www.portalmaismidia.com.br Open in urlscan Pro
2804:10:8002::210:83 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.portalmaismidia.com.br/rosana-menezes-fecha-parceria-com-cartao-de-todos/&ct=ga&cd=CAEYACoTODUzMDg3MzQyOTgyMzczODIyNjId...
Effective URL:
http://www.portalmaismidia.com.br/
Submission Tags: falconsandbox
Submission: On July 18 via api (July 18th 2021, 4:54:22 pm UTC) from US

Summary HTTP 237 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 53 IPs in 9 countries across 41 domains to perform 237 HTTP transactions. The main IP is 2804:10:8002::210:83, located in Brazil and belongs to IPV6 Internet Ltda, BR. The main domain is www.portalmaismidia.com.br.

This is the only time www.portalmaismidia.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 22	2804:10:8002:... 2804:10:8002::210:83	28299 (IPV6 Inte...) (IPV6 Internet Ltda)
5	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
33	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
4	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1 2	2606:4700:20:... 2606:4700:20::681a:a75	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:219... 2600:9000:2190:6200:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
1	148.69.64.109 148.69.64.109	12353 (VODAFONE-...) (VODAFONE-PT Vodafone Portugal)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
4 4	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	148.69.64.76 148.69.64.76	12353 (VODAFONE-...) (VODAFONE-PT Vodafone Portugal)
6	2606:4700:20:... 2606:4700:20::681a:af8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a823	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2 2	91.92.196.187 91.92.196.187	49882 (SKRILL) (SKRILL)
1 1	77.87.181.63 77.87.181.63	43338 (RATIONAL-AS) (RATIONAL-AS)
1 4	77.87.180.152 77.87.180.152	43338 (RATIONAL-AS) (RATIONAL-AS)
37	104.111.238.76 104.111.238.76	16625 (AKAMAI-AS) (AKAMAI-AS)
1	77.87.179.68 77.87.179.68	43338 (RATIONAL-AS) (RATIONAL-AS)
6	104.111.248.191 104.111.248.191	16625 (AKAMAI-AS) (AKAMAI-AS)
7	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
5	77.87.177.43 77.87.177.43	43338 (RATIONAL-AS) (RATIONAL-AS)
12	34.248.208.147 34.248.208.147	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	77.87.180.198 77.87.180.198	43338 (RATIONAL-AS) (RATIONAL-AS)
2	52.51.65.171 52.51.65.171	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	77.87.178.197 77.87.178.197	43338 (RATIONAL-AS) (RATIONAL-AS)
1 2	216.58.212.166 216.58.212.166	15169 (GOOGLE) (GOOGLE)
2	13.224.99.57 13.224.99.57	16509 (AMAZON-02) (AMAZON-02)
1	151.101.13.108 151.101.13.108	54113 (FASTLY) (FASTLY)
2 2	185.33.223.178 185.33.223.178	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1 1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1 1	185.29.133.199 185.29.133.199	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 5	209.197.3.19 209.197.3.19	20446 (HIGHWINDS3) (HIGHWINDS3)
1	185.33.221.15 185.33.221.15	29990 (ASN-APPNEX) (ASN-APPNEX)
2	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
3	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	62.212.64.229 62.212.64.229	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
2	52.48.136.43 52.48.136.43	16509 (AMAZON-02) (AMAZON-02)
2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
2 2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
237	53

22 2804:10:8002::210:83 (Brazil) 1 redirects

ASN28299 (IPV6 Internet Ltda, BR)

www.portalmaismidia.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 192.0.77.2 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:a75 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

clevernt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:6200:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.69.64.109 (Costa de Caparica, Portugal)

ASN12353 (VODAFONE-PT Vodafone Portugal, PT)
PTR: host-109.clevernetwork.pt

ui.clevernt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:800e:face:b00c:0:2 (Frankfurt am Main, Germany) 4 redirects

ASN32934 (FACEBOOK, US)

web.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.69.64.76 (Costa de Caparica, Portugal) 1 redirects

ASN12353 (VODAFONE-PT Vodafone Portugal, PT)
PTR: are.clevernt.com

sender.clevernt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:af8 (United States)

ASN13335 (CLOUDFLARENET, US)

lp.clevernetwork.pt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.92.196.187 (United Kingdom) 2 redirects

ASN49882 (SKRILL, GB)

secure.starsaffiliateclub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.87.181.63 (Isle of Man, Isle Of Man) 1 redirects

ASN43338 (RATIONAL-AS, IM)

www.pokerstars.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 77.87.180.152 (Isle of Man, Isle Of Man) 1 redirects

ASN43338 (RATIONAL-AS, IM)

www.pokerstars.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 104.111.238.76 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-238-76.deploy.static.akamaitechnologies.com

cmsstorage.rationalcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cashier.rationalcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s4.rationalcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.87.179.68 (Douglas, Isle Of Man)

ASN43338 (RATIONAL-AS, IM)

starscrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.111.248.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-248-191.deploy.static.akamaitechnologies.com

s.btstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 77.87.177.43 (Isle of Man, Isle Of Man)

ASN43338 (RATIONAL-AS, IM)

ram.pokerstars.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.248.208.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-208-147.eu-west-1.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.87.180.198 (Isle of Man, Isle Of Man)

ASN43338 (RATIONAL-AS, IM)

www.psimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.65.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-65-171.eu-west-1.compute.amazonaws.com

u360.d-bi.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.87.178.197 (Isle of Man, Isle Of Man)

ASN43338 (RATIONAL-AS, IM)

rewards.starsaccount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.166 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f166.1e100.net

8954552.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.99.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-99-57.zrh50.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.178 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.133.199 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 209.197.3.19 (United States) 1 redirects

ASN20446 (HIGHWINDS3, US)
PTR: vip0x013.map2.ssl.hwcdn.net

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.15 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.226.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.212.64.229 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: tradelab.fr

its.tradelab.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.136.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-136-43.eu-west-1.compute.amazonaws.com

d9.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

tapestry.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	rationalcdn.com cmsstorage.rationalcdn.com cashier.rationalcdn.com s4.rationalcdn.com	7 MB
35	wp.com i1.wp.com i0.wp.com i2.wp.com stats.wp.com pixel.wp.com	687 KB
22	portalmaismidia.com.br 1 redirects www.portalmaismidia.com.br	2 MB
19	gstatic.com fonts.gstatic.com	298 KB
12	thebrighttag.com s.thebrighttag.com	15 KB
11	doubleclick.net 4 redirects googleads.g.doubleclick.net stats.g.doubleclick.net 8954552.fls.doubleclick.net cm.g.doubleclick.net	7 KB
11	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	220 KB
9	pokerstars.fr 1 redirects www.pokerstars.fr ram.pokerstars.fr	51 KB
8	mathtag.com 1 redirects pixel.mathtag.com sync.mathtag.com	6 KB
8	facebook.com 4 redirects web.facebook.com www.facebook.com	1 KB
7	flashtalking.com 1 redirects servedby.flashtalking.com d9.flashtalking.com	31 KB
7	google-analytics.com www.google-analytics.com	40 KB
6	btstatic.com s.btstatic.com	48 KB
6	clevernetwork.pt lp.clevernetwork.pt	88 KB
5	google.com 2 redirects adservice.google.com www.google.com	2 KB
5	facebook.net connect.facebook.net	173 KB
5	googleapis.com fonts.googleapis.com	6 KB
4	adnxs.com 2 redirects acdn.adnxs.com secure.adnxs.com ib.adnxs.com	6 KB
4	googleadservices.com partner.googleadservices.com www.googleadservices.com	20 KB
4	clevernt.com 2 redirects clevernt.com ui.clevernt.com sender.clevernt.com	54 KB
4	gravatar.com secure.gravatar.com 1.gravatar.com	12 KB
3	bing.com bat.bing.com	9 KB
3	google.de adservice.google.de www.google.de	1 KB
2	tapad.com tapestry.tapad.com	831 B
2	snapchat.com tr.snapchat.com	277 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	616 B
2	sc-static.net sc-static.net	15 KB
2	d-bi.fr u360.d-bi.fr	5 KB
2	psimg.com www.psimg.com	7 KB
2	starsaffiliateclub.com 2 redirects secure.starsaffiliateclub.com	1 KB
1	t.co t.co	455 B
1	twitter.com analytics.twitter.com	659 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	tradelab.fr its.tradelab.fr	503 B
1	starsaccount.com rewards.starsaccount.com	383 B
1	starscrm.com starscrm.com	428 B
1	pokerstars.com 1 redirects www.pokerstars.com	548 B
1	cloudflare.com ajax.cloudflare.com	4 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	consensu.org quantcast.mgr.consensu.org	6 KB
0	egobrazil.com Failed egobrazil.com Failed
237	41

	Domain	Requested by
29	cmsstorage.rationalcdn.com	www.pokerstars.fr www.portalmaismidia.com.br cmsstorage.rationalcdn.com
22	www.portalmaismidia.com.br	1 redirects www.portalmaismidia.com.br
19	fonts.gstatic.com	fonts.googleapis.com
15	i2.wp.com	www.portalmaismidia.com.br
14	i1.wp.com	www.portalmaismidia.com.br
12	s.thebrighttag.com	s.btstatic.com www.portalmaismidia.com.br
9	pagead2.googlesyndication.com	www.portalmaismidia.com.br pagead2.googlesyndication.com tpc.googlesyndication.com
7	cashier.rationalcdn.com	www.pokerstars.fr cmsstorage.rationalcdn.com cashier.rationalcdn.com
7	pixel.mathtag.com	cmsstorage.rationalcdn.com s.btstatic.com pixel.mathtag.com www.portalmaismidia.com.br
7	www.google-analytics.com	www.portalmaismidia.com.br www.google-analytics.com s.btstatic.com
6	s.btstatic.com	cmsstorage.rationalcdn.com s.btstatic.com
6	lp.clevernetwork.pt	www.portalmaismidia.com.br lp.clevernetwork.pt
5	servedby.flashtalking.com	1 redirects www.portalmaismidia.com.br servedby.flashtalking.com
5	ram.pokerstars.fr	cmsstorage.rationalcdn.com cashier.rationalcdn.com
5	connect.facebook.net	www.portalmaismidia.com.br connect.facebook.net
5	fonts.googleapis.com	www.portalmaismidia.com.br lp.clevernetwork.pt www.pokerstars.fr
4	www.pokerstars.fr	1 redirects www.portalmaismidia.com.br www.pokerstars.fr
4	www.facebook.com	connect.facebook.net www.portalmaismidia.com.br
4	web.facebook.com	4 redirects
4	stats.g.doubleclick.net	www.google-analytics.com
4	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com
4	i0.wp.com	www.portalmaismidia.com.br
3	www.google.com	2 redirects tpc.googlesyndication.com
3	www.googleadservices.com	8954552.fls.doubleclick.net www.googleadservices.com
3	bat.bing.com	s.btstatic.com bat.bing.com www.portalmaismidia.com.br
3	secure.gravatar.com	www.portalmaismidia.com.br secure.gravatar.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.google.de	8954552.fls.doubleclick.net
2	tapestry.tapad.com	servedby.flashtalking.com
2	d9.flashtalking.com	servedby.flashtalking.com d9.flashtalking.com
2	tr.snapchat.com	www.portalmaismidia.com.br
2	sync-tm.everesttech.net	2 redirects
2	secure.adnxs.com	2 redirects
2	sc-static.net	www.portalmaismidia.com.br sc-static.net
2	8954552.fls.doubleclick.net	1 redirects s.btstatic.com
2	u360.d-bi.fr	www.psimg.com www.pokerstars.fr
2	www.psimg.com	s.btstatic.com
2	secure.starsaffiliateclub.com	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com 8954552.fls.doubleclick.net
2	clevernt.com	1 redirects www.portalmaismidia.com.br
1	t.co	www.portalmaismidia.com.br
1	analytics.twitter.com	static.ads-twitter.com
1	static.ads-twitter.com	s.btstatic.com
1	its.tradelab.fr	www.portalmaismidia.com.br
1	ib.adnxs.com	www.portalmaismidia.com.br
1	sync.mathtag.com	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	acdn.adnxs.com	www.portalmaismidia.com.br
1	rewards.starsaccount.com	cmsstorage.rationalcdn.com
1	s4.rationalcdn.com	cmsstorage.rationalcdn.com
1	starscrm.com	cmsstorage.rationalcdn.com
1	www.pokerstars.com	1 redirects
1	ajax.cloudflare.com	lp.clevernetwork.pt
1	sender.clevernt.com	1 redirects
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ui.clevernt.com	www.portalmaismidia.com.br
1	1.gravatar.com	www.portalmaismidia.com.br
1	pixel.wp.com	www.portalmaismidia.com.br
1	quantcast.mgr.consensu.org	www.portalmaismidia.com.br
1	stats.wp.com	www.portalmaismidia.com.br
0	egobrazil.com Failed	www.portalmaismidia.com.br
237	63

This site contains links to these domains. Also see Links.

Domain
clevernetwork.pt
joomlalock.com
all4share.net
www.facebook.com.br
app.musadobrasileirao.com
www.facebook.com
dlwordpress.com
dlandroid24.com

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-29` - `2022-06-28`	a year	crt.sh
quantcast.mgr.consensu.org Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.clevernt.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-23` - `2022-02-23`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
www.pokerstars.fr DigiCert TLS RSA SHA256 2020 CA1	`2021-04-08` - `2022-05-09`	a year	crt.sh
rationalcdn.com GeoTrust RSA CA 2018	`2020-09-28` - `2021-08-13`	10 months	crt.sh
starscrm.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2021-12-20`	a year	crt.sh
s.btstatic.com DigiCert SHA2 Secure Server CA	`2020-02-10` - `2022-02-17`	2 years	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
*.signal.co Entrust Certification Authority - L1K	`2021-01-26` - `2022-02-25`	a year	crt.sh
www.psimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-26` - `2022-02-26`	a year	crt.sh
*.d-bi.fr GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-06-23` - `2022-06-23`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-04-12` - `2021-10-12`	6 months	crt.sh
rewards.starsaccount.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-11` - `2022-06-11`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2021-02-11` - `2022-02-15`	a year	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
tr.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-19` - `2022-01-23`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.tradelab.fr Go Daddy Secure Certificate Authority - G2	`2019-07-30` - `2021-09-28`	2 years	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-04` - `2022-02-22`	a year	crt.sh
tag.device9.com Go Daddy Secure Certificate Authority - G2	`2020-08-06` - `2021-09-17`	a year	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-01-12` - `2022-01-11`	a year	crt.sh
www.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh

This page contains 15 frames:

Primary Page: http://www.portalmaismidia.com.br/
Frame ID: A852EBC6FC3A1AEDDBE4078BB6A8C675
Requests: 96 HTTP requests in this frame

Frame: https://egobrazil.com/iframe.php
Frame ID: 159B75A80D2700DDA1B9C2A64693527E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210712/r20190131/zrt_lookup.html
Frame ID: 314749094D3DE57D7DAE78721FF6ED2E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8596049788369392&output=html&adk=1812271804&adf=3025194257&lmt=1626627236&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.portalmaismidia.com.br%2F&ea=0&flash=0&pra=5&wgl=1&dt=1626627236114&bpp=4&bdt=2186&idt=132&shv=r20210712&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4664957158253&frm=20&pv=2&ga_vid=407809299.1626627236&ga_sid=1626627236&ga_hid=1436727608&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2956790455874972&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=159
Frame ID: CC13C6C22D406CB6CA0FE1B542031BC0
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv2.3%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3cf9df2587a98%2526domain%253Dwww.portalmaismidia.com.br%2526origin%253Dhttp%25253A%25252F%25252Fwww.portalmaismidia.com.br%25252Ffc4a483d48b97%2526relation%253Dparent.parent%26container_width%3D324%26height%3D432%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmaismidiaoficial%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D340&_rdc=1&_rdr
Frame ID: D64EE780332B9B245D3A99E90522F408
Requests: 1 HTTP requests in this frame

Frame: https://lp.clevernetwork.pt/pokerstars/fr/?group=32649&id=351341&ref=aHR0cDovL3d3dy5wb3J0YWxtYWlzbWlkaWEuY29tLmJyLw==&r=286646003&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBS1dXRklBQkFBV1A=
Frame ID: 2AA8A5A74E721DF760E2A7B14253F43A
Requests: 12 HTTP requests in this frame

Frame: https://www.pokerstars.fr/
Frame ID: 9596A438C05FC7546CB1A2E9168D20DC
Requests: 102 HTTP requests in this frame

Frame: https://8954552.fls.doubleclick.net/activityi;dc_pre=CMGTxteK7fECFdAY0wodxaoGOw;src=8954552;type=rmcom0;cat=sg_we0;u27=267032970453457;ord=7407226738939.248;~oref=https%3A%2F%2Fwww.pokerstars.fr%2F
Frame ID: 444D1683CCDDA80D6DD9FEFFC03104C9
Requests: 7 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=bd1e60f4-5ca8-4d00-bb5f-626460ca4923&no_iframe=1&mt_adid=122865&source=mathtag
Frame ID: 8B45F300416907F26BB64D588B2E3D97
Requests: 3 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=1666b7b9-c3bf-47cf-8574-42bbbc074d5a
Frame ID: 467663D27D1B123AFCF4F08E34E14240
Requests: 1 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=267032970453457&ft_partnerid=267032970453457&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=204884.99920078597
Frame ID: 3586E1EFEC4362E379CE5F1F76731EF8
Requests: 9 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 506C122FDF04C6176AB8808626E0937D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv2.3%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2124b4364cf764%2526domain%253Dwww.portalmaismidia.com.br%2526origin%253Dhttp%25253A%25252F%25252Fwww.portalmaismidia.com.br%25252Ffc4a483d48b97%2526relation%253Dparent.parent%26container_width%3D0%26height%3D432%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmaismidiaoficial%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D340&_rdc=1&_rdr
Frame ID: B37C2A0EB9FDBB83E491C62E1E9608B4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 2B4F51B5E47BE92C0B2A1D9A1DA585D6
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FF8230BCB366F88CABA751E7C5157C24
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.portalmaismidia.com.br/rosana-menezes-fecha-parceria-com-cartao-de-todos/&ct=ga&cd=CAEYACoTODUzMDg3... HTTP 301
http://www.portalmaismidia.com.br/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

237
Requests

82 %
HTTPS

44 %
IPv6

41
Domains

63
Subdomains

53
IPs

9
Countries

11125 kB
Transfer

15204 kB
Size

17
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://clevernetwork.pt/

Search URL Search Domain Scan URL

URL: http://joomlalock.com/
Title: All for Joomla

Search URL Search Domain Scan URL

URL: http://all4share.net/
Title: All for Webmasters

Search URL Search Domain Scan URL

URL: http://www.facebook.com.br/maismidiaoficial
Title:

Search URL Search Domain Scan URL

URL: http://app.musadobrasileirao.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/maismidiaoficial
Title: Facebook

Search URL Search Domain Scan URL

URL: http://dlwordpress.com/
Title: Free WordPress Themes

Search URL Search Domain Scan URL

URL: https://dlandroid24.com/
Title: Free Android Games

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.portalmaismidia.com.br/rosana-menezes-fecha-parceria-com-cartao-de-todos/&ct=ga&cd=CAEYACoTODUzMDg3MzQyOTgyMzczODIyNjIdZDYzZDQ3YTQ5Nzk0ZDdkZjpjb20uYnI6cHQ6QlI&usg=AFQjCNFUu7v038w85_mhBPldQkNO7vZfcg HTTP 301
http://www.portalmaismidia.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

http://clevernt.com/scripts/a4fd3581d109519a0eacfd77ac23cd4e.min.js?20200124=1626627235554 HTTP 301
https://clevernt.com/scripts/a4fd3581d109519a0eacfd77ac23cd4e.min.js?20200124=1626627235554

Request Chain 66

http://connect.facebook.net/pt_BR/sdk.js HTTP 307
https://connect.facebook.net/pt_BR/sdk.js

Request Chain 67

https://goo.gl/8wqr7w HTTP 302
https://egobrazil.com/iframe.php

Request Chain 93

https://web.facebook.com/v2.3/plugins/page.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3cf9df2587a98%26domain%3Dwww.portalmaismidia.com.br%26origin%3Dhttp%253A%252F%252Fwww.portalmaismidia.com.br%252Ffc4a483d48b97%26relation%3Dparent.parent&container_width=324&height=432&hide_cover=false&hide_cta=false&href=https%3A%2F%2Fwww.facebook.com%2Fmaismidiaoficial&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=false&width=340 HTTP 302
https://web.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv2.3%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3cf9df2587a98%2526domain%253Dwww.portalmaismidia.com.br%2526origin%253Dhttp%25253A%25252F%25252Fwww.portalmaismidia.com.br%25252Ffc4a483d48b97%2526relation%253Dparent.parent%26container_width%3D324%26height%3D432%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmaismidiaoficial%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D340 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv2.3%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3cf9df2587a98%2526domain%253Dwww.portalmaismidia.com.br%2526origin%253Dhttp%25253A%25252F%25252Fwww.portalmaismidia.com.br%25252Ffc4a483d48b97%2526relation%253Dparent.parent%26container_width%3D324%26height%3D432%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmaismidiaoficial%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D340&_rdc=1&_rdr

Request Chain 94

http://sender.clevernt.com/transporter/32649.php?ppuc=1&ppu=0&id=351341&ref=aHR0cDovL3d3dy5wb3J0YWxtYWlzbWlkaWEuY29tLmJyLw%3D%3D&ruri=&r=286646003&tok=93258721807212785239&iv=-1&ctr=FR&sz=1200&wn=&res=1600x1200&landing=1&hei=360&ts=0.197 HTTP 302
https://lp.clevernetwork.pt/pokerstars/fr/?group=32649&id=351341&ref=aHR0cDovL3d3dy5wb3J0YWxtYWlzbWlkaWEuY29tLmJyLw==&r=286646003&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBS1dXRklBQkFBV1A=

Request Chain 105

https://secure.starsaffiliateclub.com/C.ashx?btag=a_174459b_1915c_&affid=2356410&siteid=174459&adid=1915&c=YSAAKWWFIABAAWP HTTP 302
https://secure.starsaffiliateclub.com/C.ashx?btag=a_174459b_1915c_&affid=2356410&siteid=174459&adid=1915&c=YSAAKWWFIABAAWP&AutoR=1 HTTP 302
https://www.pokerstars.com/ua/?btag=a_174459b_1915c_YSAAKWWFIABAAWP HTTP 301
https://www.pokerstars.fr/?btag=a_174459b_1915c_YSAAKWWFIABAAWP HTTP 301
https://www.pokerstars.fr/

Request Chain 179

https://8954552.fls.doubleclick.net/activityi;src=8954552;type=rmcom0;cat=sg_we0;u27=267032970453457;ord=7407226738939.248;~oref=https%3A%2F%2Fwww.pokerstars.fr%2F HTTP 302
https://8954552.fls.doubleclick.net/activityi;dc_pre=CMGTxteK7fECFdAY0wodxaoGOw;src=8954552;type=rmcom0;cat=sg_we0;u27=267032970453457;ord=7407226738939.248;~oref=https%3A%2F%2Fwww.pokerstars.fr%2F

Request Chain 182

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.thebrighttag.com%2Fcs?btt=0&tp=an&uid=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.thebrighttag.com%252Fcs%3Fbtt%3D0%26tp%3Dan%26uid%3D%24UID HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=an&uid=8881832841376120260

Request Chain 183

https://sync-tm.everesttech.net/upi/pid/epROgTTp/?redir=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3D0WCbX0j%26uid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/epROgTTp/?redir=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3D0WCbX0j%26uid%3D%24%7BTM_USER_ID%7D&_test=YPRcqgAC3NEs_QAC HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=0WCbX0j&uid=YPRcqgAC3NEs_QAC&_test=YPRcqgAC3NEs_QAC

Request Chain 184

https://cm.g.doubleclick.net/pixel?google_nid=signal_dmp&google_cm&btt=0 HTTP 302
https://s.thebrighttag.com/cs?tp=gcms&btt=0&google_gid=CAESEBtPjCcmw2cB_YwqQy_yxWA&google_cver=1

Request Chain 185

https://sync.mathtag.com/sync/js?redir=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Ftp%3Dmm%26uid%3D%5BMM_UUID%5D%26btt%3D0 HTTP 302
https://s.thebrighttag.com/cs?tp=mm&uid=bd1e60f4-5ca8-4d00-bb5f-626460ca4923&btt=0

Request Chain 186

https://servedby.flashtalking.com/map/?key=s3lJXta567k8G63uyekk63hUj6k11&url=https://s.thebrighttag.com/cs?btt=0&tp=dJNjEOZ&uid=[%FT_GUID%] HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=dJNjEOZ&uid=4947C42EBA7346

Request Chain 213

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/702974000/?random=428586270&cv=9&fst=1626627242321&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMGTxteK7fECFdAY0wodxaoGOw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D267032970453457%3Bord%3D7407226738939.248%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.fr%252F&ref=https%3A%2F%2Fwww.pokerstars.fr%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=qlz0YOurF4nWgAfRgKWQCw&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/702974000/?random=428586270&cv=9&fst=1626627242321&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMGTxteK7fECFdAY0wodxaoGOw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D267032970453457%3Bord%3D7407226738939.248%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.fr%252F&ref=https%3A%2F%2Fwww.pokerstars.fr%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=qlz0YOurF4nWgAfRgKWQCw&cid=CAQSKQCNIrLM6jwrVYitbc8UFIJ9yewNysV9nEfwigCug70wOrEN07PV_iid&random=1896672238&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/702974000/?random=428586270&cv=9&fst=1626627242321&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMGTxteK7fECFdAY0wodxaoGOw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D267032970453457%3Bord%3D7407226738939.248%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.fr%252F&ref=https%3A%2F%2Fwww.pokerstars.fr%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=qlz0YOurF4nWgAfRgKWQCw&cid=CAQSKQCNIrLM6jwrVYitbc8UFIJ9yewNysV9nEfwigCug70wOrEN07PV_iid&random=1896672238&resp=GooglemKTybQhCsO&ipr=y

Request Chain 214

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/752674712/?random=1836638020&cv=9&fst=1626627242321&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMGTxteK7fECFdAY0wodxaoGOw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D267032970453457%3Bord%3D7407226738939.248%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.fr%252F&ref=https%3A%2F%2Fwww.pokerstars.fr%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=qlz0YJiuF7Wxx_APrZCIgAw&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/752674712/?random=1836638020&cv=9&fst=1626627242321&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMGTxteK7fECFdAY0wodxaoGOw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D267032970453457%3Bord%3D7407226738939.248%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.fr%252F&ref=https%3A%2F%2Fwww.pokerstars.fr%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=qlz0YJiuF7Wxx_APrZCIgAw&cid=CAQSKQCNIrLMqRxyqvYMNptkgzm52DTshwp7aJd7ENXf6gLXTEQiGiYXsAqb&random=2666810695&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/752674712/?random=1836638020&cv=9&fst=1626627242321&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMGTxteK7fECFdAY0wodxaoGOw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D267032970453457%3Bord%3D7407226738939.248%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.fr%252F&ref=https%3A%2F%2Fwww.pokerstars.fr%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=qlz0YJiuF7Wxx_APrZCIgAw&cid=CAQSKQCNIrLMqRxyqvYMNptkgzm52DTshwp7aJd7ENXf6gLXTEQiGiYXsAqb&random=2666810695&resp=GooglemKTybQhCsO&ipr=y

Request Chain 220

https://web.facebook.com/v2.3/plugins/page.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2124b4364cf764%26domain%3Dwww.portalmaismidia.com.br%26origin%3Dhttp%253A%252F%252Fwww.portalmaismidia.com.br%252Ffc4a483d48b97%26relation%3Dparent.parent&container_width=0&height=432&hide_cover=false&hide_cta=false&href=https%3A%2F%2Fwww.facebook.com%2Fmaismidiaoficial&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=false&width=340 HTTP 302
https://web.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv2.3%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2124b4364cf764%2526domain%253Dwww.portalmaismidia.com.br%2526origin%253Dhttp%25253A%25252F%25252Fwww.portalmaismidia.com.br%25252Ffc4a483d48b97%2526relation%253Dparent.parent%26container_width%3D0%26height%3D432%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmaismidiaoficial%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D340 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv2.3%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2124b4364cf764%2526domain%253Dwww.portalmaismidia.com.br%2526origin%253Dhttp%25253A%25252F%25252Fwww.portalmaismidia.com.br%25252Ffc4a483d48b97%2526relation%253Dparent.parent%26container_width%3D0%26height%3D432%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmaismidiaoficial%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D340&_rdc=1&_rdr

237 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.portalmaismidia.com.br/
Redirect Chain

http://www.portalmaismidia.com.br/rosana-menezes-fecha-parceria-com-cartao-de-todos/&ct=ga&cd=CAEYACoTODUzMDg3MzQyOTgyMzczODIyNjIdZDYzZDQ3YTQ5Nzk0ZDdkZjpjb20uYnI6cHQ6QlI&usg=AFQjCNFUu7v038w85_mhBPl...
http://www.portalmaismidia.com.br/

149 KB
23 KB

585ms
585ms

Document
text/html

2804:10:8002::210:83
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL: http://www.portalmaismidia.com.br/
Protocol: HTTP/1.1
Server: 2804:10:8002::210:83 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS
Software: Apache /
Resource Hash: 64706edee1a3e2dc69bd7203c0694f59e45198f6f8ab1dca5502498b65fa12eb

Request headers

Host: www.portalmaismidia.com.br
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:53:53 GMT
Server: Apache
Link: <http://www.portalmaismidia.com.br/wp-json/>; rel="https://api.w.org/", <http://www.portalmaismidia.com.br/wp-json/wp/v2/pages/281>; rel="alternate"; type="application/json", <https://wp.me/P7u04l-4x>; rel=shortlink
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=499
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Sun, 18 Jul 2021 16:53:52 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Content-Encoding: gzip
Vary: Accept-Encoding
Location: http://www.portalmaismidia.com.br/
Keep-Alive: timeout=5, max=500
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK galleria.amw-classic.css
www.portalmaismidia.com.br/wp-content/plugins/galleria/galleria/themes/amw-classic/ 5 KB
6 KB 400ms
204ms Stylesheet
text/css 2804:10:8002::210:83
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL: http://www.portalmaismidia.com.br/wp-content/plugins/galleria/galleria/themes/amw-classic/galleria.amw-classic.css?ver=1.0.3
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/
Protocol: HTTP/1.1
Server: 2804:10:8002::210:83 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS
Software: Apache /
Resource Hash: dd3efaecab89bfe66e32b48b12ba91055c52e1448fc26324547b0f92f11aa01a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.portalmaismidia.com.br
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.portalmaismidia.com.br/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:53:54 GMT
Last-Modified: Sun, 10 Apr 2016 21:21:51 GMT
Server: Apache
ETag: "14de-53028043599c0"
Content-Type: text/css
Cache-Control: max-age=1800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=498
Content-Length: 5342

GET
H/1.1 200
OK style.min.css
www.portalmaismidia.com.br/wp-includes/css/dist/block-library/ 57 KB
57 KB 401ms
201ms Stylesheet
text/css 2804:10:8002::210:83
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL: http://www.portalmaismidia.com.br/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/
Protocol: HTTP/1.1
Server: 2804:10:8002::210:83 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS
Software: Apache /
Resource Hash: 2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.portalmaismidia.com.br
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.portalmaismidia.com.br/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:53:54 GMT
Last-Modified: Thu, 15 Apr 2021 14:26:36 GMT
Server: Apache
ETag: "e33b-5c003a698964f"
Content-Type: text/css
Cache-Control: max-age=1800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=500
Content-Length: 58171

GET
H/1.1 200
OK css
fonts.googleapis.com/ 31 KB
2 KB 22ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Asap%3A400%7COrbitron%3A400%7CJulius+Sans+One%3A400%7CRaleway%3A400%7CVarela+Round%3A400%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=5.7.2

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9cece151865d74a1a22597610932b8db680ff737db44869208e8b5f157f730d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: http://www.portalmaismidia.com.br
Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:53:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sun, 18 Jul 2021 16:53:53 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Sun, 18 Jul 2021 16:53:53 GMT

GET
H/1.1 200
OK style.css
www.portalmaismidia.com.br/wp-content/themes/Newspaper_old/ 902 KB
903 KB 401ms
201ms Stylesheet
text/css 2804:10:8002::210:83
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL: http://www.portalmaismidia.com.br/wp-content/themes/Newspaper_old/style.css?ver=7.7
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/
Protocol: HTTP/1.1
Server: 2804:10:8002::210:83 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS
Software: Apache /
Resource Hash: 496e8eba4723ab45153d489b6fb987b6b4e5fe1afa49a012a7b844a951d78f09

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.portalmaismidia.com.br
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.portalmaismidia.com.br/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:53:54 GMT
Last-Modified: Wed, 10 May 2017 03:34:10 GMT
Server: Apache
ETag: "e1916-54f2325317080"
Content-Type: text/css
Cache-Control: max-age=1800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=500
Content-Length: 923926

GET
H/1.1 200
OK jetpack.css
www.portalmaismidia.com.br/wp-content/plugins/jetpack/css/ 72 KB
73 KB 404ms
202ms Stylesheet
text/css 2804:10:8002::210:83
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL: http://www.portalmaismidia.com.br/wp-content/plugins/jetpack/css/jetpack.css?ver=8.5.1
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/
Protocol: HTTP/1.1
Server: 2804:10:8002::210:83 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS
Software: Apache /
Resource Hash: 846b7b0b890e1e98f993628e5a93e00f3f6aaec9723ca96e299b30d2429f4fad

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.portalmaismidia.com.br
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.portalmaismidia.com.br/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:53:54 GMT
Last-Modified: Thu, 03 Jun 2021 14:26:19 GMT
Server: Apache
ETag: "12181-5c3dd5bd15c72"
Content-Type: text/css
Cache-Control: max-age=1800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=500
Content-Length: 74113

GET
H/1.1 200
OK jquery.min.js Show response
www.portalmaismidia.com.br/wp-includes/js/jquery/ 87 KB
88 KB 404ms
202ms Script
application/javascript 2804:10:8002::210:83
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL: http://www.portalmaismidia.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/
Protocol: HTTP/1.1
Server: 2804:10:8002::210:83 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS
Software: Apache /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.portalmaismidia.com.br
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.portalmaismidia.com.br/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:53:54 GMT
Last-Modified: Fri, 12 Mar 2021 20:50:24 GMT
Server: Apache
ETag: "15d98-5bd5d0c9a2c93"
Content-Type: application/javascript
Cache-Control: max-age=1800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=500
Content-Length: 89496

GET
H/1.1 200
OK jquery-migrate.min.js Show response
www.portalmaismidia.com.br/wp-includes/js/jquery/ 11 KB
11 KB 404ms
203ms Script
application/javascript 2804:10:8002::210:83
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL: http://www.portalmaismidia.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/
Protocol: HTTP/1.1
Server: 2804:10:8002::210:83 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS
Software: Apache /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.portalmaismidia.com.br
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.portalmaismidia.com.br/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:53:54 GMT
Last-Modified: Fri, 12 Mar 2021 20:50:24 GMT
Server: Apache
ETag: "2bd8-5bd5d0c9a1cf3"
Content-Type: application/javascript
Cache-Control: max-age=1800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=500
Content-Length: 11224

GET
H/1.1 200
OK galleria-1.2.9.min.js Show response
www.portalmaismidia.com.br/wp-content/plugins/galleria/galleria/ 75 KB
76 KB 603ms
204ms Script
application/javascript 2804:10:8002::210:83
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL: http://www.portalmaismidia.com.br/wp-content/plugins/galleria/galleria/galleria-1.2.9.min.js?ver=1.2.9
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/
Protocol: HTTP/1.1
Server: 2804:10:8002::210:83 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS
Software: Apache /
Resource Hash: 47cb1c4f7b4b60a319db5f2b2645ef6e64fdc32dd5ddfb1b75d71a53fd703399

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.portalmaismidia.com.br
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.portalmaismidia.com.br/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:53:54 GMT
Last-Modified: Sun, 10 Apr 2016 21:21:51 GMT
Server: Apache
ETag: "12d84-53028043599c0"
Content-Type: application/javascript
Cache-Control: max-age=1800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=497
Content-Length: 77188

GET
H/1.1 200
OK galleria.amw-classic.js Show response
www.portalmaismidia.com.br/wp-content/plugins/galleria/galleria/themes/amw-classic/ 4 KB
4 KB 608ms
204ms Script
application/javascript 2804:10:8002::210:83
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL: http://www.portalmaismidia.com.br/wp-content/plugins/galleria/galleria/themes/amw-classic/galleria.amw-classic.js?ver=1.0.3
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/
Protocol: HTTP/1.1
Server: 2804:10:8002::210:83 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS
Software: Apache /
Resource Hash: 1e570ed788821890136534a9e8bce6ac0d5d56bf63ecf80b261349b4c7082618

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.portalmaismidia.com.br
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.portalmaismidia.com.br/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:53:54 GMT
Last-Modified: Thu, 14 Apr 2016 22:59:23 GMT
Server: Apache
ETag: "e03-53079d86188c0"
Content-Type: application/javascript
Cache-Control: max-age=1800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=499
Content-Length: 3587

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
48 KB 45ms
21ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40c87e63f419b5d4b32027a041a8df1a95ebf82c92b3ebd10487810849678cc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:53:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48398
x-xss-protection: 0
server: cafe
etag: 10219626641375988758
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 18 Jul 2021 16:53:55 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.portalmaismidia.com.br/wp-includes/js/ 14 KB
14 KB 205ms
204ms Script
application/javascript 2804:10:8002::210:83
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL: http://www.portalmaismidia.com.br/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/
Protocol: HTTP/1.1
Server: 2804:10:8002::210:83 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS
Software: Apache /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.portalmaismidia.com.br
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.portalmaismidia.com.br/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:53:55 GMT
Last-Modified: Fri, 12 Mar 2021 20:50:24 GMT
Server: Apache
ETag: "3795-5bd5d0c9ba393"
Content-Type: application/javascript
Cache-Control: max-age=1800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=497
Content-Length: 14229

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
48 KB 32ms
21ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bff7d7daab7b0e2e15cfb4777e0a550049554e9b391d519f9f2f3196275d5f34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Sun, 18 Jul 2021 16:53:55 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 7904118586112407981
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 48389
X-XSS-Protection: 0
Expires: Sun, 18 Jul 2021 16:53:55 GMT

GET
H/1.1 200
OK logo-mais-midia-2018-nome.fw_-300x143.png
www.portalmaismidia.com.br/wp-content/uploads/2018/10/ 27 KB
27 KB 204ms
203ms Image
image/png 2804:10:8002::210:83
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.portalmaismidia.com.br/wp-content/uploads/2018/10/logo-mais-midia-2018-nome.fw_-300x143.png
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/
Protocol: HTTP/1.1
Server: 2804:10:8002::210:83 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS
Software: Apache /
Resource Hash: 633ae78b2aa46ed9e35a258af0ca148a032b50f8c5ef7a55348fa87d868348ba

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.portalmaismidia.com.br
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.portalmaismidia.com.br/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:53:55 GMT
Last-Modified: Tue, 30 Oct 2018 02:11:06 GMT
Server: Apache
ETag: "6cc0-57968b2bf6280"
Content-Type: image/png
Cache-Control: max-age=1800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=498
Content-Length: 27840

GET
H/1.1 200
OK 1x1.trans.gif
www.portalmaismidia.com.br/wp-content/plugins/lazy-load/images/ 42 B
338 B 205ms
204ms Image
image/gif 2804:10:8002::210:83
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.portalmaismidia.com.br/wp-content/plugins/lazy-load/images/1x1.trans.gif
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/
Protocol: HTTP/1.1
Server: 2804:10:8002::210:83 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS
Software: Apache /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.portalmaismidia.com.br
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.portalmaismidia.com.br/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:53:55 GMT
Last-Modified: Mon, 09 Jan 2017 17:43:49 GMT
Server: Apache
ETag: "2a-545ace8fadf40"
Content-Type: image/gif
Cache-Control: max-age=1800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=498
Content-Length: 42

GET
H2 200 05.jpeg
i1.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/ 13 KB
13 KB 114ms
65ms Image
image/jpeg 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/05.jpeg?resize=265%2C198

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

5b455ed0d35ff157f856862fed0856e6941f24363366b439ff5b7ace49cf0174

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:53:55 GMT
x-content-type-options: nosniff
x-bytes-saved: 729
content-length: 12938
x-nc: MISS cdg 5
last-modified: Sun, 18 Jul 2021 16:53:55 GMT
server: nginx
etag: "aa272538856dea6f"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.portalmaismidia.com.br/wp-content/uploads/2021/07/05.jpeg>; rel="canonical"
expires: Wed, 19 Jul 2023 04:53:55 GMT

GET
H2 200 Denia-Trindade-3.jpeg
i1.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/ 15 KB
15 KB 121ms
72ms Image
image/jpeg 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/Denia-Trindade-3.jpeg?resize=265%2C198

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

c6fd3c56026171f70f46c2a89f83637e62eaf192ca4f49f609a06bbe13bde19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:53:55 GMT
x-content-type-options: nosniff
x-bytes-saved: 982
content-length: 15585
x-nc: MISS cdg 5
last-modified: Sun, 18 Jul 2021 16:53:55 GMT
server: nginx
etag: "6832f9bc1ef8a811"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.portalmaismidia.com.br/wp-content/uploads/2021/07/Denia-Trindade-3.jpeg>; rel="canonical"
expires: Wed, 19 Jul 2023 04:53:55 GMT

GET
H2 200 WhatsApp-Image-2021-07-15-at-22.46.58.jpeg
i0.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/ 8 KB
8 KB 109ms
64ms Image
image/jpeg 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/WhatsApp-Image-2021-07-15-at-22.46.58.jpeg?resize=265%2C198

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

81afec6f03ba44cbecbf5e5c3754b7755386bdd1e5e6c4c05165e0255a18034f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:53:55 GMT
x-content-type-options: nosniff
x-bytes-saved: 459
content-length: 7828
x-nc: MISS cdg 2
last-modified: Sun, 18 Jul 2021 16:53:55 GMT
server: nginx
etag: "3344eae4a75502af"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.portalmaismidia.com.br/wp-content/uploads/2021/07/WhatsApp-Image-2021-07-15-at-22.46.58.jpeg>; rel="canonical"
expires: Wed, 19 Jul 2023 04:53:55 GMT

GET
H2 200 Captura-de-Tela-2021-07-15-a%CC%80s-21.58.36.png
i1.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/ 48 KB
48 KB 158ms
157ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/Captura-de-Tela-2021-07-15-a%CC%80s-21.58.36.png?resize=265%2C198

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

c119922aa41b2bb43fbd2846e98e7c99344c742bb3680c5ea9cf4dff12e67303

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: MISS cdg 5
date: Sun, 18 Jul 2021 16:53:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 18 Jul 2021 16:53:55 GMT
server: nginx
etag: "9b22fbc2c6f46bff"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.portalmaismidia.com.br/wp-content/uploads/2021/07/Captura-de-Tela-2021-07-15-a%CC%80s-21.58.36.png>; rel="canonical"
content-length: 49206
expires: Wed, 19 Jul 2023 04:53:55 GMT

GET
H2 200 Mayra-Borowik-Preconceito-na-Europa-2.jpeg
i1.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2020/08/ 10 KB
10 KB 37ms
37ms Image
image/jpeg 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2020/08/Mayra-Borowik-Preconceito-na-Europa-2.jpeg?resize=265%2C198

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

bf5a0258b582f3ea1b68d7d64252452baf778ee400e1c958ff6da81667fc3ed8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:53:55 GMT
x-content-type-options: nosniff
x-bytes-saved: 330
content-length: 9834
x-nc: MISS cdg 1
last-modified: Thu, 15 Jul 2021 04:54:42 GMT
server: nginx
etag: "f16bccf97e1909e9"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.portalmaismidia.com.br/wp-content/uploads/2020/08/Mayra-Borowik-Preconceito-na-Europa-2.jpeg>; rel="canonical"
expires: Sat, 15 Jul 2023 16:54:42 GMT

GET
H2 200 Josi-Freitas-Musa-do-Palmeiras-3.jpg
i1.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2020/08/ 12 KB
12 KB 31ms
30ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2020/08/Josi-Freitas-Musa-do-Palmeiras-3.jpg?resize=265%2C198

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

317f9c8335c0002144a23beb155ff2238675571c5d8529e517887b2b35e4935a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: MISS cdg 5
date: Sun, 18 Jul 2021 16:53:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Jul 2021 04:54:42 GMT
server: nginx
etag: "81568ef8706e446d"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.portalmaismidia.com.br/wp-content/uploads/2020/08/Josi-Freitas-Musa-do-Palmeiras-3.jpg>; rel="canonical"
content-length: 12110
expires: Sat, 15 Jul 2023 16:54:42 GMT

GET
H2 200 Jacky-Correa-Musa-do-Bahia-India-5.jpeg
i2.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2020/07/ 14 KB
14 KB 50ms
49ms Image
image/jpeg 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2020/07/Jacky-Correa-Musa-do-Bahia-India-5.jpeg?resize=265%2C198

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

e7d32f1d68c9a0ea4563506d51d973e9b957a8739b321044fa1807b99250f0c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:53:55 GMT
x-content-type-options: nosniff
x-bytes-saved: 783
content-length: 14608
x-nc: MISS cdg 6
last-modified: Thu, 15 Jul 2021 04:54:42 GMT
server: nginx
etag: "379948db0f0d27c3"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.portalmaismidia.com.br/wp-content/uploads/2020/07/Jacky-Correa-Musa-do-Bahia-India-5.jpeg>; rel="canonical"
expires: Sat, 15 Jul 2023 16:54:42 GMT

GET
H2 200 Amanda-Vaccari-Musa-do-Atletico-MG-6.jpeg
i2.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2020/07/ 8 KB
9 KB 57ms
57ms Image
image/jpeg 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2020/07/Amanda-Vaccari-Musa-do-Atletico-MG-6.jpeg?resize=265%2C198

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

5004d9876a11862040355dd2f415d6001044b2d9fabeef1f89d8c32823bffce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:53:55 GMT
x-content-type-options: nosniff
x-bytes-saved: 296
content-length: 8661
x-nc: MISS cdg 7
last-modified: Thu, 15 Jul 2021 04:54:42 GMT
server: nginx
etag: "13501734046260d0"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.portalmaismidia.com.br/wp-content/uploads/2020/07/Amanda-Vaccari-Musa-do-Atletico-MG-6.jpeg>; rel="canonical"
expires: Sat, 15 Jul 2023 16:54:42 GMT

GET
H2 200 f4.jpg
i2.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/ 12 KB
12 KB 33ms
33ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/f4.jpg?resize=324%2C235

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

fed6a35a6915304108e1af7d238edf984fb3377b2466ec4fe4265c83b06f7252

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: MISS cdg 8
date: Sun, 18 Jul 2021 16:53:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 18 Jul 2021 08:32:25 GMT
server: nginx
etag: "2fc81101688fe23a"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.portalmaismidia.com.br/wp-content/uploads/2021/07/f4.jpg>; rel="canonical"
content-length: 11920
expires: Tue, 18 Jul 2023 20:32:25 GMT

GET
H2 200 05.jpeg
i1.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/ 17 KB
17 KB 32ms
31ms Image
image/jpeg 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/05.jpeg?resize=324%2C235

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

2d180973df53aace7eaab15424916b872611730a28d72838b485d65df2cfd336

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:53:55 GMT
x-content-type-options: nosniff
x-bytes-saved: 873
content-length: 16964
x-nc: MISS cdg 5
last-modified: Sat, 17 Jul 2021 01:44:10 GMT
server: nginx
etag: "2b72979ebbd995b4"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.portalmaismidia.com.br/wp-content/uploads/2021/07/05.jpeg>; rel="canonical"
expires: Mon, 17 Jul 2023 13:44:10 GMT

GET
H2 200 Denia-Trindade-3.jpeg
i1.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/ 20 KB
20 KB 40ms
39ms Image
image/jpeg 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/Denia-Trindade-3.jpeg?resize=324%2C235

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

6bbb2344e4048c9ec957dd51cf0d9bfde1e5303e178546ff17cb082ed8580421

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:53:55 GMT
x-content-type-options: nosniff
x-bytes-saved: 1258
content-length: 20711
x-nc: MISS cdg 5
last-modified: Sun, 18 Jul 2021 08:32:25 GMT
server: nginx
etag: "edf58227e13620ba"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.portalmaismidia.com.br/wp-content/uploads/2021/07/Denia-Trindade-3.jpeg>; rel="canonical"
expires: Tue, 18 Jul 2023 20:32:25 GMT

GET
H2 200 WhatsApp-Image-2021-07-15-at-22.46.58.jpeg
i0.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/ 10 KB
10 KB 31ms
30ms Image
image/jpeg 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/WhatsApp-Image-2021-07-15-at-22.46.58.jpeg?resize=324%2C235

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

62895875332e1027371ff89cd4c4c957584085d98386d19a8b1b28aca703a730

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:53:55 GMT
x-content-type-options: nosniff
x-bytes-saved: 542
content-length: 10022
x-nc: MISS cdg 2
last-modified: Sat, 17 Jul 2021 03:23:42 GMT
server: nginx
etag: "de8a3a4829aa0b4b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.portalmaismidia.com.br/wp-content/uploads/2021/07/WhatsApp-Image-2021-07-15-at-22.46.58.jpeg>; rel="canonical"
expires: Mon, 17 Jul 2023 15:23:42 GMT

GET
H2 200 Captura-de-Tela-2021-07-15-a%CC%80s-21.58.36.png
i1.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/ 63 KB
64 KB 51ms
50ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/Captura-de-Tela-2021-07-15-a%CC%80s-21.58.36.png?resize=324%2C235

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

a8a7c8e4131bd9679a93f6b21709bc665d68cc52883a2fa47fa98599a4070e18

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: MISS cdg 5
date: Sun, 18 Jul 2021 16:53:55 GMT
x-content-type-options: nosniff
last-modified: Fri, 16 Jul 2021 16:54:38 GMT
server: nginx
etag: "974dca1d9d67f87a"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.portalmaismidia.com.br/wp-content/uploads/2021/07/Captura-de-Tela-2021-07-15-a%CC%80s-21.58.36.png>; rel="canonical"
content-length: 64810
expires: Mon, 17 Jul 2023 04:54:38 GMT

GET
H2 200 wecompany-coworking-2018-2.jpg
i2.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/ 10 KB
10 KB 67ms
66ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/wecompany-coworking-2018-2.jpg?resize=324%2C235

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

d2314b155abd63ff5791240618f129d187b97321f40dc302bd180f6b5c65b565

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: MISS cdg 4
date: Sun, 18 Jul 2021 16:53:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 18 Jul 2021 16:53:55 GMT
server: nginx
etag: "0e7a7be18b57aeac"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.portalmaismidia.com.br/wp-content/uploads/2021/07/wecompany-coworking-2018-2.jpg>; rel="canonical"
content-length: 10426
expires: Wed, 19 Jul 2023 04:53:55 GMT

GET
H2 200 FSGRCVA-1-Copy.jpg
i2.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/ 7 KB
7 KB 39ms
38ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/FSGRCVA-1-Copy.jpg?resize=324%2C235

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

384e4304e0e7eab2dcae139553aa37eb42260fa9e1589e8018620cbb3f191096

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: MISS cdg 5
date: Sun, 18 Jul 2021 16:53:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Jul 2021 22:31:50 GMT
server: nginx
etag: "07406ad0b1eea004"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.portalmaismidia.com.br/wp-content/uploads/2021/07/FSGRCVA-1-Copy.jpg>; rel="canonical"
content-length: 7364
expires: Sun, 16 Jul 2023 10:31:50 GMT

GET
H2 200 capa1.jpg
i2.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/ 11 KB
12 KB 41ms
40ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/capa1.jpg?resize=324%2C235

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

61e3bb1140f6fe84655758275de3892e17e9b21efedb657d8d4a5b61eaada9b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: MISS cdg 4
date: Sun, 18 Jul 2021 16:53:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Jul 2021 22:31:50 GMT
server: nginx
etag: "6eebcf784e544497"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.portalmaismidia.com.br/wp-content/uploads/2021/07/capa1.jpg>; rel="canonical"
content-length: 11664
expires: Sun, 16 Jul 2023 10:31:50 GMT

GET
H2 200 maquiagem-delineador.jpg
i0.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/ 6 KB
7 KB 31ms
31ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/maquiagem-delineador.jpg?resize=324%2C235

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

4755a81ed3e3ed188fd7f469e50a41cb5aed4d0e17efd1ce6b7ff6c2d217b67d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: MISS cdg 1
date: Sun, 18 Jul 2021 16:53:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Jul 2021 22:31:51 GMT
server: nginx
etag: "33522caae1239d78"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.portalmaismidia.com.br/wp-content/uploads/2021/07/maquiagem-delineador.jpg>; rel="canonical"
content-length: 6546
expires: Sun, 16 Jul 2023 10:31:51 GMT

GET
H2 200 j2.jpg
i2.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/ 10 KB
10 KB 35ms
34ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/j2.jpg?resize=324%2C235

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

3480a3ad3bb4286fc9188112b60e1fe9d140f59a7a96641a2356f2cbf3ab3e9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: MISS cdg 4
date: Sun, 18 Jul 2021 16:53:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Jul 2021 22:31:50 GMT
server: nginx
etag: "d45d3fa0bbebc6bc"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.portalmaismidia.com.br/wp-content/uploads/2021/07/j2.jpg>; rel="canonical"
content-length: 10592
expires: Sun, 16 Jul 2023 10:31:50 GMT

GET
H2 200 05.jpeg
i1.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/ 3 KB
3 KB 30ms
30ms Image
image/jpeg 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/05.jpeg?resize=100%2C70

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

f2994e6e1f21c6ac908d8145ec36c0e034f371d5aec67a01054050cfb8c6f9a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:53:55 GMT
x-content-type-options: nosniff
x-bytes-saved: 254
content-length: 3367
x-nc: MISS cdg 5
last-modified: Sat, 17 Jul 2021 01:44:10 GMT
server: nginx
etag: "492f5d18918fe579"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.portalmaismidia.com.br/wp-content/uploads/2021/07/05.jpeg>; rel="canonical"
expires: Mon, 17 Jul 2023 13:44:10 GMT

GET
H2 200 Denia-Trindade-3.jpeg
i1.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/ 3 KB
3 KB 34ms
33ms Image
image/jpeg 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/Denia-Trindade-3.jpeg?resize=100%2C70

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

1e21ee3cbdf1f6ee89241cea8cf90d63e95d09f813ae4651c9ac352f4a2a6ee6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:53:55 GMT
x-content-type-options: nosniff
x-bytes-saved: 270
content-length: 3506
x-nc: MISS cdg 5
last-modified: Sat, 17 Jul 2021 01:44:10 GMT
server: nginx
etag: "f2d1c44ac25dfffc"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.portalmaismidia.com.br/wp-content/uploads/2021/07/Denia-Trindade-3.jpeg>; rel="canonical"
expires: Mon, 17 Jul 2023 13:44:10 GMT

GET
H2 200 Captura-de-Tela-2021-07-15-a%CC%80s-21.58.36.png
i1.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/ 9 KB
9 KB 35ms
34ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/Captura-de-Tela-2021-07-15-a%CC%80s-21.58.36.png?resize=100%2C70

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

4c0e0183b4ab8047d449f1ca2454cd025eae777b5a7c6ee2413a3884ca02f3d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: MISS cdg 5
date: Sun, 18 Jul 2021 16:53:55 GMT
x-content-type-options: nosniff
last-modified: Fri, 16 Jul 2021 16:54:38 GMT
server: nginx
etag: "d39edcaf5a56b23c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.portalmaismidia.com.br/wp-content/uploads/2021/07/Captura-de-Tela-2021-07-15-a%CC%80s-21.58.36.png>; rel="canonical"
content-length: 9166
expires: Mon, 17 Jul 2023 04:54:38 GMT

GET
H2 200 j2.jpg
i2.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/ 2 KB
2 KB 31ms
30ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/j2.jpg?resize=100%2C70

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

4c41605d5bc535b9f0d0e21159eddcb3d01701ca4d7132242b78c3b7866a2af7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: MISS cdg 4
date: Sun, 18 Jul 2021 16:53:55 GMT
x-content-type-options: nosniff
last-modified: Sat, 17 Jul 2021 01:44:10 GMT
server: nginx
etag: "2031d022344b5e77"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.portalmaismidia.com.br/wp-content/uploads/2021/07/j2.jpg>; rel="canonical"
content-length: 1998
expires: Mon, 17 Jul 2023 13:44:10 GMT

GET
H2 200 Gabriela-Figueiredo-Musa-de-Minas-Gerais-2020-3.jpeg
i1.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2020/07/ 3 KB
4 KB 1311ms
1309ms Image
image/jpeg 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2020/07/Gabriela-Figueiredo-Musa-de-Minas-Gerais-2020-3.jpeg?resize=100%2C70

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

7cb4a0de554d5dec2bcf4ffe6030052615eafe0ab6c23b27d211558516312f81

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:53:57 GMT
x-content-type-options: nosniff
x-bytes-saved: 241
content-length: 3429
x-nc: MISS cdg 8
last-modified: Sun, 18 Jul 2021 16:53:57 GMT
server: nginx
etag: "ea94b6e3fa611a48"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.portalmaismidia.com.br/wp-content/uploads/2020/07/Gabriela-Figueiredo-Musa-de-Minas-Gerais-2020-3.jpeg>; rel="canonical"
expires: Wed, 19 Jul 2023 04:53:57 GMT

GET
H2 200 IMG-20161226-WA0022.jpg
i2.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2016/12/ 2 KB
2 KB 33ms
32ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2016/12/IMG-20161226-WA0022.jpg?resize=100%2C70

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

12daaec8dc7c9fa410ae03df78f00055cca51cffb6967338fa5f159dda69b058

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: MISS cdg 2
date: Sun, 18 Jul 2021 16:53:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 19:34:52 GMT
server: nginx
etag: "55562e9bf260c006"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.portalmaismidia.com.br/wp-content/uploads/2016/12/IMG-20161226-WA0022.jpg>; rel="canonical"
content-length: 1684
expires: Fri, 14 Jul 2023 07:34:52 GMT

GET
H2 200 Parabens-1.jpg
i1.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2016/10/ 3 KB
3 KB 46ms
45ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2016/10/Parabens-1.jpg?resize=100%2C70

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

9d4ad6845fa84adaf455111b8fb1725bf64d577419dd16f79993088bf1b61060

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: MISS cdg 6
date: Sun, 18 Jul 2021 16:53:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 18 Jul 2021 16:53:55 GMT
server: nginx
etag: "2dead349ffb93009"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.portalmaismidia.com.br/wp-content/uploads/2016/10/Parabens-1.jpg>; rel="canonical"
content-length: 2976
expires: Wed, 19 Jul 2023 04:53:55 GMT

GET
H/1.1 200
OK photon.min.js Show response
www.portalmaismidia.com.br/wp-content/plugins/jetpack/_inc/build/photon/ 758 B
1 KB 206ms
205ms Script
application/javascript 2804:10:8002::210:83
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL: http://www.portalmaismidia.com.br/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/
Protocol: HTTP/1.1
Server: 2804:10:8002::210:83 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS
Software: Apache /
Resource Hash: e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.portalmaismidia.com.br
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.portalmaismidia.com.br/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:53:54 GMT
Last-Modified: Thu, 03 Jun 2021 14:26:19 GMT
Server: Apache
ETag: "2f6-5c3dd5bcf9b3a"
Content-Type: application/javascript
Cache-Control: max-age=1800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=496
Content-Length: 758

GET
H2 200 gprofiles.js Show response
secure.gravatar.com/js/ 23 KB
7 KB 20ms
6ms Script
application/javascript 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gravatar.com/js/gprofiles.js?ver=202128
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 3742b8f2006b7a23df3252c615bb113e94f77729ac9cc4b021e35517285cf0c2

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:53:54 GMT
content-encoding: gzip
last-modified: Thu, 02 Apr 2020 15:50:36 GMT
server: nginx
etag: W/"5e8609cc-5dea"
content-type: application/javascript
cache-control: max-age=604800
expires: Sun, 25 Jul 2021 16:53:54 GMT

GET
H/1.1 200
OK wpgroho.js Show response
www.portalmaismidia.com.br/wp-content/plugins/jetpack/modules/ 2 KB
2 KB 205ms
205ms Script
application/javascript 2804:10:8002::210:83
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL: http://www.portalmaismidia.com.br/wp-content/plugins/jetpack/modules/wpgroho.js?ver=5.7.2
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/
Protocol: HTTP/1.1
Server: 2804:10:8002::210:83 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS
Software: Apache /
Resource Hash: 506a05dfe581727e7be2d16e58aa23d53c01f8ed599d6722b2e31da690467521

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.portalmaismidia.com.br
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.portalmaismidia.com.br/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:53:54 GMT
Last-Modified: Thu, 03 Jun 2021 14:26:19 GMT
Server: Apache
ETag: "79b-5c3dd5bdade0a"
Content-Type: application/javascript
Cache-Control: max-age=1800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=495
Content-Length: 1947

GET
H/1.1 200
OK tagdiv_theme.js Show response
www.portalmaismidia.com.br/wp-content/themes/Newspaper_old/js/ 495 KB
496 KB 204ms
204ms Script
application/javascript 2804:10:8002::210:83
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL: http://www.portalmaismidia.com.br/wp-content/themes/Newspaper_old/js/tagdiv_theme.js?ver=7.7
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/
Protocol: HTTP/1.1
Server: 2804:10:8002::210:83 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS
Software: Apache /
Resource Hash: 22f7b333b58dec18478f0e082fc93d7f555fff9ee922a53cb9cb3ab3d827f576

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.portalmaismidia.com.br
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.portalmaismidia.com.br/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:53:55 GMT
Last-Modified: Wed, 10 May 2017 03:35:58 GMT
Server: Apache
ETag: "7bde8-54f232ba16380"
Content-Type: application/javascript
Cache-Control: max-age=1800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=494
Content-Length: 507368

GET
H/1.1 200
OK comment-reply.min.js Show response
www.portalmaismidia.com.br/wp-includes/js/ 3 KB
3 KB 202ms
202ms Script
application/javascript 2804:10:8002::210:83
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL: http://www.portalmaismidia.com.br/wp-includes/js/comment-reply.min.js?ver=5.7.2
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/
Protocol: HTTP/1.1
Server: 2804:10:8002::210:83 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS
Software: Apache /
Resource Hash: 143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.portalmaismidia.com.br
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.portalmaismidia.com.br/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:53:55 GMT
Last-Modified: Thu, 15 Apr 2021 14:26:36 GMT
Server: Apache
ETag: "ba8-5c003a6a11de7"
Content-Type: application/javascript
Cache-Control: max-age=1800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=499
Content-Length: 2984

GET
H/1.1 200
OK facebook-embed.min.js Show response
www.portalmaismidia.com.br/wp-content/plugins/jetpack/_inc/build/ 737 B
1 KB 209ms
203ms Script
application/javascript 2804:10:8002::210:83
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL: http://www.portalmaismidia.com.br/wp-content/plugins/jetpack/_inc/build/facebook-embed.min.js
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/
Protocol: HTTP/1.1
Server: 2804:10:8002::210:83 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS
Software: Apache /
Resource Hash: 75f7bf0ff2d3d8880e9006a2567b8d07183899dc678a5d396f5c5febd9006187

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.portalmaismidia.com.br
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.portalmaismidia.com.br/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:53:55 GMT
Last-Modified: Thu, 03 Jun 2021 14:26:19 GMT
Server: Apache
ETag: "2e1-5c3dd5bd02bc2"
Content-Type: application/javascript
Cache-Control: max-age=1800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=499
Content-Length: 737

GET
H/1.1 200
OK jquery.sonar.min.js Show response
www.portalmaismidia.com.br/wp-content/plugins/lazy-load/js/ 1 KB
2 KB 209ms
203ms Script
application/javascript 2804:10:8002::210:83
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL: http://www.portalmaismidia.com.br/wp-content/plugins/lazy-load/js/jquery.sonar.min.js?ver=0.6.1
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/
Protocol: HTTP/1.1
Server: 2804:10:8002::210:83 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS
Software: Apache /
Resource Hash: c3dd5c4ff63478b87ed9670be1b4c688725d53c9ff84a233cfec8ff2bb83a72d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.portalmaismidia.com.br
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.portalmaismidia.com.br/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:53:55 GMT
Last-Modified: Mon, 09 Jan 2017 17:43:49 GMT
Server: Apache
ETag: "580-545ace8fadf40"
Content-Type: application/javascript
Cache-Control: max-age=1800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=499
Content-Length: 1408

GET
H/1.1 200
OK lazy-load.js Show response
www.portalmaismidia.com.br/wp-content/plugins/lazy-load/js/ 902 B
1 KB 207ms
202ms Script
application/javascript 2804:10:8002::210:83
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL: http://www.portalmaismidia.com.br/wp-content/plugins/lazy-load/js/lazy-load.js?ver=0.6.1
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/
Protocol: HTTP/1.1
Server: 2804:10:8002::210:83 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS
Software: Apache /
Resource Hash: 40a7f2b25ea8c45af8993aa57c19e576ea8eab5cbe9f467d45d4be7a537e7a47

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.portalmaismidia.com.br
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.portalmaismidia.com.br/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:53:55 GMT
Last-Modified: Mon, 09 Jan 2017 17:43:49 GMT
Server: Apache
ETag: "386-545ace8fadf40"
Content-Type: application/javascript
Cache-Control: max-age=1800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=499
Content-Length: 902

GET
H/1.1 200
OK wp-embed.min.js Show response
www.portalmaismidia.com.br/wp-includes/js/ 1 KB
2 KB 210ms
204ms Script
application/javascript 2804:10:8002::210:83
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL: http://www.portalmaismidia.com.br/wp-includes/js/wp-embed.min.js?ver=5.7.2
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/
Protocol: HTTP/1.1
Server: 2804:10:8002::210:83 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS
Software: Apache /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.portalmaismidia.com.br
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.portalmaismidia.com.br/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:53:55 GMT
Last-Modified: Fri, 12 Mar 2021 20:50:24 GMT
Server: Apache
ETag: "592-5bd5d0c9b9fab"
Content-Type: application/javascript
Cache-Control: max-age=1800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=498
Content-Length: 1426

GET
H2 200 e-202128.js Show response
stats.wp.com/ 9 KB
3 KB 30ms
29ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202128.js
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn
date: Sun, 18 Jul 2021 16:53:55 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 03 Jul 2022 21:06:00 GMT

GET
H2

200

a4fd3581d109519a0eacfd77ac23cd4e.min.js Show response
clevernt.com/scripts/
Redirect Chain

http://clevernt.com/scripts/a4fd3581d109519a0eacfd77ac23cd4e.min.js?20200124=1626627235554
https://clevernt.com/scripts/a4fd3581d109519a0eacfd77ac23cd4e.min.js?20200124=1626627235554

122 KB
51 KB

43ms
23ms

Script
text/javascript

2606:4700:20::681a:a75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clevernt.com/scripts/a4fd3581d109519a0eacfd77ac23cd4e.min.js?20200124=1626627235554
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60ca8775f8a4ce5817b4574ec418445b9907fdb1622e62595ad5c1ccef0398b4

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:53:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 772
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: P8SHXTNMZMQXXQYZ
x-amz-id-2: OVRbsY5cEnHa4v5wIp0i/6VbgGz0OQw5SUza9Htw+n6LQjCMANa+Lv8sTZM7CJiMKCjHTUIqVWI=
last-modified: Sun, 18 Jul 2021 07:10:25 GMT
server: cloudflare
etag: W/"21f22c662f16a4ed856bd87c1f5cd525"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DSnKNUEmuUpYbDsna2NjrL25UaTMe23RFOiJRHz70dUtV%2Bt40BKmWQklbrklLO%2F%2FpU1z4LOUf9svkvV377oGBmVH6TpBdD%2FEafNAqODVBcTdyLPIPeqhQ2OZ7hfXr8DNybeMasNsrL5OEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1800
cf-ray: 670d3aa0f9b82c3e-FRA

Redirect headers

Date: Sun, 18 Jul 2021 16:53:55 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L65puXvSej2yVTQ2qtBza6JoGdqEUZhc%2Fl6pMb3II3NT6Q2ngQDzQkP9cMGzQua6dJ4bOA1igA%2FvecXH6R%2Fe6Iuj0NRz%2ByzSISIvI3gMtTqnzRVBYuycHQHm9QB7Fp%2FuqWtuyKdawkNwbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Location: https://clevernt.com/scripts/a4fd3581d109519a0eacfd77ac23cd4e.min.js?20200124=1626627235554
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 670d3a9f888f9730-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0b5c22f7b400009730a182b000000001
Expires: Sun, 18 Jul 2021 17:53:55 GMT

GET
H2 200 cmp.js Show response
quantcast.mgr.consensu.org/ 16 KB
6 KB 41ms
11ms Script
application/javascript 2600:9000:2190:6200:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/cmp.js
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:6200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 60d8c88007dd47e378850d031990400b01e7932cca0a2654dd662a95aa31e77a

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:46:08 GMT
content-encoding: br
etag: W/"51870ee6d5cb32ca5311356b296af21f"
last-modified: Tue, 09 Mar 2021 20:17:06 GMT
server: AmazonS3
age: 563
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: A4ave0J3z7n8tPmWpw0KDfQj-U623IV4PPaQXLPoauS1eQWfHJPKtg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 2797
date: Sun, 18 Jul 2021 16:07:18 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Sun, 18 Jul 2021 18:07:18 GMT

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK newspaper.woff
www.portalmaismidia.com.br/wp-content/themes/Newspaper_old/images/icons/ 15 KB
15 KB 358ms
202ms Font
application/octet-stream 2804:10:8002::210:83
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL: http://www.portalmaismidia.com.br/wp-content/themes/Newspaper_old/images/icons/newspaper.woff?11
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/wp-content/themes/Newspaper_old/style.css?ver=7.7
Protocol: HTTP/1.1
Server: 2804:10:8002::210:83 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS
Software: Apache /
Resource Hash: 680d3524327a5c2d6418ce70642ff47df1f7a8c3a37727d8e968b68aa0befd72

Request headers

Pragma: no-cache
Origin: http://www.portalmaismidia.com.br
Accept-Encoding: gzip, deflate
Host: www.portalmaismidia.com.br
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.portalmaismidia.com.br/wp-content/themes/Newspaper_old/style.css?ver=7.7
Connection: keep-alive
Cache-Control: no-cache
Origin: http://www.portalmaismidia.com.br
Referer: http://www.portalmaismidia.com.br/wp-content/themes/Newspaper_old/style.css?ver=7.7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:53:55 GMT
Last-Modified: Wed, 10 May 2017 03:34:12 GMT
Server: Apache
ETag: "3ac8-54f23254ff500"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=498
Content-Length: 15048

GET
H/1.1 200
OK KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
16 KB 12ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Asap%3A400%7COrbitron%3A400%7CJulius+Sans+One%3A400%7CRaleway%3A400%7CVarela+Round%3A400%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=5.7.2

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.portalmaismidia.com.br
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 07:04:27 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 05 Apr 2021 21:10:35 GMT
Server: sffe
Age: 467368
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 15688
X-XSS-Protection: 0
Expires: Wed, 13 Jul 2022 07:04:27 GMT

GET
H/1.1 200
OK 1Pt2g8TAX_SGgBGUi0tGOYEga5WOwnsX.woff2
fonts.gstatic.com/s/juliussansone/v9/ 16 KB
16 KB 13ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/juliussansone/v9/1Pt2g8TAX_SGgBGUi0tGOYEga5WOwnsX.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23f65cbf02d1f525b7b3d7a9112682e48822a315d2de51518c170fa8aa3dbd20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.portalmaismidia.com.br
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 18:03:32 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 01 Sep 2020 05:27:14 GMT
Server: sffe
Age: 427823
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 15960
X-XSS-Protection: 0
Expires: Wed, 13 Jul 2022 18:03:32 GMT

GET
H/1.1 200
OK mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
15 KB 14ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.portalmaismidia.com.br
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 11:34:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 18 May 2021 21:21:19 GMT
Server: sffe
Age: 451154
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 14440
X-XSS-Protection: 0
Expires: Wed, 13 Jul 2022 11:34:41 GMT

GET
H/1.1 200
OK KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 16 KB
16 KB 15ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.portalmaismidia.com.br
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Jul 2021 20:01:42 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 05 Apr 2021 21:10:39 GMT
Server: sffe
Age: 507133
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 15920
X-XSS-Protection: 0
Expires: Tue, 12 Jul 2022 20:01:42 GMT

GET
H/1.1 200
OK mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 14ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.portalmaismidia.com.br
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 12:00:03 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 18 May 2021 21:21:50 GMT
Server: sffe
Age: 449632
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 15112
X-XSS-Protection: 0
Expires: Wed, 13 Jul 2022 12:00:03 GMT

GET
H/1.1 200
OK KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
16 KB 14ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.portalmaismidia.com.br
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 00:34:04 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 05 Apr 2021 21:10:46 GMT
Server: sffe
Age: 490791
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 15828
X-XSS-Protection: 0
Expires: Wed, 13 Jul 2022 00:34:04 GMT

GET
H/1.1 200
OK KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
16 KB 26ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.portalmaismidia.com.br
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 13:20:52 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 05 Apr 2021 21:10:50 GMT
Server: sffe
Age: 444783
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 15724
X-XSS-Protection: 0
Expires: Wed, 13 Jul 2022 13:20:52 GMT

GET
H/1.1 200
OK mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 25ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.portalmaismidia.com.br
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 00:50:56 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 18 May 2021 21:21:26 GMT
Server: sffe
Age: 489779
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 14956
X-XSS-Protection: 0
Expires: Wed, 13 Jul 2022 00:50:56 GMT

GET
H/1.1 200
OK mem6YaGs126MiZpBA-UFUK0Zdc0.woff2
fonts.gstatic.com/s/opensans/v20/ 13 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v20/mem6YaGs126MiZpBA-UFUK0Zdc0.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa4607112a6b3245394fee13973cf8cf8a22b727f919f60636436a945886005b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.portalmaismidia.com.br
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 10:03:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 18 May 2021 21:21:17 GMT
Server: sffe
Age: 456597
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 13792
X-XSS-Protection: 0
Expires: Wed, 13 Jul 2022 10:03:58 GMT

GET
H/1.1 200
OK KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v27/ 17 KB
17 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v27/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.portalmaismidia.com.br
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 00:11:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 05 Apr 2021 21:10:35 GMT
Server: sffe
Age: 492157
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 17304
X-XSS-Protection: 0
Expires: Wed, 13 Jul 2022 00:11:18 GMT

GET
H/1.1 200
OK KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
fonts.gstatic.com/s/roboto/v27/ 17 KB
18 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v27/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a938256d2de59b044f8ca7c7aa0c788ed2ffa9a48bf0e3930a5830c4298f509

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.portalmaismidia.com.br
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 00:21:05 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 05 Apr 2021 21:10:45 GMT
Server: sffe
Age: 491570
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 17380
X-XSS-Protection: 0
Expires: Wed, 13 Jul 2022 00:21:05 GMT

GET
H2 200 Chamada-00.png
i2.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/03/ 256 KB
256 KB 446ms
445ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/03/Chamada-00.png?w=640

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

f01669a76cd37aea3cb8f9c23e86d455c5bd1e26d1ccf0ed3eaaf3f105bd68de

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: MISS cdg 3
date: Sun, 18 Jul 2021 16:53:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 18 Jul 2021 16:53:56 GMT
server: nginx
etag: "fca3e4aff957f822"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.portalmaismidia.com.br/wp-content/uploads/2021/03/Chamada-00.png>; rel="canonical"
content-length: 261892
expires: Wed, 19 Jul 2023 04:53:56 GMT

GET
H2

200

sdk.js Show response
connect.facebook.net/pt_BR/
Redirect Chain

http://connect.facebook.net/pt_BR/sdk.js
https://connect.facebook.net/pt_BR/sdk.js

3 KB
2 KB

20ms
6ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c189ac3568f91869f379cf9cf9c9565b61ea18928e733b85f86cd72f8883b049

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: kNS6fjMz366ccS1Le1zHSA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1684
x-fb-rlafr: 0
x-fb-debug: oKFV1XVrY5O+vWeCQtYjLwG1ILEfCh0SKchyqPrG5AeAGo4u12kfHznZRhmHD3jDjC+4X0p370XgHogo9iVERQ==
x-fb-trip-id: 686109401
x-fb-content-md5: 356826c6b23f2cd6bafea4ed3b96a4fc
x-frame-options: DENY
date: Sun, 18 Jul 2021 16:53:56 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "11223e656fbc80ac1378cb5376edf401"
timing-allow-origin: *
expires: Sun, 18 Jul 2021 17:12:39 GMT

Redirect headers

Location: https://connect.facebook.net/pt_BR/sdk.js#xfbml=1&appId=249643311490&version=v2.3
Non-Authoritative-Reason: HSTS

GET

iframe.php
egobrazil.com/ Frame 159B
Redirect Chain

https://goo.gl/8wqr7w
https://egobrazil.com/iframe.php

0
0

GET
H/1.1 200
OK hovercard.min.css
secure.gravatar.com/dist/css/ 8 KB
2 KB 11ms
5ms Stylesheet
text/css 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: http://secure.gravatar.com/dist/css/hovercard.min.css?ver=202128
Requested by: Host: secure.gravatar.com
URL: https://secure.gravatar.com/js/gprofiles.js?ver=202128
Protocol: HTTP/1.1
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1a0b51af7ff79f11c0a779bf478304fa451ac5587675952b8378b47f0a97504d

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:53:56 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Nov 2020 15:57:10 GMT
Server: nginx
ETag: W/"5fac09d6-1e86"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Sun, 25 Jul 2021 16:53:56 GMT

GET
H/1.1 200
OK services.min.css
secure.gravatar.com/dist/css/ 3 KB
847 B 11ms
6ms Stylesheet
text/css 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: http://secure.gravatar.com/dist/css/services.min.css?ver=202128
Requested by: Host: secure.gravatar.com
URL: https://secure.gravatar.com/js/gprofiles.js?ver=202128
Protocol: HTTP/1.1
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e9fc9b1878db1b13b973252b048d19a17abb34a8da464a552c6d401728ed1e86

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:53:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 22 Mar 2018 09:46:04 GMT
Server: nginx
ETag: W/"5ab37b5c-a54"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Sun, 25 Jul 2021 16:53:56 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/ 244 KB
90 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8596049788369392&plah=www.portalmaismidia.com.br&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5ecfcec3e27fe9897118aabcbd06b14a055e27fdff3fbfd82e4b35336c3f7fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:53:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92395
x-xss-protection: 0
server: cafe
etag: 7826786853314341384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 18 Jul 2021 16:53:56 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210712/r20190131/ Frame 3147 10 KB
5 KB 10ms
10ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210712/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210712/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.portalmaismidia.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.portalmaismidia.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 18 Jul 2021 03:29:55 GMT
expires: Sun, 01 Aug 2021 03:29:55 GMT
content-type: text/html; charset=UTF-8
etag: 15579341980913220427
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 48241
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ 0
459 B 41ms
40ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=puberror&context=165&msg=TagError%3A%20adsbygoogle.push()%20error%3A%20Only%20one%20%27enable_page_level_ads%27%20allowed%20per%20page.%0Aat%20Lm%20(http%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%3A215%3A324)%0Aat%20Km%20(adsbygoogle.js%3A214%3A635)%0Aat%20Rm%20(adsbygoogle.js%3A221%3A365)%0Aat%20c%20(adsbygoogle.js%3A222%3A38)%0Aat%20Sm%20(adsbygoogle.js%3A222%3A156)%0Aat%20bn%20(adsbygoogle.js%3A230%3A248)%0Aat%20Tm%20(adsbygoogle.js%3A227%3A12)%0Aat%20adsbygoogle.js%3A223%3A47%0Aat%20Oe.n.ga%20(adsbygoogle.js%3A68%3A804)%0Aat%20We%20(adsbygoogle.js%3A76%3A106)&shv=r20210712&client=ca-pub-1386073049157716&url=http%3A%2F%2Fwww.portalmaismidia.com.br%2F

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 16:53:56 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
97 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1436727608&t=pageview&_s=1&dl=http%3A%2F%2Fwww.portalmaismidia.com.br%2F&ul=en-us&de=UTF-8&dt=Not%C3%ADcias%20das%20celebridades%20e%20not%C3%ADcias%20dos%20famosos%20-%20Mais%20M%C3%ADdia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=189312006&gjid=610779381&cid=407809299.1626627236&tid=UA-76345587-1&_gid=1373504429.1626627236&_r=1&_slc=1&z=946157913

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 16:53:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.portalmaismidia.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK g.gif
pixel.wp.com/ 50 B
215 B 60ms
40ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pixel.wp.com/g.gif?v=ext&j=1%3A8.5.1&blog=110584461&post=281&tz=0&srv=www.portalmaismidia.com.br&host=www.portalmaismidia.com.br&ref=&fcp=3374&rand=0.8820702768687003
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/
Protocol: HTTP/1.1
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:53:56 GMT
Cache-Control: no-cache
Server: nginx
Connection: keep-alive
Content-Length: 50
Content-Type: image/gif

GET
H/1.1 200
OK /
1.gravatar.com/avatar/ 1 KB
2 KB 14ms
6ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://1.gravatar.com/avatar/?s=80&d=mm&r=g
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/
Protocol: HTTP/1.1
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 2cdc7482af3176d3c41e97a312dcf7e679a5b3b49b32c5ad4642c5b30e1b6017

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-nc: HIT hhn 2
Date: Sun, 18 Jul 2021 16:53:56 GMT
Last-Modified: Wed, 11 Jan 1984 08:00:00 GMT
Server: nginx
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Content-Disposition: inline; filename="none.png"
Connection: keep-alive
Accept-Ranges: bytes
Link: <https://www.gravatar.com/avatar/?s=80&d=mm&r=g>; rel="canonical"
Content-Length: 1323
Expires: Sun, 18 Jul 2021 16:58:56 GMT

GET
H2 200 f4.jpg
i2.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/ 28 KB
28 KB 93ms
93ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/f4.jpg?resize=534%2C427

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

dc2babc5b264a2eb196a0392e5565011229da057523dd04addcbf147a0002d79

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: MISS cdg 8
date: Sun, 18 Jul 2021 16:53:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 18 Jul 2021 16:53:56 GMT
server: nginx
etag: "946beea8c328acb5"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.portalmaismidia.com.br/wp-content/uploads/2021/07/f4.jpg>; rel="canonical"
content-length: 28678
expires: Wed, 19 Jul 2023 04:53:56 GMT

GET
H2 200 wecompany-coworking-2018-2.jpg
i2.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/ 11 KB
11 KB 60ms
59ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/wecompany-coworking-2018-2.jpg?resize=356%2C220

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

f60676da14fb5c37a3a45a462c517f3a954ca56b39196623b6c3b79e95746f6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: MISS cdg 4
date: Sun, 18 Jul 2021 16:53:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 18 Jul 2021 16:53:56 GMT
server: nginx
etag: "1dc3e8c4ee26950c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.portalmaismidia.com.br/wp-content/uploads/2021/07/wecompany-coworking-2018-2.jpg>; rel="canonical"
content-length: 11204
expires: Wed, 19 Jul 2023 04:53:56 GMT

GET
H2 200 FSGRCVA-1-Copy.jpg
i2.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/ 8 KB
8 KB 50ms
50ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/FSGRCVA-1-Copy.jpg?resize=356%2C220

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

6a833765c8c04406214aed99f2f052188e61391eae4383bb385919c5ecc561b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: MISS cdg 5
date: Sun, 18 Jul 2021 16:53:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 18 Jul 2021 16:53:56 GMT
server: nginx
etag: "1da628306dfc8de2"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.portalmaismidia.com.br/wp-content/uploads/2021/07/FSGRCVA-1-Copy.jpg>; rel="canonical"
content-length: 7980
expires: Wed, 19 Jul 2023 04:53:56 GMT

GET
H2 200 capa1.jpg
i2.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/ 12 KB
12 KB 59ms
58ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2021/07/capa1.jpg?resize=356%2C220

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

3d054b140d4040e74ac84830929c7b94c5a1baacea2caeaa1cb0932f994e018a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: MISS cdg 4
date: Sun, 18 Jul 2021 16:53:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 18 Jul 2021 16:53:56 GMT
server: nginx
etag: "abf1a75cbe3931f0"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.portalmaismidia.com.br/wp-content/uploads/2021/07/capa1.jpg>; rel="canonical"
content-length: 11992
expires: Wed, 19 Jul 2023 04:53:56 GMT

GET
H2 200 Mayra-Borowik-Ensaio-Lingerie-5.jpeg
i0.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2020/10/ 14 KB
14 KB 66ms
66ms Image
image/jpeg 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2020/10/Mayra-Borowik-Ensaio-Lingerie-5.jpeg?resize=356%2C220

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

a71127b49cfd275eed39eb76593d9dfb047a97f52e94a33970337910122bae62

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:53:56 GMT
x-content-type-options: nosniff
x-bytes-saved: 652
content-length: 14455
x-nc: MISS cdg 4
last-modified: Sun, 18 Jul 2021 16:53:56 GMT
server: nginx
etag: "160c1ac7a8ff3302"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.portalmaismidia.com.br/wp-content/uploads/2020/10/Mayra-Borowik-Ensaio-Lingerie-5.jpeg>; rel="canonical"
expires: Wed, 19 Jul 2023 04:53:56 GMT

GET
H2 200 Mi-Vargas-Musa-do-Internacional-5.jpeg
i2.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2020/08/ 20 KB
20 KB 3018ms
3017ms Image
image/jpeg 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2020/08/Mi-Vargas-Musa-do-Internacional-5.jpeg?resize=356%2C220

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

b5699b9385269232acf8c7cb7638db92e4ef67c1a6c88d560724b77748756737

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:53:57 GMT
x-content-type-options: nosniff
x-bytes-saved: 1135
content-length: 20507
x-nc: MISS cdg 4
last-modified: Sun, 18 Jul 2021 16:53:57 GMT
server: nginx
etag: "f2a999642fd28162"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.portalmaismidia.com.br/wp-content/uploads/2020/08/Mi-Vargas-Musa-do-Internacional-5.jpeg>; rel="canonical"
expires: Wed, 19 Jul 2023 04:53:57 GMT

GET
H2 200 dr-edagar.jpg
i1.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2020/08/ 9 KB
9 KB 3011ms
3011ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.portalmaismidia.com.br/wp-content/uploads/2020/08/dr-edagar.jpg?resize=356%2C220

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

9726f436ffa572a744ba417f08d5006a1bd684585e0e74a67068bc87e1374260

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: MISS cdg 8
date: Sun, 18 Jul 2021 16:53:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 18 Jul 2021 16:53:57 GMT
server: nginx
etag: "4a1d959805429b66"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.portalmaismidia.com.br/wp-content/uploads/2020/08/dr-edagar.jpg>; rel="canonical"
content-length: 9554
expires: Wed, 19 Jul 2023 04:53:57 GMT

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ 0
459 B 40ms
39ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=abg::amalserr&status=tcto&guarding=true&timeout=50&rate=0.01

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 16:53:56 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
93 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-76345587-1&cid=407809299.1626627236&jid=189312006&gjid=610779381&_gid=1373504429.1626627236&_u=IEBAAEAAAAAAAC~&z=2041302188

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 18 Jul 2021 16:53:56 GMT
content-type: text/plain
access-control-allow-origin: http://www.portalmaismidia.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 docallbackinfo46c686b255794e889fa553520c70bae4.js Show response
ui.clevernt.com/ 695 B
1019 B 156ms
50ms Script
text/javascript 148.69.64.109
VODAFONE-PT Vodaf...

General

Check archive.org

Show headers Download Go to

Full URL

https://ui.clevernt.com/docallbackinfo46c686b255794e889fa553520c70bae4.js

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

148.69.64.109 Costa de Caparica, Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),

Reverse DNS

host-109.clevernetwork.pt

Software

nginx /

Resource Hash

c3e545181848792a0bd7a38900888b6a0520f32a087a9a2fda3058b3986c888d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: cache
date: Sun, 18 Jul 2021 16:53:56 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
strict-transport-security: max-age=15768000
expires: Sun, 18 Jul 2021 17:53:56 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/pt_BR/ 232 KB
68 KB 18ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js?hash=e04c5e810b1aaeb00aaac93c6ab3906b

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/pt_BR/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9d77a427084b50234e5e6a374f3935dc37faa637c867fa43f9dfb869a8a8a518

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: http://www.portalmaismidia.com.br
Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: gm5s9Ar921fEZpiDGPQ6OQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 69110
x-fb-rlafr: 0
x-fb-debug: 63nagUSKnzlz4Ss1KVzyi+n2MAVaD8BXSMD01ePI/zfNl8Fpg4USENGDQu09I6keKv+mHCjtHtAvHwdM9CgH8w==
x-fb-content-md5: 9fdc5aef5114d10fd37e00aed2467fb4
x-frame-options: DENY
date: Sun, 18 Jul 2021 16:53:56 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "150c2902f2dfc6d5539845cd98dfbd71"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 18 Jul 2022 16:52:39 GMT

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ 0
459 B 48ms
41ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=abg_host&host=www.portalmaismidia.com.br

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 16:53:56 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 212 B
665 B 112ms
40ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.portalmaismidia.com.br&callback=_gfp_s_&client=ca-pub-8596049788369392

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8596049788369392&plah=www.portalmaismidia.com.br&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

aa36437a95732470479c0cb6a29af566861068b69b79a9551a08c6a3af144868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:53:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
854 B 42ms
19ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.portalmaismidia.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Jul 2021 16:53:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
166 B 16ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.portalmaismidia.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Jul 2021 16:53:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CC13 603 B
68 B 34ms
30ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8596049788369392&output=html&adk=1812271804&adf=3025194257&lmt=1626627236&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.portalmaismidia.com.br%2F&ea=0&flash=0&pra=5&wgl=1&dt=1626627236114&bpp=4&bdt=2186&idt=132&shv=r20210712&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4664957158253&frm=20&pv=2&ga_vid=407809299.1626627236&ga_sid=1626627236&ga_hid=1436727608&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2956790455874972&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=159

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8596049788369392&output=html&adk=1812271804&adf=3025194257&lmt=1626627236&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.portalmaismidia.com.br%2F&ea=0&flash=0&pra=5&wgl=1&dt=1626627236114&bpp=4&bdt=2186&idt=132&shv=r20210712&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4664957158253&frm=20&pv=2&ga_vid=407809299.1626627236&ga_sid=1626627236&ga_hid=1436727608&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2956790455874972&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=159
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.portalmaismidia.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.portalmaismidia.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 18 Jul 2021 16:53:56 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 18-Jul-2021 17:08:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 18 Jul 2021 16:53:56 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 19ms
16ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee07009e9fe79b9909bafdb282106c95dac83f905c6ac665e1257ac862ed50e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:53:56 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434913869424"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28061
x-xss-protection: 0
expires: Sun, 18 Jul 2021 16:53:56 GMT

GET
H2

200

/
www.facebook.com/login/ Frame D64E
Redirect Chain

https://web.facebook.com/v2.3/plugins/page.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3cf9df2587a98%26domain%3Dwww.port...
https://web.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv2.3%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fx...
https://www.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv2.3%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fx...

0
0

168ms
151ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv2.3%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3cf9df2587a98%2526domain%253Dwww.portalmaismidia.com.br%2526origin%253Dhttp%25253A%25252F%25252Fwww.portalmaismidia.com.br%25252Ffc4a483d48b97%2526relation%253Dparent.parent%26container_width%3D324%26height%3D432%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmaismidiaoficial%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D340&_rdc=1&_rdr

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=e04c5e810b1aaeb00aaac93c6ab3906b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /login/?next=https%3A%2F%2Fweb.facebook.com%2Fv2.3%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3cf9df2587a98%2526domain%253Dwww.portalmaismidia.com.br%2526origin%253Dhttp%25253A%25252F%25252Fwww.portalmaismidia.com.br%25252Ffc4a483d48b97%2526relation%253Dparent.parent%26container_width%3D324%26height%3D432%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmaismidiaoficial%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D340&_rdc=1&_rdr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.portalmaismidia.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
x-fb-rlafr: 0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: qkHnddn2jlTVdtKef8dJP0weochZFCj03mCLKTgZveK7UhJsM39wFEPIRVISEjRS3P7I0d+6E82hYtViDvn8kQ==
date: Sun, 18 Jul 2021 16:53:56 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

location: https://www.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv2.3%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3cf9df2587a98%2526domain%253Dwww.portalmaismidia.com.br%2526origin%253Dhttp%25253A%25252F%25252Fwww.portalmaismidia.com.br%25252Ffc4a483d48b97%2526relation%253Dparent.parent%26container_width%3D324%26height%3D432%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmaismidiaoficial%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D340&_rdc=1&_rdr
x-fb-zr-redirect: 02|1626713636|
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: uTUV/7D9ln1t/o1VMMDHKCR3xl3Zfq2Oag/Ip+aCe8LcpqkiO6XMt7UavgcRb8k9kbC5Fqi6GBa6Kdu4YDJhLA==
content-length: 0
date: Sun, 18 Jul 2021 16:53:56 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2

200

/ Show response
lp.clevernetwork.pt/pokerstars/fr/ Frame 2AA8
Redirect Chain

http://sender.clevernt.com/transporter/32649.php?ppuc=1&ppu=0&id=351341&ref=aHR0cDovL3d3dy5wb3J0YWxtYWlzbWlkaWEuY29tLmJyLw%3D%3D&ruri=&r=286646003&tok=93258721807212785239&iv=-1&ctr=FR&sz=1200&wn=&...
https://lp.clevernetwork.pt/pokerstars/fr/?group=32649&id=351341&ref=aHR0cDovL3d3dy5wb3J0YWxtYWlzbWlkaWEuY29tLmJyLw==&r=286646003&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg...

5 KB
3 KB

136ms
117ms

Document
text/html

2606:4700:20::681a:af8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.clevernetwork.pt/pokerstars/fr/?group=32649&id=351341&ref=aHR0cDovL3d3dy5wb3J0YWxtYWlzbWlkaWEuY29tLmJyLw==&r=286646003&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBS1dXRklBQkFBV1A=
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d5d3f615ebc341bd6d21360367c1a88093147068bf439c7d022a08bfdd3978a

Request headers

:method: GET
:authority: lp.clevernetwork.pt
:scheme: https
:path: /pokerstars/fr/?group=32649&id=351341&ref=aHR0cDovL3d3dy5wb3J0YWxtYWlzbWlkaWEuY29tLmJyLw==&r=286646003&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBS1dXRklBQkFBV1A=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.portalmaismidia.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.portalmaismidia.com.br/

Response headers

date: Sun, 18 Jul 2021 16:53:56 GMT
content-type: text/html
x-amz-id-2: n3aIMSWkBrCnyAsYOC7HCHaAW2KUhP7wcG//VOYpSfyYwOFwMOSI4YJaAHvfTgCGMC9fsn9ZBS8=
x-amz-request-id: QR6NFC3VF73NFHKV
last-modified: Sun, 18 Jul 2021 11:26:46 GMT
cache-control: max-age=1800
cf-cache-status: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LrT%2FBJs6ZWHRzf1gmmbraPhYHVr8qg%2BGY2F1YD7qKwTlbAGrfBb1hPI5oV%2FUcIrPkmf4p5004J9yAdRF2VMRqzbum%2FCt0WDRPHlyEPYJVOTJcTT0Zfd%2FSzN%2BZ3LIqCucLghUNnPaM1OPwAvbuOv6sSY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 670d3aa48a7c9742-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Server: nginx
Date: Sun, 18 Jul 2021 16:53:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: hstpv4user=eyJJRCI6IjU5NDE0NjQzd2FuNjBmNDVjYTQ3YTUxNCIsIkNUUiI6IkZSIiwiUmVnaW9uIjpudWxsLCJCcm93c2VyIjoiQ2hyb21lIiwiUGxhdGZvcm0iOiJXaW5kb3dzIiwiTW9iaWxlIjowLCJCb3QiOjAsInJlbW90ZV9hZGRyIjoiMTM4MjQyMTEwNiIsIkxhc3RVcGRhdGUiOjE2MjY2MjcyMzZ9; expires=1658163236; path=/; domain=.clevernt.com; SameSite=None; Secure
Expires: Fri, 27 Jun 1986 23:00:00 GMT
Last-Modified: Sun, 18 Jul 2021 16:53:56 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Pragma: no-cache
Location: https://lp.clevernetwork.pt/pokerstars/fr/?group=32649&id=351341&ref=aHR0cDovL3d3dy5wb3J0YWxtYWlzbWlkaWEuY29tLmJyLw==&r=286646003&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBS1dXRklBQkFBV1A=

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 200 style.css
lp.clevernetwork.pt/pokerstars/fr/ Frame 2AA8 5 KB
2 KB 31ms
21ms Stylesheet
text/css 2606:4700:20::681a:af8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.clevernetwork.pt/pokerstars/fr/style.css?v=2
Requested by: Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/fr/?group=32649&id=351341&ref=aHR0cDovL3d3dy5wb3J0YWxtYWlzbWlkaWEuY29tLmJyLw==&r=286646003&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBS1dXRklBQkFBV1A=
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94ba74a7e850ea14bcf38199674a5fc6e68fa2d1f8d742c50d400ba2f3827d49

Request headers

Referer: https://lp.clevernetwork.pt/pokerstars/fr/?group=32649&id=351341&ref=aHR0cDovL3d3dy5wb3J0YWxtYWlzbWlkaWEuY29tLmJyLw==&r=286646003&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBS1dXRklBQkFBV1A=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:53:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3414
cf-polished: origSize=5027
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: XX6ABWGTHB62KS3Z
x-amz-id-2: TOg8Ij228/dkMNKAxwX9n15xGiTHojJE40yhtaVplPMTDbjrnxVnd/21c6K0RUiWBuQa93jKpiE=
last-modified: Thu, 29 Apr 2021 22:45:57 GMT
server: cloudflare
etag: W/"2f6593a9763172d1ea6050b39184649d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HXJpAQkrzUaeuVJj%2F6YnNN7VdlqeS23Nx77WSGMey354qWujzLilcmAem0R3o2SHGhjUld56V0jjZae9nFMlpbXGDuAlINT463WAJTI1EKI1iL76VSoG1orJtQUMNztiyKYQThtSgZjDuEqK4wDnlEQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 670d3aa558dedfa9-FRA
cf-bgj: minify

GET
H3-29 200 logo.png
lp.clevernetwork.pt/pokerstars/fr/imgs/ Frame 2AA8 7 KB
8 KB 32ms
22ms Image
image/png 2606:4700:20::681a:af8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.clevernetwork.pt/pokerstars/fr/imgs/logo.png?v=2
Requested by: Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/fr/?group=32649&id=351341&ref=aHR0cDovL3d3dy5wb3J0YWxtYWlzbWlkaWEuY29tLmJyLw==&r=286646003&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBS1dXRklBQkFBV1A=
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 744f85a7207ab76af9bea325844f5c39d6b3ae642acfbb4076e1e29d5cc10d57

Request headers

Referer: https://lp.clevernetwork.pt/pokerstars/fr/?group=32649&id=351341&ref=aHR0cDovL3d3dy5wb3J0YWxtYWlzbWlkaWEuY29tLmJyLw==&r=286646003&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBS1dXRklBQkFBV1A=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:53:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3404
cf-ray: 670d3aa558e4dfa9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 7460
x-amz-id-2: hFgNCJxHCL8yBtiBCTmPFKjdjaO/cFQcKGa1jTHNn/di6Vr91POWcrUVuckXsSnJV3GCaDv/b94=
last-modified: Thu, 29 Apr 2021 22:45:57 GMT
server: cloudflare
etag: "df1c65e3078c82895a1eb424b29af06b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i9UQtClG7XvPhL%2BzsSPl%2BJkxoo5xJrkEs1DszrWbnKA4xN3tZI8UYfEbmkzt%2F%2B%2BhTYjyI7hKBsVNT8ViaD8VJcNnV9yJnriJRgdBrR5hd30A5TiPZXPh%2Bq%2BAH6qF2C7xhu%2FepcCe21W1gAVAXOFc70c%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: XX642W2J0EA4W909
cache-control: max-age=1800
accept-ranges: bytes
content-type: image/png

GET
H3-29 200 cta.svg
lp.clevernetwork.pt/pokerstars/fr/imgs/ Frame 2AA8 7 KB
3 KB 32ms
22ms Image
image/svg+xml 2606:4700:20::681a:af8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.clevernetwork.pt/pokerstars/fr/imgs/cta.svg?v=2
Requested by: Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/fr/?group=32649&id=351341&ref=aHR0cDovL3d3dy5wb3J0YWxtYWlzbWlkaWEuY29tLmJyLw==&r=286646003&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBS1dXRklBQkFBV1A=
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29e100136022f3eeaf2ff8e0fd1bd9d800224e9d5fa5567845919b97ddb5828f

Request headers

Referer: https://lp.clevernetwork.pt/pokerstars/fr/?group=32649&id=351341&ref=aHR0cDovL3d3dy5wb3J0YWxtYWlzbWlkaWEuY29tLmJyLw==&r=286646003&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBS1dXRklBQkFBV1A=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:53:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3404
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: XX619W1V6EZWW9B8
x-amz-id-2: d8MadyxqC9y/TIBMKc/USrkshcHfk2FMa0ZEd/0FH6klLcQI3PYdKUjbYTOISvwkAWckRKlQqHo=
last-modified: Thu, 29 Apr 2021 22:45:57 GMT
server: cloudflare
etag: W/"fc72b25069e336ecf4af370090bec375"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UraW4vI%2F%2FmYMT4k0rqUP2P2hpiGIZ5GnLHCQKCCl2CiFWZt8o%2BOM%2BHjlav6Nh9E4lLJzpbFq8NQvkFNOWXdtDEAbkvKEEJpzfa9KnvoWqR353JTh%2F61Ymrig3ZHcm7GHf0DfKegzC6ev83g62DiqF78%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=1800
cf-ray: 670d3aa558e8dfa9-FRA

GET
H3-29 200 cta-mobile.svg
lp.clevernetwork.pt/pokerstars/fr/imgs/ Frame 2AA8 7 KB
3 KB 42ms
32ms Image
image/svg+xml 2606:4700:20::681a:af8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.clevernetwork.pt/pokerstars/fr/imgs/cta-mobile.svg?v=2
Requested by: Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/fr/?group=32649&id=351341&ref=aHR0cDovL3d3dy5wb3J0YWxtYWlzbWlkaWEuY29tLmJyLw==&r=286646003&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBS1dXRklBQkFBV1A=
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcc90ac3f108449d60341a38188cf65fa419690cf9114c724c31e14d4b7f64a5

Request headers

Referer: https://lp.clevernetwork.pt/pokerstars/fr/?group=32649&id=351341&ref=aHR0cDovL3d3dy5wb3J0YWxtYWlzbWlkaWEuY29tLmJyLw==&r=286646003&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBS1dXRklBQkFBV1A=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:53:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3404
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: XX6BYM6EE5YF0AHV
x-amz-id-2: INnUpGvuR9daiSMEsvM+MS4PDMyvzJtF43D5anI+PRIgBhupHWqTJLf9cVCfTPgRmUhmK2NTYb0=
last-modified: Thu, 29 Apr 2021 22:45:57 GMT
server: cloudflare
etag: W/"c00ec7b57044c2f734bd11db31aab137"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1JHjjtEgKXJ7tniudJumya5ViGAR0M8tRV%2F8z%2FhJ9efjzh522SRdSU%2BWQT6ZQljh1MnpeRXLQJ8OqT%2B3lnlzC78l8iQKxiD8M0%2FajYjIi1SSg6VJ7LQhWeDU7lXVA1rmoYA5WhpL%2BeaKK6MByI00TWc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=1800
cf-ray: 670d3aa558eadfa9-FRA

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 2AA8 12 KB
4 KB 45ms
24ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/fr/?group=32649&id=351341&ref=aHR0cDovL3d3dy5wb3J0YWxtYWlzbWlkaWEuY29tLmJyLw==&r=286646003&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBS1dXRklBQkFBV1A=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://lp.clevernetwork.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:53:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 0b5c22fb6800006479083ae000000001
last-modified: Tue, 13 Jul 2021 12:14:54 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60ed83be-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xzAR6VT%2BhIf%2FbPxXaMnoUxydMVZfPeUbtrEPOkYSJhRpVmGrSUjGakFFIZHAx%2FgKuC6U0c56VHyBHgNxP%2FUtSeshQ1iLnGZKeTrs44JUPEnUV5nCb4f1ZxQWNsfBtgWm7e0vzKvyeuk6nlwrYXt573o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 670d3aa57e3b6479-FRA
expires: Tue, 20 Jul 2021 16:53:56 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 2AA8 25 KB
1 KB 14ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/fr/style.css?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a837f051ac8249ce2e1c0215298ef878bc3b3017bc2b8e5bdea1cd88e8e1e54c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://lp.clevernetwork.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Jul 2021 16:52:17 GMT
server: ESF
date: Sun, 18 Jul 2021 16:53:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Jul 2021 16:53:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 2AA8 15 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://lp.clevernetwork.pt
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 12:00:01 GMT
x-content-type-options: nosniff
age: 449635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 12:00:01 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 2AA8 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://lp.clevernetwork.pt
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:26:24 GMT
x-content-type-options: nosniff
age: 512852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Jul 2022 18:26:24 GMT

GET
H/1.1

200
OK

Cookie set / Show response
www.pokerstars.fr/ Frame 9596
Redirect Chain

https://secure.starsaffiliateclub.com/C.ashx?btag=a_174459b_1915c_&affid=2356410&siteid=174459&adid=1915&c=YSAAKWWFIABAAWP
https://secure.starsaffiliateclub.com/C.ashx?btag=a_174459b_1915c_&affid=2356410&siteid=174459&adid=1915&c=YSAAKWWFIABAAWP&AutoR=1
https://www.pokerstars.com/ua/?btag=a_174459b_1915c_YSAAKWWFIABAAWP
https://www.pokerstars.fr/?btag=a_174459b_1915c_YSAAKWWFIABAAWP
https://www.pokerstars.fr/

42 KB
8 KB

38ms
37ms

Document
text/html

77.87.180.152
RATIONAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pokerstars.fr/

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

77.87.180.152 Isle of Man, Isle Of Man, ASN43338 (RATIONAL-AS, IM),

Reverse DNS

Software

Apache /

Resource Hash

8422e410ae65d8626e181aad5de78b53ba14360d0cb29c8a5f28baa1c5caf354

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: www.pokerstars.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://lp.clevernetwork.pt/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://lp.clevernetwork.pt/

Response headers

Date: Sun, 18 Jul 2021 16:54:00 GMT
Server: Apache
Set-Cookie: geoip_country=FR; path=/; domain=www.pokerstars.fr NSC_hfofsbmIptut-8001_xjui_tjhnb4-5=ffffffff0943141445525d5f4f58455e445a4a422971;expires=Sun, 18-Jul-2021 16:56:00 GMT;path=/;secure;httponly
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8138
Keep-Alive: timeout=5, max=225
Connection: Keep-Alive
Content-Type: text/html
Strict-Transport-Security: max-age=31536000

Redirect headers

Date: Sun, 18 Jul 2021 16:54:00 GMT
Server: Apache
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Set-Cookie: geoip_country=FR; path=/; domain=www.pokerstars.fr sti=NWJ0G34bLDMTAgxocwJhKi0oJy0xM35RBi4kLXwXJQpxSGwPHFNQRGRxa3UOE0hNQz1GaWZrNndHRTVSX1UnfWstZyAAQWVvcy1UfFI3EHtGYgpNUxU7enAqNnFvG34%2FWkRVDB0cBjVUT0gnIC0xMnpXADIpLUJ0WX4MOmhXSTEuNG0zJWB%2FUh4XEyxqRFRYBBJ2YHlJWllbUExTDhgxZElcIHkWOQtzSWIEIjAT; path=/ pti=NWJ0G34bLDMTAgxocwJhKi0oJy0xM35RBi4kLXwXJQpxSGwPHFNQRGRxa3UOE0hNQz1GaWZrNndHRTVSX1UnfWstZyAAQWVvcy1UfFI3EHtGYgpNUxU7enAqNnFvG34%2FWkRVDB0cBjVUT0gnIC0xMnpXADIpLUJ0WX4MOmhXSTEuNG0zJWB%2FUh4XEyxqRFRYBBJ2YHlJWllbUExTDhgxZElcIHkWOQtzSWIEIjAT; path=/; expires=Mon, 18-Jul-2022 16:54:00 GMT promo_ia=a_174459b_1915c_YSAAKWWFIABAAWP; path=/; expires=Mon, 18-Jul-2022 16:54:00 GMT sti2=NWJ0G34bLDMTAgxocwJhKi0oJy0xM35RBi4kLXwXJQpxSGwPHFNQRGRxa3UOE0hNQz1GaWZrNndHRTVSX1UnfWstZyAAQWVvcy1UfFI3EHtGYgpNUxU7enAqNnFvG34%2FWkRVDB0cBjVUT0gnIC0xMnpXADIpLUJ0WX4MOmhXSTEuNG0zJWB%2FUh4XEyxqRFRYBBJ2YHlJWllbUExTDhgxZElcIHkWOQtzSWIEIjAT; domain=.pokerstars.fr; path=/ pti2=NWJ0G34bLDMTAgxocwJhKi0oJy0xM35RBi4kLXwXJQpxSGwPHFNQRGRxa3UOE0hNQz1GaWZrNndHRTVSX1UnfWstZyAAQWVvcy1UfFI3EHtGYgpNUxU7enAqNnFvG34%2FWkRVDB0cBjVUT0gnIC0xMnpXADIpLUJ0WX4MOmhXSTEuNG0zJWB%2FUh4XEyxqRFRYBBJ2YHlJWllbUExTDhgxZElcIHkWOQtzSWIEIjAT; domain=.pokerstars.fr; path=/; expires=Mon, 18-Jul-2022 16:54:00 GMT stiram=NWJ0G34bLDMTAgxocwJhKi0oJy0xM35RBi4kLXwXJQpxSGwPHFNQRGRxa3UOE0hNQz1GaWZrNndHRTVSX1UnfWstZyAAQWVvcy1UfFI3EHtGYgpNUxU7enAqIGtyGx10UA1MExAcBjVJSU4nfWstZyAAQWVvcy1UfFI3EHtGYgpeQxVPWD8RaXNydXIEKzUvc2sWBQswEU9IUlJCOS06BjcpKX0ZaWJ0QmQDdV9AUxhHV1V3JW5nZA50SlcTEQ1yfn49Ki0oJy0xM35RBwo%3D; domain=pokerstars.fr; path=/ ptiram=NWJ0G34bLDMTAgxocwJhKi0oJy0xM35RBi4kLXwXJQpxSGwPHFNQRGRxa3UOE0hNQz1GaWZrNndHRTVSX1UnfWstZyAAQWVvcy1UfFI3EHtGYgpNUxU7enAqIGtyGx10UA1MExAcBjVJSU4nfWstZyAAQWVvcy1UfFI3EHtGYgpeQxVPWD8RaXNydXIEKzUvc2sWBQswEU9IUlJCOS06BjcpKX0ZaWJ0QmQDdV9AUxhHV1V3JW5nZA50SlcTEQ1yfn49Ki0oJy0xM35RBwo%3D; domain=pokerstars.fr; path=/; expires=Mon, 18-Jul-2022 16:54:00 GMT NSC_hfofsbmIptut-8001_xjui_tjhnb4-5=ffffffff0943141445525d5f4f58455e445a4a422971;expires=Sun, 18-Jul-2021 16:56:00 GMT;path=/;secure;httponly
Location: https://www.pokerstars.fr/
Keep-Alive: timeout=5, max=227
Connection: Keep-Alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000

GET
H3-29 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 2AA8 15 KB
15 KB 12ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://lp.clevernetwork.pt
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 12:36:34 GMT
x-content-type-options: nosniff
age: 447442
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15724
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:50 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 12:36:34 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 2AA8 16 KB
16 KB 13ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://lp.clevernetwork.pt
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 17:17:27 GMT
x-content-type-options: nosniff
age: 430589
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 17:17:27 GMT

GET
H3-29 200 bg-pushdown.jpg
lp.clevernetwork.pt/pokerstars/fr/imgs/ Frame 2AA8 69 KB
70 KB 14ms
14ms Image
image/jpeg 2606:4700:20::681a:af8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.clevernetwork.pt/pokerstars/fr/imgs/bg-pushdown.jpg?v=2
Requested by: Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/fr/style.css?v=2
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d9412299bc7aef4f743926337a8910fb725e536e2c28cd31e0d715b738b28b5

Request headers

Referer: https://lp.clevernetwork.pt/pokerstars/fr/style.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:53:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1663
cf-ray: 670d3aa5d98edfa9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 70630
x-amz-id-2: wYffNYDwPyERsDqlr1pof4g/z4OclO0euCr3pqUI79QbCk3TwgHt3425OEnrzZHWrzw9BwfHTKY=
last-modified: Thu, 27 May 2021 15:51:21 GMT
server: cloudflare
etag: "c3749918565dda01dd22477c50373155"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KpNEV6d5j0JDD%2BRwUtPZUwT11HaRBTsP3JQn2GgQIvUP82IUGZ5TgYCZDAJpqsCrxyhXbbgoWK1O69uU6Yob%2FpG1fWZ0mzGgigOrobj5c92Cc1I6ndml5dlT3naubF4iTd5IvAow033K16%2B8mP%2FIcXs%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 6HWBVRVA6424CV7F
cache-control: max-age=1800
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 bootstrap.min.css
cmsstorage.rationalcdn.com/assets/ps/assets/common/bootstrap/css/ Frame 9596 21 KB
5 KB 126ms
36ms Stylesheet
text/css 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/bootstrap/css/bootstrap.min.css
Requested by: Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8878fe76a9d5f812136977a768b0292a70190104050ce601f84fd75c92c2f35d

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:00 GMT
content-encoding: gzip
last-modified: Thu, 12 Nov 2015 11:26:08 GMT
server: Apache
etag: "54f2-5245635907400"
ntcoent-length: 21746
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: private, max-age=991460
accept-ranges: bytes
content-length: 4529

GET
H2 200 lib.js Show response
cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/ Frame 9596 117 KB
42 KB 149ms
59ms Script
application/javascript 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/lib.js?v=2
Requested by: Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 70bf070ead0b1c4728fa295b5e98b14cf9b228c8ede128e726d4311654fcc585

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:00 GMT
content-encoding: gzip
last-modified: Mon, 15 Feb 2021 15:15:47 GMT
server: Apache
etag: "1d377-5bb6175da0ec0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 42733

GET
H2 200 config.js Show response
cmsstorage.rationalcdn.com/assets/ps/assets/data/ps_fr/fr-fr/ Frame 9596 19 KB
8 KB 144ms
55ms Script
application/javascript 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/data/ps_fr/fr-fr/config.js
Requested by: Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 17f6fa3cc46268f4a92b14ed0fea88e2bacd267e45a9e2fee03b1d23f6d4c3c0

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:00 GMT
content-encoding: gzip
last-modified: Fri, 26 Feb 2021 11:05:01 GMT
server: Apache
etag: "4d9b-5bc3b3d4b7140"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 7686

GET
H2 200 casino.assetwrapper.js Show response
cmsstorage.rationalcdn.com/assets/psc/assets/common/scripts/cross-ux/ Frame 9596 2 KB
1 KB 124ms
35ms Script
application/javascript 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cmsstorage.rationalcdn.com/assets/psc/assets/common/scripts/cross-ux/casino.assetwrapper.js
Requested by: Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 64796d852c2396b0cf83789e9047c36eb71ce0226ac63214f453b4548f42e021

Request headers

Origin: https://www.pokerstars.fr
Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:00 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 09:30:51 GMT
server: Apache
etag: "83e-5b62cf2bf68c0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 865

GET
H2 200 cvl-active.js Show response
cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/cross-ux/ Frame 9596 2 KB
878 B 125ms
36ms Script
application/javascript 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/cross-ux/cvl-active.js
Requested by: Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 37406e702700804191263694d80f23af99441f8f2add8d30d9c176265c9daa0e

Request headers

Origin: https://www.pokerstars.fr
Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:00 GMT
content-encoding: gzip
last-modified: Mon, 22 May 2017 08:28:36 GMT
server: Apache
etag: "8e8-55018a843b500"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 696

GET
H2 200 ps_fr_fr-fr.js Show response
cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/disclaimers/ Frame 9596 1 KB
669 B 170ms
82ms Script
application/javascript 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/disclaimers/ps_fr_fr-fr.js
Requested by: Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: afa57236ec9596b9f57379151e3322dc7e33df059f923a3b096626ec4a3af10b

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:00 GMT
content-encoding: gzip
last-modified: Wed, 26 May 2021 09:17:13 GMT
server: Apache
etag: "451-5c3381ba5f840"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 487

GET
H2 200 PstrkIdManager.js Show response
cmsstorage.rationalcdn.com/assets/ps/assets/tracking/ Frame 9596 27 KB
6 KB 162ms
74ms Script
application/javascript 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/tracking/PstrkIdManager.js
Requested by: Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b197971af1d6f531f9fba6cab817c7eae42fc90b644f1a75394a62644ba1d165

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:00 GMT
content-encoding: gzip
last-modified: Fri, 25 Jun 2021 14:31:37 GMT
server: Apache
etag: "6a3e-5c597ff450440"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 5989

GET
H2 200 homepage.css
cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/ Frame 9596 151 KB
17 KB 130ms
42ms Stylesheet
text/css 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Requested by: Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 4ae2c7dceaea3d17f0a5e981053d0df9c703aefadc1e34b340de208a0190024b

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cteonnt-length: 154261
date: Sun, 18 Jul 2021 16:54:00 GMT
content-encoding: gzip
last-modified: Fri, 18 Jun 2021 10:28:28 GMT
server: Apache
etag: "25a95-5c507c8ceeb00"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: private, max-age=458103
accept-ranges: bytes
content-length: 16695

GET
H3-29 200 css
fonts.googleapis.com/ Frame 9596 8 KB
713 B 24ms
23ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,greek,vietnamese

Requested by

Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Jul 2021 16:41:29 GMT
server: ESF
date: Sun, 18 Jul 2021 16:54:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Jul 2021 16:54:00 GMT

GET
H2 200 ps_fr_fr-fr.css
cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/overrides/ Frame 9596 582 B
482 B 141ms
53ms Stylesheet
text/css 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/overrides/ps_fr_fr-fr.css
Requested by: Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 426a21ca1589a34e9cb0c8b64186c3f0d8b4086d32e7d832c6998920bee5df09

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cteonnt-length: 582
date: Sun, 18 Jul 2021 16:54:00 GMT
content-encoding: gzip
last-modified: Wed, 26 May 2021 09:09:26 GMT
server: Apache
etag: "246-5c337ffd01d80"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: private, max-age=872655
accept-ranges: bytes
content-length: 293

GET
H2 200 homepage_neymar_spin_and_go.png
cmsstorage.rationalcdn.com/assets/ps/assets/common/videos/ Frame 9596 2 MB
2 MB 36ms
36ms Image
image/png 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/videos/homepage_neymar_spin_and_go.png
Requested by: Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7d6b6ca2e9d557e1592674eccbdd9f5acced0a6782f5e18f0c5779eb01a799e9

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:00 GMT
last-modified: Fri, 11 Jun 2021 12:16:28 GMT
server: Apache
etag: "2752c0-5c47c7a283f00"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 2577088

GET
H2 200 community-twitch.jpg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/global-one-col/ Frame 9596 40 KB
40 KB 58ms
58ms Image
image/jpeg 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/global-one-col/community-twitch.jpg
Requested by: Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d8453c0d4be5e4379a0620dc5c8a7a1d3a410a5f78ba0c379c5b840f7d9ae19c

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:00 GMT
last-modified: Tue, 20 Oct 2020 07:12:00 GMT
server: Apache
etag: "a044-5b214f26ef000"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 41028

GET
H2 200 community-ambassadors.jpg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/global-one-col/ Frame 9596 156 KB
156 KB 54ms
52ms Image
image/jpeg 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/global-one-col/community-ambassadors.jpg
Requested by: Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8461d16dc5f56ee0d99897735abac9c47be6d3808e47a967ba546f69b89a2215

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:00 GMT
last-modified: Mon, 25 Jan 2021 15:08:45 GMT
server: Apache
etag: "26f32-5b9baea07f940"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 159538

GET
H2 200 facebook.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/ Frame 9596 2 KB
1 KB 54ms
52ms Image
image/svg+xml 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/facebook.svg
Requested by: Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6aa11e842888cd75c787ba6e59d03d8139f93af3da4876c39b7d1600124a126c

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:00 GMT
content-encoding: gzip
last-modified: Tue, 27 Nov 2018 11:38:33 GMT
server: Apache
etag: "774-57ba3e3a9e040"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 913

GET
H2 200 twitter.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/ Frame 9596 3 KB
1 KB 54ms
53ms Image
image/svg+xml 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/twitter.svg
Requested by: Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5ff86f271c2c50f1074477420ba9679ed243b281f5cfb7f66129bdf5eea43c24

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:00 GMT
content-encoding: gzip
last-modified: Tue, 27 Nov 2018 11:38:34 GMT
server: Apache
etag: "a1a-57ba3e3b92280"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 1080

GET
H2 200 youtube.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/ Frame 9596 1 KB
895 B 56ms
55ms Image
image/svg+xml 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/youtube.svg
Requested by: Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3bca67455c27a03bbaa0a91d29cbf8d2080c9c46e81f914d380528dd2e8c23cb

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:00 GMT
content-encoding: gzip
last-modified: Tue, 27 Nov 2018 12:48:01 GMT
server: Apache
etag: "573-57ba4dc188240"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 718

GET
H2 200 twitch.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/ Frame 9596 2 KB
1 KB 56ms
55ms Image
image/svg+xml 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/twitch.svg
Requested by: Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 4bfcd81b1c8cb16dbef3943b9e226283221681bd87a4ebd2ffd169bcd9586597

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:00 GMT
content-encoding: gzip
last-modified: Tue, 27 Nov 2018 11:38:34 GMT
server: Apache
etag: "8cb-57ba3e3b92280"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 993

GET
H2 200 instagram.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/ Frame 9596 2 KB
1 KB 56ms
55ms Image
image/svg+xml 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/instagram.svg
Requested by: Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: de2d174b8956ce02c80601c3f05b3033fd83b4607df0b2700b919d9d12653365

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:00 GMT
content-encoding: gzip
last-modified: Tue, 27 Nov 2018 11:38:33 GMT
server: Apache
etag: "6b7-57ba3e3a9e040"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 899

GET
H/1.1 200
OK starscrm.config.json Show response
starscrm.com/ Frame 9596 77 B
428 B 170ms
67ms XHR
text/plain 77.87.179.68
RATIONAL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://starscrm.com/starscrm.config.json?bust=1626627240766
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/psc/assets/common/scripts/cross-ux/casino.assetwrapper.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.87.179.68 Douglas, Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software: Apache /
Resource Hash: 8f163b46e6386572338c366fa209c7893258df440ec18a8f2da407eb55e11467

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:54:00 GMT
Last-Modified: Tue, 08 Jun 2021 09:25:44 GMT
Server: Apache
MyHeader: member143
ETag: "4d-5c43dbe0b1600"
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With
Content-Length: 77
Keep-Alive: timeout=15, max=42

GET
H/1.1 200
OK tag.js Show response
s.btstatic.com/ Frame 9596 34 KB
13 KB 416ms
324ms Script
application/javascript 104.111.248.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.btstatic.com/tag.js
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/tracking/PstrkIdManager.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.248.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-248-191.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5c2b76989e49a2bd8c651a35634fd43081b13bde1a6385fb8e36dccc1d0d42d8

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:54:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 May 2021 15:15:11 GMT
Server: nginx
Vary: Accept-Encoding
P3P: CP=NOI DSP COR NID
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 12525

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/sync/ Frame 9596 252 B
722 B 153ms
72ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/js?cs_jsonp=pstrkIdManager.mmUuidSync&mt_nsync=1
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/tracking/PstrkIdManager.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3810 5cb7d7e master cdg-pixel-x31 /
Resource Hash: 7e4821f5482ef123a392e6bba065b580371960d9c2c7de279a2adca039b7d223

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:54:00 GMT
Server: MT3 3810 5cb7d7e master cdg-pixel-x31
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 252
Expires: Sun, 18 Jul 2021 16:53:22 GMT

GET
H2 200 require.min.js Show response
cashier.rationalcdn.com/common/libs-2.1.20/ Frame 9596 15 KB
6 KB 52ms
51ms Script
application/javascript 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cashier.rationalcdn.com/common/libs-2.1.20/require.min.js
Requested by: Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 14a4c5164ea7f47bccc702e8e5744681e8aa0a21d513a820e231f3d921e14c0b

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:00 GMT
content-encoding: gzip
last-modified: Sun, 04 Sep 2016 11:39:34 GMT
server: Apache
etag: "3cc8-53bad04796980"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With
content-length: 6356

GET
H2 200 languages.xml Show response
cmsstorage.rationalcdn.com/assets/ps/assets/data/ps_fr/ Frame 9596 202 B
357 B 35ms
35ms XHR
application/xml 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/data/ps_fr/languages.xml?&sid=0.6750303541908558
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f6180ec8dad060e65f3bb68c012b470991995f085d7b5f88db7144ce3a8d6315

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:00 GMT
last-modified: Thu, 30 Jan 2020 09:42:27 GMT
server: Apache
etag: "ca-59d58466106c0"
content-type: application/xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 202

GET
H2 200 poker.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/vertical-logos/fr/light/ Frame 9596 1 KB
843 B 62ms
60ms Image
image/svg+xml 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/vertical-logos/fr/light/poker.svg
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 753762eeff1ec98559aa23c079a432371c4372febd6e1a793697e7433b10089d

Request headers

Referer: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:00 GMT
content-encoding: gzip
last-modified: Tue, 30 Mar 2021 12:04:20 GMT
server: Apache
etag: "5df-5bebfcc597900"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 666

GET
H2 200 sports.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/vertical-logos/fr/light/ Frame 9596 2 KB
1 KB 64ms
63ms Image
image/svg+xml 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/vertical-logos/fr/light/sports.svg
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 49ff25377c9095e869fdab343f47198c2b8d5be7b3fb8b818b650985c152c24b

Request headers

Referer: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:00 GMT
content-encoding: gzip
last-modified: Tue, 30 Mar 2021 12:04:21 GMT
server: Apache
etag: "97a-5bebfcc68bb40"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 1086

GET
H2 200 bars.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/ Frame 9596 1 KB
642 B 64ms
64ms Image
image/svg+xml 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/bars.svg
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c714ebb416fa0b15b725220bca8fbe1cbe2899605b8ef833f1de1f4f66169122

Request headers

Referer: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:00 GMT
content-encoding: gzip
last-modified: Fri, 27 Jul 2018 08:53:19 GMT
server: Apache
etag: "501-571f73e431dc0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 465

GET
H2 200 poker-m.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/ Frame 9596 2 KB
940 B 65ms
65ms Image
image/svg+xml 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/poker-m.svg
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: dbad85147b47c3c3e23ec704c9e572676c3b4481eff7e77b6765fea11f252b9d

Request headers

Referer: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:00 GMT
content-encoding: gzip
last-modified: Fri, 27 Jul 2018 09:08:36 GMT
server: Apache
etag: "69c-571f774eb6d00"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 763

GET
H2 200 close-black.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/ Frame 9596 1 KB
774 B 68ms
66ms Image
image/svg+xml 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/close-black.svg
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c65c4b1dcc3c11c6915571a25e4fe32162717f669d2cfa28517285b17bf2cdc6

Request headers

Referer: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:00 GMT
content-encoding: gzip
last-modified: Fri, 27 Jul 2018 08:53:19 GMT
server: Apache
etag: "54b-571f73e431dc0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 597

GET
H2 200 close.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/ Frame 9596 1 KB
775 B 68ms
67ms Image
image/svg+xml 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/close.svg
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 37dd1e25d8ce3db5ce2d3a76064ee6063058bbd5f1555ea55ad002d083402dc7

Request headers

Referer: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:00 GMT
content-encoding: gzip
last-modified: Wed, 25 Apr 2018 14:08:23 GMT
server: Apache
etag: "54b-56aaccdc963c0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 598

GET
H2 200 poker.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/360/ Frame 9596 3 KB
2 KB 68ms
67ms Image
image/svg+xml 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/360/poker.svg
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 137e4d3d675eaf33f19407ccb1b72948d5669883329c020103f551c7a463fc4f

Request headers

Referer: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:00 GMT
content-encoding: gzip
last-modified: Tue, 21 Jan 2020 09:18:30 GMT
server: Apache
etag: "c82-59ca2e427c580"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 1380

GET
H2 200 questionmark.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/ Frame 9596 1 KB
932 B 71ms
70ms Image
image/svg+xml 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/questionmark.svg
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9758131604411364017f6f7e517a004fd46c54ff8dc605d4c2af7ee42e2a8400

Request headers

Referer: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:00 GMT
content-encoding: gzip
last-modified: Fri, 27 Jul 2018 08:53:19 GMT
server: Apache
etag: "594-571f73e431dc0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 755

GET
H2 200 right-arrow.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/ Frame 9596 1 KB
813 B 70ms
70ms Image
image/svg+xml 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/right-arrow.svg
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 781f29dcc6e03cbf0c62e3a9b0956dd06447878e5e0ed38ed349fabcd9c4b2d4

Request headers

Referer: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:00 GMT
content-encoding: gzip
last-modified: Fri, 27 Jul 2018 08:53:19 GMT
server: Apache
etag: "537-571f73e431dc0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 636

GET
H2 200 down-arrow.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/ Frame 9596 1 KB
814 B 68ms
67ms Image
image/svg+xml 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/down-arrow.svg
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: bd205ffe59aa5dbad8d578251c5f0a3af93f88dafaa33628f00d99ffc3eca7c4

Request headers

Referer: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:00 GMT
content-encoding: gzip
last-modified: Fri, 27 Jul 2018 08:53:19 GMT
server: Apache
etag: "533-571f73e431dc0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 637

GET
H2 200 footer-small.png
s4.rationalcdn.com/img/bg/estate/ Frame 9596 109 KB
110 KB 89ms
66ms Image
image/png 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4.rationalcdn.com/img/bg/estate/footer-small.png
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 84aa17f8bd026a331b01dd69bd992c95ce09df60557637f4e5fbad466338b86c

Request headers

Referer: https://cmsstorage.rationalcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:00 GMT
last-modified: Fri, 09 Apr 2021 14:58:50 GMT
server: AkamaiNetStorage
etag: "9aadd769e4bbf2669df3e4de51d9d751:1617980330.571575"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 112066

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 9596 15 KB
15 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,greek,vietnamese

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.pokerstars.fr
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 12:00:01 GMT
x-content-type-options: nosniff
age: 449639
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 12:00:01 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 9596 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,greek,vietnamese

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.pokerstars.fr
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 01:45:21 GMT
x-content-type-options: nosniff
age: 486519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 01:45:21 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 9596 16 KB
16 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,greek,vietnamese

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.pokerstars.fr
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 17:17:27 GMT
x-content-type-options: nosniff
age: 430593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 17:17:27 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 9596 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,greek,vietnamese

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.pokerstars.fr
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:26:24 GMT
x-content-type-options: nosniff
age: 512856
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Jul 2022 18:26:24 GMT

GET
H/1.1 200 resolveurls Show response
ram.pokerstars.fr/ram/info/ Frame 9596 143 B
1 KB 574ms
181ms XHR
application/json 77.87.177.43
RATIONAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ram.pokerstars.fr/ram/info/resolveurls?tag=starsrewards_widgetservice

Requested by

Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/cross-ux/cvl-active.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

77.87.177.43 Isle of Man, Isle Of Man, ASN43338 (RATIONAL-AS, IM),

Reverse DNS

Software

app server /

Resource Hash

33fced4e196b8568ac416675e55f9fdbd36cc9c69ade70f52a527c4d28ce2f75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache, no-store
Access-Control-Allow-Headers: Content-Type
Server: app server
Date: Sun, 18 Jul 2021 16:54:01 GMT
X-Frame-Options: DENY
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.pokerstars.fr
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=60
Expires: -86400

GET
H2 206 homepage_neymar_spin_and_go.mp4
cmsstorage.rationalcdn.com/assets/ps/assets/common/videos/ Frame 9596 4 MB
4 MB 67ms
67ms Media
video/mp4 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/videos/homepage_neymar_spin_and_go.mp4
Requested by: Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 65a64671c95971a5bd344be3aec1e3ad118edfd7fac7d71b76407ea1c77023a0

Request headers

Referer: https://www.pokerstars.fr/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 18 Jul 2021 16:54:00 GMT
last-modified: Fri, 11 Jun 2021 12:16:27 GMT
server: Apache
access-control-allow-origin: *
etag: "39726d-5c47c7a18fcc0"
content-type: video/mp4
Content-Range: bytes 0-3764844/3764845
cache-control: public, max-age=84600
accept-ranges: bytes
Content-Length: 3764845

GET
H/1.1 200
OK message.gif
www.pokerstars.fr/assets/ps/assets/images/disclaimers/ps_fr_fr-fr/ Frame 9596 19 KB
20 KB 37ms
37ms Image
image/gif 77.87.180.152
RATIONAL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pokerstars.fr/assets/ps/assets/images/disclaimers/ps_fr_fr-fr/message.gif

Requested by

Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

77.87.180.152 Isle of Man, Isle Of Man, ASN43338 (RATIONAL-AS, IM),

Reverse DNS

Software

Apache /

Resource Hash

b6e0ed111b18c28106493805edceb946a1922f14d7e8e3b6cbb4a1323ea5acf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:54:00 GMT
Last-Modified: Thu, 13 May 2021 12:04:24 GMT
Server: Apache
ETag: "4ce0-5c234ed9b0200"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=222
Content-Length: 19680

GET
H/1.1 200
OK message-mob.gif
www.pokerstars.fr/assets/ps/assets/images/disclaimers/ps_fr_fr-fr/ Frame 9596 13 KB
14 KB 33ms
33ms Image
image/gif 77.87.180.152
RATIONAL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pokerstars.fr/assets/ps/assets/images/disclaimers/ps_fr_fr-fr/message-mob.gif

Requested by

Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

77.87.180.152 Isle of Man, Isle Of Man, ASN43338 (RATIONAL-AS, IM),

Reverse DNS

Software

Apache /

Resource Hash

6accb914154d46183fe79dbd09ea0735453a98e6365940152f1b1c735cc219c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:54:00 GMT
Last-Modified: Wed, 26 May 2021 09:30:07 GMT
Server: Apache
ETag: "3590-5c33849c845c0"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=116
Content-Length: 13712

GET
H2 200 bundle-prod.min.js Show response
cashier.rationalcdn.com/starscrm/2.1.56/ Frame 9596 190 KB
62 KB 243ms
243ms Script
application/javascript 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cashier.rationalcdn.com/starscrm/2.1.56/bundle-prod.min.js
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/psc/assets/common/scripts/cross-ux/casino.assetwrapper.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 103a552ce1dcfe0dda23424e898280679d3d6e6c4b391d4a6814fcebb2177222

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:00 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 09:25:44 GMT
server: Apache
etag: "2f98b-5c43dbe0b1600"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With
content-length: 63453

GET
H/1.1 200
OK ram-config.js Show response
ram.pokerstars.fr/ Frame 9596 1 KB
1 KB 392ms
48ms Script
application/javascript 77.87.177.43
RATIONAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ram.pokerstars.fr/ram-config.js

Requested by

Host: cashier.rationalcdn.com
URL: https://cashier.rationalcdn.com/common/libs-2.1.20/require.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

77.87.177.43 Isle of Man, Isle Of Man, ASN43338 (RATIONAL-AS, IM),

Reverse DNS

Software

Apache /

Resource Hash

b038580e1aed4eca8699228feca6fb0a04f89faa91bfe33a9b8fab467ab60e9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:54:01 GMT
Last-Modified: Thu, 15 Jul 2021 14:23:32 GMT
Server: Apache
ETag: "4a6-5c72a37300100"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=187
Content-Length: 1190

GET
H/1.1 200
OK tag Show response
s.thebrighttag.com/ Frame 9596 27 KB
6 KB 170ms
62ms Script
text/javascript 34.248.208.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.thebrighttag.com/tag?site=G58M8eX&referrer=https%3A%2F%2Fwww.pokerstars.fr%2F&docReferrer=https%3A%2F%2Flp.clevernetwork.pt%2F&H=-35nia2i
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.248.208.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-208-147.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: bf7349d075acefdee81ba3a727508dcac01e4c270943217d76201ea30beade6f

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 16:54:01 GMT
content-encoding: gzip
Server: nginx
ETag: d70ed55905e0ded4cd1a21bc9d53c208
P3P: CP=NOI DSP COR NID
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 5903
X-BT-RequestId: c0851c30-e7e8-11eb-ade0-0000ac1509e4

GET
H/1.1 200
OK ced0fc472aa6365f5428e58e4639a7605ca36261.js Show response
s.btstatic.com/lib/ Frame 9596 40 KB
4 KB 40ms
39ms Script
application/javascript 104.111.248.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.btstatic.com/lib/ced0fc472aa6365f5428e58e4639a7605ca36261.js?v=2
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.248.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-248-191.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3fc0991859b77e2bce01c007930d5363bbfc4147e5d07f8f7063bd6450b01720

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
x-amz-version-id: im8MzWRw6rhcHTR94obs9hKTFJHaLYc1
Content-Encoding: gzip
Last-Modified: Thu, 24 Jun 2021 09:17:44 GMT
Server: nginx
ETag: "61296e73ba280ed88dd3061d96549a54"
Vary: Accept-Encoding
P3P: CP=NOI DSP COR NID
Cache-Control: max-age=31536000
Date: Sun, 18 Jul 2021 16:54:01 GMT
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 3638

GET
H2 200 vendor.js Show response
cashier.rationalcdn.com/ram/2.2.149/ Frame 9596 208 KB
71 KB 49ms
49ms Script
application/javascript 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cashier.rationalcdn.com/ram/2.2.149/vendor.js
Requested by: Host: cashier.rationalcdn.com
URL: https://cashier.rationalcdn.com/common/libs-2.1.20/require.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7836cf85eaa098ab43a96109a682e08f077eba5ee7451866040d47417724d6bb

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:01 GMT
content-encoding: gzip
last-modified: Fri, 09 Jul 2021 19:31:28 GMT
server: Apache
etag: "33f84-5c6b5d16f25b5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With
content-length: 72739

GET
H/1.1 200 resolveurls Show response
ram.pokerstars.fr/ram/info/ Frame 9596 131 B
1 KB 217ms
216ms XHR
application/json 77.87.177.43
RATIONAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ram.pokerstars.fr/ram/info/resolveurls?tag=starsrewards_widget

Requested by

Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/cross-ux/cvl-active.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

77.87.177.43 Isle of Man, Isle Of Man, ASN43338 (RATIONAL-AS, IM),

Reverse DNS

Software

app server /

Resource Hash

327d787d84d02c84f75a9b130f7e778bb25ab8994fdd3b6ed2665667fdbe27fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache, no-store
Access-Control-Allow-Headers: Content-Type
Server: app server
Date: Sun, 18 Jul 2021 16:54:01 GMT
X-Frame-Options: DENY
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.pokerstars.fr
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=60
Expires: -86400

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame 9596 48 KB
19 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: s.btstatic.com
URL: https://s.btstatic.com/lib/ced0fc472aa6365f5428e58e4639a7605ca36261.js?v=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 182
date: Sun, 18 Jul 2021 16:50:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Sun, 18 Jul 2021 18:50:59 GMT

GET
H/1.1 200
OK trk.core.idm.js Show response
www.psimg.com/ga/ Frame 9596 16 KB
6 KB 120ms
50ms Script
application/javascript 77.87.180.198
RATIONAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.psimg.com/ga/trk.core.idm.js

Requested by

Host: s.btstatic.com
URL: https://s.btstatic.com/lib/ced0fc472aa6365f5428e58e4639a7605ca36261.js?v=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

77.87.180.198 Isle of Man, Isle Of Man, ASN43338 (RATIONAL-AS, IM),

Reverse DNS

Software

Apache /

Resource Hash

cace0a2687006def3765aa8443ffc58d003a1897b6d69abcff0d4a3112c45ec3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:54:01 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Aug 2020 13:38:58 GMT
Server: Apache
ETag: "4090-5ac8613a6e94f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=216
Content-Length: 6009

GET
H/1.1 200
OK local.fr.js Show response
www.psimg.com/ga/assets/ Frame 9596 718 B
1015 B 119ms
48ms Script
application/javascript 77.87.180.198
RATIONAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.psimg.com/ga/assets/local.fr.js

Requested by

Host: s.btstatic.com
URL: https://s.btstatic.com/lib/ced0fc472aa6365f5428e58e4639a7605ca36261.js?v=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

77.87.180.198 Isle of Man, Isle Of Man, ASN43338 (RATIONAL-AS, IM),

Reverse DNS

Software

Apache /

Resource Hash

0f6e4971e9abc1b9dc2c07443fad139572e6508ace2706acef037b348a3d968c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:54:01 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 26 Jun 2015 09:09:58 GMT
Server: Apache
ETag: "2ce-519681aa70580-gzip"
Strict-Transport-Security: max-age=31536000
Content-Language: fr
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5, max=58
Content-Length: 428

GET
H/1.1 200
OK 66d21f0973fb7b6de164cd19e97b3eccf7e71027.js Show response
s.btstatic.com/lib/ Frame 9596 2 KB
768 B 41ms
40ms Script
application/javascript 104.111.248.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.btstatic.com/lib/66d21f0973fb7b6de164cd19e97b3eccf7e71027.js?v=2
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.248.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-248-191.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1f111799d49e279ce18886e967bd7d294a32b46276c74f894f9f1e2c79b11681

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
x-amz-version-id: 4fLxateZvFF5dkrIbFzg9V.pP6f6qBR5
Content-Encoding: gzip
Last-Modified: Wed, 19 May 2021 13:05:54 GMT
Server: nginx
ETag: "b3daf2208678ab3de75c672a3d6e6bd7"
Vary: Accept-Encoding
P3P: CP=NOI DSP COR NID
Cache-Control: max-age=31536000
Date: Sun, 18 Jul 2021 16:54:01 GMT
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 316

GET
H2 200 ram.js Show response
cashier.rationalcdn.com/ram/2.2.149/ Frame 9596 2 MB
422 KB 59ms
59ms Script
application/javascript 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cashier.rationalcdn.com/ram/2.2.149/ram.js
Requested by: Host: cashier.rationalcdn.com
URL: https://cashier.rationalcdn.com/common/libs-2.1.20/require.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: faf12a76b7b5ab239d6c190e1a5f0135a37e8c554ab6dfa299d40154e106a959

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:01 GMT
content-encoding: gzip
last-modified: Fri, 09 Jul 2021 19:31:28 GMT
server: Apache
etag: "1c5b87-5c6b5d16f21cd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With
content-length: 430878

GET
H/1.1 200
OK d03029fc8bd66611412fcf465575544b20816ddd.js Show response
s.btstatic.com/lib/ Frame 9596 196 B
615 B 39ms
38ms Script
application/javascript 104.111.248.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.btstatic.com/lib/d03029fc8bd66611412fcf465575544b20816ddd.js?v=2
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.248.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-248-191.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e1bfaddd7a87f0ebad2f9166ee27718d78150a42891cd42d3337dc7ed5921912

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
x-amz-version-id: PPH6NqRrERp7JvKpe969zscjyUkhKvhx
Content-Encoding: gzip
Last-Modified: Wed, 19 May 2021 13:10:13 GMT
Server: nginx
ETag: "3533bccfeb47c045ee75607995610a1e"
Vary: Accept-Encoding
P3P: CP=NOI DSP COR NID
Cache-Control: max-age=31536000
Date: Sun, 18 Jul 2021 16:54:01 GMT
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 163

GET
H/1.1 200
OK 33ed5d5c8121287d51e1c997fe7acd87db78e7a0.js Show response
s.btstatic.com/lib/ Frame 9596 190 B
614 B 38ms
38ms Script
application/javascript 104.111.248.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.btstatic.com/lib/33ed5d5c8121287d51e1c997fe7acd87db78e7a0.js?v=2
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.248.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-248-191.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d40f6a16855ea8700ba43b2bae612b2dabe0de0477356204e3da86fc494fe3e5

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
x-amz-version-id: ucGf9wh9wTxcNrJUbb.Z82qgkvl4HstC
Content-Encoding: gzip
Last-Modified: Wed, 19 May 2021 13:10:57 GMT
Server: nginx
ETag: "b925f2a59cfc982567e4e6e008996741"
Vary: Accept-Encoding
P3P: CP=NOI DSP COR NID
Cache-Control: max-age=31536000
Date: Sun, 18 Jul 2021 16:54:01 GMT
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 162

GET
H2 200 hmx000000000114.js Show response
u360.d-bi.fr/ Frame 9596 10 KB
4 KB 152ms
50ms Script
application/javascript 52.51.65.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://u360.d-bi.fr/hmx000000000114.js

Requested by

Host: www.psimg.com
URL: https://www.psimg.com/ga/assets/local.fr.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.65.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-65-171.eu-west-1.compute.amazonaws.com

Software

hmxps /

Resource Hash

3f56c32837b11c4024346ba264ba306b7025e1a6826489b5dd3994f8a7013232

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:01 GMT
cache-control: public, max-age=60
x-myname: 0ca44190a60401517
server: hmxps
content-encoding: gzip
strict-transport-security: max-age=63072000
content-type: application/javascript

GET
H3-29 200 css
fonts.googleapis.com/ Frame 9596 8 KB
713 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese

Requested by

Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Jul 2021 16:52:38 GMT
server: ESF
date: Sun, 18 Jul 2021 16:54:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Jul 2021 16:54:01 GMT

GET
H2 200 en.js Show response
cashier.rationalcdn.com/ram/2.2.149/i18n/locales/ Frame 9596 318 KB
87 KB 36ms
36ms Script
application/javascript 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cashier.rationalcdn.com/ram/2.2.149/i18n/locales/en.js
Requested by: Host: cashier.rationalcdn.com
URL: https://cashier.rationalcdn.com/ram/2.2.149/vendor.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 11ab8ce497a50b7aa00817f11fe613191646d184f38097d8970cf897f6c5935a

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:01 GMT
content-encoding: gzip
last-modified: Fri, 09 Jul 2021 19:31:28 GMT
server: Apache
etag: "4f6c5-5c6b5d16f587d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With
content-length: 89169

GET
H/1.1 200 resolvesite Show response
ram.pokerstars.fr/ram/info/ Frame 9596 564 B
1 KB 45ms
45ms XHR
application/json 77.87.177.43
RATIONAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ram.pokerstars.fr/ram/info/resolvesite

Requested by

Host: cashier.rationalcdn.com
URL: https://cashier.rationalcdn.com/ram/2.2.149/vendor.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

77.87.177.43 Isle of Man, Isle Of Man, ASN43338 (RATIONAL-AS, IM),

Reverse DNS

Software

app server /

Resource Hash

6115a2042786ca075e4e9bb2f387a53fbf461206cd075587692b9397edccd36c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache, no-store
Access-Control-Allow-Headers: Content-Type
Server: app server
Date: Sun, 18 Jul 2021 16:54:01 GMT
X-Frame-Options: DENY
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.pokerstars.fr
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=60
Expires: -86400

GET
H2 200 bat.js Show response
bat.bing.com/ Frame 9596 30 KB
9 KB 47ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 73e2e5173ed0d5a77b02914fa0ef1f67bb53143da75f0348f558f95565220ca1

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:01 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 20:25:24 GMT
x-msedge-ref: Ref A: E8A4456BD0264B49A87128038E069FF4 Ref B: FRAEDGE1218 Ref C: 2021-07-18T16:54:01Z
etag: "0d2a696ff53d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9008

GET
H/1.1 200
OK srwrds-path.js Show response
rewards.starsaccount.com/widget/ Frame 9596 74 B
383 B 134ms
42ms XHR
application/x-javascript 77.87.178.197
RATIONAL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rewards.starsaccount.com/widget/srwrds-path.js
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/cross-ux/cvl-active.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.87.178.197 Isle of Man, Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software: Apache /
Resource Hash: 6efc4bfa338c4d0c64e9388949d0fe74ff2efb5ee5223af7bcc580f4fa57bc69

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:54:01 GMT
Last-Modified: Thu, 15 Jul 2021 15:03:32 GMT
Server: Apache
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
MyHeader: member143
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=56
Content-Length: 74

GET
H2 200 000000000114.gif
u360.d-bi.fr/ Frame 9596 43 B
255 B 49ms
49ms Image
image/gif 52.51.65.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u360.d-bi.fr/000000000114.gif?c=8A0EFFEE775E129392E1373D2878A024-39b5cf488cca&cgen=1&step=b3RoZXI=&hmxtagid=4.3.0&u=aHR0cHM6Ly93d3cucG9rZXJzdGFycy5mci8=&hmxts=1626627241784&hmxtzoffset=LTEyMA==&hmxtzname=RXVyb3BlL0Jlcmxpbg==&navlang=ZW4tVVM=&hmxdnt=MA==&r=aHR0cHM6Ly9scC5jbGV2ZXJuZXR3b3JrLnB0Lw==&hmx_send_ts=1626627241784&hmx_new_session=1
Requested by: Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.65.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-65-171.eu-west-1.compute.amazonaws.com
Software: hmxps /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 18 Jul 2021 16:54:01 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, must-revalidate, proxy-revalidate
server: hmxps
content-type: image/gif
x-myname: 0e3c1b6c2f72989ab
expires: Mon, 21 Jan 1980 12:00:00 GMT

GET
H2 200 ram.css
cashier.rationalcdn.com/ram/2.2.149/styles/ Frame 9596 425 KB
154 KB 35ms
34ms Stylesheet
text/css 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cashier.rationalcdn.com/ram/2.2.149/styles/ram.css
Requested by: Host: cashier.rationalcdn.com
URL: https://cashier.rationalcdn.com/ram/2.2.149/vendor.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 136bac76253132e346b09cfaea93869afc7447b797d60c8883181fdcdab628c3

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cteonnt-length: 435280
date: Sun, 18 Jul 2021 16:54:01 GMT
content-encoding: gzip
last-modified: Fri, 09 Jul 2021 14:03:54 GMT
server: Apache
etag: "6a450-5c6b13dece680"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: private, max-age=743441
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With
content-length: 157181

GET
H3-29 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ Frame 9596 2 KB
882 B 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:02:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 3104
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Sun, 18 Jul 2021 17:02:17 GMT

GET
H/1.1 200 sessionid Show response
ram.pokerstars.fr/ram/login/ Frame 9596 667 B
1 KB 45ms
44ms XHR
application/json 77.87.177.43
RATIONAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ram.pokerstars.fr/ram/login/sessionid

Requested by

Host: cashier.rationalcdn.com
URL: https://cashier.rationalcdn.com/ram/2.2.149/vendor.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

77.87.177.43 Isle of Man, Isle Of Man, ASN43338 (RATIONAL-AS, IM),

Reverse DNS

Software

app server /

Resource Hash

d3046922bba0edc851dba36d85e3b2e83aea4f5645d32c2e36d32453578f5958

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache, no-store
Access-Control-Allow-Headers: Content-Type
Server: app server
Date: Sun, 18 Jul 2021 16:54:01 GMT
X-Frame-Options: DENY
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.pokerstars.fr
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=60
Expires: -86400

GET
H/1.1 200
OK BrightTag.jquery-1.5.1.js Show response
s.btstatic.com/ Frame 9596 82 KB
29 KB 47ms
46ms Script
application/javascript 104.111.248.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.btstatic.com/BrightTag.jquery-1.5.1.js
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.248.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-248-191.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1d878d54b9a998f52c94a6956310423cba9996302c42f60d9b7fe81da51992c7

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:54:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Jul 2021 15:10:03 GMT
Server: nginx
Vary: Accept-Encoding
P3P: CP=NOI DSP COR NID
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 29695

GET
H2 200 rewards-widget.min.js Show response
cashier.rationalcdn.com/widget/2.1.39/ Frame 9596 261 KB
74 KB 37ms
37ms Script
application/javascript 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cashier.rationalcdn.com/widget/2.1.39/rewards-widget.min.js
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/cross-ux/cvl-active.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1b8a361d8a7987c46d1a431b654836dec449cb2d7d1882d36d05861d785c44a8

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:01 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 20:10:47 GMT
server: Apache
etag: "412c9-5c6f2b7944187"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With
content-length: 75191

GET
H3-29 200 css
fonts.googleapis.com/ Frame 9596 7 KB
694 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700&subset=cyrillic,greek

Requested by

Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a89fc8b93ffad843dd466830b83527543c50d90dad2a2a10bd53dd34dc3711e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Jul 2021 16:21:52 GMT
server: ESF
date: Sun, 18 Jul 2021 16:54:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Jul 2021 16:54:01 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 9596 1 KB
2 KB 55ms
54ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1452156&mt_adid=122865&
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3810 5cb7d7e master cdg-pixel-x10 /
Resource Hash: 371bbe79c319096212db40c5c1bc9d9c4f0e638327e1827114ec1350f3f0595f

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:54:01 GMT
Server: MT3 3810 5cb7d7e master cdg-pixel-x10
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 1411
Expires: Sun, 18 Jul 2021 16:53:23 GMT

GET
H3-29 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 9596 95 KB
24 KB 9ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24676
x-xss-protection: 0
pragma: public
x-fb-debug: jPy9rtWVC47Qlyo+ff55g0F5MhVbxMTyTM0AAdkaSmkwDYhiLYViE1XEW4+o8Q3YlPvFzfSYG0BosehNXv8x1w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 18 Jul 2021 16:54:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29

200

activityi;dc_pre=CMGTxteK7fECFdAY0wodxaoGOw;src=8954552;type=rmcom0;cat=sg_we0;u27=267032970453457;ord=7407226738939.248;~oref=https%3A%2F%2Fwww.pokerstars.fr%2F Show response
8954552.fls.doubleclick.net/ Frame 444D
Redirect Chain

https://8954552.fls.doubleclick.net/activityi;src=8954552;type=rmcom0;cat=sg_we0;u27=267032970453457;ord=7407226738939.248;~oref=https%3A%2F%2Fwww.pokerstars.fr%2F
https://8954552.fls.doubleclick.net/activityi;dc_pre=CMGTxteK7fECFdAY0wodxaoGOw;src=8954552;type=rmcom0;cat=sg_we0;u27=267032970453457;ord=7407226738939.248;~oref=https%3A%2F%2Fwww.pokerstars.fr%2F

2 KB
713 B

119ms
80ms

Document
text/html

216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8954552.fls.doubleclick.net/activityi;dc_pre=CMGTxteK7fECFdAY0wodxaoGOw;src=8954552;type=rmcom0;cat=sg_we0;u27=267032970453457;ord=7407226738939.248;~oref=https%3A%2F%2Fwww.pokerstars.fr%2F

Requested by

Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f166.1e100.net

Software

cafe /

Resource Hash

6825a55372529e81e3ec1aff5cd960c53d1517eafb6af42eda4a99a197edff38

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8954552.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CMGTxteK7fECFdAY0wodxaoGOw;src=8954552;type=rmcom0;cat=sg_we0;u27=267032970453457;ord=7407226738939.248;~oref=https%3A%2F%2Fwww.pokerstars.fr%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pokerstars.fr/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.pokerstars.fr/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 18 Jul 2021 16:54:02 GMT
expires: Sun, 18 Jul 2021 16:54:02 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 688
x-xss-protection: 0
set-cookie: IDE=AHWqTUn_JbkHY-OTNCUoMb5tOVR-69hs7UXd-eX2k0-6NpJ181DkAOkEL2iZ0fv5_JQ; expires=Fri, 12-Aug-2022 16:54:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 18 Jul 2021 16:54:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8954552.fls.doubleclick.net/activityi;dc_pre=CMGTxteK7fECFdAY0wodxaoGOw;src=8954552;type=rmcom0;cat=sg_we0;u27=267032970453457;ord=7407226738939.248;~oref=https%3A%2F%2Fwww.pokerstars.fr%2F
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame 9596 14 KB
6 KB 149ms
60ms Script
application/javascript 13.224.99.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-57.zrh50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 023e64b862c4d75dd3390eda64f830ce73e3d8c689d30fff89dec507ccabb780

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:02 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: ZRH50-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 5720
via: 1.1 6b0e09b8a7d995016df1513b4b11c17e.cloudfront.net (CloudFront)
x-amz-cf-id: 6ISUZt7iUxsMwoNaGxTh7aHZakqspMBsLCZepZlPxycBg-BZsWRkYg==

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ Frame 9596 9 KB
4 KB 104ms
30ms Script
application/javascript 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:54:02 GMT
Content-Encoding: gzip
Age: 44135
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 3340
X-Served-By: cache-lga21936-LGA, cache-fra19140-FRA
Access-Control-Allow-Origin: *
Last-Modified: Wed, 02 Jun 2021 15:04:00 GMT
Server: nginx/1.13.10
X-Timer: S1626627242.036192,VS0,VE0
ETag: W/"60b79de0-23b3"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Thu, 10 Jun 2021 04:37:09 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 1, 7101

GET
H/1.1

200
OK

cs
s.thebrighttag.com/ Frame 9596
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.thebrighttag.com%2Fcs?btt=0&tp=an&uid=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.thebrighttag.com%252Fcs%3Fbtt%3D0%26tp%3Dan%26uid%3D%24UID
https://s.thebrighttag.com/cs?btt=0&tp=an&uid=8881832841376120260

35 B
717 B

129ms
51ms

Image
image/gif

34.248.208.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=an&uid=8881832841376120260
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.248.208.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-208-147.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 16:54:02 GMT
Server: nginx
P3P: CP=NOI DSP COR NID
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
X-BT-RequestId: c1076b90-e7e8-11eb-b2cb-0000ac150944

Redirect headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 16:54:02 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ea438680-a485-4265-a2d5-efef306a9319
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.thebrighttag.com/cs?btt=0&tp=an&uid=8881832841376120260
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

cs
s.thebrighttag.com/ Frame 9596
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/epROgTTp/?redir=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3D0WCbX0j%26uid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/epROgTTp/?redir=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3D0WCbX0j%26uid%3D%24%7BTM_USER_ID%7D&_test=YPRcqgAC3NEs_QAC
https://s.thebrighttag.com/cs?btt=0&tp=0WCbX0j&uid=YPRcqgAC3NEs_QAC&_test=YPRcqgAC3NEs_QAC

35 B
722 B

49ms
48ms

Image
image/gif

34.248.208.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=0WCbX0j&uid=YPRcqgAC3NEs_QAC&_test=YPRcqgAC3NEs_QAC
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.248.208.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-208-147.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 16:54:02 GMT
Server: nginx
P3P: CP=NOI DSP COR NID
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
X-BT-RequestId: c10b3c20-e7e8-11eb-91bd-0000ac150a10

Redirect headers

pragma: no-cache
date: Sun, 18 Jul 2021 16:54:02 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1626627242.165380,VS0,VE0
x-served-by: cache-fra19142-FRA
x-cache: HIT
location: https://s.thebrighttag.com/cs?btt=0&tp=0WCbX0j&uid=YPRcqgAC3NEs_QAC&_test=YPRcqgAC3NEs_QAC
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

cs
s.thebrighttag.com/ Frame 9596
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=signal_dmp&google_cm&btt=0
https://s.thebrighttag.com/cs?tp=gcms&btt=0&google_gid=CAESEBtPjCcmw2cB_YwqQy_yxWA&google_cver=1

35 B
741 B

151ms
53ms

Image
image/gif

34.248.208.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?tp=gcms&btt=0&google_gid=CAESEBtPjCcmw2cB_YwqQy_yxWA&google_cver=1
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.248.208.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-208-147.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 16:54:02 GMT
Server: nginx
P3P: CP=NOI DSP COR NID
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
X-BT-RequestId: c10792a1-e7e8-11eb-9538-0000ac150838

Redirect headers

pragma: no-cache
date: Sun, 18 Jul 2021 16:54:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.thebrighttag.com/cs?tp=gcms&btt=0&google_gid=CAESEBtPjCcmw2cB_YwqQy_yxWA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 305
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

cs
s.thebrighttag.com/ Frame 9596
Redirect Chain

https://sync.mathtag.com/sync/js?redir=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Ftp%3Dmm%26uid%3D%5BMM_UUID%5D%26btt%3D0
https://s.thebrighttag.com/cs?tp=mm&uid=bd1e60f4-5ca8-4d00-bb5f-626460ca4923&btt=0

35 B
739 B

51ms
51ms

Image
image/gif

34.248.208.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?tp=mm&uid=bd1e60f4-5ca8-4d00-bb5f-626460ca4923&btt=0
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.248.208.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-208-147.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 16:54:02 GMT
Server: nginx
P3P: CP=NOI DSP COR NID
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
X-BT-RequestId: c0f6f0d0-e7e8-11eb-9709-0000ac1508e9

Redirect headers

Date: Sun, 18 Jul 2021 16:54:05 GMT
Server: MT3 3810 5cb7d7e master zrh-pixel-x26
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://s.thebrighttag.com/cs?tp=mm&uid=bd1e60f4-5ca8-4d00-bb5f-626460ca4923&btt=0
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 18 Jul 2021 16:54:04 GMT

GET
H/1.1

200
OK

cs
s.thebrighttag.com/ Frame 9596
Redirect Chain

https://servedby.flashtalking.com/map/?key=s3lJXta567k8G63uyekk63hUj6k11&url=https://s.thebrighttag.com/cs?btt=0&tp=dJNjEOZ&uid=[%FT_GUID%]
https://s.thebrighttag.com/cs?btt=0&tp=dJNjEOZ&uid=4947C42EBA7346

35 B
722 B

97ms
51ms

Image
image/gif

34.248.208.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=dJNjEOZ&uid=4947C42EBA7346
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.248.208.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-208-147.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 16:54:02 GMT
Server: nginx
P3P: CP=NOI DSP COR NID
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
X-BT-RequestId: c0fee010-e7e8-11eb-89cc-0000ac150979

Redirect headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 16:54:02 GMT
Server: prod-xre-app18.frk11
X-HW: 1626627241.dop203.pa1.t,1626627242.cds033.pa1.shn,1626627242.dop203.pa1.t,1626627242.cds204.pa1.sc,1626627242.cds204.pa1.p
Location: https://s.thebrighttag.com/cs?btt=0&tp=dJNjEOZ&uid=4947C42EBA7346
Cache-Control: no-cache, no-store
Connection: Keep-Alive
Content-Length: 0

OPTIONS
H/1.1 200
OK tag
s.thebrighttag.com/ Frame 0
0 149ms
51ms Preflight 34.248.208.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.thebrighttag.com/tag
Protocol: HTTP/1.1
Server: 34.248.208.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-208-147.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-requested-with
Origin: https://www.pokerstars.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Sun, 18 Jul 2021 16:54:02 GMT
Content-Length: 0
Connection: keep-alive
ETag: d41d8cd98f00b204e9800998ecf8427e
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
X-BT-RequestId: c0fae870-e7e8-11eb-9ae1-0000ac150af2
Access-Control-Max-Age: 86400
Access-Control-Allow-Origin: https://www.pokerstars.fr
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Credentials: true
P3P: CP=NOI DSP COR NID

POST
H/1.1 200
OK tag Show response
s.thebrighttag.com/ Frame 9596 8 KB
3 KB 84ms
59ms XHR
text/javascript 34.248.208.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.thebrighttag.com/tag
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/BrightTag.jquery-1.5.1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.248.208.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-208-147.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b307242770181c0b17e8b00dfd899f140c769f8da4b1db4f921aef8792721242

Request headers

Accept: */*
Referer: https://www.pokerstars.fr/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 16:54:02 GMT
content-encoding: gzip
Server: nginx
ETag: 3ce300a5b2e8fd1168899da582a95092
P3P: CP=NOI DSP COR NID
Access-Control-Allow-Origin: https://www.pokerstars.fr
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 2474
X-BT-RequestId: c106f660-e7e8-11eb-95b2-0000ac150857

GET
H2 204 5562480.js Show response
bat.bing.com/p/action/ Frame 9596 0
151 B 349ms
349ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/5562480.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 18 Jul 2021 16:54:02 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 68BE95D9FE544DB9BE80FB433B9738A3 Ref B: FRAEDGE1218 Ref C: 2021-07-18T16:54:01Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ Frame 9596 0
149 B 29ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5562480&Ver=2&mid=cc348037-9dbd-4796-9c96-96757b7f7549&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Poker%20en%20ligne%20-%20Jouez%20des%20parties%20de%20poker%20sur%20PokerStars&p=https%3A%2F%2Flp.clevernetwork.pt%2F&r=&lt=5209&evt=pageLoad&ifm=1&msclkid=N&sv=1&rn=969347
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 18 Jul 2021 16:54:01 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 545BD71BCACA43B98955AAC9AB8627B6 Ref B: FRAEDGE1218 Ref C: 2021-07-18T16:54:01Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 identity.js Show response
connect.facebook.net/signals/plugins/ Frame 9596 11 KB
5 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.43

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 4673
x-xss-protection: 0
pragma: public
x-fb-debug: CBqhokDFhiPsDsh1OJEXIVVJkJ66VEJ4/6ON2/DuJCyu/3SZ8oLX5LAmJFFCHLWAZxmJd7pse0ztCmaYISdLgQ==
x-frame-options: DENY
date: Sun, 18 Jul 2021 16:54:02 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 1152875091428286 Show response
connect.facebook.net/signals/config/ Frame 9596 261 KB
74 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1152875091428286?v=2.9.43&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

252df1f197b74d7d06eb0c9ce6b1a0d0a081d4039da2d34968028e9fb5a33eac

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 76093
x-xss-protection: 0
pragma: public
x-fb-debug: Hbz3fxrL1S74FNssDsV0oahBFPb5tSCixIBQ9SMIhcYQ1JWOgbyxexlnkUNsYDyI4Kw80tsz9al1MMmHIJmX+g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 18 Jul 2021 16:54:02 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame 8B45 631 B
948 B 108ms
52ms Document
text/html 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=bd1e60f4-5ca8-4d00-bb5f-626460ca4923&no_iframe=1&mt_adid=122865&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1452156&mt_adid=122865&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3810 5cb7d7e master cdg-pixel-x6 /
Resource Hash: 304a0259406001319e10acd097537e33bbc0157670417a48fdd527a889951f65

Request headers

Host: pixel.mathtag.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.pokerstars.fr/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid=bd1e60f4-5ca8-4d00-bb5f-626460ca4923
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.pokerstars.fr/

Response headers

Content-Type: text/html
Content-Length: 631
Server: MT3 3810 5cb7d7e master cdg-pixel-x6
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Sun, 18 Jul 2021 16:53:23 GMT
Date: Sun, 18 Jul 2021 16:54:02 GMT
Connection: keep-alive

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 9596 43 B
480 B 55ms
54ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3810 5cb7d7e master cdg-pixel-x13 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:54:02 GMT
Server: MT3 3810 5cb7d7e master cdg-pixel-x13
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 18 Jul 2021 16:53:23 GMT

GET
H3-29 200 /
www.facebook.com/tr/ Frame 9596 44 B
91 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1152875091428286&ev=PageView&dl=https%3A%2F%2Fwww.pokerstars.fr%2F&rl=https%3A%2F%2Flp.clevernetwork.pt%2F&if=true&ts=1626627242035&sw=1600&sh=1200&ud[external_id]=4bb275584616fdadaaeba27705d2c299be0fba9b68ef890f00fa601b52401964&v=2.9.43&r=stable&ec=0&o=30&it=1626627242001&coo=false&rqm=GET

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:02 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sun, 18 Jul 2021 16:54:02 GMT

GET
H/1.1 200
OK pixie
ib.adnxs.com/ Frame 9596 42 B
335 B 96ms
30ms Image
image/gif 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=PageView&pi=aa03559c-a641-483f-831c-5e9093c127eb&it=1626627242059&v=0.0.20&u=https%3A%2F%2Fwww.pokerstars.fr%2F&r=https%3A%2F%2Flp.clevernetwork.pt%2F&st=1626627242058&et=1626627242059&if=1
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: nginx/1.17.9 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:54:02 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx/1.17.9
Connection: keep-alive
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
Content-Length: 42
Content-Type: image/gif

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 4676 0
262 B 81ms
32ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=1666b7b9-c3bf-47cf-8574-42bbbc074d5a

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: tr.snapchat.com
:scheme: https
:path: /cm/i?pid=1666b7b9-c3bf-47cf-8574-42bbbc074d5a
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pokerstars.fr/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.pokerstars.fr/

Response headers

server: nginx/1.17.3
date: Sun, 18 Jul 2021 16:54:02 GMT
content-type: text/html
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 js-sha256-v1.min.js Show response
sc-static.net/ Frame 9596 22 KB
8 KB 132ms
45ms Script
application/javascript 13.224.99.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/js-sha256-v1.min.js
Requested by: Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-57.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253

Request headers

Origin: https://www.pokerstars.fr
Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Jul 2021 20:24:53 GMT
content-encoding: gzip
age: 73750
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 05 Apr 2019 00:32:08 GMT
server: AmazonS3
etag: W/"68f2467c84878293c9ee497dbc99a17f"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 aa001e3127bb5bd7bbc48bc4fef44b79.cloudfront.net (CloudFront)
access-control-expose-headers: Content-Type
cache-control: public, s-maxage=86400, max-age=600
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: aFZxBQCTMdKsIckSYlK8a5-eH-XPWrORj3U_BRSOI6wZPK9osM44vw==

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 8B45 43 B
480 B 52ms
51ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=bd1e60f4-5ca8-4d00-bb5f-626460ca4923&no_iframe=1&mt_adid=122865&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3810 5cb7d7e master cdg-pixel-x26 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=bd1e60f4-5ca8-4d00-bb5f-626460ca4923&no_iframe=1&mt_adid=122865&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:54:02 GMT
Server: MT3 3810 5cb7d7e master cdg-pixel-x26
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 18 Jul 2021 16:53:23 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame 444D 44 KB
17 KB 109ms
41ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: 8954552.fls.doubleclick.net
URL: https://8954552.fls.doubleclick.net/activityi;dc_pre=CMGTxteK7fECFdAY0wodxaoGOw;src=8954552;type=rmcom0;cat=sg_we0;u27=267032970453457;ord=7407226738939.248;~oref=https%3A%2F%2Fwww.pokerstars.fr%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

7f910a1e8b2da14636a741dbc704263fd7d9fd021284a40e9b44ac6dd470fb3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8954552.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17224
x-xss-protection: 0
server: cafe
etag: 1232925476602830293
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 18 Jul 2021 16:54:02 GMT

GET
H3-29 200 dc_pre=CMGTxteK7fECFdAY0wodxaoGOw;src=8954552;type=rmcom0;cat=sg_we0;u27=267032970453457;ord=7407226738939.248;~oref=https%3A%2F%2Fwww.pokerstars.fr%2F
adservice.google.com/ddm/fls/z/ Frame 444D 42 B
63 B 51ms
49ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMGTxteK7fECFdAY0wodxaoGOw;src=8954552;type=rmcom0;cat=sg_we0;u27=267032970453457;ord=7407226738939.248;~oref=https%3A%2F%2Fwww.pokerstars.fr%2F

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8954552.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 16:54:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
its.tradelab.fr/ Frame 9596 2 B
503 B 109ms
33ms Script
text/html 62.212.64.229
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://its.tradelab.fr/?type=token&p=tlab&gtw=%2F%2Fs.thebrighttag.com%2Fapi%3Fsite%3DG58M8eX%26referrer%3Dtlabset%26signalid%3D267032970453457
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.212.64.229 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: tradelab.fr
Software: nginx/1.17.7 / Tradelab ITS / node5.tradelab.fr
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 16:54:02 GMT
Server: nginx/1.17.7
X-Powered-By: Tradelab ITS / node5.tradelab.fr
P3p: CP="CAO PSA OUR"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0,post-check=0,pre-check=0
Connection: keep-alive
Content-Type: text/html
Content-Length: 2

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ Frame 9596 5 KB
2 KB 90ms
29ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a53ea60fbea6cb1775430998564d5f295aba7d3bfe548a0ba79aa2a049aba839

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:02 GMT
via: 1.1 varnish
last-modified: Mon, 12 Jul 2021 21:25:31 GMT
age: 60417
etag: "65cf0c0ceb852397f0d1e6732cd3c533+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1958
x-timer: S1626627242.294197,VS0,VE0
x-served-by: cache-fra19123-FRA

GET
H/1.1 200
OK / Show response
servedby.flashtalking.com/container/18308;120606;12865;iframe/ Frame 3586 24 KB
24 KB 35ms
35ms Document
text/html 209.197.3.19
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=267032970453457&ft_partnerid=267032970453457&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=204884.99920078597
Requested by: Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: vip0x013.map2.ssl.hwcdn.net
Software: prod-xre-app41.frk11 /
Resource Hash: a06f309b949ec5c0118bbedba00c5e19bb1fd25ef0b4293fe0361ee8f132ad59

Request headers

Host: servedby.flashtalking.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.pokerstars.fr/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: flashtalkingad1="GUID=4947C42EBA7346"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.pokerstars.fr/

Response headers

Date: Sun, 18 Jul 2021 16:54:02 GMT
Connection: close
Cache-Control: no-cache, no-store
Content-Type: text/html
Server: prod-xre-app41.frk11
Pragma: no-cache
X-HW: 1626627241.dop203.pa1.t,1626627242.cds033.pa1.shn,1626627242.dop203.pa1.t,1626627242.cds204.pa1.sc,1626627242.cds204.pa1.p

POST
H3-29 200 p Show response
tr.snapchat.com/ Frame 506C 0
15 B 58ms
35ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: POST
:authority: tr.snapchat.com
:scheme: https
:path: /p
content-length: 339
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://www.pokerstars.fr
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pokerstars.fr/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://www.pokerstars.fr
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.pokerstars.fr/

Response headers

server: nginx/1.17.3
date: Sun, 18 Jul 2021 16:54:02 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBgRUAIAQFwIm8p0/UOKGmMHx3r0S4UOSxg9RO0j456S5HBA9NR/cwmMGhaP5sTr+CMgAAAA==;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200 d9core Show response
d9.flashtalking.com/ Frame 3586 11 KB
4 KB 216ms
53ms Script
application/javascript 52.48.136.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d9.flashtalking.com/d9core
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=267032970453457&ft_partnerid=267032970453457&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=204884.99920078597
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.136.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-136-43.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash: 029352a9579a0613454a3ecfa2474f85cc26918db3c9c8d398176b633467753e

Request headers

Referer: https://servedby.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:54:02 GMT
Content-Encoding: gzip
Server: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
ETag: 5bc31bf7d4a298e1bef9d35fce222bfc
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,SERVER
P3P: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin: d9.flashtalking.com
Cache-Control: private, must-revalidate, proxy-revalidate, max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Content-Length: 3600

GET
H/1.1 200
OK /
servedby.flashtalking.com/spot/1/18308;120607;12865/ Frame 3586 42 B
355 B 74ms
34ms Image
image/gif 209.197.3.19
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedby.flashtalking.com/spot/1/18308;120607;12865/?U7=267032970453457&ft_partnerid=267032970453457&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=204884.99920078597&ft_guid=4947C42EBA7346&ft_log=1&ft_trackID=16266272-4224-56C9-71B4-4B66A60A1564&ft_guidCreated=1
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=267032970453457&ft_partnerid=267032970453457&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=204884.99920078597
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: vip0x013.map2.ssl.hwcdn.net
Software: prod-xre-app21.frk11 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=267032970453457&ft_partnerid=267032970453457&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=204884.99920078597
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 16:54:02 GMT
Server: prod-xre-app21.frk11
X-HW: 1626627242.dop207.pa1.shc,1626627242.dop207.pa1.t,1626627242.cds044.pa1.sc,1626627242.cds044.pa1.p
Content-Type: image/gif
Cache-Control: no-cache,no-store
Connection: Keep-Alive
Content-Length: 42

GET
H2 200 1
tapestry.tapad.com/tapestry/ Frame 3586 95 B
496 B 73ms
26ms Image
image/png 35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tapestry.tapad.com/tapestry/1?ta_partner_id=2035&ta_partner_did=4947C42EBA7346&ta_format=png

Requested by

Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=267032970453457&ft_partnerid=267032970453457&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=204884.99920078597

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://servedby.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:02 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 200 adsct Show response
analytics.twitter.com/i/ Frame 9596 31 B
659 B 269ms
197ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.1&p_id=Twitter&p_user_id=0&txn_id=nz6yk&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Flp.clevernetwork.pt%2F&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.pokerstars.fr%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Sun, 18 Jul 2021 16:54:02 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 41c5041dca94f4f422167e4cc0901bf5f4775797c6e6704addcf066b903453c0
x-transaction: 049586cf84aef6a3
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ Frame 9596 43 B
455 B 201ms
140ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.1&p_id=Twitter&p_user_id=0&txn_id=nz6yk&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Flp.clevernetwork.pt%2F&tw_document_href=https%3A%2F%2Fwww.pokerstars.fr%2F

Requested by

Host: www.portalmaismidia.com.br
URL: http://www.portalmaismidia.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Sun, 18 Jul 2021 16:54:02 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 4dcfe064d75d61cdddb1e6ad45e2353dcb439e49409f187ed19c65cb081bfc6b
x-transaction: 6cc35586cab14a96
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3-29 200 / Show response
www.googleadservices.com/pagead/conversion/752674712/ Frame 444D 2 KB
1 KB 80ms
40ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/752674712/?random=1626627242321&cv=9&fst=1626627242321&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMGTxteK7fECFdAY0wodxaoGOw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D267032970453457%3Bord%3D7407226738939.248%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.fr%252F&ref=https%3A%2F%2Fwww.pokerstars.fr%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

a49f9fc5f4bc884f9bb76c54cae5849d08130f2b6114367a0ce9c60d076bd156

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8954552.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 16:54:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1214
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 / Show response
www.googleadservices.com/pagead/conversion/702974000/ Frame 444D 2 KB
1 KB 76ms
39ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/702974000/?random=1626627242329&cv=9&fst=1626627242321&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMGTxteK7fECFdAY0wodxaoGOw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D267032970453457%3Bord%3D7407226738939.248%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.fr%252F&ref=https%3A%2F%2Fwww.pokerstars.fr%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

c63527b6527862443697627738a776669bc03fa8973bc6e75e8ff8386386be02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8954552.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 16:54:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1214
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/702974000/ Frame 444D
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/702974000/?random=428586270&cv=9&fst=1626627242321&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w...
https://www.google.com/pagead/1p-conversion/702974000/?random=428586270&cv=9&fst=1626627242321&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=...
https://www.google.de/pagead/1p-conversion/702974000/?random=428586270&cv=9&fst=1626627242321&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1...

42 B
108 B

18ms
18ms

Image
image/gif

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/702974000/?random=428586270&cv=9&fst=1626627242321&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMGTxteK7fECFdAY0wodxaoGOw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D267032970453457%3Bord%3D7407226738939.248%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.fr%252F&ref=https%3A%2F%2Fwww.pokerstars.fr%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=qlz0YOurF4nWgAfRgKWQCw&cid=CAQSKQCNIrLM6jwrVYitbc8UFIJ9yewNysV9nEfwigCug70wOrEN07PV_iid&random=1896672238&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8954552.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 16:54:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 18 Jul 2021 16:54:02 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/702974000/?random=428586270&cv=9&fst=1626627242321&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMGTxteK7fECFdAY0wodxaoGOw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D267032970453457%3Bord%3D7407226738939.248%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.fr%252F&ref=https%3A%2F%2Fwww.pokerstars.fr%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=qlz0YOurF4nWgAfRgKWQCw&cid=CAQSKQCNIrLM6jwrVYitbc8UFIJ9yewNysV9nEfwigCug70wOrEN07PV_iid&random=1896672238&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/752674712/ Frame 444D
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/752674712/?random=1836638020&cv=9&fst=1626627242321&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_...
https://www.google.com/pagead/1p-conversion/752674712/?random=1836638020&cv=9&fst=1626627242321&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw...
https://www.google.de/pagead/1p-conversion/752674712/?random=1836638020&cv=9&fst=1626627242321&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=...

42 B
108 B

26ms
26ms

Image
image/gif

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/752674712/?random=1836638020&cv=9&fst=1626627242321&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMGTxteK7fECFdAY0wodxaoGOw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D267032970453457%3Bord%3D7407226738939.248%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.fr%252F&ref=https%3A%2F%2Fwww.pokerstars.fr%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=qlz0YJiuF7Wxx_APrZCIgAw&cid=CAQSKQCNIrLMqRxyqvYMNptkgzm52DTshwp7aJd7ENXf6gLXTEQiGiYXsAqb&random=2666810695&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8954552.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 16:54:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 18 Jul 2021 16:54:02 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/752674712/?random=1836638020&cv=9&fst=1626627242321&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMGTxteK7fECFdAY0wodxaoGOw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D267032970453457%3Bord%3D7407226738939.248%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.fr%252F&ref=https%3A%2F%2Fwww.pokerstars.fr%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=qlz0YJiuF7Wxx_APrZCIgAw&cid=CAQSKQCNIrLMqRxyqvYMNptkgzm52DTshwp7aJd7ENXf6gLXTEQiGiYXsAqb&random=2666810695&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK tag Show response
s.thebrighttag.com/ Frame 9596 130 B
718 B 55ms
54ms Script
text/javascript 34.248.208.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.thebrighttag.com/tag?site=G58M8eX&H=-35nia2i&referrer=https%3A%2F%2Fwww.pokerstars.fr%2F&docReferrer=https%3A%2F%2Flp.clevernetwork.pt%2F&mode=v2&cf=6854607%2C7470537%2C7177087&_cb_bt_data(%27pstrkidmanager%20mediamath%20uid%27)=bd1e60f4-5ca8-4d00-bb5f-626460ca4923&_cb_bt_data(%27signal%20id%27)=267032970453457&_cb_bt_data(%27pstrkidmanager%20wid%27)=&_cb_bt_data(%27siteid%27)=FR&_cb_bt_data(%27currentdomain%27)=pokerstars.fr&btpdb.G58M8eX.dGZjLjc0Mzg0OTM=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjUzMTk1MDY=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjM2NjE5ODM=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjc0ODczNTg=U0VTU0lPTg
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.248.208.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-208-147.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3e0471d621e67b52635f6866e419f2be1fcfc6199443c3ee6ef1c55ed019b924

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 16:54:02 GMT
content-encoding: gzip
Server: nginx
ETag: 8e5fbbb0bc6c292d95aa0910a55c3227
P3P: CP=NOI DSP COR NID
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 149
X-BT-RequestId: c13691e0-e7e8-11eb-919a-0000ac150866

GET
H/1.1 200
OK tag Show response
s.thebrighttag.com/ Frame 9596 0
543 B 58ms
57ms Script
text/javascript 34.248.208.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.thebrighttag.com/tag?site=G58M8eX&H=-35nia2i&referrer=https%3A%2F%2Fwww.pokerstars.fr%2F&docReferrer=https%3A%2F%2Flp.clevernetwork.pt%2F&mode=v2&cf=7470537%2C7487903%2C7487904&_cb_bt_data(%27pstrkidmanager%20wid%27)=&_cb_bt_data(%27signal%20id%27)=267032970453457&_cb_bt_data(%27pstrkidmanager%20mediamath%20uid%27)=bd1e60f4-5ca8-4d00-bb5f-626460ca4923&_cb_bt_data(%27pstrkidmanager%20fbpid%27)=&_cb_bt_data(%27pstrkidmanager%20fbclid%27)=&btpdb.G58M8eX.dGZjLjc0Mzg0OTM=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjUzMTk1MDY=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjM2NjE5ODM=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjc0ODczNTg=U0VTU0lPTg
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.248.208.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-208-147.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 16:54:02 GMT
Server: nginx
ETag: d41d8cd98f00b204e9800998ecf8427e
P3P: CP=NOI DSP COR NID
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 0
X-BT-RequestId: c137a350-e7e8-11eb-abd3-0000ac150a10

GET
H/1.1 200
OK tag Show response
s.thebrighttag.com/ Frame 9596 0
543 B 61ms
61ms Script
text/javascript 34.248.208.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.thebrighttag.com/tag?site=G58M8eX&H=-35nia2i&referrer=https%3A%2F%2Fwww.pokerstars.fr%2F&docReferrer=https%3A%2F%2Flp.clevernetwork.pt%2F&mode=v2&cf=7486915&_cb_bt_data(%27signal%20id%27)=267032970453457&_cb_bt_data(%27ga%20uid%20mixed%27)=1114429044-1626627241&_cb_bt_data(%27ps_ga_property-(bi)%27)=UA-56166869-5&btpdb.G58M8eX.dGZjLjc0Mzg0OTM=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjUzMTk1MDY=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjM2NjE5ODM=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjc0ODczNTg=U0VTU0lPTg
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.248.208.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-208-147.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 16:54:02 GMT
Server: nginx
ETag: d41d8cd98f00b204e9800998ecf8427e
P3P: CP=NOI DSP COR NID
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 0
X-BT-RequestId: c138b4c0-e7e8-11eb-ade0-0000ac1509e4

POST
H/1.1 200 lgc Show response
d9.flashtalking.com/ Frame 3586 103 B
748 B 79ms
78ms XHR
application/json 52.48.136.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d9.flashtalking.com/lgc
Requested by: Host: d9.flashtalking.com
URL: https://d9.flashtalking.com/d9core
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.136.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-136-43.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash: ca007374a8987bcb185dd6546a44691463ccb45633057e7dd6789ef94ecbe650

Request headers

Referer: https://servedby.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Sun, 18 Jul 2021 16:54:02 GMT
Content-Encoding: gzip
Server: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,SERVER
P3P: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin: https://servedby.flashtalking.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=ISO-8859-1
Content-Length: 79

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 28ms
27ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210712&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d18fd70de2b83a46e39ea6b881f0641c12e8046a0d536b5389bac93622d4a8d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Jul 2021 16:54:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8475
x-xss-protection: 0

GET
H3-29

200

/
www.facebook.com/login/ Frame B37C
Redirect Chain

https://web.facebook.com/v2.3/plugins/page.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2124b4364cf764%26domain%3Dwww.por...
https://web.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv2.3%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fx...
https://www.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv2.3%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fx...

0
0

130ms
129ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv2.3%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2124b4364cf764%2526domain%253Dwww.portalmaismidia.com.br%2526origin%253Dhttp%25253A%25252F%25252Fwww.portalmaismidia.com.br%25252Ffc4a483d48b97%2526relation%253Dparent.parent%26container_width%3D0%26height%3D432%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmaismidiaoficial%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D340&_rdc=1&_rdr

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=e04c5e810b1aaeb00aaac93c6ab3906b

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /login/?next=https%3A%2F%2Fweb.facebook.com%2Fv2.3%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2124b4364cf764%2526domain%253Dwww.portalmaismidia.com.br%2526origin%253Dhttp%25253A%25252F%25252Fwww.portalmaismidia.com.br%25252Ffc4a483d48b97%2526relation%253Dparent.parent%26container_width%3D0%26height%3D432%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmaismidiaoficial%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D340&_rdc=1&_rdr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.portalmaismidia.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
x-fb-rlafr: 0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: TD9XnV6aZrOaDvsN0eQZVWjCkzY1fh5XAAm6HHa5OM75mJ/R47R4MrZ5Mmbx5DDd6KFma6t0R/cr6RdrNKXisA==
date: Sun, 18 Jul 2021 16:54:02 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

location: https://www.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv2.3%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2124b4364cf764%2526domain%253Dwww.portalmaismidia.com.br%2526origin%253Dhttp%25253A%25252F%25252Fwww.portalmaismidia.com.br%25252Ffc4a483d48b97%2526relation%253Dparent.parent%26container_width%3D0%26height%3D432%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmaismidiaoficial%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D340&_rdc=1&_rdr
x-fb-zr-redirect: 02|1626713642|
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: qM1j9mGzawRRD1N0ZR11+et98BgLXvN4ssmCy6LJe8ACm/Lub3ibX9T7G9/5k0JILTHvIxz5yaQhHyDICoa3QA==
content-length: 0
date: Sun, 18 Jul 2021 16:54:02 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H/1.1 200
OK /
servedby.flashtalking.com/track/120607;12865;403;16266272-4224-56C9-71B4-4B66A60A1564/ Frame 3586 42 B
396 B 33ms
32ms Image
image/gif 209.197.3.19
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedby.flashtalking.com/track/120607;12865;403;16266272-4224-56C9-71B4-4B66A60A1564/?ft_data=d9:5ab2e4cb955a4dc4aa4840b9d7b7e179;d9s:5ab2e4cb955a4dc4aa4840b9d7b7e179&cachebuster=885194.0405892094
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: vip0x013.map2.ssl.hwcdn.net
Software: prod-xre-app56.frk11 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=267032970453457&ft_partnerid=267032970453457&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=204884.99920078597
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 16:54:02 GMT
Server: prod-xre-app56.frk11
X-HW: 1626627242.dop207.pa1.shc,1626627242.dop207.pa1.t,1626627242.cds044.pa1.sc,1626627242.cds044.pa1.p
Content-Type: image/gif
Cache-Control: no-cache, no-store
Connection: Keep-Alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1
tapestry.tapad.com/tapestry/ Frame 3586 95 B
335 B 27ms
26ms Image
image/png 35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tapestry.tapad.com/tapestry/1?ta_partner_id=2176&ta_partner_did=5ab2e4cb955a4dc4aa4840b9d7b7e179&ta_format=png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://servedby.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:02 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1 200
OK api
s.thebrighttag.com/ Frame 3586 0
0 60ms
59ms Image
application/json 34.248.208.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/api?site=G58M8eX&referrer=flashtalking&ftrackid=d9:5ab2e4cb955a4dc4aa4840b9d7b7e179&uid=267032970453457&cachebuster=443235.4867533805
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.248.208.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-208-147.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://servedby.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK /
servedby.flashtalking.com/segment/modify/agc5_18308;;pixel/ Frame 3586 42 B
517 B 65ms
32ms Image
image/gif 209.197.3.19
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedby.flashtalking.com/segment/modify/agc5_18308;;pixel/?name=tsg&cb=336676.6897302857
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: vip0x013.map2.ssl.hwcdn.net
Software: prod-xre-app15.frk11 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=267032970453457&ft_partnerid=267032970453457&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=204884.99920078597
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 16:54:02 GMT
Server: prod-xre-app15.frk11
X-HW: 1626627242.dop207.pa1.shc,1626627242.dop207.pa1.t,1626627242.cds044.pa1.sc,1626627242.cds044.pa1.p
Content-Type: image/gif
Cache-Control: no-cache, no-store
Connection: Keep-Alive
Content-Length: 42

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Sun, 18 Jul 2021 16:54:02 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 2B4F 12 KB
5 KB 16ms
14ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.portalmaismidia.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.portalmaismidia.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Sun, 18 Jul 2021 15:05:19 GMT
expires: Mon, 18 Jul 2022 15:05:19 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6523
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FF82 783 B
533 B 25ms
22ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

141b3678c85e523f6a6436334a9ffd2c07659502f2d713c10848002296432220

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pkq7/LBMbUaWR4GwAbQiPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.portalmaismidia.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.portalmaismidia.com.br/

Response headers

expires: Sun, 18 Jul 2021 16:54:02 GMT
date: Sun, 18 Jul 2021 16:54:02 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-pkq7/LBMbUaWR4GwAbQiPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js Show response
pagead2.googlesyndication.com/bg/ Frame 2B4F 35 KB
13 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b1916d5a5a97048327e74b168dd38fe0067ac06db81f57f72108f23410cff79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Jul 2021 15:13:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 92415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13308
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Jul 2022 15:13:47 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210712&jk=2956790455874972&bg=!d3SldDDNAAZjFomlYxY7ACkAdvg8Wpc_S4QL_79j3aAUtZrX3TA0UL1rKGmryP-ddDj6IhzrJnZtogIAAABUUgAAAA1oAQeZAogRDdAbnrHoTb5i7DchsHALbVN2ahia0W7xTuq3BU3P7MgG_cI4MVfB68XOIZYcDxA0otKpQX98HnJuNk5v3TrKtWRsAaHzMvFhJIosbn7jmuxBZM4zbi5Vk7oUMBcIXRBq-yNJEhTbwGIVgU5_6919xvbGMqVR-gEJk13TLh43MmYPtpA1GrRXTabX94ei6UJr1_q5wGoYU5qd9B1KCzK2Jebxc2QrbB3EJ-yWDBdGgWRvkdSYn5CguYvFWF8b-joKc6PrKhh5DIl5IBSCoGRwyMgz4Tod_FQIYyestoLy8pK_uTmzN-zGafD5t0skf0dhE-zZ62nBUWeiGXC_I-rJKNRE8RnuqGNzF5jdTY8MwDG5gJ6Z--YZtoIANvZxn-vXY8NjmD1R7i0OtK4_DfDKyED04QQ0QDB56tDJTtbfdVviVX4XTmRn73hG72xzBdrI0MQxMTbHHn5Rsmjy4M9pLMBRoh76ZBYNUDtCEfALHPYnvTt4PmDzVg-l7WhTrBa4FB3HU4md58Hoe2_VtloG-U57EOPGqwSfG45eURPK7Q6Kr8yTtBfGmBLo1W5aZorek6iFPW2sSQ6DH1Ad1euiOPxcTbD-eIzLojRrY5NkeHJMdd0RB7-kU7Uy3Sw0P_zgbnGXVGtCCeftWoc4v3K_gqvBmAlSzyq-cOUpyPnmXjKzKHcHLBc50gK8tr__bWysl4R0d6ra3tEzO0cJiAAtBi1qBrskrm2OL38zhW_pS9CxoHkim6lbb3MRQzS3VVhgi6VyJS9deW6gdMU4q_15nyGjUtfZmRH5G6cLXaxX0PwcfMMewnsjAo1P0O08MoIYvuXkJPZAidU3MNJ3SSIZwClEcWy9RQ8

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.portalmaismidia.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 16:54:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 9596 44 B
251 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1152875091428286&ev=Microdata&dl=https%3A%2F%2Fwww.pokerstars.fr%2F&rl=https%3A%2F%2Flp.clevernetwork.pt%2F&if=true&ts=1626627243539&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Poker%20en%20ligne%20-%20Jouez%20des%20parties%20de%20poker%20sur%20PokerStars%22%2C%22meta%3Adescription%22%3A%22Rejoignez%20PokerStars%20d%C3%A8s%20aujourd%E2%80%99hui%20-%20la%20meilleure%20salle%20de%20poker%20en%20ligne%20avec%20les%20meilleurs%20tournois%20du%20web.%20De%20superbes%20offres%20pour%20les%20nouveaux%20joueurs%2C%20ne%20passez%20pas%20%C3%A0%20c%C3%B4t%C3%A9%C2%A0!%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&ud[external_id]=4bb275584616fdadaaeba27705d2c299be0fba9b68ef890f00fa601b52401964&v=2.9.43&r=stable&ec=1&o=30&it=1626627242001&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 16:54:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 18 Jul 2021 16:54:03 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 9596 43 B
635 B 49ms
49ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3810 5cb7d7e master cdg-pixel-x29 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:54:12 GMT
Server: MT3 3810 5cb7d7e master cdg-pixel-x29
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 18 Jul 2021 16:56:29 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 8B45 43 B
488 B 59ms
58ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=bd1e60f4-5ca8-4d00-bb5f-626460ca4923&no_iframe=1&mt_adid=122865&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3810 5cb7d7e master cdg-pixel-x5 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=bd1e60f4-5ca8-4d00-bb5f-626460ca4923&no_iframe=1&mt_adid=122865&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 16:54:12 GMT
Server: MT3 3810 5cb7d7e master cdg-pixel-x5
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 18 Jul 2021 16:56:29 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame 9596 1 B
87 B 16ms
15ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-18510791-1&cid=1114429044-1626627241&jid=1561359197&gjid=955835031&_gid=117608542.1626627242&_u=aLBAgEIhEAAAAE~&z=611039107

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 18 Jul 2021 16:54:16 GMT
content-type: text/plain
access-control-allow-origin: https://www.pokerstars.fr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame 9596 1 B
67 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-56166869-5&cid=1114429044-1626627241&jid=1533341005&gjid=694582100&_gid=103213986.1626627242&_u=aLBAgEIhEAAAAE~&z=1162106734

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 18 Jul 2021 16:54:16 GMT
content-type: text/plain
access-control-allow-origin: https://www.pokerstars.fr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame 9596 1 B
67 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-57072753-4&cid=1114429044-1626627241&jid=346003794&gjid=1769120009&_gid=671762428.1626627242&_u=aLBAgEIhEAAAAE~&z=1774092584

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 18 Jul 2021 16:54:16 GMT
content-type: text/plain
access-control-allow-origin: https://www.pokerstars.fr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ Frame 9596 35 B
132 B 7ms
6ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=339791608&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.pokerstars.fr%2F&dr=https%3A%2F%2Flp.clevernetwork.pt%2F&ul=en-us&de=UTF-8&dt=Poker%20en%20ligne%20-%20Jouez%20des%20parties%20de%20poker%20sur%20PokerStars&sd=24-bit&sr=1600x1200&vp=&je=0&ec=unbounce&ea=15_sec&_u=aLBAgEIhE~&jid=1561359197&gjid=955835031&cid=1114429044-1626627241&tid=UA-18510791-1&_gid=117608542.1626627242&cd60=bd1e60f4-5ca8-4d00-bb5f-626460ca4923&cd1=(none)&cd2=A&cd5=fr&cg1=fr&cd12=1114429044-1626627241&cd26=1114429044-1626627241&cd18=267032970453457&cd6=yes&z=1299263238

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:16:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 20237
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ Frame 9596 35 B
91 B 7ms
7ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=339791608&t=event&ni=1&ds=web&_s=1&dl=https%3A%2F%2Fwww.pokerstars.fr%2F&dr=https%3A%2F%2Flp.clevernetwork.pt%2F&dh=www.pokerstars.fr&ul=en-us&de=UTF-8&dt=Poker%20en%20ligne%20-%20Jouez%20des%20parties%20de%20poker%20sur%20PokerStars&sd=24-bit&sr=1600x1200&vp=&je=0&ec=unbounce&ea=15_sec&_u=aLBAgEIhEAAAAE~&jid=1533341005&gjid=694582100&cid=1114429044-1626627241&tid=UA-56166869-5&_gid=103213986.1626627242&cd60=bd1e60f4-5ca8-4d00-bb5f-626460ca4923&cd1=(none)&cd2=A&cd5=fr&cg1=fr&cd12=1114429044-1626627241&cd26=1114429044-1626627241&cd18=267032970453457&cd32=RAM&cd33=app&cd66=Not%20provided&cd67=&cd3=FR&cd64=PS&cd65=.FR&cd30=Poker&cd36=2.2.149.dcc3af5&cd6=yes&z=1267288414

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:16:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 20237
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ Frame 9596 35 B
91 B 7ms
7ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=339791608&t=event&ni=1&ds=web&_s=1&dl=https%3A%2F%2Fwww.pokerstars.fr%2F&dr=https%3A%2F%2Flp.clevernetwork.pt%2F&dh=www.pokerstars.fr&ul=en-us&de=UTF-8&dt=Poker%20en%20ligne%20-%20Jouez%20des%20parties%20de%20poker%20sur%20PokerStars&sd=24-bit&sr=1600x1200&vp=&je=0&ec=unbounce&ea=15_sec&_u=aLBAgEIhEAAAAE~&jid=346003794&gjid=1769120009&cid=1114429044-1626627241&tid=UA-57072753-4&_gid=671762428.1626627242&cd60=bd1e60f4-5ca8-4d00-bb5f-626460ca4923&cd1=(none)&cd2=A&cd5=fr&cg1=fr&cd12=1114429044-1626627241&cd26=1114429044-1626627241&cd18=267032970453457&cd32=RAM&cd33=app&cd66=Not%20provided&cd67=&cd3=FR&cd64=PS&cd65=.FR&cd30=Poker&cd36=2.2.149.dcc3af5&cd6=yes&z=965916897

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pokerstars.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:16:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 20237
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: egobrazil.com
URL: https://egobrazil.com/iframe.php

Verdicts & Comments Add Verdict or Comment

201 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.flashtalking.com/	1970-01-20 04:36:03	Name: _D9J Value: 8dcd0405fc3246808452c8b0422a9190
.snapchat.com/	1970-01-20 05:12:03	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgRUAIAQFwIm8p0/UOKGmMHx3r0S4UOSxg9RO0j456S5HBA9NR/cwmMGhaP5sTr+CMgAAAA==
.mathtag.com/	1970-01-19 20:33:39	Name: mt_misc Value: mt_bt:1
www.pokerstars.fr/	1970-01-20 04:36:03	Name: btpdb.G58M8eX.dGZjLjcxNzcwODc Value: VVNFUg
.flashtalking.com/	1970-01-20 13:21:39	Name: flashtalkingad1 Value: "GUID=4947C42EBA7346"
www.pokerstars.fr/	1969-12-31 23:59:59	Name: btpdb.G58M8eX.dGZjLjM2NjE5ODM Value: U0VTU0lPTg
.mathtag.com/	1970-01-20 05:16:22	Name: uuid Value: bd1e60f4-5ca8-4d00-bb5f-626460ca4923
www.pokerstars.fr/	1969-12-31 23:59:59	Name: btpdb.G58M8eX.dGZjLjc0Mzg0OTM Value: U0VTU0lPTg
.doubleclick.net/	1970-01-20 05:12:03	Name: IDE Value: AHWqTUn_JbkHY-OTNCUoMb5tOVR-69hs7UXd-eX2k0-6NpJ181DkAOkEL2iZ0fv5_JQ
.pokerstars.fr/	1970-01-19 19:50:34	Name: _ga Value: GA1.2.1114429044-1626627241
.portalmaismidia.com.br/	1970-01-20 05:12:03	Name: __gads Value: ID=d08aaa28d976f0c3-220267de7fc800ce:T=1626627236:RT=1626627236:S=ALNI_MbccLGQ8OOMC6gEWEddyC7jx2DC1w
.portalmaismidia.com.br/	1970-01-20 13:21:39	Name: _ga Value: GA1.3.407809299.1626627236
www.pokerstars.fr/	1969-12-31 23:59:59	Name: btpdb.G58M8eX.dGZjLjUzMTk1MDY Value: U0VTU0lPTg
.portalmaismidia.com.br/	1970-01-19 19:50:27	Name: _gat Value: 1
.pokerstars.fr/	1970-01-19 19:50:34	Name: _gid Value: GA1.2.357637855.1626627242
.portalmaismidia.com.br/	1970-01-19 19:51:53	Name: _gid Value: GA1.3.1373504429.1626627236
www.pokerstars.fr/	1969-12-31 23:59:59	Name: btpdb.G58M8eX.dGZjLjc0ODczNTg Value: U0VTU0lPTg

23 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://www.portalmaismidia.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	error	URL: https://quantcast.mgr.consensu.org/cmp.js(Line 1) Message: Choice CMP v1 is deprecated, please upgrade to Choice CMP v2. https://help.quantcast.com/hc/en-us/articles/360057828994-Quantcast-Choice-Deprecates-TCF-v1-1-version-with-holistic-move-to-TCF-v2-0
console-api	log	URL: https://s.btstatic.com/lib/ced0fc472aa6365f5428e58e4639a7605ca36261.js?v=2(Line 992) Message: on non-fb sites, tracking as usual
console-api	log	URL: https://www.psimg.com/ga/trk.core.idm.js(Line 1) Message: trk.core - requestIdReadyEvent(pstrkIdmMediamathReady_TrkCore)
console-api	log	URL: https://www.psimg.com/ga/trk.core.idm.js(Line 1) Message: trk.core - set mediamath_id dim
console-api	log	URL: https://www.psimg.com/ga/trk.core.idm.js(Line 1) Message: trk.core - bPVPushed = false
console-api	warning	URL: https://cashier.rationalcdn.com/ram/2.2.149/vendor.js(Line 1) Message: This browser does not support Web Storage!
console-api	log	URL: https://s.btstatic.com/tag.js(Line 2) Message: Signal: error: {"type":"dbe","message":"ReferenceError: wbid is not defined","dbe.name":"pstrkidmanager wbid","pageId":1555293}
console-api	log	(Line 44) Message: in custom tag: position 1
console-api	log	(Line 66) Message: in custom tag: position 2
console-api	log	(Line 49) Message: sigGetIds: pstrkIdManager is present.....requesting IdReadyEvent....
console-api	log	(Line 14) Message: SmartCustom Event Listener: pstrkIdManagerMediamathReady event captured in smart tag
console-api	log	(Line 15) Message: SmartCustom Event Listener: Mediamath ID:bd1e60f4-5ca8-4d00-bb5f-626460ca4923
console-api	log	(Line 40) Message: SmartCustom Event Listener: pstrkIdManagerWidReady event captured in smart tag
console-api	log	(Line 41) Message: SmartCustom Event Listener: WID:
console-api	log	(Line 40) Message: SmartCustom Event Listener: pstrkIdManagerWidReady event captured in smart tag
console-api	log	(Line 41) Message: SmartCustom Event Listener: WID:
console-api	log	(Line 30) Message: SmartCustom Event Listener: PstrkIdManagerSignalIDReady event captured in smart tag
console-api	log	(Line 31) Message: SmartCustom Event Listener: signal_id:267032970453457
console-api	log	(Line 30) Message: SmartCustom Event Listener: PstrkIdManagerSignalIDReady event captured in smart tag
console-api	log	(Line 31) Message: SmartCustom Event Listener: signal_id:267032970453457
console-api	log	(Line 35) Message: SmartCustom Event Listener: pstrkIdManagergauidReady event captured in smart tag
console-api	log	(Line 36) Message: SmartCustom Event Listener: pstrk.gid:1114429044-1626627241

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.gravatar.com
8954552.fls.doubleclick.net
acdn.adnxs.com
adservice.google.com
adservice.google.de
ajax.cloudflare.com
analytics.twitter.com
bat.bing.com
cashier.rationalcdn.com
clevernt.com
cm.g.doubleclick.net
cmsstorage.rationalcdn.com
connect.facebook.net
d9.flashtalking.com
egobrazil.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i0.wp.com
i1.wp.com
i2.wp.com
ib.adnxs.com
its.tradelab.fr
lp.clevernetwork.pt
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.mathtag.com
pixel.wp.com
quantcast.mgr.consensu.org
ram.pokerstars.fr
rewards.starsaccount.com
s.btstatic.com
s.thebrighttag.com
s4.rationalcdn.com
sc-static.net
secure.adnxs.com
secure.gravatar.com
secure.starsaffiliateclub.com
sender.clevernt.com
servedby.flashtalking.com
starscrm.com
static.ads-twitter.com
stats.g.doubleclick.net
stats.wp.com
sync-tm.everesttech.net
sync.mathtag.com
t.co
tapestry.tapad.com
tpc.googlesyndication.com
tr.snapchat.com
u360.d-bi.fr
ui.clevernt.com
web.facebook.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagservices.com
www.pokerstars.com
www.pokerstars.fr
www.portalmaismidia.com.br
www.psimg.com
egobrazil.com
104.111.238.76
104.111.248.191
104.244.42.195
104.244.42.69
13.224.99.57
142.250.184.194
142.250.184.226
142.250.185.194
148.69.64.109
148.69.64.76
151.101.12.157
151.101.13.108
151.101.14.49
185.29.133.199
185.33.221.15
185.33.223.178
192.0.76.3
192.0.77.2
2.18.233.201
209.197.3.19
216.58.212.166
2600:9000:2190:6200:9:46dc:4700:93a1
2606:4700:20::681a:a75
2606:4700:20::681a:af8
2606:4700::6810:a823
2620:1ec:c11::200
2804:10:8002::210:83
2a00:1450:4001:800::2003
2a00:1450:4001:801::2002
2a00:1450:4001:803::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2001
2a00:1450:4001:831::200a
2a00:1450:400c:c04::9a
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:fa87:fffe::c000:4902
34.248.208.147
35.186.226.184
35.227.248.159
52.48.136.43
52.51.65.171
62.212.64.229
77.87.177.43
77.87.178.197
77.87.179.68
77.87.180.152
77.87.180.198
77.87.181.63
91.92.196.187
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
023e64b862c4d75dd3390eda64f830ce73e3d8c689d30fff89dec507ccabb780
029352a9579a0613454a3ecfa2474f85cc26918db3c9c8d398176b633467753e
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0a938256d2de59b044f8ca7c7aa0c788ed2ffa9a48bf0e3930a5830c4298f509
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0f6e4971e9abc1b9dc2c07443fad139572e6508ace2706acef037b348a3d968c
103a552ce1dcfe0dda23424e898280679d3d6e6c4b391d4a6814fcebb2177222
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11ab8ce497a50b7aa00817f11fe613191646d184f38097d8970cf897f6c5935a
12daaec8dc7c9fa410ae03df78f00055cca51cffb6967338fa5f159dda69b058
136bac76253132e346b09cfaea93869afc7447b797d60c8883181fdcdab628c3
137e4d3d675eaf33f19407ccb1b72948d5669883329c020103f551c7a463fc4f
141b3678c85e523f6a6436334a9ffd2c07659502f2d713c10848002296432220
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
14a4c5164ea7f47bccc702e8e5744681e8aa0a21d513a820e231f3d921e14c0b
17f6fa3cc46268f4a92b14ed0fea88e2bacd267e45a9e2fee03b1d23f6d4c3c0
1a0b51af7ff79f11c0a779bf478304fa451ac5587675952b8378b47f0a97504d
1b8a361d8a7987c46d1a431b654836dec449cb2d7d1882d36d05861d785c44a8
1d878d54b9a998f52c94a6956310423cba9996302c42f60d9b7fe81da51992c7
1e21ee3cbdf1f6ee89241cea8cf90d63e95d09f813ae4651c9ac352f4a2a6ee6
1e570ed788821890136534a9e8bce6ac0d5d56bf63ecf80b261349b4c7082618
1f111799d49e279ce18886e967bd7d294a32b46276c74f894f9f1e2c79b11681
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
22f7b333b58dec18478f0e082fc93d7f555fff9ee922a53cb9cb3ab3d827f576
23f65cbf02d1f525b7b3d7a9112682e48822a315d2de51518c170fa8aa3dbd20
252df1f197b74d7d06eb0c9ce6b1a0d0a081d4039da2d34968028e9fb5a33eac
29e100136022f3eeaf2ff8e0fd1bd9d800224e9d5fa5567845919b97ddb5828f
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2cdc7482af3176d3c41e97a312dcf7e679a5b3b49b32c5ad4642c5b30e1b6017
2d180973df53aace7eaab15424916b872611730a28d72838b485d65df2cfd336
304a0259406001319e10acd097537e33bbc0157670417a48fdd527a889951f65
317f9c8335c0002144a23beb155ff2238675571c5d8529e517887b2b35e4935a
327d787d84d02c84f75a9b130f7e778bb25ab8994fdd3b6ed2665667fdbe27fe
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
33fced4e196b8568ac416675e55f9fdbd36cc9c69ade70f52a527c4d28ce2f75
3480a3ad3bb4286fc9188112b60e1fe9d140f59a7a96641a2356f2cbf3ab3e9d
371bbe79c319096212db40c5c1bc9d9c4f0e638327e1827114ec1350f3f0595f
37406e702700804191263694d80f23af99441f8f2add8d30d9c176265c9daa0e
3742b8f2006b7a23df3252c615bb113e94f77729ac9cc4b021e35517285cf0c2
37dd1e25d8ce3db5ce2d3a76064ee6063058bbd5f1555ea55ad002d083402dc7
384e4304e0e7eab2dcae139553aa37eb42260fa9e1589e8018620cbb3f191096
398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede
3bca67455c27a03bbaa0a91d29cbf8d2080c9c46e81f914d380528dd2e8c23cb
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
3d054b140d4040e74ac84830929c7b94c5a1baacea2caeaa1cb0932f994e018a
3d5d3f615ebc341bd6d21360367c1a88093147068bf439c7d022a08bfdd3978a
3e0471d621e67b52635f6866e419f2be1fcfc6199443c3ee6ef1c55ed019b924
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f56c32837b11c4024346ba264ba306b7025e1a6826489b5dd3994f8a7013232
3fc0991859b77e2bce01c007930d5363bbfc4147e5d07f8f7063bd6450b01720
40a7f2b25ea8c45af8993aa57c19e576ea8eab5cbe9f467d45d4be7a537e7a47
40c87e63f419b5d4b32027a041a8df1a95ebf82c92b3ebd10487810849678cc8
426a21ca1589a34e9cb0c8b64186c3f0d8b4086d32e7d832c6998920bee5df09
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4755a81ed3e3ed188fd7f469e50a41cb5aed4d0e17efd1ce6b7ff6c2d217b67d
47cb1c4f7b4b60a319db5f2b2645ef6e64fdc32dd5ddfb1b75d71a53fd703399
496e8eba4723ab45153d489b6fb987b6b4e5fe1afa49a012a7b844a951d78f09
49ff25377c9095e869fdab343f47198c2b8d5be7b3fb8b818b650985c152c24b
4ae2c7dceaea3d17f0a5e981053d0df9c703aefadc1e34b340de208a0190024b
4bfcd81b1c8cb16dbef3943b9e226283221681bd87a4ebd2ffd169bcd9586597
4c0e0183b4ab8047d449f1ca2454cd025eae777b5a7c6ee2413a3884ca02f3d7
4c41605d5bc535b9f0d0e21159eddcb3d01701ca4d7132242b78c3b7866a2af7
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5004d9876a11862040355dd2f415d6001044b2d9fabeef1f89d8c32823bffce4
506a05dfe581727e7be2d16e58aa23d53c01f8ed599d6722b2e31da690467521
5b455ed0d35ff157f856862fed0856e6941f24363366b439ff5b7ace49cf0174
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c2b76989e49a2bd8c651a35634fd43081b13bde1a6385fb8e36dccc1d0d42d8
5ff86f271c2c50f1074477420ba9679ed243b281f5cfb7f66129bdf5eea43c24
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
60ca8775f8a4ce5817b4574ec418445b9907fdb1622e62595ad5c1ccef0398b4
60d8c88007dd47e378850d031990400b01e7932cca0a2654dd662a95aa31e77a
6115a2042786ca075e4e9bb2f387a53fbf461206cd075587692b9397edccd36c
61e3bb1140f6fe84655758275de3892e17e9b21efedb657d8d4a5b61eaada9b5
62895875332e1027371ff89cd4c4c957584085d98386d19a8b1b28aca703a730
633ae78b2aa46ed9e35a258af0ca148a032b50f8c5ef7a55348fa87d868348ba
64706edee1a3e2dc69bd7203c0694f59e45198f6f8ab1dca5502498b65fa12eb
64796d852c2396b0cf83789e9047c36eb71ce0226ac63214f453b4548f42e021
65a64671c95971a5bd344be3aec1e3ad118edfd7fac7d71b76407ea1c77023a0
680d3524327a5c2d6418ce70642ff47df1f7a8c3a37727d8e968b68aa0befd72
6825a55372529e81e3ec1aff5cd960c53d1517eafb6af42eda4a99a197edff38
6a833765c8c04406214aed99f2f052188e61391eae4383bb385919c5ecc561b7
6aa11e842888cd75c787ba6e59d03d8139f93af3da4876c39b7d1600124a126c
6accb914154d46183fe79dbd09ea0735453a98e6365940152f1b1c735cc219c5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bbb2344e4048c9ec957dd51cf0d9bfde1e5303e178546ff17cb082ed8580421
6efc4bfa338c4d0c64e9388949d0fe74ff2efb5ee5223af7bcc580f4fa57bc69
70bf070ead0b1c4728fa295b5e98b14cf9b228c8ede128e726d4311654fcc585
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
73e2e5173ed0d5a77b02914fa0ef1f67bb53143da75f0348f558f95565220ca1
744f85a7207ab76af9bea325844f5c39d6b3ae642acfbb4076e1e29d5cc10d57
753762eeff1ec98559aa23c079a432371c4372febd6e1a793697e7433b10089d
75f7bf0ff2d3d8880e9006a2567b8d07183899dc678a5d396f5c5febd9006187
781f29dcc6e03cbf0c62e3a9b0956dd06447878e5e0ed38ed349fabcd9c4b2d4
7836cf85eaa098ab43a96109a682e08f077eba5ee7451866040d47417724d6bb
7b1916d5a5a97048327e74b168dd38fe0067ac06db81f57f72108f23410cff79
7cb4a0de554d5dec2bcf4ffe6030052615eafe0ab6c23b27d211558516312f81
7d6b6ca2e9d557e1592674eccbdd9f5acced0a6782f5e18f0c5779eb01a799e9
7d9412299bc7aef4f743926337a8910fb725e536e2c28cd31e0d715b738b28b5
7e4821f5482ef123a392e6bba065b580371960d9c2c7de279a2adca039b7d223
7f910a1e8b2da14636a741dbc704263fd7d9fd021284a40e9b44ac6dd470fb3b
81afec6f03ba44cbecbf5e5c3754b7755386bdd1e5e6c4c05165e0255a18034f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8422e410ae65d8626e181aad5de78b53ba14360d0cb29c8a5f28baa1c5caf354
8461d16dc5f56ee0d99897735abac9c47be6d3808e47a967ba546f69b89a2215
846b7b0b890e1e98f993628e5a93e00f3f6aaec9723ca96e299b30d2429f4fad
84aa17f8bd026a331b01dd69bd992c95ce09df60557637f4e5fbad466338b86c
8878fe76a9d5f812136977a768b0292a70190104050ce601f84fd75c92c2f35d
8f163b46e6386572338c366fa209c7893258df440ec18a8f2da407eb55e11467
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
94ba74a7e850ea14bcf38199674a5fc6e68fa2d1f8d742c50d400ba2f3827d49
9726f436ffa572a744ba417f08d5006a1bd684585e0e74a67068bc87e1374260
9758131604411364017f6f7e517a004fd46c54ff8dc605d4c2af7ee42e2a8400
9cece151865d74a1a22597610932b8db680ff737db44869208e8b5f157f730d9
9d4ad6845fa84adaf455111b8fb1725bf64d577419dd16f79993088bf1b61060
9d77a427084b50234e5e6a374f3935dc37faa637c867fa43f9dfb869a8a8a518
a06f309b949ec5c0118bbedba00c5e19bb1fd25ef0b4293fe0361ee8f132ad59
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a49f9fc5f4bc884f9bb76c54cae5849d08130f2b6114367a0ce9c60d076bd156
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a53ea60fbea6cb1775430998564d5f295aba7d3bfe548a0ba79aa2a049aba839
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a71127b49cfd275eed39eb76593d9dfb047a97f52e94a33970337910122bae62
a837f051ac8249ce2e1c0215298ef878bc3b3017bc2b8e5bdea1cd88e8e1e54c
a89fc8b93ffad843dd466830b83527543c50d90dad2a2a10bd53dd34dc3711e4
a8a7c8e4131bd9679a93f6b21709bc665d68cc52883a2fa47fa98599a4070e18
aa36437a95732470479c0cb6a29af566861068b69b79a9551a08c6a3af144868
aa4607112a6b3245394fee13973cf8cf8a22b727f919f60636436a945886005b
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afa57236ec9596b9f57379151e3322dc7e33df059f923a3b096626ec4a3af10b
b038580e1aed4eca8699228feca6fb0a04f89faa91bfe33a9b8fab467ab60e9c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b197971af1d6f531f9fba6cab817c7eae42fc90b644f1a75394a62644ba1d165
b307242770181c0b17e8b00dfd899f140c769f8da4b1db4f921aef8792721242
b5699b9385269232acf8c7cb7638db92e4ef67c1a6c88d560724b77748756737
b6e0ed111b18c28106493805edceb946a1922f14d7e8e3b6cbb4a1323ea5acf3
ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bd205ffe59aa5dbad8d578251c5f0a3af93f88dafaa33628f00d99ffc3eca7c4
bf5a0258b582f3ea1b68d7d64252452baf778ee400e1c958ff6da81667fc3ed8
bf7349d075acefdee81ba3a727508dcac01e4c270943217d76201ea30beade6f
bff7d7daab7b0e2e15cfb4777e0a550049554e9b391d519f9f2f3196275d5f34
c119922aa41b2bb43fbd2846e98e7c99344c742bb3680c5ea9cf4dff12e67303
c189ac3568f91869f379cf9cf9c9565b61ea18928e733b85f86cd72f8883b049
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c3dd5c4ff63478b87ed9670be1b4c688725d53c9ff84a233cfec8ff2bb83a72d
c3e545181848792a0bd7a38900888b6a0520f32a087a9a2fda3058b3986c888d
c63527b6527862443697627738a776669bc03fa8973bc6e75e8ff8386386be02
c65c4b1dcc3c11c6915571a25e4fe32162717f669d2cfa28517285b17bf2cdc6
c6fd3c56026171f70f46c2a89f83637e62eaf192ca4f49f609a06bbe13bde19c
c714ebb416fa0b15b725220bca8fbe1cbe2899605b8ef833f1de1f4f66169122
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
ca007374a8987bcb185dd6546a44691463ccb45633057e7dd6789ef94ecbe650
cace0a2687006def3765aa8443ffc58d003a1897b6d69abcff0d4a3112c45ec3
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d18fd70de2b83a46e39ea6b881f0641c12e8046a0d536b5389bac93622d4a8d0
d2314b155abd63ff5791240618f129d187b97321f40dc302bd180f6b5c65b565
d3046922bba0edc851dba36d85e3b2e83aea4f5645d32c2e36d32453578f5958
d40f6a16855ea8700ba43b2bae612b2dabe0de0477356204e3da86fc494fe3e5
d8453c0d4be5e4379a0620dc5c8a7a1d3a410a5f78ba0c379c5b840f7d9ae19c
dbad85147b47c3c3e23ec704c9e572676c3b4481eff7e77b6765fea11f252b9d
dc2babc5b264a2eb196a0392e5565011229da057523dd04addcbf147a0002d79
dcc90ac3f108449d60341a38188cf65fa419690cf9114c724c31e14d4b7f64a5
dd3efaecab89bfe66e32b48b12ba91055c52e1448fc26324547b0f92f11aa01a
de2d174b8956ce02c80601c3f05b3033fd83b4607df0b2700b919d9d12653365
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e1bfaddd7a87f0ebad2f9166ee27718d78150a42891cd42d3337dc7ed5921912
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ecfcec3e27fe9897118aabcbd06b14a055e27fdff3fbfd82e4b35336c3f7fe
e7d32f1d68c9a0ea4563506d51d973e9b957a8739b321044fa1807b99250f0c9
e9fc9b1878db1b13b973252b048d19a17abb34a8da464a552c6d401728ed1e86
ee07009e9fe79b9909bafdb282106c95dac83f905c6ac665e1257ac862ed50e1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01669a76cd37aea3cb8f9c23e86d455c5bd1e26d1ccf0ed3eaaf3f105bd68de
f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f2994e6e1f21c6ac908d8145ec36c0e034f371d5aec67a01054050cfb8c6f9a7
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f60676da14fb5c37a3a45a462c517f3a954ca56b39196623b6c3b79e95746f6f
f6180ec8dad060e65f3bb68c012b470991995f085d7b5f88db7144ce3a8d6315
faf12a76b7b5ab239d6c190e1a5f0135a37e8c554ab6dfa299d40154e106a959
fed6a35a6915304108e1af7d238edf984fb3377b2466ec4fe4265c83b06f7252

www.portalmaismidia.com.br Open in urlscan Pro 2804:10:8002::210:83 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

237 Requests

82 %HTTPS

44 %IPv6

41 Domains

63 Subdomains

53 IPs

9 Countries

11125 kBTransfer

15204 kBSize

17 Cookies

8 Outgoing links

Page URL History

Redirected requests

237 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.portalmaismidia.com.br Open in urlscan Pro
2804:10:8002::210:83 Public Scan

Screenshot
Live screenshot

Full Image

237
Requests

82 %
HTTPS

44 %
IPv6

41
Domains

63
Subdomains

53
IPs

9
Countries

11125 kB
Transfer

15204 kB
Size

17
Cookies

237 HTTP transactions
3 data transactions