Show response
s.thebrighttag.com/ Frame 973D 0
639 B 39ms
39ms XHR
text/javascript 52.208.178.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.thebrighttag.com/tag
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/BrightTag.jquery-1.5.1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://www.pokerstars.eu/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:11 GMT
Server: nginx
ETag: d41d8cd98f00b204e9800998ecf8427e
P3P: CP=NOI DSP COR NID
Access-Control-Allow-Origin: https://www.pokerstars.eu
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 0
X-BT-RequestId: 6ee62a30-8204-11eb-8437-0000ac150972

OPTIONS
H/1.1 200
OK tag
s.thebrighttag.com/ Frame 0
0 91ms
31ms Preflight 52.208.178.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.thebrighttag.com/tag
Protocol: HTTP/1.1
Server: 52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-requested-with
Origin: https://www.pokerstars.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 11 Mar 2021 00:55:11 GMT
Content-Length: 0
Connection: keep-alive
ETag: d41d8cd98f00b204e9800998ecf8427e
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
X-BT-RequestId: 6ee14830-8204-11eb-a227-0000ac1509da
Access-Control-Max-Age: 86400
Access-Control-Allow-Origin: https://www.pokerstars.eu
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Credentials: true
P3P: CP=NOI DSP COR NID

GET
H/1.1 200
OK /
servedby.flashtalking.com/track/120607;12865;403;16154241-1118-77A3-401B-85230A599103/ Frame 7E72 42 B
515 B 23ms
22ms Image
image/gif 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedby.flashtalking.com/track/120607;12865;403;16154241-1118-77A3-401B-85230A599103/?ft_data=d9:c9a0b13f4d43408487a9d0cc460a3e41;d9s:c9a0b13f4d43408487a9d0cc460a3e41&cachebuster=195757.03891598238
Requested by: Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: prod-xre-app12.lhr11 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=105097354712665&ft_referrer=https%3A//www.pokerstars.eu/&ns=https%3A//lp.clevernetwork.pt/&cb=703418.7285725914
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:11 GMT
Server: prod-xre-app12.lhr11
X-HW: 1615424111.dop036.lo4.shc,1615424111.dop036.lo4.t,1615424111.cds213.lo4.sc,1615424111.cds213.lo4.p
P3P: policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: no-cache, no-store
Connection: Keep-Alive
Content-Type: image/gif
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1
tapestry.tapad.com/tapestry/ Frame 7E72 95 B
336 B 20ms
20ms Image
image/png 35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tapestry.tapad.com/tapestry/1?ta_partner_id=2176&ta_partner_did=c9a0b13f4d43408487a9d0cc460a3e41&ta_format=png

Requested by

Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Jetty(9.4.28.v20200408) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://servedby.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:11 GMT
via: 1.1 google
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/png
alt-svc: clear
content-length: 95

GET
H2

200

/
www.google.de/pagead/1p-conversion/702974000/ Frame CF60
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/702974000/?random=1348709411&cv=9&fst=1615424111565&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_...
https://www.google.com/pagead/1p-conversion/702974000/?random=1348709411&cv=9&fst=1615424111565&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw...
https://www.google.de/pagead/1p-conversion/702974000/?random=1348709411&cv=9&fst=1615424111565&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=...

42 B
108 B

21ms
21ms

Image
image/gif

2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/702974000/?random=1348709411&cv=9&fst=1615424111565&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMqauOKDp-8CFRoE4AodSA0DNQ%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D105097354712665%3Bord%3D4664647398926.674%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.eu%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=b2pJYIuvJpmxx_APhMSswAo&cid=CAQSKQCNIrLMQKKDlWbvvrYVsKJfH8aFku-JtzC15uxsaMCLoe1BVB-EDbfu&random=476051964&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8954552.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 00:55:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Mar 2021 00:55:11 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/702974000/?random=1348709411&cv=9&fst=1615424111565&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMqauOKDp-8CFRoE4AodSA0DNQ%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D105097354712665%3Bord%3D4664647398926.674%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.eu%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=b2pJYIuvJpmxx_APhMSswAo&cid=CAQSKQCNIrLMQKKDlWbvvrYVsKJfH8aFku-JtzC15uxsaMCLoe1BVB-EDbfu&random=476051964&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/752674712/ Frame CF60
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/752674712/?random=168098372&cv=9&fst=1615424111565&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w...
https://www.google.com/pagead/1p-conversion/752674712/?random=168098372&cv=9&fst=1615424111565&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=...
https://www.google.de/pagead/1p-conversion/752674712/?random=168098372&cv=9&fst=1615424111565&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1...

42 B
108 B

21ms
21ms

Image
image/gif

2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/752674712/?random=168098372&cv=9&fst=1615424111565&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMqauOKDp-8CFRoE4AodSA0DNQ%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D105097354712665%3Bord%3D4664647398926.674%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.eu%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=b2pJYIOxJvuBx_AP3MyCwAE&cid=CAQSKQCNIrLMmxyP6sKWBdenaJMj2dUNFDllmtxZM6IpgUMSb9oCkW9faH7I&random=2936703643&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8954552.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 00:55:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Mar 2021 00:55:11 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/752674712/?random=168098372&cv=9&fst=1615424111565&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMqauOKDp-8CFRoE4AodSA0DNQ%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D105097354712665%3Bord%3D4664647398926.674%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.eu%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=b2pJYIOxJvuBx_AP3MyCwAE&cid=CAQSKQCNIrLMmxyP6sKWBdenaJMj2dUNFDllmtxZM6IpgUMSb9oCkW9faH7I&random=2936703643&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 973D 44 B
147 B 8ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1152875091428286&ev=Microdata&dl=https%3A%2F%2Fwww.pokerstars.eu%2F&rl=https%3A%2F%2Flp.clevernetwork.pt%2F&if=true&ts=1615424112712&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Online%20Poker%20%E2%80%93%20Play%20Poker%20Games%20at%20PokerStars%22%2C%22meta%3Adescription%22%3A%22Join%20PokerStars%20today%20-%20the%20world%27s%20best%20online%20poker%20room%20and%20the%20biggest%20tournaments%20anywhere%20online.%20Great%20offers%20for%20new%20players%2C%20don%27t%20miss%20out!%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&ud[external_id]=ccf5e4ade05e252c6cfcf82a3b3864e7a26cb6b8ea2f6905c0e1dccc8519614d&v=2.9.33&r=stable&ec=1&o=30&it=1615424111154&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 11 Mar 2021 00:55:12 GMT

GET
H/1.1 200
OK summary.json.js Show response
www.psimg.com/datafeed/dyn_banners/ Frame 973D 526 B
837 B 23ms
23ms Script
application/json 77.87.180.198
RATIONAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.psimg.com/datafeed/dyn_banners/summary.json.js?callback=netcount

Requested by

Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

77.87.180.198 , Isle Of Man, ASN43338 (RATIONAL-AS, IM),

Reverse DNS

Software

Apache /

Resource Hash

10c91b608c04301346f7b7af371bb3d832659df935884796dc30647c46d713a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Mar 2021 00:54:49 GMT
Server: Apache
ETag: "20e-5bd383b061571-gzip"
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=235
Content-Length: 277

GET
H2 200 825.js Show response
cdn.tradelab.fr/fseg/ Frame 973D 8 KB
3 KB 16ms
15ms Script
application/javascript 152.199.20.219
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tradelab.fr/fseg/825.js?add=4232220
Requested by: Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/tag/c292f111f4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (amc/BC8E) /
Resource Hash: a77b03ac59bedd835e6261c2e0243a81824107314f736763c991f74f6c9528c4

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:16 GMT
content-encoding: gzip
last-modified: Thu, 26 Mar 2020 14:24:44 GMT
server: ECAcc (amc/BC8E)
age: 104
etag: "20b1-5a1c2bf055fd2-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length: 2723
expires: Thu, 11 Mar 2021 01:25:16 GMT

GET
H2 200 645002.js Show response
cdn.tradelab.fr/conv/ Frame 973D 17 KB
7 KB 17ms
17ms Script
application/javascript 152.199.20.219
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tradelab.fr/conv/645002.js
Requested by: Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/fseg/825.js?add=4232220
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (amc/BC71) /
Resource Hash: 45b71a7a36718d83840240c4b86fc9dd385f797bea63b3ee3b625e25163e8458

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:16 GMT
content-encoding: gzip
last-modified: Wed, 24 Feb 2021 16:09:24 GMT
server: ECAcc (amc/BC71)
age: 730
etag: "459e-5bc1742308e32-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length: 6609
expires: Thu, 11 Mar 2021 01:25:16 GMT

GET
H/1.1 200
OK /
its.tradelab.fr/ Frame 973D 43 B
423 B 35ms
34ms Image
image/gif 85.17.192.104
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://its.tradelab.fr/?type=convr&x=1&cdata=%7B%22a%22%3A645002%2C%22l%22%3A%5B2911043%2C3374860%2C3374870%2C3374871%2C3375631%2C3375634%2C3375636%2C3375869%2C3485777%2C3610728%2C4139570%2C4139577%2C5229563%2C5512754%2C5523904%2C5527627%2C5577407%2C5577415%2C5683612%2C5707327%2C5707518%2C5729834%2C5751995%2C5752074%2C5772094%2C5772112%2C5772126%2C5772157%2C5772186%2C5772205%2C5772383%2C5772421%2C5807843%2C5812186%2C5894602%2C5907913%2C5933676%2C5969498%2C5969642%2C5969671%2C5969675%2C5971810%2C5971880%2C5992671%2C5992999%2C5993021%2C6000363%2C6001937%2C6002209%2C6002253%2C6002382%2C6002507%2C6140505%2C6154762%2C6154871%2C6159236%2C6159578%2C6162984%2C6162989%2C6163852%2C6164009%2C6164071%2C6164072%2C6164436%2C6164437%2C6193482%2C6195004%2C6195041%2C6195042%2C6195043%2C6195531%2C6195532%2C6195533%2C6195609%2C6214062%2C6214063%2C6214064%2C6214094%2C6214097%2C6214101%2C6214202%2C6214204%2C6214208%2C6221015%2C6221229%2C6222282%2C6226174%2C6226212%2C6226218%2C6226221%2C6226226%2C6226446%2C6226454%2C6226458%2C6226476%2C6226484%2C6226643%2C6226796%2C6226877%2C6226880%2C6227027%2C6227558%2C6234208%2C6234214%2C6234248%2C6234255%2C6234287%2C6234366%2C6234427%2C6234545%2C6235523%2C6235651%2C6237797%2C6237800%2C6237832%2C6237857%2C6291044%2C6291049%2C6291104%2C6291106%2C6291111%2C6291118%2C6291124%2C6291138%2C6291946%2C6291953%2C6291969%2C6311673%2C6318389%2C6330471%2C6330749%2C6331140%2C6331216%2C6331277%2C6331301%2C6357110%2C6357745%2C6357758%2C6357771%2C6364697%2C6364707%2C6386022%2C6386029%2C6422150%2C6422153%2C6455878%2C6455884%2C6471290%2C6471292%2C6479718%2C6479764%2C6526614%2C6563367%2C6563414%2C6590178%2C6776590%2C6778340%2C6779076%2C6779365%2C6806511%2C6807202%2C6816216%2C6816242%2C6816247%2C6816326%2C6816335%2C6816341%2C6842289%2C6842296%2C6842320%2C6842381%2C6842396%2C6842507%2C6851735%2C6860538%2C6875822%2C6876078%2C6878676%2C6886610%2C6889819%2C6889820%2C6889829%2C6895218%2C6895221%2C6895281%2C6895289%2C6902404%2C6902406%2C6906372%2C6914830%2C6914832%2C6914833%2C6917298%2C6917319%2C6917321%2C6917325%2C6917329%2C6917415%2C7018738%2C7037742%2C7037747%2C7037879%2C7043219%2C7043221%2C7043222%2C7043223%2C7043356%2C7043359%2C7043387%2C7050757%2C7050810%2C7054802%2C7054821%2C7054845%2C7055172%2C7055180%2C7055199%2C7055243%2C7055269%2C7055280%2C7055313%2C7055360%2C7055754%2C7057671%2C7057780%2C7059421%2C7073089%2C7081770%2C7081774%2C7081869%2C7081871%2C7082029%2C7082088%2C7082091%2C7082175%2C7082177%2C7089154%2C7089369%2C7089726%2C7089791%2C7089907%2C7090617%2C7090621%2C7090626%2C7090631%2C7098648%2C7098649%2C7098654%2C7098664%2C7098673%2C7125571%2C7209540%2C7209542%2C7209543%2C7209544%2C7209546%2C7209548%2C7209549%2C7209550%2C7209995%2C7209997%2C7209999%2C7210001%2C7210195%2C7210198%2C7210208%2C7215834%2C7226638%2C7226689%2C7226691%2C7226766%2C7226777%2C7226784%2C7226796%2C7226942%2C7227046%2C7227047%2C7228256%2C7228261%2C7228262%2C7228265%2C7228268%2C7228270%2C7228272%2C7228273%2C7228277%2C7228284%2C7228285%2C7228289%2C7228298%2C7228299%2C7228300%2C7228302%2C7228320%2C7228331%2C7291167%2C7292156%2C7307100%2C7307264%2C7359086%2C7361643%2C7365559%2C7462205%2C7481343%2C7525396%2C7525559%2C7525623%2C7525690%2C7525745%2C7525847%2C7526713%2C7536183%2C7536493%2C7537492%2C7537579%2C7538501%2C7538532%2C7538638%2C7538719%2C7538977%2C7539323%2C7539357%2C7539424%2C7539466%2C7539475%2C7539506%2C7542691%2C7542814%2C7542908%2C7542924%2C7544348%2C7544399%2C7544474%2C7544514%2C7544544%2C7549646%2C7549719%2C7549749%2C7550152%2C7550161%2C7550213%2C7572162%2C7716684%2C7717144%2C7717791%2C7717812%2C7717827%2C7717839%2C7717845%2C7717929%2C7717945%2C7791362%2C7791430%2C7791447%2C7831211%2C7831225%2C7831261%2C7831271%2C7831809%2C7831811%2C7831815%2C7831831%2C7945977%2C7954109%2C8016142%2C8016159%2C8016171%2C8016175%2C8016181%2C8016206%2C8016306%2C8016315%2C8016332%2C8016350%2C8016357%2C8016364%2C8018483%2C8018490%2C8018538%2C8018546%2C8018559%2C8018567%2C8019394%2C8019396%2C8025229%2C8025244%2C8025246%2C8025250%2C8032818%2C8032824%2C8032827%2C8035172%2C8035174%2C8035175%2C8035176%2C8035180%2C8035184%2C8035188%2C8035190%2C8049459%2C8049473%2C8049493%2C8049509%2C8081387%2C8081422%2C8081425%2C8083336%2C8097798%2C8097803%2C8097831%2C8097833%2C8110565%2C8110587%2C8110595%2C8110599%2C8124939%2C8124944%2C8124953%2C8124960%2C8178320%2C8178327%2C8178331%2C8178333%2C8211948%2C8359406%2C8359412%2C8359420%2C8359431%2C8359441%2C8359637%2C8365506%2C8392744%2C8505019%2C8643514%2C8643560%2C8643589%2C8643686%2C8643748%2C8643808%2C8643881%2C8643903%2C8643943%2C8643973%2C8644038%2C8648496%2C8648497%2C8648502%2C8761737%2C8771359%2C8813308%2C8813343%2C8813346%2C8813349%2C8896437%2C8896445%2C8896457%2C8897484%2C8897495%2C8897500%2C8897529%2C8897530%2C8897532%2C8897533%2C8897534%2C8897535%2C8897869%2C8903049%2C8903064%2C8903076%2C8903099%2C8903103%2C8903105%2C8903122%2C8903123%2C8903125%2C8903128%2C8903132%2C8903531%2C8903539%2C8903563%2C8903568%2C8903594%2C8903599%2C8904004%2C8904014%2C8904020%2C8904031%2C8904037%2C8904056%2C8904059%2C8904063%2C9104939%2C9130903%2C9131544%2C9139541%2C9203023%2C9203067%2C9203116%2C9278395%2C9351038%2C9387947%2C9397722%2C9409325%2C9514351%2C9514357%2C9612423%2C9612517%2C9612648%2C9629921%2C9696006%2C9696064%2C9696100%2C9703331%2C9703486%2C9703627%2C9719551%2C9720613%2C9721538%2C9721695%2C9721702%2C9721705%2C9721709%2C9721710%2C9755110%2C9755385%2C9854757%2C9906851%2C9910363%2C9990666%2C9990685%2C9990686%2C10095057%2C10095363%2C10095797%2C10096001%2C10193236%2C10193384%2C10193807%2C10310290%2C10476464%2C10476611%2C10477525%2C10502301%2C10503758%2C10503885%2C10522118%2C10535412%2C10588065%2C10588071%2C10588162%2C10635997%2C10651842%2C10685105%2C10686491%2C10686495%2C10697806%2C10697843%2C10769787%2C10919956%2C10953320%2C10997851%2C10997980%2C10998089%2C10998386%2C10998397%2C10998435%2C10998569%2C10998579%2C11057024%2C11152558%2C11154187%2C11194193%2C11245943%2C11332680%2C11346958%2C11350004%2C11350005%2C11387804%2C11395097%2C11395212%2C11396897%2C11396924%2C11396962%2C11397033%2C11397135%2C11397140%2C11397143%2C11397144%2C11397147%2C11397214%2C11397215%2C11397216%2C11397217%2C11397218%2C11397960%2C11400745%2C11401196%2C11401197%2C11401392%2C11401427%2C11401493%2C11401640%2C11401724%2C11401976%2C11402069%2C11402079%2C11402096%2C11403979%2C11404377%2C11404384%2C11408351%2C11414595%2C11415196%2C11415197%2C11416031%2C11416034%2C11416120%2C11416161%2C11416324%2C11416553%2C11416714%2C11416754%2C11416984%2C11417111%2C11417621%2C11417683%2C11417716%2C11417751%2C11418099%2C11418103%2C11421607%2C11421608%2C11421620%2C11428320%2C11428379%2C11428382%2C11455715%2C11460659%2C11460890%2C11460892%2C11460901%2C11461357%2C11461368%2C11461404%2C11461722%2C11468652%2C11468653%2C11468655%2C11468676%2C11468681%2C11468684%2C11475669%2C11475694%2C11476530%2C11481965%2C11487671%2C11488866%2C11490520%2C11490827%2C11490868%2C11496300%2C11496628%2C11496649%2C11497244%2C11497486%2C11497968%2C11515690%2C11517479%2C11517532%2C11543793%2C11543906%2C11549890%2C11550201%2C11550202%2C11550203%2C11577232%2C11584353%2C11584887%2C11585480%2C11589019%2C11589113%2C11589120%2C11597342%2C11597367%2C11597472%2C11609630%2C11610899%2C11611100%2C11611338%2C11614059%2C11615411%2C11615420%2C11615446%2C11615498%2C11615501%2C11615504%2C11621887%2C11623768%2C11629337%2C11629339%2C11629401%2C11629580%2C11635203%2C11635277%2C11639299%2C11644447%2C11645614%2C11645616%2C11645617%2C11645658%2C11645659%2C11645660%2C11646244%2C11646540%2C11646635%2C11646660%2C11646737%2C11646758%2C11646798%2C11646818%2C11646842%2C11662987%2C11666805%2C11666880%2C11666886%2C11666910%2C11666918%2C11666976%2C11666994%2C11676263%2C11676270%2C11676293%2C11676312%2C11676368%2C11676415%2C11676451%2C11676455%2C11683311%2C11684178%2C11689123%2C11697904%2C11708513%2C11723817%2C11723818%2C11723861%2C11734201%2C11735165%2C11735305%2C11762514%2C11762691%2C11783343%2C11784015%2C11784931%2C11784993%2C11785011%2C11798208%2C11800129%2C11815343%2C11815391%2C11830759%2C11830841%2C11830975%2C11831346%2C11831372%2C11831539%2C11831549%2C11844423%2C11844425%2C11850207%2C11850209%2C11868176%2C11877510%2C11878882%2C11903230%2C11923402%2C11923553%2C11923569%2C11923571%2C11923657%2C11923673%2C11923736%2C11923737%2C11923739%2C11933607%2C11950397%2C11959998%2C11960028%2C11965353%2C11965440%2C11966901%2C11969715%2C11969801%2C11969866%2C11998069%2C11998156%2C12018471%2C12018822%2C12019250%2C12040619%2C12040854%2C12051550%2C12085845%2C12085852%2C12085930%2C12086375%2C12086624%2C12086628%2C12089273%2C12089504%2C12097231%2C12097501%2C12097542%2C12112378%2C12123555%2C12147846%2C12148109%2C12148144%2C12149117%2C12152120%2C12153186%2C12167992%2C12192400%2C12259785%2C12260127%2C12265565%2C12281316%2C12295255%2C12313833%2C12313922%2C12339057%2C12341877%2C12352272%2C12352686%2C12354121%2C12354122%2C12360312%2C12360381%2C12360409%2C12360462%2C12361864%2C12363145%2C12386789%2C12398074%2C12398113%2C12398378%2C12398381%2C12398504%2C12398509%2C12420753%2C12422577%2C12422611%2C12431515%2C12431517%2C12431978%2C12431992%2C12439905%2C12439907%2C12439909%2C12439912%2C12441386%2C12441481%2C12441510%2C12441534%2C12449202%2C12475965%2C12476042%2C12478711%2C12485943%2C12486269%2C12491060%2C12491062%2C12491069%2C12496885%2C12496889%2C12496896%2C12496903%2C12509636%2C12509663%2C12509666%2C12511664%2C12511728%2C12512481%2C12512497%2C12514254%2C12514258%2C12514259%2C12523410%2C12524165%2C12524190%2C12531093%2C12531215%2C12532951%2C12537147%2C12540453%2C12540458%2C12540504%2C12540622%2C12540637%2C12540684%2C12540821%2C12540930%2C12540932%2C12540934%2C12540935%2C12540941%2C12540942%2C12540944%2C12541090%2C12541116%2C12547910%2C12548079%2C12563220%2C12563442%2C12569091%2C12569109%2C12569915%2C12569976%2C12577340%2C12582312%2C12582536%2C12602522%2C12602557%2C12605925%2C12605958%2C12606093%2C12606151%2C12606168%2C12606214%2C12606227%2C12615985%2C12619760%2C12619773%2C12619803%2C12619812%2C12640901%2C12641206%2C12641243%2C12641682%2C12641809%2C12664238%2C12664319%2C12664996%2C12665004%2C12665396%2C12665413%2C12665421%2C12665439%2C12665455%2C12665461%2C12665475%2C12665487%2C12665495%2C12665500%2C12665503%2C12665525%2C12665546%2C12665547%2C12665597%2C12665601%2C12665607%2C12673380%2C12673381%2C12673382%2C12673464%2C12673465%2C12673466%2C12678055%2C12678172%2C12678221%2C12678226%2C12678237%2C12678299%2C12678359%2C12678463%2C12678488%2C12679930%2C12679980%2C12680219%2C12680220%2C12680222%2C12680286%2C12680287%2C12680288%2C12680289%2C12680415%2C12680416%2C12680421%2C12680422%2C12680547%2C12680555%2C12680601%2C12680602%2C12680650%2C12680663%2C12680669%2C12680670%2C12680738%2C12680769%2C12680771%2C12684229%2C12711824%2C12711834%2C12711888%2C12711901%2C12711998%2C12712007%2C12756221%2C12756544%2C12759543%2C12772370%2C12789220%2C12819638%2C12819641%2C12819731%2C12819732%2C12821228%2C12821232%2C12832058%2C12832408%2C12832429%2C12833471%2C12833555%2C12833582%2C12850910%2C12850918%2C12850920%2C12851887%2C12855587%2C12855588%2C12855593%2C12856316%2C12856317%2C12856352%2C12856353%2C12865755%2C12866030%2C12866078%2C12866196%2C12881237%2C12881625%2C12882278%2C12882663%2C12882964%2C12883397%2C12885363%2C12885422%2C12885453%2C12885505%2C12885592%2C12885613%2C12885663%2C12885862%2C12885905%2C12885918%2C12885923%2C12885927%2C12885985%2C12885990%2C12886005%2C12886680%2C12907847%2C12909272%2C12909273%2C12912682%2C12921648%2C12921769%2C12921826%2C12921855%2C12922024%2C12922087%2C12923143%2C12923684%2C12923704%2C12923773%2C12923936%2C12923939%2C12923998%2C12924001%2C12924874%2C12924902%2C12924912%2C12924956%2C12924975%2C12924990%2C12925005%2C12925090%2C12925181%2C12925195%2C12925241%2C12925261%2C12925400%2C12925442%2C12925508%2C12925517%2C12925633%2C12925873%2C12926843%2C12926883%2C12926944%2C12926953%2C12926973%2C12926981%2C12927175%2C12927332%2C12927414%2C12927418%2C12927744%2C12927838%2C12927922%2C12928066%2C12928095%2C12928107%2C12928149%2C12928164%2C12928182%2C12929571%2C12929597%2C12929716%2C12929815%2C12929978%2C12929989%2C12930024%2C12930043%2C12930100%2C12930131%2C12930164%2C12934254%2C12934305%2C12934411%2C12934440%2C12934450%2C12934452%2C12934495%2C12934513%2C12934588%2C12934594%2C12934611%2C12934639%2C12934673%2C12934687%2C12934696%2C12934700%2C12934710%2C12934763%2C12934815%2C12934845%2C12935224%2C12935234%2C12935279%2C12935281%2C12935317%2C12935345%2C12935397%2C12935507%2C12935534%2C12935633%2C12935860%2C12935899%2C12935934%2C12935954%2C12935966%2C12936000%2C12936069%2C12936101%2C12936983%2C12937233%2C12937283%2C12937313%2C12937393%2C12937404%2C12937424%2C12937904%2C12937962%2C12938523%2C12938579%2C12938617%2C12938638%2C12938691%2C12939517%2C12940043%2C12940181%2C12940372%2C12940871%2C12947134%2C12947167%2C12947207%2C12947216%2C12948248%2C12948375%2C12948428%2C12948498%2C12948741%2C12948794%2C12950687%2C12953811%2C12953815%2C12953843%2C12954030%2C12969597%2C12969640%2C12971115%2C12971765%2C12971885%2C12983798%2C12983859%2C12986083%2C12986160%2C12986291%2C12986844%2C12987733%2C12996965%2C12997777%2C12997845%2C12997849%2C13008703%2C13008708%2C13009209%2C13011063%2C13011066%2C13012364%2C13020630%2C13021375%2C13022053%2C13022072%2C13037641%2C13037645%2C13037884%2C13046784%2C13056244%2C13059704%2C13059733%2C13059741%2C13115728%2C13135619%2C13136828%2C13158557%2C13158567%2C13158580%2C13158584%2C13173610%2C13175848%2C13175893%2C13175937%2C13175972%2C13176001%2C13176069%2C13176161%2C13176365%2C13176390%2C13176420%2C13176558%2C13180060%2C13228461%2C13228467%2C13228472%2C13229742%2C13229964%2C13230150%2C13230158%2C13379501%2C13379527%2C13404253%2C13404255%2C13404256%2C13426762%2C13426768%2C13442957%2C13444808%2C13445193%2C13499528%2C13499558%2C13499559%2C13509560%2C13519091%2C13521499%2C13562887%2C13576597%2C13581270%2C13585037%2C13585042%2C13586704%2C13586711%2C13586718%2C13586720%2C13590402%2C13590478%2C13590485%2C13590826%2C13590912%2C13591338%2C13591340%2C13591456%2C13593057%2C13593413%2C13593470%2C13593489%2C13593491%2C13593492%2C13593952%2C13593953%2C13593955%2C13604577%2C13604579%2C13611921%2C13611926%2C13611928%2C13611930%2C13611932%2C13611935%2C13611950%2C13611955%2C13611957%2C13611959%2C13611960%2C13611961%2C13611962%2C13611980%2C13611981%2C13611990%2C13612010%2C13612013%2C13612026%2C13612030%2C13612056%2C13612507%2C13612510%2C13612514%2C13612515%2C13615293%2C13615363%2C13624271%2C13624335%2C13624366%2C13627530%2C13637445%2C13639429%2C13639559%2C13639822%2C13639829%2C13651559%2C13651660%2C13651676%2C13651682%2C13651716%2C13651764%2C13651797%2C13651823%2C13651854%2C13651874%2C13651905%2C13652073%2C13652074%2C13652082%2C13652086%2C13652091%2C13652092%2C13652097%2C13652098%2C13652406%2C13652414%2C13652431%2C13652432%2C13652441%2C13652458%2C13652463%2C13652502%2C13652504%2C13652553%2C13652554%2C13652652%2C13652667%2C13652685%2C13652686%2C13652691%2C13652693%2C13652706%2C13652707%2C13652888%2C13655571%2C13655675%2C13655677%2C13655748%2C13655759%2C13655772%2C13655774%2C13655815%2C13655816%2C13655928%2C13655929%2C13656062%2C13656068%2C13656075%2C13656076%2C13656137%2C13656139%2C13656166%2C13656167%2C13656224%2C13656403%2C13656413%2C13656414%2C13656703%2C13656715%2C13656731%2C13657593%2C13657599%2C13657611%2C13657612%2C13657646%2C13657863%2C13657864%2C13657881%2C13657883%2C13657887%2C13657908%2C13657921%2C13660900%2C13660902%2C13660918%2C13660927%2C13660928%2C13661137%2C13661139%2C13661201%2C13661204%2C13661205%2C13661212%2C13661213%2C13661995%2C13662002%2C13662009%2C13662012%2C13662013%2C13662086%2C13662102%2C13662113%2C13662132%2C13662133%2C13662145%2C13662146%2C13662230%2C13662241%2C13662276%2C13662293%2C13662295%2C13663428%2C13663432%2C13663437%2C13663450%2C13703524%2C13703900%2C13703963%2C13704004%2C13728187%2C13728188%2C13728189%2C13729253%2C13746660%2C13754902%2C13755175%2C13755177%2C13755793%2C13756319%2C13759454%2C13759508%2C13759747%2C13788357%2C13789606%2C13790210%2C13790356%2C13790443%2C13790445%2C13790446%2C13827326%2C13827616%2C13828942%2C13828948%2C13854071%2C13889445%2C13889455%2C13889486%2C13889961%2C13889975%2C13889994%2C13890227%2C13890239%2C13890240%2C13890241%2C13897024%2C13906529%2C13906564%2C13906592%2C13917417%2C13918132%2C13918133%2C13919181%2C13919183%2C13931368%2C13944643%2C13951734%2C13951831%2C13955623%2C13955624%2C13970253%2C13970255%2C14012185%2C14012197%2C14020547%2C14045762%2C14045763%2C14045764%2C14077128%2C14077134%5D%2C%22i%22%3A7%2C%22c%22%3A7%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=5189423&xur=lp.clevernetwork.pt%2F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1615424111%2C%22page_url%22%3A%22lp.clevernetwork.pt%2F%22%2C%22dm%22%3A%22pokerstars.eu%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1615424111%2C%22prev_vis_ts%22%3A1615424111%2C%22curr_vis_ts%22%3A1615424111%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.17.192.104 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: tradelab.fr
Software: nginx/1.17.6 / Tradelab ITS / node3.tradelab.fr
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:16 GMT
Server: nginx/1.17.6
X-Powered-By: Tradelab ITS / node3.tradelab.fr
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H/1.1 200
OK px
secure.adnxs.com/ Frame 973D 43 B
970 B 23ms
22ms Image
image/gif 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=645002&t=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:16 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.155:80
AN-X-Request-Uuid: 1b609f14-b53f-4aff-8a78-a096ab304d98
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK seg
secure.adnxs.com/ Frame 973D 43 B
1 KB 23ms
23ms Image
image/gif 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=4232220&t=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:16 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.71:80
AN-X-Request-Uuid: 89f02892-f2b2-4937-9417-0d546deb3e25
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK /
its.tradelab.fr/ Frame 973D 43 B
929 B 18ms
18ms Image
image/gif 85.17.192.104
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://its.tradelab.fr/?type=fseg&uuid2=3838662649262320631&sid=4232220&val=undefined&fun=825&step=2&siev=4232213&fp=0&advid=5189423&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F89.0.4389.72%2520Safari%252F537.36&ur=https%253A%252F%252Flp.clevernetwork.pt%252F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1615424111%2C%22page_url%22%3A%22lp.clevernetwork.pt%2F%22%2C%22dm%22%3A%22pokerstars.eu%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1615424111%2C%22prev_vis_ts%22%3A1615424111%2C%22curr_vis_ts%22%3A1615424111%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.17.192.104 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: tradelab.fr
Software: nginx/1.17.6 / Tradelab ITS / node4.tradelab.fr
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:16 GMT
Server: nginx/1.17.6
X-Powered-By: Tradelab ITS / node4.tradelab.fr
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H2 200 4824.js Show response
cdn.tradelab.fr/fseg/ Frame 973D 7 KB
3 KB 16ms
15ms Script
application/javascript 152.199.20.219
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tradelab.fr/fseg/4824.js?add=25237863
Requested by: Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/tag/c292f111f4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (amc/BC5C) /
Resource Hash: e70dd2b13f3165a85a871f1863b5f17c7a68e961e2a2788a0921a630edf01bcc

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:16 GMT
content-encoding: gzip
last-modified: Mon, 25 Jan 2021 13:20:52 GMT
server: ECAcc (amc/BC5C)
age: 692
etag: "1bc0-5b9b9683b9159-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length: 2596
expires: Thu, 11 Mar 2021 01:25:16 GMT

GET
H2 200 1432217.js Show response
cdn.tradelab.fr/conv/ Frame 973D 6 KB
2 KB 18ms
17ms Script
application/javascript 152.199.20.219
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tradelab.fr/conv/1432217.js
Requested by: Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/fseg/4824.js?add=25237863
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (amc/BC28) /
Resource Hash: 7a19c4f0ba3cacf7fbc25df5012b6c54006d235e882d26441beea3a3e587ebab

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:16 GMT
content-encoding: gzip
last-modified: Wed, 10 Mar 2021 15:52:37 GMT
server: ECAcc (amc/BC28)
age: 873
etag: "1811-5bd30a7fab419-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length: 2096
expires: Thu, 11 Mar 2021 01:25:16 GMT

GET
H/1.1 200
OK /
its.tradelab.fr/ Frame 973D 43 B
423 B 19ms
17ms Image
image/gif 85.17.192.104
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://its.tradelab.fr/?type=convr&x=1&cdata=%7B%22a%22%3A1432217%2C%22l%22%3A%5B14084295%2C14084296%2C14084297%2C14084298%2C14084299%2C14084300%2C14084301%2C14084302%2C14084303%2C14084304%2C14087289%2C14087695%2C14087696%2C14087698%2C14087699%2C14087700%2C14087701%2C14087702%2C14087703%2C14087704%2C14087705%2C14087707%2C14087758%2C14088588%2C14088589%2C14088590%2C14088591%2C14088592%2C14088614%2C14088615%2C14088616%2C14088617%2C14088618%2C14088619%2C14088620%2C14088621%2C14088833%2C14088834%2C14088835%2C14088836%2C14088837%2C14088838%2C14088839%2C14088840%2C14088841%2C14088842%2C14088843%2C14088844%2C14088845%2C14088846%2C14088928%2C14088929%2C14088930%2C14088931%2C14088932%2C14088933%2C14088934%2C14088935%2C14088956%2C14088967%2C14089013%2C14089014%2C14089015%2C14089016%2C14089018%2C14089019%2C14089020%2C14089021%2C14089022%2C14089023%2C14089024%2C14089025%2C14089026%2C14106411%2C14106423%2C14106427%2C14106492%2C14106500%2C14106573%2C14106589%2C14106618%2C14106626%2C14106699%2C14106700%2C14106701%2C14106702%2C14106703%2C14106704%2C14106705%2C14106706%2C14106707%2C14106708%2C14106715%2C14106716%2C14106717%2C14108528%2C14108530%2C14108531%2C14108532%2C14108535%2C14108536%2C14108537%2C14108538%2C14108539%2C14108581%2C14109150%2C14109155%2C14109156%2C14109160%2C14109222%2C14109223%2C14109224%2C14109237%2C14112294%2C14112295%2C14112546%2C14112938%2C14112963%2C14130627%2C14137247%2C14137698%2C14137742%2C14137930%2C14138477%2C14138483%2C14138729%2C14138767%2C14138806%2C14139071%2C14139135%2C14140278%2C14143076%2C14151598%2C14151682%2C14151686%2C14163673%2C14163674%2C14177818%2C14177819%2C14177820%2C14177821%2C14177822%2C14177823%2C14177824%2C14177825%2C14177826%2C14177827%2C14180354%2C14180355%2C14180356%2C14180357%2C14186170%2C14186245%2C14199460%2C14199680%2C14199691%5D%2C%22i%22%3A7%2C%22c%22%3A30%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=5189423&xur=lp.clevernetwork.pt%2F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1615424111%2C%22page_url%22%3A%22lp.clevernetwork.pt%2F%22%2C%22dm%22%3A%22pokerstars.eu%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1615424111%2C%22prev_vis_ts%22%3A1615424111%2C%22curr_vis_ts%22%3A1615424111%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.17.192.104 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: tradelab.fr
Software: nginx/1.17.6 / Tradelab ITS / node5.tradelab.fr
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:16 GMT
Server: nginx/1.17.6
X-Powered-By: Tradelab ITS / node5.tradelab.fr
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H/1.1 200
OK px
secure.adnxs.com/ Frame 973D 43 B
970 B 28ms
25ms Image
image/gif 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=1432217&t=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:16 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.139:80
AN-X-Request-Uuid: 92bd3a26-7ebc-4e99-bf6a-6e313fd0dc74
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK seg
secure.adnxs.com/ Frame 973D 43 B
1 KB 24ms
22ms Image
image/gif 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=25237863&t=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:16 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.76:80
AN-X-Request-Uuid: 9f631c00-6de3-4fdf-8994-3cdbf25951ad
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK /
its.tradelab.fr/ Frame 973D 43 B
925 B 19ms
17ms Image
image/gif 85.17.192.104
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://its.tradelab.fr/?type=fseg&uuid2=3838662649262320631&sid=25237863&val=undefined&fun=4824&step=2&siev=25237856&fp=0&advid=5189423&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F89.0.4389.72%2520Safari%252F537.36&ur=https%253A%252F%252Flp.clevernetwork.pt%252F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1615424111%2C%22page_url%22%3A%22lp.clevernetwork.pt%2F%22%2C%22dm%22%3A%22pokerstars.eu%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1615424111%2C%22prev_vis_ts%22%3A1615424111%2C%22curr_vis_ts%22%3A1615424111%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.17.192.104 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: tradelab.fr
Software: nginx/1.17.6 / Tradelab ITS / node4.tradelab.fr
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 00:55:16 GMT
Server: nginx/1.17.6
X-Powered-By: Tradelab ITS / node4.tradelab.fr
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H/1.1 200
OK Primary Request Cookie set consorcio-de-imoveis Show response
www.portoseguro.com.br/ 190 KB
30 KB 3051ms
1304ms Document
text/html 200.230.161.212
CLARO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU

Requested by

Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),

Reverse DNS

Software

Apache /

Resource Hash

3260a95ba05201238878633b2342c2bf0aff806a0b09445265d46aef12e3d04c

Security Headers

Name

Value

Content-Security-Policy

frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;

X-Xss-Protection

1; mode=block

Request headers

Host: www.portoseguro.com.br
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://bityli.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bityli.com/

Response headers

Date: Thu, 11 Mar 2021 00:55:21 GMT
Server: Apache
Content-Security-Policy: frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Set-Cookie: ADRUM_BTa=R:19|g:02bdcc1c-11ff-4318-98b6-0384c7accad5; expires=Thu, 11-Mar-2021 00:55:52 GMT; path=/ ADRUM_BTa=R:19|g:02bdcc1c-11ff-4318-98b6-0384c7accad5|n:customer1_8523277e-e17d-4e16-b78b-e0e2da12f0ee; expires=Thu, 11-Mar-2021 00:55:52 GMT; path=/ JSESSIONID=lHQex-pDZydaMz19nGUa2siUxri8baDxeeCqwewCUBQ6_HCxzZCk!1906660820; path=/; secure; HttpOnly ADRUM_BT1=R:19|i:27247; expires=Thu, 11-Mar-2021 00:55:52 GMT; path=/ ADRUM_BT1=R:19|i:27247|e:1241; expires=Thu, 11-Mar-2021 00:55:52 GMT; path=/ ADRUM_BT1=R:19|i:27247|e:1241|d:980; expires=Thu, 11-Mar-2021 00:55:52 GMT; path=/ novoportal=!BFKAunWYYDuTxmfpYgKpZp2+8/6hEZo2EjMCLOZV+Nb+s+YxLma6BwNFStxQwM2FknlOgfHufSLoSgs=; path=/; Httponly; Secure
Content-Language: en-US
Vary: Accept-Encoding,Origin
Content-Encoding: gzip
Accept-Ranges: none
X-UA-Compatible: IE=Edge,chrome=1
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Origin
Keep-Alive: timeout=60, max=896
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK summary.json.js
www.psimg.com/datafeed/dyn_banners/ Frame 973D 526 B
840 B 25ms
24ms Script
application/json 77.87.180.198
RATIONAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.psimg.com/datafeed/dyn_banners/summary.json.js?callback=netcount

Requested by

Host: bityli.com
URL: https://bityli.com/pkvHy?fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

77.87.180.198 , Isle Of Man, ASN43338 (RATIONAL-AS, IM),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:20 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Mar 2021 00:55:19 GMT
Server: Apache
ETag: W/"20e-5bd383cd11bec-gzip"
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=214
Content-Length: 278

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 973D 43 B
489 B 35ms
34ms Image
image/gif 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 3611 f10363c master cdg-pixel-x28 /
Resource Hash

Request headers

Referer: https://www.pokerstars.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:21 GMT
Server: MT3 3611 f10363c master cdg-pixel-x28
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 11 Mar 2021 00:56:05 GMT

GET
H/1.1 200
OK adrum-porto.js Show response
www.portoseguro.com.br/NovoInstitucional/static_files/AppDynamics/ 2 KB
2 KB 868ms
235ms Script
application/javascript 200.230.161.212
CLARO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.portoseguro.com.br/NovoInstitucional/static_files/AppDynamics/adrum-porto.js

Requested by

Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),

Reverse DNS

Software

Apache /

Resource Hash

3aa7cc1550dee03b3a04bc4ce6c5f4969f3945e40d9b84969adc099922f22dbe

Security Headers

Name

Value

Content-Security-Policy

Request headers

Referer: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:23 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Apr 2018 18:38:16 GMT
Server: Apache
Vary: Accept-Encoding,Origin
Content-Type: application/javascript
Access-Control-Allow-Origin
Content-Security-Policy: frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection: Keep-Alive
Accept-Ranges: none
Keep-Alive: timeout=60, max=864
Content-Length: 806

GET
H/1.1 200
OK vgn-ext-templating-delivery.css
www.portoseguro.com.br/sites/styles/ 3 KB
2 KB 699ms
237ms Stylesheet
text/css 200.230.161.212
CLARO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.portoseguro.com.br/sites/styles/vgn-ext-templating-delivery.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),

Reverse DNS

Software

Apache /

Resource Hash

5d6ad50706b8eefbe1739e9f1a4ad3a5780933bccf8d2488c30e353820e46a5c

Security Headers

Name

Value

Content-Security-Policy

X-Xss-Protection

1; mode=block

Request headers

Referer: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2018 18:56:10 GMT
Server: Apache
Vary: Accept-Encoding,Origin
Content-Type: text/css
Access-Control-Allow-Origin
Transfer-Encoding: chunked
Content-Security-Policy: frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection: Keep-Alive
Accept-Ranges: none
Keep-Alive: timeout=60, max=897
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK ajax.jsp Show response
www.portoseguro.com.br/sites/scripts/async/ 993 B
2 KB 937ms
237ms Script
text/javascript 200.230.161.212
CLARO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.portoseguro.com.br/sites/scripts/async/ajax.jsp

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),

Reverse DNS

Software

Apache /

Resource Hash

529e70795dc427b8f853861d2ae1bcd14b72af7af1aa6f23a9603d5b0d96ceb5

Security Headers

Name

Value

Content-Security-Policy

X-Xss-Protection

1; mode=block

Request headers

Referer: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:23 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,Origin
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin
Transfer-Encoding: chunked
Content-Security-Policy: frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection: Keep-Alive
Accept-Ranges: none
Keep-Alive: timeout=60, max=896
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK ps-lib.full-min.css
www.portoseguro.com.br/NovoInstitucional/static_files/visual/v.1/css/ 369 KB
133 KB 710ms
245ms Stylesheet
text/css 200.230.161.212
CLARO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.portoseguro.com.br/NovoInstitucional/static_files/visual/v.1/css/ps-lib.full-min.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),

Reverse DNS

Software

Apache /

Resource Hash

adf676b2c552070f266f9924cdadcf94c71e37a494031fdfe155296481108100

Security Headers

Name

Value

Content-Security-Policy

Request headers

Referer: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:23 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Jul 2020 13:35:18 GMT
Server: Apache
Vary: Accept-Encoding,Origin
Content-Type: text/css
Access-Control-Allow-Origin
Transfer-Encoding: chunked
Content-Security-Policy: frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection: Keep-Alive
Accept-Ranges: none
Keep-Alive: timeout=60, max=841

GET
H/1.1 200
OK temp.css
www.portoseguro.com.br/NovoInstitucional/static_files/styles/ 3 KB
2 KB 716ms
250ms Stylesheet
text/css 200.230.161.212
CLARO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.portoseguro.com.br/NovoInstitucional/static_files/styles/temp.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),

Reverse DNS

Software

Apache /

Resource Hash

1b98cccd8bc0de6824320ceb8ddf4075f733b45285ad7c4226a7bd86d842f759

Security Headers

Name

Value

Content-Security-Policy

Request headers

Referer: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 Nov 2020 05:32:55 GMT
Server: Apache
Vary: Accept-Encoding,Origin
Upgrade: h2,h2c
Access-Control-Allow-Origin
Content-Security-Policy: frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection: Upgrade, Keep-Alive
Accept-Ranges: none
Content-Type: text/css
Keep-Alive: timeout=60, max=900
Content-Length: 1083

GET
H/1.1 200
OK portal.css
www.portoseguro.com.br/NovoInstitucional/static_files/styles/ 144 KB
24 KB 723ms
256ms Stylesheet
text/css 200.230.161.212
CLARO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.portoseguro.com.br/NovoInstitucional/static_files/styles/portal.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),

Reverse DNS

Software

Apache /

Resource Hash

a7d2d708b65024cf75a44c5fd691ad3f9013017f6385265a28f8f2af2c337a18

Security Headers

Name

Value

Content-Security-Policy

Request headers

Referer: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:23 GMT
Content-Encoding: gzip
Last-Modified: Sun, 21 Feb 2021 20:01:22 GMT
Server: Apache
Vary: Accept-Encoding,Origin
Content-Type: text/css
Access-Control-Allow-Origin
Content-Security-Policy: frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection: Keep-Alive
Accept-Ranges: none
Keep-Alive: timeout=60, max=887
Content-Length: 23293

GET
H/1.1 200
OK inovation.css
www.portoseguro.com.br/NovoInstitucional/static_files/styles/ 58 KB
11 KB 708ms
240ms Stylesheet
text/css 200.230.161.212
CLARO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.portoseguro.com.br/NovoInstitucional/static_files/styles/inovation.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),

Reverse DNS

Software

Apache /

Resource Hash

7a6aa567b485360458b3724d168dba80e92e77f1e94df3119360064e4f570fe6

Security Headers

Name

Value

Content-Security-Policy

Request headers

Referer: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:23 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Mar 2021 17:17:42 GMT
Server: Apache
Vary: Accept-Encoding,Origin
Content-Type: text/css
Access-Control-Allow-Origin
Content-Security-Policy: frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection: Keep-Alive
Accept-Ranges: none
Keep-Alive: timeout=60, max=864
Content-Length: 10641

GET
H/1.1 200
OK onetrust.js Show response
www.portoseguro.com.br/static-files/js/ 430 B
1 KB 956ms
240ms Script
application/javascript 200.230.161.212
CLARO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.portoseguro.com.br/static-files/js/onetrust.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),

Reverse DNS

Software

Apache /

Resource Hash

04fdc9b2e28dccaccc6ab266fed68a6a6eaa6f8e725e917a6dd92fe21c9fb29e

Security Headers

Name

Value

Content-Security-Policy

Request headers

Referer: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Jul 2020 21:57:35 GMT
Server: Apache
Vary: Accept-Encoding,Origin
Content-Type: application/javascript
Access-Control-Allow-Origin
Content-Security-Policy: frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection: Keep-Alive
Accept-Ranges: none
Keep-Alive: timeout=60, max=899
Content-Length: 292

GET
H/1.1 200
OK porto-seguro-logo-minimal.svg
www.portoseguro.com.br/static-files/Institucional/Icones/NovoHeader/ 1 KB
2 KB 238ms
238ms Image
image/svg+xml 200.230.161.212
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.portoseguro.com.br/static-files/Institucional/Icones/NovoHeader/porto-seguro-logo-minimal.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),

Reverse DNS

Software

Apache /

Resource Hash

92d2375f223c8596bae2d4170d41e7df14e6c7f0fc0aa25b77026a876b69c560

Security Headers

Name

Value

Content-Security-Policy

Request headers

Referer: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Apr 2020 19:33:29 GMT
Server: Apache
Vary: Accept-Encoding,Origin
Content-Type: image/svg+xml
Access-Control-Allow-Origin
Content-Security-Policy: frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection: Keep-Alive
Accept-Ranges: none
Keep-Alive: timeout=60, max=893
Content-Length: 759

GET
H/1.1 200
OK person-login.svg
www.portoseguro.com.br/static-files/Institucional/Icones/NovoHeader/ 2 KB
2 KB 240ms
239ms Image
image/svg+xml 200.230.161.212
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.portoseguro.com.br/static-files/Institucional/Icones/NovoHeader/person-login.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),

Reverse DNS

Software

Apache /

Resource Hash

a0145e19189d170d55eb4c9f4d13b9160b0dcadbd9d3448d65193131f103953f

Security Headers

Name

Value

Content-Security-Policy

Request headers

Referer: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Apr 2020 19:33:26 GMT
Server: Apache
Vary: Accept-Encoding,Origin
Content-Type: image/svg+xml
Access-Control-Allow-Origin
Content-Security-Policy: frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection: Keep-Alive
Accept-Ranges: none
Keep-Alive: timeout=60, max=840
Content-Length: 906

GET
H/1.1 200
OK Header_Site_Consorcio_1920x505px_Imovel-PortoSeguro.jpg
www.portoseguro.com.br/NovoInstitucional/static_files/images/capas/ 252 KB
0 282ms
280ms Image
image/jpeg 200.230.161.212
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.portoseguro.com.br/NovoInstitucional/static_files/images/capas/Header_Site_Consorcio_1920x505px_Imovel-PortoSeguro.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

Request headers

Referer: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Sep 2020 14:39:11 GMT
Server: Apache
Vary: Accept-Encoding,Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin
Transfer-Encoding: chunked
Content-Security-Policy: frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection: Keep-Alive
Accept-Ranges: none
Keep-Alive: timeout=60, max=885

GET
H/1.1 200
OK consorcio-reforma-casa-de-praia.jpg
www.portoseguro.com.br/NovoInstitucional/static_files/images/thumbnail/ 8 KB
9 KB 282ms
280ms Image
image/jpeg 200.230.161.212
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.portoseguro.com.br/NovoInstitucional/static_files/images/thumbnail/consorcio-reforma-casa-de-praia.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),

Reverse DNS

Software

Apache /

Resource Hash

f3efd97a67b8cc191db6f90437b1a27a0985467f17685ce583221ed142e32ccb

Security Headers

Name

Value

Content-Security-Policy

Request headers

Referer: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Mar 2018 18:05:39 GMT
Server: Apache
Vary: Accept-Encoding,Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin
Content-Security-Policy: frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection: Keep-Alive
Accept-Ranges: none
Keep-Alive: timeout=60, max=896
Content-Length: 8108

GET
H/1.1 200
OK consorcio-terreno.jpg
www.portoseguro.com.br/NovoInstitucional/static_files/images/thumbnail/ 8 KB
9 KB 281ms
279ms Image
image/jpeg 200.230.161.212
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.portoseguro.com.br/NovoInstitucional/static_files/images/thumbnail/consorcio-terreno.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),

Reverse DNS

Software

Apache /

Resource Hash

b2824d3ceb3f4777d268002bd420e8be66e76455611d4f09c50e861d69147948

Security Headers

Name

Value

Content-Security-Policy

Request headers

Referer: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Mar 2018 18:05:40 GMT
Server: Apache
Vary: Accept-Encoding,Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin
Content-Security-Policy: frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection: Keep-Alive
Accept-Ranges: none
Keep-Alive: timeout=60, max=894
Content-Length: 8493

GET
H/1.1 200
OK consorcio-apartamento.jpg
www.portoseguro.com.br/NovoInstitucional/static_files/images/thumbnail/ 6 KB
7 KB 239ms
237ms Image
image/jpeg 200.230.161.212
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.portoseguro.com.br/NovoInstitucional/static_files/images/thumbnail/consorcio-apartamento.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),

Reverse DNS

Software

Apache /

Resource Hash

1f6a1cf2e91acc38ed64e08c989fc1fbba96c56faec61940f4c98f9e1de8fd83

Security Headers

Name

Value

Content-Security-Policy

Request headers

Referer: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Mar 2018 18:05:39 GMT
Server: Apache
Vary: Accept-Encoding,Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin
Content-Security-Policy: frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection: Keep-Alive
Accept-Ranges: none
Keep-Alive: timeout=60, max=897
Content-Length: 6470

GET
H/1.1 200
OK consorcio-casa.jpg
www.portoseguro.com.br/NovoInstitucional/static_files/images/thumbnail/ 11 KB
12 KB 263ms
262ms Image
image/jpeg 200.230.161.212
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.portoseguro.com.br/NovoInstitucional/static_files/images/thumbnail/consorcio-casa.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),

Reverse DNS

Software

Apache /

Resource Hash

62312d0b5f3bbf0f854286160e729c089c19367ba58531ec6b4826463811345c

Security Headers

Name

Value

Content-Security-Policy

Request headers

Referer: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Mar 2018 18:05:39 GMT
Server: Apache
Vary: Accept-Encoding,Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin
Content-Security-Policy: frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection: Keep-Alive
Accept-Ranges: none
Keep-Alive: timeout=60, max=861
Content-Length: 11017

GET
H/1.1 200
OK porto-seguro-consorcio-como-funciona-604x230.jpg
www.portoseguro.com.br/NovoInstitucional/static_files/images/videos/ 10 KB
11 KB 248ms
244ms Image
image/jpeg 200.230.161.212
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.portoseguro.com.br/NovoInstitucional/static_files/images/videos/porto-seguro-consorcio-como-funciona-604x230.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),

Reverse DNS

Software

Apache /

Resource Hash

efc22b04e25b2cacbfee0c782c0a187f819d125077ed3aaceee18925fbf26cd8

Security Headers

Name

Value

Content-Security-Policy

Request headers

Referer: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Mar 2018 14:57:39 GMT
Server: Apache
Vary: Accept-Encoding,Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin
Content-Security-Policy: frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection: Keep-Alive
Accept-Ranges: none
Keep-Alive: timeout=60, max=839
Content-Length: 10097

GET
H/1.1 200
OK porto-seguro-consorcio-investimento-286x230.jpg
www.portoseguro.com.br/NovoInstitucional/static_files/images/videos/ 9 KB
9 KB 239ms
237ms Image
image/jpeg 200.230.161.212
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.portoseguro.com.br/NovoInstitucional/static_files/images/videos/porto-seguro-consorcio-investimento-286x230.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),

Reverse DNS

Software

Apache /

Resource Hash

f7af6828311223e42e7a0b42821e8008337ac3b8f5d8a77fd21aca267a1d76b5

Security Headers

Name

Value

Content-Security-Policy

Request headers

Referer: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Mar 2018 14:57:41 GMT
Server: Apache
Vary: Accept-Encoding,Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin
Content-Security-Policy: frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection: Keep-Alive
Accept-Ranges: none
Keep-Alive: timeout=60, max=892
Content-Length: 8748

GET
H/1.1 200
OK porto-seguro-consorcio-beneficio-286x230.jpg
www.portoseguro.com.br/NovoInstitucional/static_files/images/videos/ 5 KB
6 KB 238ms
237ms Image
image/jpeg 200.230.161.212
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.portoseguro.com.br/NovoInstitucional/static_files/images/videos/porto-seguro-consorcio-beneficio-286x230.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),

Reverse DNS

Software

Apache /

Resource Hash

6d48934602242193b6f52f8c71206f80f2249749cf7a1e500b6b14dd4a5169a3

Security Headers

Name

Value

Content-Security-Policy

Request headers

Referer: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Mar 2018 14:57:40 GMT
Server: Apache
Vary: Accept-Encoding,Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin
Content-Security-Policy: frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection: Keep-Alive
Accept-Ranges: none
Keep-Alive: timeout=60, max=893
Content-Length: 4755

GET
H/1.1 200
OK porto-seguro-consorcio-mitos-e-verdades-286x230.jpg
www.portoseguro.com.br/NovoInstitucional/static_files/images/videos/ 4 KB
4 KB 242ms
241ms Image
image/jpeg 200.230.161.212
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.portoseguro.com.br/NovoInstitucional/static_files/images/videos/porto-seguro-consorcio-mitos-e-verdades-286x230.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),

Reverse DNS

Software

Apache /

Resource Hash

898b995d997e877b51b2531304b2e8c79de68f2e8edcbfdd4eecceea17ca528c

Security Headers

Name

Value

Content-Security-Policy

Request headers

Referer: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Mar 2018 14:57:42 GMT
Server: Apache
Vary: Accept-Encoding,Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin
Content-Security-Policy: frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection: Keep-Alive
Accept-Ranges: none
Keep-Alive: timeout=60, max=862
Content-Length: 3370

GET
H/1.1 200
OK porto-seguro-consorcio-lance-ou-sorteio-286x230.jpg
www.portoseguro.com.br/NovoInstitucional/static_files/images/videos/ 7 KB
7 KB 242ms
239ms Image
image/jpeg 200.230.161.212
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.portoseguro.com.br/NovoInstitucional/static_files/images/videos/porto-seguro-consorcio-lance-ou-sorteio-286x230.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),

Reverse DNS

Software

Apache /

Resource Hash

9db28ce81bb2d059a0e4f2aa53bc2934821a007f17887039cd0d7033a4edee89

Security Headers

Name

Value

Content-Security-Policy

Request headers

Referer: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Mar 2018 14:57:41 GMT
Server: Apache
Vary: Accept-Encoding,Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin
Content-Security-Policy: frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection: Keep-Alive
Accept-Ranges: none
Keep-Alive: timeout=60, max=838
Content-Length: 6552

GET
H/1.1 200
OK porto-seguro-consorcio-meu-consorcio-286x230.jpg
www.portoseguro.com.br/NovoInstitucional/static_files/images/videos/ 4 KB
4 KB 240ms
240ms Image
image/jpeg 200.230.161.212
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.portoseguro.com.br/NovoInstitucional/static_files/images/videos/porto-seguro-consorcio-meu-consorcio-286x230.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),

Reverse DNS

Software

Apache /

Resource Hash

324afb0ae0633fc10bc7498d83be88f44cf0746a6eef18c8dbc33acf0d390de8

Security Headers

Name

Value

Content-Security-Policy

Request headers

Referer: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Mar 2018 14:57:40 GMT
Server: Apache
Vary: Accept-Encoding,Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin
Content-Security-Policy: frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection: Keep-Alive
Accept-Ranges: none
Keep-Alive: timeout=60, max=892
Content-Length: 3656

GET
H/1.1 200
OK porto-seguro-consorcio-fuicontemplado-286x230.jpg
www.portoseguro.com.br/NovoInstitucional/static_files/images/videos/ 5 KB
6 KB 237ms
237ms Image
image/jpeg 200.230.161.212
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.portoseguro.com.br/NovoInstitucional/static_files/images/videos/porto-seguro-consorcio-fuicontemplado-286x230.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),

Reverse DNS

Software

Apache /

Resource Hash

6b4d18e360e543bb5e995b47c1e0650579e2bc2bc6343e98e8269fca994391b8

Security Headers

Name

Value

Content-Security-Policy

Request headers

Referer: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Mar 2018 14:57:41 GMT
Server: Apache
Vary: Accept-Encoding,Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin
Content-Security-Policy: frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection: Keep-Alive
Accept-Ranges: none
Keep-Alive: timeout=60, max=860
Content-Length: 5238

GET
H/1.1 200
OK porto-seguro-consorcio-credito-imovel-286x230.jpg
www.portoseguro.com.br/NovoInstitucional/static_files/images/videos/ 7 KB
7 KB 237ms
236ms Image
image/jpeg 200.230.161.212
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.portoseguro.com.br/NovoInstitucional/static_files/images/videos/porto-seguro-consorcio-credito-imovel-286x230.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),

Reverse DNS

Software

Apache /

Resource Hash

aedaf3d4df6444d8d74e44d1b8f012c14c0e6487af7145ce5a9ac42eb5a50751

Security Headers

Name

Value

Content-Security-Policy

Request headers

Referer: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Mar 2018 18:05:02 GMT
Server: Apache
Vary: Accept-Encoding,Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin
Content-Security-Policy: frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection: Keep-Alive
Accept-Ranges: none
Keep-Alive: timeout=60, max=891
Content-Length: 6704

GET
H/1.1 200
OK bootstrap.js Show response
www.portoseguro.com.br/NovoInstitucional/static_files/scripts/ 24 KB
5 KB 237ms
237ms Script
application/javascript 200.230.161.212
CLARO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.portoseguro.com.br/NovoInstitucional/static_files/scripts/bootstrap.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),

Reverse DNS

Software

Apache /

Resource Hash

5ab91df0a724b5126111ca02c6fa8e83dd6bd75296f37626ad39c0e3bb737c71

Security Headers

Name

Value

Content-Security-Policy

Request headers

Referer: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Mar 2021 20:21:51 GMT
Server: Apache
Vary: Accept-Encoding,Origin
Content-Type: application/javascript
Access-Control-Allow-Origin
Content-Security-Policy: frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection: Keep-Alive
Accept-Ranges: none
Keep-Alive: timeout=60, max=862
Content-Length: 4493

GET
H/1.1 200
OK adrum.js Show response
www.portoseguro.com.br/NovoInstitucional/static_files/AppDynamics/ 44 KB
15 KB 240ms
239ms Script
application/javascript 200.230.161.212
CLARO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.portoseguro.com.br/NovoInstitucional/static_files/AppDynamics/adrum.js

Requested by

Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/NovoInstitucional/static_files/AppDynamics/adrum-porto.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),

Reverse DNS

Software

Apache /

Resource Hash

1ed86d2809048c0b343c0f73a8e4c8fb5b9e80f65679eb062e7e3366d41309cf

Security Headers

Name

Value

Content-Security-Policy

Request headers

Referer: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:23 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Apr 2018 18:38:28 GMT
Server: Apache
Vary: Accept-Encoding,Origin
Content-Type: application/javascript
Access-Control-Allow-Origin
Content-Security-Policy: frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection: Keep-Alive
Accept-Ranges: none
Keep-Alive: timeout=60, max=863
Content-Length: 14608

GET
H2 200 hotjar-114520.js Show response
static.hotjar.com/c/ 6 KB
2 KB 171ms
83ms Script
application/javascript 65.9.96.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-114520.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

80847e537d71457418d62c3c7934ccb971155309ae71b333db4fd86584d76710

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.portoseguro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:24 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: PRG50-C1
etag: W/ae6b48c6939631652d63ca7d7ad0c6ed
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1865
via: 1.1 3da92f19744e3229b09a019ec66be172.cloudfront.net (CloudFront)
x-amz-cf-id: x5QVMW2jvcfxpuHVP0VpzzQKvtiGoaPnPk2JoCog1aai6Q33GVGsxw==

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.portoseguro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 3169
date: Thu, 11 Mar 2021 00:02:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Thu, 11 Mar 2021 02:02:35 GMT

GET
H/1.1 200
OK bg.png
s3-sa-east-1.amazonaws.com/frame-image-br/ 0
516 B 905ms
218ms Image
image/png 52.95.165.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-sa-east-1.amazonaws.com/frame-image-br/bg.png?x-id=PSGO&x-r=https://bityli.com/
Requested by: Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.165.10 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-sa-east-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.portoseguro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:26 GMT
Last-Modified: Thu, 04 May 2017 08:21:21 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:502/gname:staff/uname:user/gid:20/mode:33188/mtime:1493416832/atime:1493796970/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1493416832
x-amz-request-id: 309AEF1D0FC97C3B
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 0
x-amz-id-2: OA6NPzhjw4jlQNJ3MJB7IeVjDpdAH4s6NNgh8O7ObxgUWtmo7KGzK2I8U8rAWVQp/HdJfSVubsA=

GET
H/1.1 200
OK vquery.min.js Show response
www.portoseguro.com.br/sites/scripts/vquery/ 84 KB
30 KB 237ms
236ms Script
text/javascript 200.230.161.212
CLARO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.portoseguro.com.br/sites/scripts/vquery/vquery.min.js

Requested by

Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/sites/scripts/async/ajax.jsp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),

Reverse DNS

Software

Apache /

Resource Hash

e49e6b6fee72091bf2131600d498a180560f12fd3f8d480da4992ab10f3fbae5

Security Headers

Name

Value

Content-Security-Policy

X-Xss-Protection

1; mode=block

Request headers

Referer: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2018 18:56:10 GMT
Server: Apache
Vary: Accept-Encoding,Origin
Content-Type: text/javascript
Access-Control-Allow-Origin
Transfer-Encoding: chunked
Content-Security-Policy: frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection: Keep-Alive
Accept-Ranges: none
Keep-Alive: timeout=60, max=894
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK ajaxlib.js Show response
www.portoseguro.com.br/sites/scripts/async/ 406 B
1 KB 240ms
239ms Script
text/javascript 200.230.161.212
CLARO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.portoseguro.com.br/sites/scripts/async/ajaxlib.js

Requested by

Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/sites/scripts/async/ajax.jsp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),

Reverse DNS

Software

Apache /

Resource Hash

960fa5f6ec47c992645b99ca5e3a7becb3bb23e6352499b018e532fea148baaa

Security Headers

Name

Value

Content-Security-Policy

X-Xss-Protection

1; mode=block

Request headers

Referer: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2018 18:56:06 GMT
Server: Apache
Vary: Accept-Encoding,Origin
Content-Type: text/javascript
Access-Control-Allow-Origin
Transfer-Encoding: chunked
Content-Security-Policy: frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection: Keep-Alive
Accept-Ranges: none
Keep-Alive: timeout=60, max=895
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK wem-ajax-min.js Show response
www.portoseguro.com.br/sites/scripts/async/ 2 KB
2 KB 238ms
237ms Script
text/javascript 200.230.161.212
CLARO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.portoseguro.com.br/sites/scripts/async/wem-ajax-min.js

Requested by

Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/sites/scripts/async/ajax.jsp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),

Reverse DNS

Software

Apache /

Resource Hash

a079b424dc8e9ab3d958b2fb25332ea047536dbab5364823389094453333bc5f

Security Headers

Name

Value

Content-Security-Policy

X-Xss-Protection

1; mode=block

Request headers

Referer: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2018 19:00:00 GMT
Server: Apache
Vary: Accept-Encoding,Origin
Content-Type: text/javascript
Access-Control-Allow-Origin
Transfer-Encoding: chunked
Content-Security-Policy: frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection: Keep-Alive
Accept-Ranges: none
Keep-Alive: timeout=60, max=898
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK wem-messaging-min.js Show response
www.portoseguro.com.br/sites/scripts/messaging/ 6 KB
3 KB 242ms
241ms Script
text/javascript 200.230.161.212
CLARO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.portoseguro.com.br/sites/scripts/messaging/wem-messaging-min.js

Requested by

Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/sites/scripts/async/ajax.jsp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),

Reverse DNS

Software

Apache /

Resource Hash

8258e8f9962e8072a6110a7f875f919bb968d61ce995e148ba319f2e0eb8b38e

Security Headers

Name

Value

Content-Security-Policy

X-Xss-Protection

1; mode=block

Request headers

Referer: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2018 19:00:00 GMT
Server: Apache
Vary: Accept-Encoding,Origin
Content-Type: text/javascript
Access-Control-Allow-Origin
Transfer-Encoding: chunked
Content-Security-Policy: frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection: Keep-Alive
Accept-Ranges: none
Keep-Alive: timeout=60, max=843
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK vcm32266.js Show response
www.portoseguro.com.br/sites/scripts/ 125 B
1 KB 280ms
238ms Script
text/javascript 200.230.161.212
CLARO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.portoseguro.com.br/sites/scripts/vcm32266.js

Requested by

Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/sites/scripts/async/ajax.jsp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),

Reverse DNS

Software

Apache /

Resource Hash

2ca0afe5bd8de2b0493bdafe899994cd59cecc1e6c81e2ccebd00e1691622485

Security Headers

Name

Value

Content-Security-Policy

X-Xss-Protection

1; mode=block

Request headers

Referer: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2018 18:56:08 GMT
Server: Apache
Vary: Accept-Encoding,Origin
Content-Type: text/javascript
Access-Control-Allow-Origin
Transfer-Encoding: chunked
Content-Security-Policy: frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection: Keep-Alive
Accept-Ranges: none
Keep-Alive: timeout=60, max=886
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK Cookie set check-logged-in
cliente.portoseguro.com.br/portal/site/portaldecliente/ Frame 1978 0
0 1588ms
247ms Document
text/html 200.211.179.211
CLARO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://cliente.portoseguro.com.br/portal/site/portaldecliente/check-logged-in

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.211.179.211 , Brazil, ASN4230 (CLARO S.A., BR),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15553000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Host: cliente.portoseguro.com.br
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.portoseguro.com.br/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: portal=pdc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.portoseguro.com.br/

Response headers

Date: Thu, 11 Mar 2021 00:55:26 GMT
Server: Apache
Strict-Transport-Security: max-age=15553000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache
OT-force-Account-Verify: true
Set-Cookie: ADRUM_BTa=R:31|g:c7385c44-fe81-4859-8af6-48281f145562; expires=Thu, 11-Mar-2021 00:55:56 GMT; path=/ ADRUM_BTa=R:31|g:c7385c44-fe81-4859-8af6-48281f145562|n:customer1_8523277e-e17d-4e16-b78b-e0e2da12f0ee; expires=Thu, 11-Mar-2021 00:55:56 GMT; path=/ JSESSIONID=zn0ex_xYInP-uzhzE5M7_blL_OPmhMenNGVHwet1LxuWKWRmWXCH!-1098722287!-1082683355; path=/; secure; HttpOnly ADRUM_BT1=R:31|i:17377; expires=Thu, 11-Mar-2021 00:55:56 GMT; path=/ ADRUM_BT1=R:31|i:17377|e:0; expires=Thu, 11-Mar-2021 00:55:56 GMT; path=/ ADRUM_BT1=R:31|i:17377|e:0|d:10; expires=Thu, 11-Mar-2021 00:55:56 GMT; path=/ portaldocliente=!6WzxNoJSa/TlWTQtPa/RZwo0ZvMSsKHBNNT8YW/PIKzcgT8kfL4NM4R+AU7D0VSLUVxUaiD7rvUZBQ==; path=/; Httponly; Secure
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H3-Q050 200 mem5YaGs126MiZpBA-UNirkOUuhs.ttf
fonts.gstatic.com/s/opensans/v17/ 27 KB
19 KB 7ms
7ms Font
font/ttf 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhs.ttf

Requested by

Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/NovoInstitucional/static_files/visual/v.1/css/ps-lib.full-min.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23fea0a987694a487d5e053345c610b6c2b0cee5943e6c54dffa8c4d3b8c2a27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.portoseguro.com.br
Referer: https://www.portoseguro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 12:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 478290
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18834
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 19:31:10 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Mar 2022 12:03:54 GMT

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFVZ0e.ttf
fonts.gstatic.com/s/opensans/v17/ 26 KB
18 KB 7ms
7ms Font
font/ttf 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0e.ttf

Requested by

Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/NovoInstitucional/static_files/visual/v.1/css/ps-lib.full-min.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5669ca033ab68625c0cae6bcf1abb2722c02ea43a0d65323b2f7b023c7afa35e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.portoseguro.com.br
Referer: https://www.portoseguro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 06:52:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151390
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18276
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 19:30:44 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Mar 2022 06:52:14 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN_r8OUuhs.ttf
fonts.gstatic.com/s/opensans/v17/ 28 KB
18 KB 7ms
6ms Font
font/ttf 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhs.ttf

Requested by

Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/NovoInstitucional/static_files/visual/v.1/css/ps-lib.full-min.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbf567ab82eeff26676787e317e68b11d7546b2ac57543c34e6d3639faedd2f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.portoseguro.com.br
Referer: https://www.portoseguro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 18:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196643
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18834
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 19:30:45 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Mar 2022 18:18:01 GMT

GET
DATA 200
OK truncated
/ 111 KB
111 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5293af5929f4bf7d3b5b958854c714a151f715308e05ba96b4fa2e38608ab26

Request headers

Origin: https://www.portoseguro.com.br
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H2 200 kLYStLxCc6Y Show response
www.youtube.com/embed/ Frame 5F15 50 KB
21 KB 58ms
58ms Document
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/kLYStLxCc6Y?rel=0&showinfo=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f930b92434e71139102f53dca14116f360d7685bf344deb13a1f1a746a051154

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/kLYStLxCc6Y?rel=0&showinfo=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.portoseguro.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.portoseguro.com.br/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 11 Mar 2021 00:55:24 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=ZqReOQrOFGM; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=xgI9PGEqkTw; Domain=.youtube.com; Expires=Tue, 07-Sep-2021 00:55:24 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+876; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 A9xQ5hQ4gr4 Show response
www.youtube.com/embed/ Frame 4009 50 KB
21 KB 77ms
77ms Document
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/A9xQ5hQ4gr4?rel=0&showinfo=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b8360d5b4e174d1cd0ebbc287d2ed75e7d996c838b19aafb8ad2fcd19b28d75b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/A9xQ5hQ4gr4?rel=0&showinfo=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.portoseguro.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.portoseguro.com.br/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 11 Mar 2021 00:55:24 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=2W8dJw612AY; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=oQj123f8Nv4; Domain=.youtube.com; Expires=Tue, 07-Sep-2021 00:55:24 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+177; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 4TNPi3q_tPs Show response
www.youtube.com/embed/ Frame D4E4 50 KB
21 KB 58ms
58ms Document
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/4TNPi3q_tPs?rel=0&showinfo=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eca2c979f9bdfd06ec0ddc133a25559832fabf4bd4981f31f37f56b262b8561c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/4TNPi3q_tPs?rel=0&showinfo=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.portoseguro.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.portoseguro.com.br/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 11 Mar 2021 00:55:24 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=sXOV_NgLy6o; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=puUV0yiZXT0; Domain=.youtube.com; Expires=Tue, 07-Sep-2021 00:55:24 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+883; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 lP_1qjb9Gxo Show response
www.youtube.com/embed/ Frame 98EB 50 KB
21 KB 70ms
69ms Document
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/lP_1qjb9Gxo?rel=0&showinfo=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0ea92ffcda54933c1ee1058f427ba36fa05551ae83d298a7a2e144f2098200e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/lP_1qjb9Gxo?rel=0&showinfo=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.portoseguro.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.portoseguro.com.br/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 11 Mar 2021 00:55:24 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=K6wUBhgrCL0; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=4wDRKivXgu8; Domain=.youtube.com; Expires=Tue, 07-Sep-2021 00:55:24 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+034; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 _N6Jdu-wLO4 Show response
www.youtube.com/embed/ Frame 403C 50 KB
21 KB 94ms
94ms Document
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/_N6Jdu-wLO4?rel=0&showinfo=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c9e639e1861bb61335b926277ece5e10a9691f5ef996458c602d46f445c34d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/_N6Jdu-wLO4?rel=0&showinfo=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.portoseguro.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.portoseguro.com.br/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 11 Mar 2021 00:55:24 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=_7sxXn99Ca8; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=zrQxpi-H7J4; Domain=.youtube.com; Expires=Tue, 07-Sep-2021 00:55:24 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+493; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 8to6cULY1as Show response
www.youtube.com/embed/ Frame 130F 50 KB
21 KB 83ms
83ms Document
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/8to6cULY1as?rel=0&showinfo=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

544034188f1aae6c19a4b049230ddda418c341d1561f5084fc2145ac1abcdfb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/8to6cULY1as?rel=0&showinfo=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.portoseguro.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.portoseguro.com.br/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 11 Mar 2021 00:55:24 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=0kRXKZzoPHc; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=r4GuX4p0Ns0; Domain=.youtube.com; Expires=Tue, 07-Sep-2021 00:55:24 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+095; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 RuPBLGEP3eU Show response
www.youtube.com/embed/ Frame E78F 50 KB
21 KB 59ms
59ms Document
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/RuPBLGEP3eU?rel=0&showinfo=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

542667f2f586ff549d2d100049d6497ded1fc240df94f292830c2af35d787381

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/RuPBLGEP3eU?rel=0&showinfo=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.portoseguro.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.portoseguro.com.br/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 11 Mar 2021 00:55:24 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=VcFZyAbJUoY; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=yeMhFKrgAb0; Domain=.youtube.com; Expires=Tue, 07-Sep-2021 00:55:24 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+636; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 NJ2yRGIktsc Show response
www.youtube.com/embed/ Frame 1ADB 50 KB
21 KB 98ms
98ms Document
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/NJ2yRGIktsc?rel=0&showinfo=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4089c54aaba3ab55c62fa8ae702011559c4493eda3f7de14a580968c96ca956a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/NJ2yRGIktsc?rel=0&showinfo=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.portoseguro.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.portoseguro.com.br/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 11 Mar 2021 00:55:24 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=MtzXUwH24j0; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=M3rIXC-_wBk; Domain=.youtube.com; Expires=Tue, 07-Sep-2021 00:55:24 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+371; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK play.svg
www.portoseguro.com.br/NovoInstitucional/static_files/images/ 2 KB
2 KB 238ms
237ms Image
image/svg+xml 200.230.161.212
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.portoseguro.com.br/NovoInstitucional/static_files/images/play.svg

Requested by

Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/NovoInstitucional/static_files/styles/portal.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),

Reverse DNS

Software

Apache /

Resource Hash

fa854f36de2533eb57f0eb0275329939e32cb79fdd781e33a370d14ff75da275

Security Headers

Name

Value

Content-Security-Policy

Request headers

Referer: https://www.portoseguro.com.br/NovoInstitucional/static_files/styles/portal.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:25 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Mar 2018 22:53:58 GMT
Server: Apache
Vary: Accept-Encoding,Origin
Content-Type: image/svg+xml
Access-Control-Allow-Origin
Content-Security-Policy: frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection: Keep-Alive
Accept-Ranges: none
Keep-Alive: timeout=60, max=842
Content-Length: 775

GET
H/1.1 200
OK require.js Show response
www.portoseguro.com.br/NovoInstitucional/static_files/scripts/ 15 KB
7 KB 238ms
238ms Script
application/javascript 200.230.161.212
CLARO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.portoseguro.com.br/NovoInstitucional/static_files/scripts/require.js

Requested by

Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/NovoInstitucional/static_files/scripts/bootstrap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.230.161.212 Guarulhos, Brazil, ASN4230 (CLARO S.A., BR),

Reverse DNS

Software

Apache /

Resource Hash

299223a6aa7fe04a1c3e37c81adc15997b353814d9ecd8a4a25b55e70d9b7aec

Security Headers

Name

Value

Content-Security-Policy

Request headers

Referer: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 00:55:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Jan 2019 18:32:05 GMT
Server: Apache
Vary: Accept-Encoding,Origin
Content-Type: application/javascript
Access-Control-Allow-Origin
Content-Security-Policy: frame-ancestors https://optimize.google.com/ http://rum-static.pingdom.net/ https://www.portoseguro.com.br/ https://adservice.google.com/ http://aplwebprd/ http://aplwebprd.portoseguro.brasil/ https://www.google.com/ https://vars.hotjar.com/ https://cliente.portoseguro.com.br/ http://otclientprodm.portoseguro.brasil/ https://wwws.portoseguro.com.br/ https://www.youtube.com/ https://bid.g.doubleclick.net/ https://connect.facebook.net/ https://www.googleadservices.com/ https://googleads.g.doubleclick.net/ http://9186255.fls.doubleclick.net/ https://adservice.google.com.br;
Connection: Keep-Alive
Accept-Ranges: none
Keep-Alive: timeout=60, max=890
Content-Length: 6460

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 87 KB
35 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-T28PS8J&cid=245540650.1615424125

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1ae51bee5ad2e217245384f62bf389a2eaa0760032f71e581e62f49f9ab3081d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.portoseguro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:24 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35120
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Mar 2021 00:55:24 GMT

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/d91669a4/ Frame 5F15 340 KB
51 KB 44ms
28ms Stylesheet
text/css 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/kLYStLxCc6Y?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbe0caad9e694346ebc2e2cc991047f92dd8ae4fb06c87e4d002ea6c3b9a27bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/kLYStLxCc6Y?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:45:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 202187
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52174
x-xss-protection: 0
expires: Tue, 08 Mar 2022 16:45:37 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/d91669a4/www-embed-player.vflset/ Frame 5F15 158 KB
57 KB 59ms
43ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/kLYStLxCc6Y?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5183db3dd5ebd330a49f1f51ce3b69800775d193adc6699d76637b0bfeeef98a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/kLYStLxCc6Y?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 12:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 45512
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58727
x-xss-protection: 0
expires: Thu, 10 Mar 2022 12:16:52 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 5F15 2 MB
503 KB 58ms
43ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/kLYStLxCc6Y?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973cf225de45ec42ec32d1bee3fe4242405f8c7318aca095cb0928f4d4ba3701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/kLYStLxCc6Y?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:48:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 202001
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 514953
x-xss-protection: 0
expires: Tue, 08 Mar 2022 16:48:43 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/d91669a4/fetch-polyfill.vflset/ Frame 5F15 8 KB
3 KB 62ms
47ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/kLYStLxCc6Y?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/kLYStLxCc6Y?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 09:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 56784
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Thu, 10 Mar 2022 09:09:00 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5F15 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/kLYStLxCc6Y?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 19:41:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 537239
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Fri, 04 Mar 2022 19:41:25 GMT

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/d91669a4/ Frame D4E4 340 KB
51 KB 34ms
24ms Stylesheet
text/css 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4TNPi3q_tPs?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbe0caad9e694346ebc2e2cc991047f92dd8ae4fb06c87e4d002ea6c3b9a27bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/4TNPi3q_tPs?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:45:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 202187
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52174
x-xss-protection: 0
expires: Tue, 08 Mar 2022 16:45:37 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/d91669a4/www-embed-player.vflset/ Frame D4E4 158 KB
57 KB 55ms
46ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4TNPi3q_tPs?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5183db3dd5ebd330a49f1f51ce3b69800775d193adc6699d76637b0bfeeef98a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/4TNPi3q_tPs?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 12:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 45512
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58727
x-xss-protection: 0
expires: Thu, 10 Mar 2022 12:16:52 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame D4E4 2 MB
503 KB 55ms
45ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4TNPi3q_tPs?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973cf225de45ec42ec32d1bee3fe4242405f8c7318aca095cb0928f4d4ba3701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/4TNPi3q_tPs?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:48:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 202001
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 514953
x-xss-protection: 0
expires: Tue, 08 Mar 2022 16:48:43 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/d91669a4/fetch-polyfill.vflset/ Frame D4E4 8 KB
3 KB 54ms
45ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4TNPi3q_tPs?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/4TNPi3q_tPs?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 09:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 56784
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Thu, 10 Mar 2022 09:09:00 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D4E4 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4TNPi3q_tPs?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 19:41:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 537239
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Fri, 04 Mar 2022 19:41:25 GMT

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/d91669a4/ Frame E78F 340 KB
51 KB 25ms
22ms Stylesheet
text/css 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RuPBLGEP3eU?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbe0caad9e694346ebc2e2cc991047f92dd8ae4fb06c87e4d002ea6c3b9a27bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/RuPBLGEP3eU?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:45:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 202187
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52174
x-xss-protection: 0
expires: Tue, 08 Mar 2022 16:45:37 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E78F 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RuPBLGEP3eU?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 19:41:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 537239
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Fri, 04 Mar 2022 19:41:25 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/d91669a4/www-embed-player.vflset/ Frame E78F 158 KB
57 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RuPBLGEP3eU?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5183db3dd5ebd330a49f1f51ce3b69800775d193adc6699d76637b0bfeeef98a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/RuPBLGEP3eU?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 12:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 45512
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58727
x-xss-protection: 0
expires: Thu, 10 Mar 2022 12:16:52 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame E78F 2 MB
503 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RuPBLGEP3eU?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973cf225de45ec42ec32d1bee3fe4242405f8c7318aca095cb0928f4d4ba3701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/RuPBLGEP3eU?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:48:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 202001
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 514953
x-xss-protection: 0
expires: Tue, 08 Mar 2022 16:48:43 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/d91669a4/fetch-polyfill.vflset/ Frame E78F 8 KB
3 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RuPBLGEP3eU?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/RuPBLGEP3eU?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 09:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 56784
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Thu, 10 Mar 2022 09:09:00 GMT

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/d91669a4/ Frame 98EB 340 KB
51 KB 26ms
26ms Stylesheet
text/css 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lP_1qjb9Gxo?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbe0caad9e694346ebc2e2cc991047f92dd8ae4fb06c87e4d002ea6c3b9a27bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/lP_1qjb9Gxo?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:45:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 202187
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52174
x-xss-protection: 0
expires: Tue, 08 Mar 2022 16:45:37 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/d91669a4/www-embed-player.vflset/ Frame 98EB 158 KB
57 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lP_1qjb9Gxo?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5183db3dd5ebd330a49f1f51ce3b69800775d193adc6699d76637b0bfeeef98a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/lP_1qjb9Gxo?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 12:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 45512
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58727
x-xss-protection: 0
expires: Thu, 10 Mar 2022 12:16:52 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 98EB 2 MB
503 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lP_1qjb9Gxo?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973cf225de45ec42ec32d1bee3fe4242405f8c7318aca095cb0928f4d4ba3701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/lP_1qjb9Gxo?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:48:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 202001
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 514953
x-xss-protection: 0
expires: Tue, 08 Mar 2022 16:48:43 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/d91669a4/fetch-polyfill.vflset/ Frame 98EB 8 KB
3 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lP_1qjb9Gxo?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/lP_1qjb9Gxo?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 09:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 56784
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Thu, 10 Mar 2022 09:09:00 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 98EB 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lP_1qjb9Gxo?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 19:41:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 537239
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Fri, 04 Mar 2022 19:41:25 GMT

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/d91669a4/ Frame 4009 340 KB
51 KB 21ms
20ms Stylesheet
text/css 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/A9xQ5hQ4gr4?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbe0caad9e694346ebc2e2cc991047f92dd8ae4fb06c87e4d002ea6c3b9a27bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/A9xQ5hQ4gr4?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:45:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 202187
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52174
x-xss-protection: 0
expires: Tue, 08 Mar 2022 16:45:37 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/d91669a4/www-embed-player.vflset/ Frame 4009 158 KB
57 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/A9xQ5hQ4gr4?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5183db3dd5ebd330a49f1f51ce3b69800775d193adc6699d76637b0bfeeef98a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/A9xQ5hQ4gr4?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 12:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 45512
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58727
x-xss-protection: 0
expires: Thu, 10 Mar 2022 12:16:52 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 4009 2 MB
503 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/A9xQ5hQ4gr4?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973cf225de45ec42ec32d1bee3fe4242405f8c7318aca095cb0928f4d4ba3701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/A9xQ5hQ4gr4?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:48:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 202001
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 514953
x-xss-protection: 0
expires: Tue, 08 Mar 2022 16:48:43 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/d91669a4/fetch-polyfill.vflset/ Frame 4009 8 KB
3 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/A9xQ5hQ4gr4?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/A9xQ5hQ4gr4?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 09:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 56784
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Thu, 10 Mar 2022 09:09:00 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4009 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/A9xQ5hQ4gr4?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 19:41:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 537239
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Fri, 04 Mar 2022 19:41:25 GMT

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/d91669a4/ Frame 130F 340 KB
51 KB 12ms
10ms Stylesheet
text/css 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/8to6cULY1as?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbe0caad9e694346ebc2e2cc991047f92dd8ae4fb06c87e4d002ea6c3b9a27bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/8to6cULY1as?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:45:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 202187
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52174
x-xss-protection: 0
expires: Tue, 08 Mar 2022 16:45:37 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/d91669a4/www-embed-player.vflset/ Frame 130F 158 KB
57 KB 30ms
27ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/8to6cULY1as?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5183db3dd5ebd330a49f1f51ce3b69800775d193adc6699d76637b0bfeeef98a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/8to6cULY1as?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 12:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 45512
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58727
x-xss-protection: 0
expires: Thu, 10 Mar 2022 12:16:52 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 130F 2 MB
503 KB 32ms
29ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/8to6cULY1as?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973cf225de45ec42ec32d1bee3fe4242405f8c7318aca095cb0928f4d4ba3701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/8to6cULY1as?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:48:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 202001
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 514953
x-xss-protection: 0
expires: Tue, 08 Mar 2022 16:48:43 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/d91669a4/fetch-polyfill.vflset/ Frame 130F 8 KB
3 KB 32ms
29ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/8to6cULY1as?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/8to6cULY1as?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 09:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 56784
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Thu, 10 Mar 2022 09:09:00 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 130F 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/8to6cULY1as?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 19:41:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 537239
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Fri, 04 Mar 2022 19:41:25 GMT

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/d91669a4/ Frame 403C 340 KB
51 KB 29ms
26ms Stylesheet
text/css 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_N6Jdu-wLO4?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbe0caad9e694346ebc2e2cc991047f92dd8ae4fb06c87e4d002ea6c3b9a27bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/_N6Jdu-wLO4?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:45:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 202187
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52174
x-xss-protection: 0
expires: Tue, 08 Mar 2022 16:45:37 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/d91669a4/www-embed-player.vflset/ Frame 403C 158 KB
57 KB 31ms
26ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_N6Jdu-wLO4?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5183db3dd5ebd330a49f1f51ce3b69800775d193adc6699d76637b0bfeeef98a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/_N6Jdu-wLO4?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 12:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 45512
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58727
x-xss-protection: 0
expires: Thu, 10 Mar 2022 12:16:52 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 403C 2 MB
503 KB 40ms
35ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_N6Jdu-wLO4?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973cf225de45ec42ec32d1bee3fe4242405f8c7318aca095cb0928f4d4ba3701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/_N6Jdu-wLO4?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:48:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 202001
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 514953
x-xss-protection: 0
expires: Tue, 08 Mar 2022 16:48:43 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/d91669a4/fetch-polyfill.vflset/ Frame 403C 8 KB
3 KB 39ms
34ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_N6Jdu-wLO4?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/_N6Jdu-wLO4?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 09:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 56784
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Thu, 10 Mar 2022 09:09:00 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 403C 15 KB
15 KB 17ms
8ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_N6Jdu-wLO4?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 19:41:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 537239
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Fri, 04 Mar 2022 19:41:25 GMT

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/d91669a4/ Frame 1ADB 340 KB
51 KB 19ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NJ2yRGIktsc?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbe0caad9e694346ebc2e2cc991047f92dd8ae4fb06c87e4d002ea6c3b9a27bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/NJ2yRGIktsc?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:45:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 202187
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52174
x-xss-protection: 0
expires: Tue, 08 Mar 2022 16:45:37 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/d91669a4/www-embed-player.vflset/ Frame 1ADB 158 KB
57 KB 30ms
24ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NJ2yRGIktsc?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5183db3dd5ebd330a49f1f51ce3b69800775d193adc6699d76637b0bfeeef98a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/NJ2yRGIktsc?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 12:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 45512
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58727
x-xss-protection: 0
expires: Thu, 10 Mar 2022 12:16:52 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 1ADB 2 MB
503 KB 30ms
22ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NJ2yRGIktsc?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973cf225de45ec42ec32d1bee3fe4242405f8c7318aca095cb0928f4d4ba3701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/NJ2yRGIktsc?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:48:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 202001
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 514953
x-xss-protection: 0
expires: Tue, 08 Mar 2022 16:48:43 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/d91669a4/fetch-polyfill.vflset/ Frame 1ADB 8 KB
3 KB 30ms
21ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NJ2yRGIktsc?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/NJ2yRGIktsc?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 09:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 56784
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Thu, 10 Mar 2022 09:09:00 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1ADB 15 KB
15 KB 11ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NJ2yRGIktsc?rel=0&showinfo=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 19:41:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 537239
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Fri, 04 Mar 2022 19:41:25 GMT

GET
H2 200 modules.33a772c48beaa5222edf.js Show response
script.hotjar.com/ 217 KB
58 KB 176ms
75ms Script
application/javascript 65.9.96.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.33a772c48beaa5222edf.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-114520.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

9bd71240933790c0dc85d69741a3b0bcfef32a44b46ce8893d2541ecaee2db72

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.portoseguro.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 16:20:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 462916
x-cache: Hit from cloudfront
content-length: 58652
access-control-allow-origin: *
last-modified: Fri, 05 Mar 2021 16:19:37 GMT
etag: "a93d27db17b2296071120e76a2ccbea0"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cb11ca2ff3db5adbe7df4bca70e51594.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 73SVwScm1TRHP9B8madpzfn5qdbnRRjOzB71bU2uWfJc58FiL_TU0Q==

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html Show response
vars.hotjar.com/ Frame 97FC 2 KB
1 KB 115ms
20ms Document
text/html 13.226.159.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-114520.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-100.dus51.r.cloudfront.net
Software: /
Resource Hash: 66f396314193bfe4809457b6c8004d026e3c503befe550e29ea068667f84ce39

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.portoseguro.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.portoseguro.com.br/

Response headers

content-type: text/html
content-length: 851
date: Mon, 23 Nov 2020 17:01:03 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified: Mon, 23 Nov 2020 15:41:01 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 375e9ad5042f2098d2251daf2e517c52.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: -hPOMrqDBMSbkQ47vqmjYriyT0utrKpW4xfeHFV8t0jZlt0HeOM3NQ==
age: 9273262

GET
H3-Q050 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame D4E4 113 B
705 B 76ms
28ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de637d400a492104d7b34fed1180dd9ad1057717fa01a74653a5f2a0472b4fb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame D4E4 29 B
91 B 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:41:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 861
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Thu, 11 Mar 2021 00:56:04 GMT

GET
H3-Q050 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 98EB 113 B
160 B 40ms
40ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07562aa37f9734188d527a1489939bd943deb9ebf923c83b7acda7d013266c18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 98EB 29 B
394 B 34ms
20ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:41:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 861
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Thu, 11 Mar 2021 00:56:04 GMT

GET
H3-Q050 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 130F 113 B
160 B 41ms
40ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13f4a684053e5aa68c8c592099b99ea8ff11debd8940ca6f8c11b43653ec32ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 130F 29 B
54 B 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:41:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 861
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Thu, 11 Mar 2021 00:56:04 GMT

GET
H3-Q050 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame E78F 113 B
160 B 53ms
52ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9afb9fcdc9c99fb6aa2041dc67e1891b2c7bc9a8a1e7d7eba0726ab2ea6a6b50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame E78F 29 B
54 B 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:41:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 861
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Thu, 11 Mar 2021 00:56:04 GMT

GET
H3-Q050 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 5F15 113 B
160 B 53ms
53ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

211942e178536f1e24e495d0b0eee3ce73dbcbb90d9854774c0d09f46d9b63d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 5F15 29 B
54 B 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:41:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 861
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Thu, 11 Mar 2021 00:56:04 GMT

GET
H3-Q050 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 4009 113 B
160 B 39ms
39ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19b492166f59163adda2abf6ff48ff8198bfb9efdd5bc5c9de769ee0e222ac6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 4009 29 B
54 B 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:41:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 861
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Thu, 11 Mar 2021 00:56:04 GMT

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame D4E4 97 KB
32 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94a61589533c48ea8a22085bd3c59c0b481fe10000526580f3d12692527db719

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/4TNPi3q_tPs?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 13:40:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 126892
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32703
x-xss-protection: 0
expires: Wed, 09 Mar 2022 13:40:33 GMT

GET
H3-Q050 200 gYCzj-4M8Ect_HrGpifqy4m-MJzktZmRntqmlBTHKuc.js Show response
www.google.com/js/bg/ Frame D4E4 14 KB
6 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/gYCzj-4M8Ect_HrGpifqy4m-MJzktZmRntqmlBTHKuc.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8180b38fee0cf0472dfc7ac6a627eacb89be309ce4b599919edaa69414c72ae7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 18:49:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:00:00 GMT
server: sffe
age: 21950
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6234
x-xss-protection: 0
expires: Thu, 10 Mar 2022 18:49:35 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame D4E4 29 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

511cdd61289cf319534352bebef72dbbc72e26de252a86bdb7471f01f7e24f23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/4TNPi3q_tPs?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:49:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 201931
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9691
x-xss-protection: 0
expires: Tue, 08 Mar 2022 16:49:54 GMT

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 98EB 97 KB
32 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94a61589533c48ea8a22085bd3c59c0b481fe10000526580f3d12692527db719

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/lP_1qjb9Gxo?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 13:40:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 126892
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32703
x-xss-protection: 0
expires: Wed, 09 Mar 2022 13:40:33 GMT

GET
H3-Q050 200 ZDoFSjlC6WOxM06dCm0rjuyFyk1e0QlbI07811h2i4s.js Show response
www.google.com/js/th/ Frame 98EB 33 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/ZDoFSjlC6WOxM06dCm0rjuyFyk1e0QlbI07811h2i4s.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

643a054a3942e963b1334e9d0a6d2b8eec85ca4d5ed1095b234efcd758768b8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 14:46:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:00:00 GMT
server: sffe
age: 122926
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14344
x-xss-protection: 0
expires: Wed, 09 Mar 2022 14:46:39 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 98EB 29 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

511cdd61289cf319534352bebef72dbbc72e26de252a86bdb7471f01f7e24f23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/lP_1qjb9Gxo?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:49:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 201931
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9691
x-xss-protection: 0
expires: Tue, 08 Mar 2022 16:49:54 GMT

GET
H3-Q050 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 403C 113 B
160 B 39ms
39ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c3f3651d2b0b796ac26b8bae64325b6d045b5f831aacd485e0388de61e49550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 403C 29 B
54 B 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:41:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 861
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Thu, 11 Mar 2021 00:56:04 GMT

GET
H3-Q050 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 1ADB 113 B
160 B 44ms
44ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1182e846940d1a03991506671a1222f95ac00f57bf1e1c07b1f0a9e4756a45f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 1ADB 29 B
54 B 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:41:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 861
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Thu, 11 Mar 2021 00:56:04 GMT

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 130F 97 KB
32 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94a61589533c48ea8a22085bd3c59c0b481fe10000526580f3d12692527db719

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/8to6cULY1as?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 13:40:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 126892
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32703
x-xss-protection: 0
expires: Wed, 09 Mar 2022 13:40:33 GMT

GET
H3-Q050 200 ZDoFSjlC6WOxM06dCm0rjuyFyk1e0QlbI07811h2i4s.js Show response
www.google.com/js/th/ Frame 130F 33 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/ZDoFSjlC6WOxM06dCm0rjuyFyk1e0QlbI07811h2i4s.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

643a054a3942e963b1334e9d0a6d2b8eec85ca4d5ed1095b234efcd758768b8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 14:46:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:00:00 GMT
server: sffe
age: 122926
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14344
x-xss-protection: 0
expires: Wed, 09 Mar 2022 14:46:39 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 130F 29 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

511cdd61289cf319534352bebef72dbbc72e26de252a86bdb7471f01f7e24f23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/8to6cULY1as?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:49:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 201931
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9691
x-xss-protection: 0
expires: Tue, 08 Mar 2022 16:49:54 GMT

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame E78F 97 KB
32 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94a61589533c48ea8a22085bd3c59c0b481fe10000526580f3d12692527db719

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/RuPBLGEP3eU?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 13:40:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 126892
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32703
x-xss-protection: 0
expires: Wed, 09 Mar 2022 13:40:33 GMT

GET
H3-Q050 200 ZDoFSjlC6WOxM06dCm0rjuyFyk1e0QlbI07811h2i4s.js Show response
www.google.com/js/th/ Frame E78F 33 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/ZDoFSjlC6WOxM06dCm0rjuyFyk1e0QlbI07811h2i4s.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

643a054a3942e963b1334e9d0a6d2b8eec85ca4d5ed1095b234efcd758768b8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 14:46:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:00:00 GMT
server: sffe
age: 122926
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14344
x-xss-protection: 0
expires: Wed, 09 Mar 2022 14:46:39 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame E78F 29 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

511cdd61289cf319534352bebef72dbbc72e26de252a86bdb7471f01f7e24f23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/RuPBLGEP3eU?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:49:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 201931
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9691
x-xss-protection: 0
expires: Tue, 08 Mar 2022 16:49:54 GMT

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 5F15 97 KB
32 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94a61589533c48ea8a22085bd3c59c0b481fe10000526580f3d12692527db719

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/kLYStLxCc6Y?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 13:40:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 126892
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32703
x-xss-protection: 0
expires: Wed, 09 Mar 2022 13:40:33 GMT

GET
H3-Q050 200 ZDoFSjlC6WOxM06dCm0rjuyFyk1e0QlbI07811h2i4s.js Show response
www.google.com/js/th/ Frame 5F15 33 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/ZDoFSjlC6WOxM06dCm0rjuyFyk1e0QlbI07811h2i4s.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

643a054a3942e963b1334e9d0a6d2b8eec85ca4d5ed1095b234efcd758768b8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 14:46:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:00:00 GMT
server: sffe
age: 122926
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14344
x-xss-protection: 0
expires: Wed, 09 Mar 2022 14:46:39 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 5F15 29 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

511cdd61289cf319534352bebef72dbbc72e26de252a86bdb7471f01f7e24f23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/kLYStLxCc6Y?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:49:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 201931
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9691
x-xss-protection: 0
expires: Tue, 08 Mar 2022 16:49:54 GMT

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 4009 97 KB
32 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94a61589533c48ea8a22085bd3c59c0b481fe10000526580f3d12692527db719

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/A9xQ5hQ4gr4?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 13:40:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 126892
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32703
x-xss-protection: 0
expires: Wed, 09 Mar 2022 13:40:33 GMT

GET
H3-Q050 200 gYCzj-4M8Ect_HrGpifqy4m-MJzktZmRntqmlBTHKuc.js Show response
www.google.com/js/bg/ Frame 4009 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/gYCzj-4M8Ect_HrGpifqy4m-MJzktZmRntqmlBTHKuc.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8180b38fee0cf0472dfc7ac6a627eacb89be309ce4b599919edaa69414c72ae7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 18:49:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:00:00 GMT
server: sffe
age: 21950
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6234
x-xss-protection: 0
expires: Thu, 10 Mar 2022 18:49:35 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 4009 29 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

511cdd61289cf319534352bebef72dbbc72e26de252a86bdb7471f01f7e24f23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/A9xQ5hQ4gr4?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:49:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 201931
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9691
x-xss-protection: 0
expires: Tue, 08 Mar 2022 16:49:54 GMT

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 403C 97 KB
32 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94a61589533c48ea8a22085bd3c59c0b481fe10000526580f3d12692527db719

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/_N6Jdu-wLO4?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 13:40:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 126892
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32703
x-xss-protection: 0
expires: Wed, 09 Mar 2022 13:40:33 GMT

GET
H3-Q050 200 ZDoFSjlC6WOxM06dCm0rjuyFyk1e0QlbI07811h2i4s.js Show response
www.google.com/js/th/ Frame 403C 33 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/ZDoFSjlC6WOxM06dCm0rjuyFyk1e0QlbI07811h2i4s.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

643a054a3942e963b1334e9d0a6d2b8eec85ca4d5ed1095b234efcd758768b8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 14:46:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:00:00 GMT
server: sffe
age: 122926
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14344
x-xss-protection: 0
expires: Wed, 09 Mar 2022 14:46:39 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 403C 29 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

511cdd61289cf319534352bebef72dbbc72e26de252a86bdb7471f01f7e24f23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/_N6Jdu-wLO4?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:49:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 201931
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9691
x-xss-protection: 0
expires: Tue, 08 Mar 2022 16:49:54 GMT

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 1ADB 97 KB
32 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94a61589533c48ea8a22085bd3c59c0b481fe10000526580f3d12692527db719

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/NJ2yRGIktsc?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 13:40:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 126892
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32703
x-xss-protection: 0
expires: Wed, 09 Mar 2022 13:40:33 GMT

GET
H3-Q050 200 ZDoFSjlC6WOxM06dCm0rjuyFyk1e0QlbI07811h2i4s.js Show response
www.google.com/js/th/ Frame 1ADB 33 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/ZDoFSjlC6WOxM06dCm0rjuyFyk1e0QlbI07811h2i4s.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

643a054a3942e963b1334e9d0a6d2b8eec85ca4d5ed1095b234efcd758768b8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 14:46:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:00:00 GMT
server: sffe
age: 122926
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14344
x-xss-protection: 0
expires: Wed, 09 Mar 2022 14:46:39 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 1ADB 29 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

511cdd61289cf319534352bebef72dbbc72e26de252a86bdb7471f01f7e24f23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/NJ2yRGIktsc?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 16:49:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 01:18:06 GMT
server: sffe
age: 201931
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9691
x-xss-protection: 0
expires: Tue, 08 Mar 2022 16:49:54 GMT

GET app.js
www.portoseguro.com.br/NovoInstitucional/static_files/scripts/app/ 0
0

GET
H2 200 cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame D4E4 4 KB
0 13ms
13ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Thu, 11 Mar 2021 00:55:25 GMT

GET
H2 200 cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 98EB 4 KB
0 13ms
13ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Thu, 11 Mar 2021 00:55:25 GMT

GET
H3-Q050 204 generate_204
www.youtube.com/ Frame D4E4 0
38 B 6ms
5ms Image
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?GDRMIw
Requested by: Host: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/consorcio-de-imoveis?utm_source=meuportoseguro&utm_medium=roberta_machado_8800&utm_campaign=indicacao&utm_content=site_candidato&codigoParceiroExterno=900011&codigoRepresentanteParceiroExterno=roberta_machado_8800&fbclid=IwAR0tuCHyDhV68_WRrDwIyMfVX_ONRS7oV7NNlAXvHooVa5h0SXWyDfbkKVU
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.youtube.com/embed/4TNPi3q_tPs?rel=0&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:55:25 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET generate_204
www.youtube.com/ Frame 98EB 0
0

GET cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 130F 0
0

GET cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame E78F 0
0

GET generate_204
www.youtube.com/ Frame 130F 0
0

GET generate_204
www.youtube.com/ Frame E78F 0
0

GET cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 5F15 0
0

GET generate_204
www.youtube.com/ Frame 5F15 0
0

GET cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 4009 0
0

GET generate_204
www.youtube.com/ Frame 4009 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: livedados.com
URL: https://livedados.com/js/script.js

Domain: www.portoseguro.com.br
URL: https://www.portoseguro.com.br/NovoInstitucional/static_files/scripts/app/app.js

Domain: www.youtube.com
URL: https://www.youtube.com/generate_204?_8Mk8g

Domain: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Domain: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Domain: www.youtube.com
URL: https://www.youtube.com/generate_204?zMC5cg

Domain: www.youtube.com
URL: https://www.youtube.com/generate_204?6B53Bw

Domain: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Domain: www.youtube.com
URL: https://www.youtube.com/generate_204?gu6ReQ

Domain: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Domain: www.youtube.com
URL: https://www.youtube.com/generate_204?GmqSPw

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.pokerstars.eu/	1969-12-31 23:59:59	Name: btpdb.G58M8eX.dGZjLjc0OTM0Mzc Value: U0VTU0lPTg
www.pokerstars.eu/	1970-01-20 01:29:20	Name: btpdb.G58M8eX.dGZjLjcxNzcwODc Value: VVNFUg
www.pokerstars.eu/	1969-12-31 23:59:59	Name: btpdb.G58M8eX.dGZjLjc0OTUyNjI Value: U0VTU0lPTg
.pokerstars.eu/	1970-01-19 16:43:51	Name: _gid Value: GA1.2.460375100.1615424111
.pokerstars.eu/	1970-01-19 16:43:51	Name: _ga Value: GA1.2.1763940289-1615424110
.flashtalking.com/	1970-01-20 01:29:20	Name: _D9J Value: bb2ddd5561c74d96991d323d2068cfa9
www.pokerstars.eu/	1969-12-31 23:59:59	Name: btpdb.G58M8eX.dGZjLjc0ODczNTg Value: U0VTU0lPTg
www.pokerstars.eu/	1969-12-31 23:59:59	Name: btpdb.G58M8eX.dGZjLjYyMjcwNjQ Value: U0VTU0lPTg
.bityli.com/	1970-01-19 16:45:10	Name: _gid Value: GA1.2.837807942.1615424109
www.pokerstars.eu/	1969-12-31 23:59:59	Name: btpdb.G58M8eX.dGZjLjc0Mzg0OTM Value: U0VTU0lPTg
bityli.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 3a366181407c99d18ec4a2a36eac2bd4
bityli.com/	1970-01-19 16:45:10	Name: hstpcount45417 Value: eyJDbGljayI6MCwiQ291bnRlciI6MX0%3D
.doubleclick.net/	1970-01-20 02:05:20	Name: IDE Value: AHWqTUltjs4m1z9Iv6TlPiY8CZcbGEaW3auNHfutqKTi-g3JVfc4bBbairT_V149zS0
www.pokerstars.eu/	1969-12-31 23:59:59	Name: btpdb.G58M8eX.dGZjLjM2NjE5ODM Value: U0VTU0lPTg
.bityli.com/	1970-01-20 10:14:56	Name: _ga Value: GA1.2.1777478963.1615424109
bityli.com/	1970-01-19 17:19:44	Name: lasttrack45417 Value: 1
bityli.com/	1970-01-19 17:19:44	Name: hstpconfig Value: eyJJRCI6IjIzODYyNjM5dWk2MDQ5NmE2Y2FiOTRlIiwiQ1RSIjoiTkwiLCJSZWdpb24iOm51bGwsIkJyb3dzZXIiOiJDaHJvbWUiLCJQbGF0Zm9ybSI6IldpbmRvd3MiLCJNb2JpbGUiOjAsIkJvdCI6MCwicmVtb3RlX2FkZHIiOjMxMTc3MjI0MzUsIkxhc3RVcGRhdGUiOjE2MTU0MjQxMDgsIm5vY2FjaGUiOnRydWUsImVycm9yIjpmYWxzZSwibGFzdFRyYWNrZXIiOjF9
.bityli.com/	1970-01-19 16:43:44	Name: _gat_gtag_UA_146760796_1 Value: 1
.flashtalking.com/	1970-01-20 10:14:56	Name: flashtalkingad1 Value: "GUID=48188FEABBAD17"
www.pokerstars.eu/	1969-12-31 23:59:59	Name: btpdb.G58M8eX.dGZjLjUzMTk1MDY Value: U0VTU0lPTg
www.pokerstars.eu/	1969-12-31 23:59:59	Name: btpdb.G58M8eX.dGZjLjc0ODMyNzE Value: U0VTU0lPTg
.bityli.com/	1970-01-19 17:26:56	Name: __cfduid Value: d761692af86ca6efcc9b88cb11a91c76e1615424106

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://s.btstatic.com/lib/a0e0a2ff7ef8bd1133b01d9a743feb46beda5723.js?v=2(Line 984) Message: on non-fb sites, tracking as usual
console-api	log	URL: https://www.psimg.com/ga/trk.core.idm.js(Line 1) Message: trk.core - requestIdReadyEvent(pstrkIdmMediamathReady_TrkCore)
console-api	log	URL: https://www.psimg.com/ga/trk.core.idm.js(Line 1) Message: trk.core - set mediamath_id dim
console-api	log	URL: https://www.psimg.com/ga/trk.core.idm.js(Line 1) Message: trk.core - bPVPushed = false
console-api	log	URL: https://s.btstatic.com/tag.js(Line 2) Message: Signal: error: {"type":"dbe","message":"ReferenceError: wbid is not defined","dbe.name":"pstrkidmanager wbid","pageId":4034996}
console-api	warning	URL: https://cashier.rationalcdn.com/ram/2.2.47/vendor.js(Line 1) Message: This browser does not support Web Storage!
console-api	log	(Line 2) Message: ok a jour global 2
console-api	log	(Line 39) Message: in custom tag: position 1
console-api	log	(Line 59) Message: in custom tag: position 2
console-api	log	(Line 44) Message: sigGetIds: pstrkIdManager is present.....requesting IdReadyEvent....
console-api	log	(Line 14) Message: SmartCustom Event Listener: pstrkIdManagerMediamathReady event captured in smart tag
console-api	log	(Line 15) Message: SmartCustom Event Listener: Mediamath ID:01206049-6a6e-4f00-bc26-b04394b367c4
console-api	log	(Line 30) Message: SmartCustom Event Listener: PstrkIdManagerSignalIDReady event captured in smart tag
console-api	log	(Line 31) Message: SmartCustom Event Listener: signal_id:105097354712665
console-api	log	(Line 30) Message: SmartCustom Event Listener: PstrkIdManagerSignalIDReady event captured in smart tag
console-api	log	(Line 31) Message: SmartCustom Event Listener: signal_id:105097354712665
console-api	log	(Line 35) Message: SmartCustom Event Listener: pstrkIdManagergauidReady event captured in smart tag
console-api	log	(Line 36) Message: SmartCustom Event Listener: pstrk.gid:
console-api	log	URL: https://www.portoseguro.com.br/NovoInstitucional/static_files/scripts/bootstrap.js(Line 328) Message: Properties: prod

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8526803.fls.doubleclick.net
8954552.fls.doubleclick.net
adservice.google.com
adservice.google.de
ajax.cloudflare.com
ajax.googleapis.com
api.miniature.io
bityli.com
cashier.rationalcdn.com
cdn.tradelab.fr
cdnjs.cloudflare.com
clevernt.com
cliente.portoseguro.com.br
cm.g.doubleclick.net
cmsstorage.rationalcdn.com
connect.facebook.net
d9.flashtalking.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
its.tradelab.fr
livedados.com
lp.clevernetwork.pt
pixel.mathtag.com
ram.pokerstars.eu
rewards.starsaccount.com
s.btstatic.com
s.thebrighttag.com
s3-sa-east-1.amazonaws.com
s4.rationalcdn.com
script.hotjar.com
secure.adnxs.com
secure.starsaffiliateclub.com
sender.clevernt.com
servedby.flashtalking.com
service.maxymiser.net
starscrm.com
static.doubleclick.net
static.hotjar.com
sync-tm.everesttech.net
sync.mathtag.com
tag.device9.com
tapestry.tapad.com
ui.clevernt.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.pokerstars.eu
www.portoseguro.com.br
www.psimg.com
www.youtube.com
livedados.com
www.gstatic.com
www.portoseguro.com.br
www.youtube.com
104.109.74.148
13.226.159.100
142.250.185.198
142.250.185.66
142.250.186.130
142.250.74.198
148.69.64.109
148.69.64.76
151.101.114.49
152.199.20.219
184.30.20.207
185.29.135.190
2.17.187.116
200.211.179.211
200.230.161.212
205.185.216.10
217.182.76.191
23.37.44.205
23.79.136.111
2606:4700:20::681a:a75
2606:4700:20::681a:af8
2606:4700:3033::ac43:c0cf
2606:4700::6810:125e
2606:4700::6810:a823
2a00:1450:4001:800::2003
2a00:1450:4001:801::2003
2a00:1450:4001:801::200e
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2002
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.251.104.84
35.227.248.159
37.252.172.249
37.252.173.38
52.208.178.181
52.48.136.43
52.95.165.10
65.9.96.124
65.9.96.51
77.87.178.197
77.87.179.149
77.87.179.68
77.87.180.198
77.87.181.72
85.17.192.104
91.92.196.187
00a44a4041102b06c7304b576ed5327f1b9f46a5ef79fb03009c4d974a3c8325
03f57788464aacc762395c050df417bcab6f9f8159c15e237fbec864c93895c0
04fdc9b2e28dccaccc6ab266fed68a6a6eaa6f8e725e917a6dd92fe21c9fb29e
063d8d9dd28ae87cfa41724da6afe5931c3dccb4b7f8f04cafb51efe8eff5393
06f3af3fe52542d40ad9bc14ec03e04deaabd09ec369221cc8f536db1c72bf55
07562aa37f9734188d527a1489939bd943deb9ebf923c83b7acda7d013266c18
0809079a0df54cccbea6c5171eb66ced5cb708e24ae9a477939955f68ce37524
08e5970dcee7ecf02ab04df2d6be02568a71594f4923491e9f3e8ae3306a853f
0977875c5974eb789be0e9ffe818ec53a6c9a67cb9a22390b618b8316e9a5c5a
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7
0ea92ffcda54933c1ee1058f427ba36fa05551ae83d298a7a2e144f2098200e9
0f2d69704a49ce1914361c4e1d9e7adc325d30967ab8518a0c087545c2f9c9c8
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10c91b608c04301346f7b7af371bb3d832659df935884796dc30647c46d713a8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
128fbaa9e18cacff8b560ee5e1ddaf8b8646904a2195b85ccc8030006b91ed2f
137e4d3d675eaf33f19407ccb1b72948d5669883329c020103f551c7a463fc4f
13c2341b441b258bd27d374aeeda9ddc3ac6f3b34c6da8d36756dcb629bf78b5
13f4a684053e5aa68c8c592099b99ea8ff11debd8940ca6f8c11b43653ec32ee
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
14a4c5164ea7f47bccc702e8e5744681e8aa0a21d513a820e231f3d921e14c0b
1536a4fcb5484555abbe06364bdcc0715a7ad07cdd81dea52fc0cb459bf216b7
167df85974100aea7cf289532b803307bcd0ff778fb1c9695e4f76d422069f4e
16a7b2007ea6375a98b53b67e626f89f26415cf82eb3b120f5426fcbbe62cde2
171ca22825d9d3284a7e20e85120854bc2bf6fb15b821ce6bed382f14ff51c29
1760cd328d3f336d3501133d9ecdf357483011c1d8f06be2a773ee394c142718
19b492166f59163adda2abf6ff48ff8198bfb9efdd5bc5c9de769ee0e222ac6a
1ae51bee5ad2e217245384f62bf389a2eaa0760032f71e581e62f49f9ab3081d
1b98cccd8bc0de6824320ceb8ddf4075f733b45285ad7c4226a7bd86d842f759
1d878d54b9a998f52c94a6956310423cba9996302c42f60d9b7fe81da51992c7
1ed86d2809048c0b343c0f73a8e4c8fb5b9e80f65679eb062e7e3366d41309cf
1f6a1cf2e91acc38ed64e08c989fc1fbba96c56faec61940f4c98f9e1de8fd83
1f7244cb694f7f667a5f3668a79844fc6159e3922363f0423d9b09872680f372
21061765237c66c10b48e236063a3497c22d33629e98f8654d1a3b860fa48700
211942e178536f1e24e495d0b0eee3ce73dbcbb90d9854774c0d09f46d9b63d3
22ff6b53dc60a7ec3f1ad5621c3558d6a9aeb2a5cb8ef9914db8b98987d5d1cb
23fea0a987694a487d5e053345c610b6c2b0cee5943e6c54dffa8c4d3b8c2a27
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
2703733c5cba99ca399ca5f3fd76472ff518fb36fd5bba427dbea8dc233f44cc
299223a6aa7fe04a1c3e37c81adc15997b353814d9ecd8a4a25b55e70d9b7aec
29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1
2ad59c1d743dfdc4868486432203929ffd6e2885264c5bb69d51c3bf67c40374
2ca0afe5bd8de2b0493bdafe899994cd59cecc1e6c81e2ccebd00e1691622485
2cbfe45236b67669eb7067497b9e88b109f17057d88ca2c8ff6c6c86dc971b3c
2d2602ee72623f30e96034575c2ee454a48f24338bf5bd40c6e09d877be41696
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
315e17341889b49df782825122e591e3b9be6080269cd899049f2a33336d9a4a
324afb0ae0633fc10bc7498d83be88f44cf0746a6eef18c8dbc33acf0d390de8
3260a95ba05201238878633b2342c2bf0aff806a0b09445265d46aef12e3d04c
327d787d84d02c84f75a9b130f7e778bb25ab8994fdd3b6ed2665667fdbe27fe
32c37dc9434bdf2e6543b6bffaf90c5846c1515f2e2480d115fd865e9240b3c3
33fced4e196b8568ac416675e55f9fdbd36cc9c69ade70f52a527c4d28ce2f75
3549c3b2c33fc2f981c8349b96c348a44cba698450525533be7d16fb97b205ec
357a9f9be68be9e860cd648f2edee77a8d1b2dbcdab6659afe983ede2db5229b
37406e702700804191263694d80f23af99441f8f2add8d30d9c176265c9daa0e
37dd1e25d8ce3db5ce2d3a76064ee6063058bbd5f1555ea55ad002d083402dc7
381328efe0f3a184401768b1d6f253af88b06961bf3d7caed91f66d9b70bc5ae
3aa7cc1550dee03b3a04bc4ce6c5f4969f3945e40d9b84969adc099922f22dbe
3bca67455c27a03bbaa0a91d29cbf8d2080c9c46e81f914d380528dd2e8c23cb
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
3c19df610d2b937c34facbe5517c48054fd3695a18e69fa1ac94084aa61d5079
3c3f3651d2b0b796ac26b8bae64325b6d045b5f831aacd485e0388de61e49550
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4089c54aaba3ab55c62fa8ae702011559c4493eda3f7de14a580968c96ca956a
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
433674676291fa4acfb1be7f6e458c43afc5f44d96ddba17e0a186677c75ab0b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44a012a4ad2f32024e0be67c17b7e1c19f92229b3f4431f55269947fb2e5a2ba
45024d41846a2594d90f9942d9e3b4f068eed7e2b33761e53a4aca99a372e720
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
45b71a7a36718d83840240c4b86fc9dd385f797bea63b3ee3b625e25163e8458
46289d29d992c5c7210ae2e100ad185f10858b2db61859fa2eadddca78ad829e
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b78eadc03cee4c5ad476d3df8de773727e25c4952cc4d615fa5203d439c8095
4bcdad591e993084f420f4d2e05541355f3ef0a185dbe15b2cd1e8fd614039b7
4bfcd81b1c8cb16dbef3943b9e226283221681bd87a4ebd2ffd169bcd9586597
4c0f29539692165c3704acc7f7e2565f01a47f36bfd4938ebf76113b1b49d1eb
511cdd61289cf319534352bebef72dbbc72e26de252a86bdb7471f01f7e24f23
5183db3dd5ebd330a49f1f51ce3b69800775d193adc6699d76637b0bfeeef98a
529e70795dc427b8f853861d2ae1bcd14b72af7af1aa6f23a9603d5b0d96ceb5
52c386cb8b28fcdc069b847d6a7f686a77ec8e678dee41307bc8c7d66bda29f8
53289bc177e9dbf73eaf23404a01e76d2237941bf9e4cca32713b6a979f8e387
53738c67f8690689a3a6b8eacba10507214031bb2f533133d05d202b080e1e58
542667f2f586ff549d2d100049d6497ded1fc240df94f292830c2af35d787381
544034188f1aae6c19a4b049230ddda418c341d1561f5084fc2145ac1abcdfb6
5669ca033ab68625c0cae6bcf1abb2722c02ea43a0d65323b2f7b023c7afa35e
5677bfe81b3c8ac24882e1c9b6b53f629e150f6124730061898c8409130c866c
56a58692a9ce6410e6dcf268ebe05e95fbef95ede4c37aae1ad824fdbad6b16e
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
5ab91df0a724b5126111ca02c6fa8e83dd6bd75296f37626ad39c0e3bb737c71
5b821c106c787bdae441b9414fbd4d1e53716e6f564e4352d3800de38f642b53
5c7e07dfb2d7437793e8b1ed577739a8bd55558df14aa7234714675ba53f71ee
5c9e639e1861bb61335b926277ece5e10a9691f5ef996458c602d46f445c34d5
5d6ad50706b8eefbe1739e9f1a4ad3a5780933bccf8d2488c30e353820e46a5c
5ff86f271c2c50f1074477420ba9679ed243b281f5cfb7f66129bdf5eea43c24
6102d725c22f9bf27ef542ceae070843153f3e0926b89820a75f29b107e33cb2
622b2acb1b2c8d4eba45b028583b297a195b839f4684fc02d6906c84779f763d
62312d0b5f3bbf0f854286160e729c089c19367ba58531ec6b4826463811345c
62d354ffc611b04d6f424a170012a988fefe4618084f17c78a529c4408f46285
642619f247ce7848d2f6b03725fb331d0ed3472de781e24c98e305dbcc06b083
643a054a3942e963b1334e9d0a6d2b8eec85ca4d5ed1095b234efcd758768b8b
64796d852c2396b0cf83789e9047c36eb71ce0226ac63214f453b4548f42e021
6595ed9a8039c01943074b0bf83cc08f0fcd5d4a01bcfbff36e2737c65722feb
6597ce6eb365c2b6270851e541b54bb0d50774c9082ea529639d16b8311fb452
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66f396314193bfe4809457b6c8004d026e3c503befe550e29ea068667f84ce39
6899805b9d366f25306b0a3c56724777e4f3b4a3c58447479836eedc8eb3c9af
6aa11e842888cd75c787ba6e59d03d8139f93af3da4876c39b7d1600124a126c
6b4d18e360e543bb5e995b47c1e0650579e2bc2bc6343e98e8269fca994391b8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d48934602242193b6f52f8c71206f80f2249749cf7a1e500b6b14dd4a5169a3
70bf070ead0b1c4728fa295b5e98b14cf9b228c8ede128e726d4311654fcc585
71d5e02da18d269fd345e5741358606a56af9c4709a53185242d5989b78abc1c
744f85a7207ab76af9bea325844f5c39d6b3ae642acfbb4076e1e29d5cc10d57
74d66add22660b12e57cf4a9e1c2fe4fcc8708e052ec75b62b1e9428968fc90d
781f29dcc6e03cbf0c62e3a9b0956dd06447878e5e0ed38ed349fabcd9c4b2d4
7836cf85eaa098ab43a96109a682e08f077eba5ee7451866040d47417724d6bb
7860b542cd2448a7ff2601a39d8817bf569fe078d2518e40236030abce5310da
7a19c4f0ba3cacf7fbc25df5012b6c54006d235e882d26441beea3a3e587ebab
7a6aa567b485360458b3724d168dba80e92e77f1e94df3119360064e4f570fe6
7d3dc2b66cb88ddf9888e885a03a236b515cb7e0de4f9542644a7ad6e8ee65d7
7db055cbb1d8d048dde5759adefa774ae430836523a466a5e351c69db5220862
7e8158695e0e4cf90e8ee1ac3fd76572a677909d6969df84086026841e84b1fe
80847e537d71457418d62c3c7934ccb971155309ae71b333db4fd86584d76710
8180b38fee0cf0472dfc7ac6a627eacb89be309ce4b599919edaa69414c72ae7
8258e8f9962e8072a6110a7f875f919bb968d61ce995e148ba319f2e0eb8b38e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8461d16dc5f56ee0d99897735abac9c47be6d3808e47a967ba546f69b89a2215
877de2ffab95719d6ff1f1048fa912e70ee31879a2a31f868eb5b1770252d8fb
87c34ac385475b568c6186c57988d07ea6ff53848e46194e32a9d0687b34e2aa
8878fe76a9d5f812136977a768b0292a70190104050ce601f84fd75c92c2f35d
898b995d997e877b51b2531304b2e8c79de68f2e8edcbfdd4eecceea17ca528c
8c1aa1fc1b2c3981ac9d3d98fa124a90a6261986aa520225d1ffe027f8fa1ec0
923920a271ecace64fbb9b2a62cc13c005a17cd651540557358b653fccc6b037
92d2375f223c8596bae2d4170d41e7df14e6c7f0fc0aa25b77026a876b69c560
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
94a61589533c48ea8a22085bd3c59c0b481fe10000526580f3d12692527db719
960d3c7144bd7d1695869610cb719fa0d30c5ca692eb76e1497a96f0c7ee001c
960fa5f6ec47c992645b99ca5e3a7becb3bb23e6352499b018e532fea148baaa
973cf225de45ec42ec32d1bee3fe4242405f8c7318aca095cb0928f4d4ba3701
9758131604411364017f6f7e517a004fd46c54ff8dc605d4c2af7ee42e2a8400
9ad6fe0711c70264492055641abfe29212f21d9f3231547ca93c48308d46d33f
9afb9fcdc9c99fb6aa2041dc67e1891b2c7bc9a8a1e7d7eba0726ab2ea6a6b50
9bd71240933790c0dc85d69741a3b0bcfef32a44b46ce8893d2541ecaee2db72
9db28ce81bb2d059a0e4f2aa53bc2934821a007f17887039cd0d7033a4edee89
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a0145e19189d170d55eb4c9f4d13b9160b0dcadbd9d3448d65193131f103953f
a079b424dc8e9ab3d958b2fb25332ea047536dbab5364823389094453333bc5f
a0b65098ced25c5e297bad2d15d60bb699e598fae6f80faae7a0a6903e59d21d
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833
a3568fab3fd530fc35c9f674ba12058852e3390ae36ef8393140b5c82432a782
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25
a75925f253b90c84783b51260f8b9a213a2796f5050d82b3790b9ced63be42a0
a77b03ac59bedd835e6261c2e0243a81824107314f736763c991f74f6c9528c4
a7c3e55eaa9ecaa4ca4a2ebffc199b1d3b5c4c568e832a107811ca61db66bcbb
a7d2d708b65024cf75a44c5fd691ad3f9013017f6385265a28f8f2af2c337a18
a898f00aabf0e5632b47a59e092c4662c8cbda0c33ea6d0d424cbced57e3ee72
a89fc8b93ffad843dd466830b83527543c50d90dad2a2a10bd53dd34dc3711e4
a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2
a923b3ea0ecb81905ee68b897fd3e2a1ba5b42feef35f648539e9c4b1da3320d
aa1158b44f51119c26a4cdc3be24e7180797346aa5d835d7e61dad271cb59f59
ada252a5027cb94afd932d75902dc2a4d8d1099db00dbf130187a7a980a5c8e6
adf676b2c552070f266f9924cdadcf94c71e37a494031fdfe155296481108100
ae31abd20931ac70ca57381ebeed30009c8343f1fb257f0d90e64b6b137262ea
aedaf3d4df6444d8d74e44d1b8f012c14c0e6487af7145ce5a9ac42eb5a50751
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16975fe48dabe2e4674d67d3541badf178ed468241a34c1c6631b5a71e573c0
b2824d3ceb3f4777d268002bd420e8be66e76455611d4f09c50e861d69147948
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
b7e327a33ffec79dd819a9186c549ad959f9f7184d5f9c10faec851b5210c064
b8360d5b4e174d1cd0ebbc287d2ed75e7d996c838b19aafb8ad2fcd19b28d75b
bafc3d5b61836609f4006bbe16a977dc98f8ef68895a6c8641565544364d2107
bd205ffe59aa5dbad8d578251c5f0a3af93f88dafaa33628f00d99ffc3eca7c4
c15c5491059d973562247f8126972afc1ba58eee0f4ae29a12b77e83224adf68
c2aceae209aff6daed697ee189f85c9ed203cc591570851c9fed65029c79784e
c452dbda60c56a8e6583f9d582b02c1a7bd39e437bf137bf076cd41bd9725533
c59d882e3530622289705fd1e3d0b192a62debfcde1027fe90b3e11dd3a981d3
c65c4b1dcc3c11c6915571a25e4fe32162717f669d2cfa28517285b17bf2cdc6
c6efa78726a5e3d7a90a6d12e2d24be3bc1e01b7396460430cbca38627c6fe3b
c6ff6d4624a5c8140cbc19107aa372a233907f8e6e4d55d002d20cae682a575f
c714ebb416fa0b15b725220bca8fbe1cbe2899605b8ef833f1de1f4f66169122
c8429a6ffbbbe9bf668f8309c48d76ccb7fd19856ae638274c7c492415b39f7f
c93591cccd94f2254d20f66f7f091497f30c9f249714e6fa1b5c9d81c8cedcfe
cace0a2687006def3765aa8443ffc58d003a1897b6d69abcff0d4a3112c45ec3
cbe0caad9e694346ebc2e2cc991047f92dd8ae4fb06c87e4d002ea6c3b9a27bb
d1d8136d1aad75c695d17abb706c7c90dad18047f6244b3951fdac264ca51387
d5293af5929f4bf7d3b5b958854c714a151f715308e05ba96b4fa2e38608ab26
d6b343dd44b156260d11cca3b623daad756f879cf3d6524e8c5e30c7bea6d20a
d8453c0d4be5e4379a0620dc5c8a7a1d3a410a5f78ba0c379c5b840f7d9ae19c
d8a2fc19b3c25b470b6b7a2cb69be14e22328bc0bf9adfe709f0b1477fc61525
dbad85147b47c3c3e23ec704c9e572676c3b4481eff7e77b6765fea11f252b9d
dbf567ab82eeff26676787e317e68b11d7546b2ac57543c34e6d3639faedd2f3
dc420bfbeb7f621a48d230cde485c0d3b86922a107b6d5b8bac405f025d4b206
de2d174b8956ce02c80601c3f05b3033fd83b4607df0b2700b919d9d12653365
de637d400a492104d7b34fed1180dd9ad1057717fa01a74653a5f2a0472b4fb1
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
df28e74af5e5c9edd4508a8964586703c5760f3b6899ab13750bee9412310eb9
df35392ebe2722ddcafc180639031db9a8ed65c3d5f5e94833fdb74435d1a77a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49e6b6fee72091bf2131600d498a180560f12fd3f8d480da4992ab10f3fbae5
e4e5ba893ca49051e5a82e47c800e2e6caab9c96505d58ebc2ccb5ff099032fc
e527e6fb033ab7789f691a772a1c400c759c1fb6decc5c0b2995c43670114216
e5e8a081c33e64578de89d2fe9f37aeca106246d4fbd2c0b9ba2f2520cd0edb5
e70dd2b13f3165a85a871f1863b5f17c7a68e961e2a2788a0921a630edf01bcc
ea544a92a4ce65207a88fef5d09e0f9d0519582c00066992366ceca4d5d2b175
ea9e305e3294b9b1075f91e45198cb25f8fe0b03618776c08cf0f37b67c1d605
eb65022d3365665a5c58df649ca016fb880b7de98c7c1c4b12b31f8f5c88efea
ebdb2a9839cc6fbf9a05e4282c7d6e7a965f0165a7c84909d9770c1028a1ce8c
eca2c979f9bdfd06ec0ddc133a25559832fabf4bd4981f31f37f56b262b8561c
edb0e4cf9be90dfbe2da6e6415afb682a484cfeba0869c89a94345e2ba0ae3a0
ee1f073e89c63a228e41a4f8d73c36c70fee4e22e5968925c58e51cbd4c48b08
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef185414671f302413d96fd8a5af007c5ebb91f7a0df916dfc623f0505d72822
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc22b04e25b2cacbfee0c782c0a187f819d125077ed3aaceee18925fbf26cd8
f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347
f1182e846940d1a03991506671a1222f95ac00f57bf1e1c07b1f0a9e4756a45f
f23689a7dbcbc9f1706726e8f15d19963a09b7e0d775eebc6d6ab0c77a462ef6
f3efd97a67b8cc191db6f90437b1a27a0985467f17685ce583221ed142e32ccb
f77f0ca0a011af69f54c878b3c3d7501b7d2b73ef0cf146829f2e5c90d532445
f7af6828311223e42e7a0b42821e8008337ac3b8f5d8a77fd21aca267a1d76b5
f868f7272a6343236c494e22590d72775e956ce48b403b5fe7da3d3b887b321a
f930b92434e71139102f53dca14116f360d7685bf344deb13a1f1a746a051154
fa077f324b5f296d626561e5ee83b7c393e224f2ce5580f1f27befc411b6297a
fa854f36de2533eb57f0eb0275329939e32cb79fdd781e33a370d14ff75da275
fbd16e3494bc364c05b8e7222c2945a6fd0f9665bf8c36cd801bbf442599bccf
fc703dab29722d073f46611612fb3475b73ad131ce2113a0505ee34571afad91
fc9ffaa978a0594b8d6f5dda0a295185fd19044f1bd4b49c7e00929328cc4d05
fcfe8718632767474e43758fad2a1f98cdd3665a66e34a81c9d65140109d56f2

www.portoseguro.com.br Open in urlscan Pro 200.230.161.212 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

367 Requests

97 %HTTPS

40 %IPv6

36 Domains

57 Subdomains

50 IPs

9 Countries

13772 kBTransfer

31884 kBSize

22 Cookies

0 Outgoing links

Page URL History

Redirected requests

367 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.portoseguro.com.br Open in urlscan Pro
200.230.161.212 Public Scan

Screenshot
Live screenshot

Full Image

367
Requests

97 %
HTTPS

40 %
IPv6

36
Domains

57
Subdomains

50
IPs

9
Countries

13772 kB
Transfer

31884 kB
Size

22
Cookies

367 HTTP transactions
5 data transactions