urlscan.io logo urlscan.io
SecurityTrails logo

www.meudinheiro.xyz Open in urlscan Pro
67.23.238.99  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.meudinheiro.xyz/
Submission: On February 27 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 52 IPs in 10 countries across 50 domains to perform 234 HTTP transactions. The main IP is 67.23.238.99, located in United States and belongs to DIMENOC, US. The main domain is www.meudinheiro.xyz.
TLS certificate: Issued by cPanel, Inc. Certification Authority on January 29th 2021. Valid for: 3 months.
This is the only time www.meudinheiro.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 67.23.238.99 33182 (DIMENOC)
6 2a00:1450:400... 15169 (GOOGLE)
4 151.139.241.23 33438 (HIGHWINDS2)
1 2a00:1450:400... 15169 (GOOGLE)
1 145.239.193.145 16276 (OVH)
1 1 185.86.137.32 201081 (SMARTADSE...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638::1c 44788 (ASN-CRITE...)
2 145.239.192.166 16276 (OVH)
1 51.89.9.253 16276 (OVH)
9 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2620:116:800d... 16509 (AMAZON-02)
1 54.220.104.217 16509 (AMAZON-02)
1 13.225.84.44 16509 (AMAZON-02)
2 2.18.234.21 16625 (AKAMAI-AS)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
6 6 37.252.172.36 29990 (ASN-APPNEX)
6 6 142.250.185.226 15169 (GOOGLE)
2 3 34.246.61.84 16509 (AMAZON-02)
2 2 52.31.176.223 16509 (AMAZON-02)
1 1 52.58.248.2 16509 (AMAZON-02)
1 7 2.18.233.201 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.120.207.148 15169 (GOOGLE)
1 54.228.230.227 16509 (AMAZON-02)
1 148.69.64.109 12353 (VODAFONE-...)
1 1 148.69.64.76 12353 (VODAFONE-...)
15 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 91.92.196.187 49882 (SKRILL)
1 2 91.211.98.229 48536 (FILCO-AS)
18 2a00:1450:400... 15169 (GOOGLE)
28 104.109.74.148 20940 (AKAMAI-ASN1)
2 23.79.136.111 16625 (AKAMAI-AS)
1 77.87.179.68 43338 (RATIONAL-AS)
6 104.111.218.125 16625 (AKAMAI-AS)
8 23.37.44.205 16625 (AKAMAI-AS)
5 77.87.179.149 43338 (RATIONAL-AS)
9 34.248.248.83 16509 (AMAZON-02)
5 77.87.180.198 43338 (RATIONAL-AS)
1 77.87.178.197 43338 (RATIONAL-AS)
3 2a03:2880:f01... 32934 (FACEBOOK)
12 152.199.20.219 15133 (EDGECAST)
1 2 142.250.185.70 15169 (GOOGLE)
2 8 205.185.216.10 20446 (HIGHWINDS3)
1 12 37.252.172.249 29990 (ASN-APPNEX)
2 2 151.101.114.49 54113 (FASTLY)
1 1 185.29.133.52 30419 (MEDIAMATH...)
1 1 52.17.98.114 16509 (AMAZON-02)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2 172.217.16.134 15169 (GOOGLE)
2 16 62.212.64.229 60781 (LEASEWEB-...)
3 172.217.16.130 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 52.19.118.3 16509 (AMAZON-02)
2 35.227.248.159 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
234 52
13    67.23.238.99 (United States)

ASN33182 (DIMENOC, US)
PTR: us138-cp.valueserver.com.br
www.meudinheiro.xyz
6    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    151.139.241.23 (United States)

ASN33438 (HIGHWINDS2, US)
ads.themoneytizer.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    145.239.193.145 (France)

ASN16276 (OVH, FR)
g.themoneytizer.net
1    185.86.137.32 (France)

ASN201081 (SMARTADSERVER, FR)
ww1097.smartadserver.com
1    2a02:26f0:6c00::210:ba0b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ced-ns.sascdn.com
4    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    145.239.192.166 (France)

ASN16276 (OVH, FR)
tag.leadplace.fr
1    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
9    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
2    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    54.220.104.217 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-104-217.eu-west-1.compute.amazonaws.com
p.cpx.to
1    13.225.84.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-44.fra2.r.cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
2    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
as-sec.casalemedia.com
1    2606:4700:20::681a:b75 (United States)

ASN13335 (CLOUDFLARENET, US)
clevernt.com
7    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:20eb:2a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
6    37.252.172.36 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
6    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net
3    34.246.61.84 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-61-84.eu-west-1.compute.amazonaws.com
match.adsrvr.org
2    52.31.176.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
dpm.demdex.net
1    52.58.248.2 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
aa.agkn.com
7    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    34.120.207.148 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com
api.rlcdn.com
1    54.228.230.227 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-230-227.eu-west-1.compute.amazonaws.com
adtrack.adleadevent.com
1    148.69.64.109 (Porto, Portugal)

ASN12353 (VODAFONE-PT Vodafone Portugal, PT)
PTR: host-109.clevernetwork.pt
ui.clevernt.com
1    148.69.64.76 (Porto, Portugal)

ASN12353 (VODAFONE-PT Vodafone Portugal, PT)
PTR: are.clevernt.com
sender.clevernt.com
15    2606:4700:20::ac43:447b (United States)

ASN13335 (CLOUDFLARENET, US)
lp.clevernetwork.pt
1    2606:4700::6810:a723 (United States)

ASN13335 (CLOUDFLARENET, US)
ajax.cloudflare.com
2    91.92.196.187 (United Kingdom)

ASN49882 (SKRILL, GB)
secure.starsaffiliateclub.com
2    91.211.98.229 (Isle Of Man)

ASN48536 (FILCO-AS, IM)
PTR: 98-229.colo.sta.blacknight.ie
www.pokerstars.com
18    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
28    104.109.74.148 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-109-74-148.deploy.static.akamaitechnologies.com
cmsstorage.rationalcdn.com
2    23.79.136.111 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-136-111.deploy.static.akamaitechnologies.com
service.maxymiser.net
1    77.87.179.68 (Onchan, Isle Of Man)

ASN43338 (RATIONAL-AS, IM)
starscrm.com
6    104.111.218.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-218-125.deploy.static.akamaitechnologies.com
s.btstatic.com
8    23.37.44.205 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-44-205.deploy.static.akamaitechnologies.com
cashier.rationalcdn.com
s4.rationalcdn.com
5    77.87.179.149 (Onchan, Isle Of Man)

ASN43338 (RATIONAL-AS, IM)
ram.pokerstars.com
9    34.248.248.83 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-248-83.eu-west-1.compute.amazonaws.com
s.thebrighttag.com
5    77.87.180.198 (Isle Of Man)

ASN43338 (RATIONAL-AS, IM)
www.psimg.com
1    77.87.178.197 (Isle Of Man)

ASN43338 (RATIONAL-AS, IM)
rewards.starsaccount.com
3    2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
12    152.199.20.219 (United States)

ASN15133 (EDGECAST, US)
cdn.tradelab.fr
2    142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net
8954552.fls.doubleclick.net
8    205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
servedby.flashtalking.com
12    37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
2    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    185.29.133.52 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    52.17.98.114 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
tag.device9.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net
8526803.fls.doubleclick.net
16    62.212.64.229 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
its.tradelab.fr
3    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
www.googleadservices.com
2    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    52.19.118.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d9.flashtalking.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
tapestry.tapad.com
2    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
36 rationalcdn.com
cmsstorage.rationalcdn.com
cashier.rationalcdn.com
s4.rationalcdn.com
6 MB
28 tradelab.fr
cdn.tradelab.fr
its.tradelab.fr
50 KB
22 gstatic.com
fonts.gstatic.com
195 KB
18 adnxs.com
ib.adnxs.com
secure.adnxs.com
33 KB
15 clevernetwork.pt
lp.clevernetwork.pt
178 KB
15 doubleclick.net
cm.g.doubleclick.net
8954552.fls.doubleclick.net
8526803.fls.doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
7 KB
13 meudinheiro.xyz
www.meudinheiro.xyz
237 KB
10 flashtalking.com
servedby.flashtalking.com
d9.flashtalking.com
28 KB
9 thebrighttag.com
s.thebrighttag.com
14 KB
9 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
3 KB
8 mathtag.com
pixel.mathtag.com
sync.mathtag.com
5 KB
7 pokerstars.com
www.pokerstars.com
ram.pokerstars.com
18 KB
7 google-analytics.com
www.google-analytics.com
39 KB
7 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
35 KB
6 btstatic.com
s.btstatic.com
47 KB
5 psimg.com
www.psimg.com
10 KB
4 google.com
adservice.google.com
www.google.com
2 KB
4 themoneytizer.com
ads.themoneytizer.com
186 KB
3 googleadservices.com
www.googleadservices.com
18 KB
3 facebook.net
connect.facebook.net
99 KB
3 adsrvr.org
match.adsrvr.org
2 KB
3 clevernt.com
clevernt.com
ui.clevernt.com
sender.clevernt.com
50 KB
2 google.de
www.google.de
216 B
2 tapad.com
tapestry.tapad.com
852 B
2 facebook.com
www.facebook.com
666 B
2 everesttech.net
sync-tm.everesttech.net
594 B
2 maxymiser.net
service.maxymiser.net
9 KB
2 starsaffiliateclub.com
secure.starsaffiliateclub.com
2 KB
2 demdex.net
dpm.demdex.net
2 KB
2 quantserve.com
secure.quantserve.com
pixel.quantserve.com
9 KB
2 leadplace.fr
tag.leadplace.fr
4 KB
1 device9.com
tag.device9.com
643 B
1 starsaccount.com
rewards.starsaccount.com
384 B
1 starscrm.com
starscrm.com
429 B
1 cloudflare.com
ajax.cloudflare.com
5 KB
1 casalemedia.com
as-sec.casalemedia.com
317 B
1 adleadevent.com
adtrack.adleadevent.com
530 B
1 rlcdn.com
api.rlcdn.com
225 B
1 agkn.com
aa.agkn.com
383 B
1 quantcount.com
rules.quantcount.com
990 B
1 indexww.com
js-sec.indexww.com
13 KB
1 cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
26 KB
1 cpx.to
p.cpx.to
1 onetag-sys.com
onetag-sys.com
818 B
1 criteo.com
gum.criteo.com
371 B
1 sascdn.com
ced-ns.sascdn.com
10 KB
1 smartadserver.com
ww1097.smartadserver.com
150 B
1 themoneytizer.net
g.themoneytizer.net
271 B
1 googletagmanager.com
www.googletagmanager.com
39 KB
0 id5-sync.com Failed
id5-sync.com Failed
234 50
Domain Requested by
28 cmsstorage.rationalcdn.com www.pokerstars.com
www.meudinheiro.xyz
cmsstorage.rationalcdn.com
22 fonts.gstatic.com fonts.googleapis.com
16 its.tradelab.fr 2 redirects www.meudinheiro.xyz
15 lp.clevernetwork.pt www.meudinheiro.xyz
lp.clevernetwork.pt
13 www.meudinheiro.xyz www.meudinheiro.xyz
12 secure.adnxs.com 1 redirects www.meudinheiro.xyz
12 cdn.tradelab.fr s.btstatic.com
cdn.tradelab.fr
9 s.thebrighttag.com s.btstatic.com
www.meudinheiro.xyz
8 servedby.flashtalking.com 2 redirects www.meudinheiro.xyz
servedby.flashtalking.com
7 cashier.rationalcdn.com www.pokerstars.com
cmsstorage.rationalcdn.com
cashier.rationalcdn.com
7 pixel.mathtag.com 1 redirects cmsstorage.rationalcdn.com
www.pokerstars.com
s.btstatic.com
pixel.mathtag.com
7 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
s.btstatic.com
6 s.btstatic.com cmsstorage.rationalcdn.com
s.btstatic.com
6 cm.g.doubleclick.net 6 redirects
6 mwzeom.zeotap.com www.meudinheiro.xyz
6 ib.adnxs.com 6 redirects
6 fonts.googleapis.com www.meudinheiro.xyz
lp.clevernetwork.pt
www.pokerstars.com
cashier.rationalcdn.com
5 www.psimg.com www.meudinheiro.xyz
s.btstatic.com
5 ram.pokerstars.com cmsstorage.rationalcdn.com
cashier.rationalcdn.com
4 ads.themoneytizer.com www.meudinheiro.xyz
ads.themoneytizer.com
3 stats.g.doubleclick.net www.google-analytics.com
3 www.googleadservices.com 8954552.fls.doubleclick.net
www.googleadservices.com
3 connect.facebook.net www.meudinheiro.xyz
connect.facebook.net
3 match.adsrvr.org 2 redirects js-sec.indexww.com
3 spl.zeotap.com ads.themoneytizer.com
spl.zeotap.com
2 www.google.de 8954552.fls.doubleclick.net
2 www.google.com 2 redirects
2 googleads.g.doubleclick.net 2 redirects
2 tapestry.tapad.com servedby.flashtalking.com
www.meudinheiro.xyz
2 d9.flashtalking.com servedby.flashtalking.com
d9.flashtalking.com
2 adservice.google.com 8954552.fls.doubleclick.net
8526803.fls.doubleclick.net
2 8526803.fls.doubleclick.net 1 redirects www.meudinheiro.xyz
2 www.facebook.com www.meudinheiro.xyz
2 sync-tm.everesttech.net 2 redirects
2 8954552.fls.doubleclick.net 1 redirects s.btstatic.com
2 service.maxymiser.net www.pokerstars.com
service.maxymiser.net
2 www.pokerstars.com 1 redirects www.meudinheiro.xyz
2 secure.starsaffiliateclub.com 2 redirects
2 dpm.demdex.net 2 redirects
2 tag.leadplace.fr ads.themoneytizer.com
tag.leadplace.fr
1 tag.device9.com 1 redirects
1 sync.mathtag.com 1 redirects
1 rewards.starsaccount.com cmsstorage.rationalcdn.com
1 s4.rationalcdn.com cmsstorage.rationalcdn.com
1 starscrm.com cmsstorage.rationalcdn.com
1 ajax.cloudflare.com lp.clevernetwork.pt
1 sender.clevernt.com 1 redirects
1 as-sec.casalemedia.com js-sec.indexww.com
1 ui.clevernt.com www.meudinheiro.xyz
1 adtrack.adleadevent.com ajax.googleapis.com
1 pixel.quantserve.com www.meudinheiro.xyz
1 api.rlcdn.com js-sec.indexww.com
1 ajax.googleapis.com d2zur9cc2gf1tx.cloudfront.net
1 aa.agkn.com 1 redirects
1 rules.quantcount.com secure.quantserve.com
1 clevernt.com www.meudinheiro.xyz
1 js-sec.indexww.com ads.themoneytizer.com
1 d2zur9cc2gf1tx.cloudfront.net ads.themoneytizer.com
1 p.cpx.to ads.themoneytizer.com
1 secure.quantserve.com ads.themoneytizer.com
1 onetag-sys.com ads.themoneytizer.com
1 gum.criteo.com ads.themoneytizer.com
1 ced-ns.sascdn.com www.meudinheiro.xyz
1 ww1097.smartadserver.com 1 redirects
1 g.themoneytizer.net ads.themoneytizer.com
1 www.googletagmanager.com www.meudinheiro.xyz
0 id5-sync.com Failed www.meudinheiro.xyz
234 67

This site contains links to these domains. Also see Links.

Domain
clevernetwork.pt
www.gamcare.org.uk
www.begambleaware.org
wordpress.org
br.wordpress.org
themebeez.com
Subject Issuer Validity Valid
meudinheiro.xyz
cPanel, Inc. Certification Authority		 2021-01-29 -
2021-04-29		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.themoneytizer.com
GoGetSSL RSA DV CA		 2021-02-14 -
2022-03-17		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
g.themoneytizer.net
GoGetSSL RSA DV CA		 2019-10-16 -
2022-01-17		 2 years crt.sh
*.sascdn.com
DigiCert Secure Site ECC CA-1		 2020-10-14 -
2021-11-11		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
*.leadplace.fr
Gandi Standard SSL CA 2		 2020-09-11 -
2021-09-12		 a year crt.sh
onetag-sys.com
R3		 2021-02-10 -
2021-05-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-05 -
2021-08-05		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
p.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2021-02-02 -
2022-02-02		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2020-03-02 -
2021-04-01		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-14 -
2021-04-23		 a year crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
adtrack.adleadevent.com
Amazon		 2020-06-15 -
2021-07-15		 a year crt.sh
*.clevernt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-23 -
2022-02-23		 a year crt.sh
ajax.cloudflare.com
DigiCert ECC Secure Server CA		 2020-08-11 -
2022-08-16		 2 years crt.sh
www.pokerstars.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-28 -
2022-02-27		 a year crt.sh
rationalcdn.com
GeoTrust RSA CA 2018		 2020-09-28 -
2021-08-13		 10 months crt.sh
*.maxymiser.net
DigiCert SHA2 Secure Server CA		 2020-03-04 -
2021-06-03		 a year crt.sh
starscrm.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2021-12-20		 a year crt.sh
s.btstatic.com
DigiCert SHA2 Secure Server CA		 2020-02-10 -
2022-02-17		 2 years crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2020-04-15 -
2021-07-15		 a year crt.sh
*.signal.co
Entrust Certification Authority - L1K		 2021-01-26 -
2022-02-25		 a year crt.sh
www.psimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-26 -
2022-02-26		 a year crt.sh
rewards.starsaccount.com
DigiCert SHA2 Secure Server CA		 2019-05-21 -
2021-05-25		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh
crealab.cdn.tradelab-apps.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-01-27 -
2021-10-09		 8 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
servedby.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-04 -
2022-02-22		 a year crt.sh
*.tradelab.fr
Go Daddy Secure Certificate Authority - G2		 2019-07-30 -
2021-09-28		 2 years crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
www.googleadservices.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
tag.device9.com
Go Daddy Secure Certificate Authority - G2		 2020-08-06 -
2021-09-17		 a year crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.googleadservices.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://www.meudinheiro.xyz/
Frame ID: 90DE9B4EF52EFF8A22E1D2B4BBEC5A31
Requests: 47 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1614412216199
Frame ID: C251C254A3CB481F8012A1100E044581
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&id_mid_4=2efb6373-5ba5-46f8-6bea-360134046d64&reqId=1a24dabe-238f-4c5d-4616-6dbdbbdcf254&uc=2&zdid=1258&cmp=0
Frame ID: 0CF3F30700BD7D70EC326042AE924D81
Requests: 9 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fwww.meudinheiro.xyz%2F&id=MTIZ
Frame ID: 0588698F3013824B00C1CB0A7F1924C8
Requests: 1 HTTP requests in this frame

Frame: https://lp.clevernetwork.pt/pokerstars/aa/?group=48188&id=495034&ref=aHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw==&r=714132450&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A=
Frame ID: 42005A8C1F37D3BE26BABDF7B5C6ED56
Requests: 19 HTTP requests in this frame

Frame: https://www.pokerstars.com/ua/
Frame ID: A3A08F4BFEBDB495D56CBE1592B5C036
Requests: 142 HTTP requests in this frame

Frame: https://8954552.fls.doubleclick.net/activityi;dc_pre=CLmp4JbKie8CFQLs7QodtV8Bqw;src=8954552;type=rmcom0;cat=sg_we0;u27=119028166756485;ord=5006243135152.868;~oref=https%3A%2F%2Fwww.pokerstars.com%2Fua%2F
Frame ID: C9F30FF6810BA6E7C19C50D96DF6C9C2
Requests: 7 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?ft_referrer=https%3A//www.pokerstars.com/ua/&ns=https%3A//lp.clevernetwork.pt/pokerstars/aa/%3Fgroup%3D48188%26id%3D495034%26ref%3DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D%26r%3D714132450%26tracker%3DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A%3D&cb=491662.8994843322
Frame ID: F32CEE03BC44AB1DF37A9C88BA2C9CF3
Requests: 8 HTTP requests in this frame

Frame: https://8526803.fls.doubleclick.net/activityi;dc_pre=CIrZ6pbKie8CFeNBFQgdyLgByw;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3200406439142.491
Frame ID: D343B95AE558097459118E134295BF91
Requests: 2 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/container/29;71832;7464;iframe/?g=48061E108CC5C4
Frame ID: 2363486B0EDD1F41F5AF18792A100054
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/prebid\.js/i
Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

234
Requests

100 %
HTTPS

33 %
IPv6

50
Domains

67
Subdomains

52
IPs

10
Countries

7688 kB
Transfer

12268 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
  • https://ced-ns.sascdn.com/diff/js/smart.js
Request Chain 33
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/2/8/2.gif?puid=2660798561965089759&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOWQEKS7tJiG1ewpH4P2n2Z3lJZcJ4T_5L3ZtJYA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/3/7/3.gif?puid=d2916039-f9b8-4a00-a7e3-40c05c23bcb6&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=a75d678e-5fc6-4109-83ef-e7396abf8c7b&ttl=%%TTL%% HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F5%2F5.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F5%2F5.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/12/10/5/5.gif?puid=8942812063601655072&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/12/19/4/6.gif?puid=${profile_id}&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/12/19/4/6.gif?puid=${profile_id}&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/19/4/6.gif?puid=b1492bf572a77d90eb7b2e0aa4640a02&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F3%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F3%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/101/3/7.gif?puid=5da73fcd-4345-4ad0-bca8-b7505f163f61&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F104%2F2%2F8.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F104%2F2%2F8.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/104/2/8.gif?puid=5d7a0b8d-f360-4048-beb7-ba5549a4fb1b&gdpr=0&gdpr_consent=
Request Chain 36
  • https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=2efb6373-5ba5-46f8-6bea-360134046d64&reqId=1a24dabe-238f-4c5d-4616-6dbdbbdcf254&uc=2&zdid=1258 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fadnxs_uid%3D%24UID%26zpartnerid%3D2%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D2efb6373-5ba5-46f8-6bea-360134046d64%26reqId%3D1a24dabe-238f-4c5d-4616-6dbdbbdcf254%26uc%3D2%26zdid%3D1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?adnxs_uid=9115634050970583298&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=2efb6373-5ba5-46f8-6bea-360134046d64&reqId=1a24dabe-238f-4c5d-4616-6dbdbbdcf254&uc=2&zdid=1258
Request Chain 37
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=2efb6373-5ba5-46f8-6bea-360134046d64&reqId=1a24dabe-238f-4c5d-4616-6dbdbbdcf254&uc=2&zdid=1258 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=2efb6373-5ba5-46f8-6bea-360134046d64&reqId=1a24dabe-238f-4c5d-4616-6dbdbbdcf254&uc=2&zdid=1258&google_tc= HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEG0mOabyLeSRrTOTZCis4qU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=2efb6373-5ba5-46f8-6bea-360134046d64&reqId=1a24dabe-238f-4c5d-4616-6dbdbbdcf254&uc=2&zdid=1258
Request Chain 38
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D2efb6373-5ba5-46f8-6bea-360134046d64%26reqId%3D1a24dabe-238f-4c5d-4616-6dbdbbdcf254%26uc%3D2%26zdid%3D1258 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D2efb6373-5ba5-46f8-6bea-360134046d64%26reqId%3D1a24dabe-238f-4c5d-4616-6dbdbbdcf254%26uc%3D2%26zdid%3D1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=a75d678e-5fc6-4109-83ef-e7396abf8c7b&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=2efb6373-5ba5-46f8-6bea-360134046d64&reqId=1a24dabe-238f-4c5d-4616-6dbdbbdcf254&uc=2&zdid=1258
Request Chain 39
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=2efb6373-5ba5-46f8-6bea-360134046d64&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D2efb6373-5ba5-46f8-6bea-360134046d64%26reqId%3D1a24dabe-238f-4c5d-4616-6dbdbbdcf254%26uc%3D2%26zdid%3D1258 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=2efb6373-5ba5-46f8-6bea-360134046d64&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D2efb6373-5ba5-46f8-6bea-360134046d64%26reqId%3D1a24dabe-238f-4c5d-4616-6dbdbbdcf254%26uc%3D2%26zdid%3D1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=60870640831535040513234587718627598219&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=2efb6373-5ba5-46f8-6bea-360134046d64&reqId=1a24dabe-238f-4c5d-4616-6dbdbbdcf254&uc=2&zdid=1258
Request Chain 40
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&id_mid_4=2efb6373-5ba5-46f8-6bea-360134046d64&reqId=1a24dabe-238f-4c5d-4616-6dbdbbdcf254&uc=2&zdid=1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=51W9yRpOZqMyfFauzU8WN0g7w7V03jkK%2BS41iYitP1U%3D
Request Chain 41
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D2efb6373-5ba5-46f8-6bea-360134046d64%26reqId%3D1a24dabe-238f-4c5d-4616-6dbdbbdcf254%26uc%3D2%26zdid%3D1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=d2916039-f9b8-4a00-a7e3-40c05c23bcb6&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=2efb6373-5ba5-46f8-6bea-360134046d64&reqId=1a24dabe-238f-4c5d-4616-6dbdbbdcf254&uc=2&zdid=1258
Request Chain 53
  • https://sender.clevernt.com/transporter/48188.php?ppuc=1&ppu=0&id=495034&ref=aHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D&ruri=&r=714132450&tok=00484122702212148400&iv=-1&ctr=CH&sz=1200&wn=&res=1600x1200&landing=1&hei=360&ts=0.211 HTTP 302
  • https://lp.clevernetwork.pt/pokerstars/aa/?group=48188&id=495034&ref=aHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw==&r=714132450&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A=
Request Chain 71
  • https://secure.starsaffiliateclub.com/C.ashx?btag=a_174459b_1915c_&affid=2356410&siteid=174459&adid=1915&c=YSAALDTFIABAAWP HTTP 302
  • https://secure.starsaffiliateclub.com/C.ashx?btag=a_174459b_1915c_&affid=2356410&siteid=174459&adid=1915&c=YSAALDTFIABAAWP&AutoR=1 HTTP 302
  • https://www.pokerstars.com/ua/?btag=a_174459b_1915c_YSAALDTFIABAAWP HTTP 301
  • https://www.pokerstars.com/ua/
Request Chain 144
  • https://8954552.fls.doubleclick.net/activityi;src=8954552;type=rmcom0;cat=sg_we0;u27=119028166756485;ord=5006243135152.868;~oref=https%3A%2F%2Fwww.pokerstars.com%2Fua%2F HTTP 302
  • https://8954552.fls.doubleclick.net/activityi;dc_pre=CLmp4JbKie8CFQLs7QodtV8Bqw;src=8954552;type=rmcom0;cat=sg_we0;u27=119028166756485;ord=5006243135152.868;~oref=https%3A%2F%2Fwww.pokerstars.com%2Fua%2F
Request Chain 146
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.thebrighttag.com%2Fcs?btt=0&tp=an&uid=$UID HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=an&uid=2660798561965089759
Request Chain 147
  • https://sync-tm.everesttech.net/upi/pid/epROgTTp/?redir=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3D0WCbX0j%26uid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/epROgTTp/?redir=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3D0WCbX0j%26uid%3D%24%7BTM_USER_ID%7D&_test=YDn5uwAAALaNrizr HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=0WCbX0j&uid=YDn5uwAAALaNrizr&_test=YDn5uwAAALaNrizr
Request Chain 148
  • https://cm.g.doubleclick.net/pixel?google_nid=signal_dmp&google_cm&btt=0 HTTP 302
  • https://s.thebrighttag.com/cs?tp=gcms&btt=0&google_gid=CAESEBVE0TQ00jx1hyqFNSmxW28&google_cver=1
Request Chain 149
  • https://sync.mathtag.com/sync/js?redir=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Ftp%3Dmm%26uid%3D%5BMM_UUID%5D%26btt%3D0 HTTP 302
  • https://s.thebrighttag.com/cs?tp=mm&uid=d2916039-f9b8-4a00-a7e3-40c05c23bcb6&btt=0
Request Chain 150
  • https://servedby.flashtalking.com/map/?key=s3lJXta567k8G63uyekk63hUj6k11&url=https://s.thebrighttag.com/cs?btt=0&tp=dJNjEOZ&uid=[%FT_GUID%] HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=dJNjEOZ&uid=48061E108CC5C4
Request Chain 152
  • https://tag.device9.com/img/img.png?D9v.Version=1&D9v.Tag=1&D9r.DeviceID=true&D9v.AdvID=14708&D9v.SiteId=1&D9c=ftSync&D9c.dest=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dv0HKuXG%26uid%3D%5BD9ID%5D HTTP 307
  • https://s.thebrighttag.com/cs?btt=0&tp=v0HKuXG&uid=e7046bb306304039b0f382cca182d5ba
Request Chain 172
  • https://8526803.fls.doubleclick.net/activityi;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3200406439142.491 HTTP 302
  • https://8526803.fls.doubleclick.net/activityi;dc_pre=CIrZ6pbKie8CFeNBFQgdyLgByw;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3200406439142.491
Request Chain 174
  • https://ib.adnxs.com/getuid?//its.tradelab.fr/?type=tlsync&uuid2=$UID&callback=tl_sync HTTP 302
  • https://its.tradelab.fr/?type=tlsync&uuid2=2660798561965089759&callback=tl_sync
Request Chain 175
  • https://its.tradelab.fr/?type=tp&advid=727265&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1614412219%2C%22page_url%22%3A%22lp.clevernetwork.pt%2Fpokerstars%2Faa%2F%3Fgroup%3D48188%26id%3D495034%26ref%3DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D%26r%3D714132450%26tracker%3DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkP%22%2C%22dm%22%3A%22pokerstars.com%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1614412219%2C%22prev_vis_ts%22%3A1614412219%2C%22curr_vis_ts%22%3A1614412219%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm HTTP 302
  • https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEBy5g_M13rzw8G08OtE3INo&google_cver=1
Request Chain 178
  • https://servedby.flashtalking.com/map/?key=a7rAgh52909gAgrTaAporDg928888&url=https://servedby.flashtalking.com/container/29;71832;7464;iframe/?g=[%FT_GUID%] HTTP 302
  • https://servedby.flashtalking.com/container/29;71832;7464;iframe/?g=48061E108CC5C4
Request Chain 182
  • https://ib.adnxs.com/getuid?//its.tradelab.fr/?type=seg&uuid2=$UID&sid=25072242&val=null&fp=0&advid=727265&isregen=0&ua=Mozilla%252F5.0%2520(Macintosh%253B%2520Intel%2520Mac%2520OS%2520X%252010_14_5)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F83.0.4103.61%2520Safari%252F537.36&ur=https%253A%252F%252Flp.clevernetwork.pt%252Fpokerstars%252Faa%252F%253Fgroup%253D48188%2526id%253D495034%2526ref%253DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%253D%253D%2526r%253D714132450%2526tracker%253DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%252FYnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A%253D HTTP 302
  • https://its.tradelab.fr/?type=seg&uuid2=2660798561965089759&sid=25072242&val=null&fp=0&advid=727265&isregen=0&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&ur=https%3A%2F%2Flp.clevernetwork.pt%2Fpokerstars%2Faa%2F%3Fgroup%3D48188%26id%3D495034%26ref%3DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D%26r%3D714132450%26tracker%3DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm=&google_tc= HTTP 302
  • https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEGFusz1thuoz92nvbrBoMpw&google_cver=1
Request Chain 187
  • https://ib.adnxs.com/getuid?//its.tradelab.fr/?type=convr&x=1&uuid2=$UID&cdata=%7B%22a%22%3A645001%2C%22l%22%3A%5B2911043%2C3374860%2C3374870%2C3374871%2C3375631%2C3375634%2C3375636%2C3375869%2C3485777%2C3610728%2C4139570%2C4139577%2C5229563%2C5512754%2C5523904%2C5527627%2C5577407%2C5577415%2C5683612%2C5707327%2C5707518%2C5729834%2C5751995%2C5752074%2C5772094%2C5772112%2C5772126%2C5772157%2C5772186%2C5772205%2C5772383%2C5772421%2C5807843%2C5812186%2C5894602%2C5907913%2C5933676%2C5969498%2C5969642%2C5969671%2C5969675%2C5971810%2C5971880%2C5992671%2C5992999%2C5993021%2C6000363%2C6001937%2C6002209%2C6002253%2C6002382%2C6002507%2C6140505%2C6154762%2C6154871%2C6159236%2C6159578%2C6162984%2C6162989%2C6163852%2C6164009%2C6164071%2C6164072%2C6164436%2C6164437%2C6193482%2C6195004%2C6195041%2C6195042%2C6195043%2C6195531%2C6195532%2C6195533%2C6195609%2C6214062%2C6214063%2C6214064%2C6214094%2C6214097%2C6214101%2C6214202%2C6214204%2C6214208%2C6221015%2C6221229%2C6222282%2C6226174%2C6226212%2C6226218%2C6226221%2C6226226%2C6226446%2C6226454%2C6226458%2C6226476%2C6226484%2C6226643%2C6226796%2C6226877%2C6226880%2C6227027%2C6227558%2C6234208%2C6234214%2C6234248%2C6234255%2C6234287%2C6234366%2C6234427%2C6234545%2C6235523%2C6235651%2C6237797%2C6237800%2C6237832%2C6237857%2C6291044%2C6291049%2C6291104%2C6291106%2C6291111%2C6291118%2C6291124%2C6291138%2C6291946%2C6291953%2C6291969%2C6311673%2C6318389%2C6330471%2C6330749%2C6331140%2C6331216%2C6331277%2C6331301%2C6357110%2C6357745%2C6357758%2C6357771%2C6364697%2C6364707%2C6386022%2C6386029%2C6422150%2C6422153%2C6455878%2C6455884%2C6471290%2C6471292%2C6479718%2C6479764%2C6526614%2C6563367%2C6563414%2C6590178%2C6776590%2C6778340%2C6779076%2C6779365%2C6806511%2C6807202%2C6816216%2C6816242%2C6816247%2C6816326%2C6816335%2C6816341%2C6842289%2C6842296%2C6842320%2C6842381%2C6842396%2C6842507%2C6851735%2C6860538%2C6875822%2C6876078%2C6878676%2C6886610%2C6889819%2C6889820%2C6889829%2C6895218%2C6895221%2C6895281%2C6895289%2C6902404%2C6902406%2C6914830%2C6914832%2C6914833%2C6917298%2C6917319%2C6917321%2C6917325%2C6917329%2C6917415%2C7018738%2C7037742%2C7037747%2C7037879%2C7043219%2C7043221%2C7043222%2C7043223%2C7043356%2C7043359%2C7043387%2C7050757%2C7050810%2C7054802%2C7054821%2C7054845%2C7055172%2C7055180%2C7055199%2C7055243%2C7055269%2C7055280%2C7055313%2C7055360%2C7055754%2C7057671%2C7057780%2C7059421%2C7073089%2C7081770%2C7081774%2C7081869%2C7081871%2C7082029%2C7082088%2C7082091%2C7082175%2C7082177%2C7089154%2C7089369%2C7089726%2C7089791%2C7089907%2C7090617%2C7090621%2C7090626%2C7090631%2C7098648%2C7098649%2C7098654%2C7098664%2C7098673%2C7125571%2C7209540%2C7209542%2C7209543%2C7209544%2C7209546%2C7209548%2C7209549%2C7209550%2C7209995%2C7209997%2C7209999%2C7210001%2C7210195%2C7210198%2C7210208%2C7215834%2C7226638%2C7226689%2C7226691%2C7226766%2C7226777%2C7226784%2C7226796%2C7226942%2C7227046%2C7227047%2C7228256%2C7228261%2C7228262%2C7228265%2C7228268%2C7228270%2C7228272%2C7228273%2C7228277%2C7228284%2C7228285%2C7228289%2C7228298%2C7228299%2C7228300%2C7228302%2C7228320%2C7228331%2C7291167%2C7292156%2C7307100%2C7307264%2C7359086%2C7361643%2C7365559%2C7462205%2C7481343%2C7525396%2C7525559%2C7525623%2C7525690%2C7525745%2C7525847%2C7526713%2C7536183%2C7536493%2C7537492%2C7537579%2C7538501%2C7538532%2C7538638%2C7538719%2C7538977%2C7539323%2C7539357%2C7539424%2C7539466%2C7539475%2C7539506%2C7542691%2C7542814%2C7542908%2C7542924%2C7544348%2C7544399%2C7544474%2C7544514%2C7544544%2C7549646%2C7549719%2C7549749%2C7550152%2C7550161%2C7550213%2C7572162%2C7716684%2C7717144%2C7717791%2C7717812%2C7717827%2C7717839%2C7717845%2C7717929%2C7717945%2C7791362%2C7791430%2C7791447%2C7831211%2C7831225%2C7831261%2C7831271%2C7831809%2C7831811%2C7831815%2C7831831%2C7945977%2C7954109%2C8016142%2C8016159%2C8016171%2C8016175%2C8016181%2C8016206%2C8016306%2C8016315%2C8016332%2C8016350%2C8016357%2C8016364%2C8018483%2C8018490%2C8018538%2C8018546%2C8018559%2C8018567%2C8019394%2C8019396%2C8025229%2C8025244%2C8025246%2C8025250%2C8032818%2C8032824%2C8032827%2C8035172%2C8035174%2C8035175%2C8035176%2C8035180%2C8035184%2C8035188%2C8035190%2C8049459%2C8049473%2C8049493%2C8049509%2C8081387%2C8081422%2C8081425%2C8083336%2C8097798%2C8097803%2C8097831%2C8097833%2C8110565%2C8110587%2C8110595%2C8110599%2C8124939%2C8124944%2C8124953%2C8124960%2C8178320%2C8178327%2C8178331%2C8178333%2C8211948%2C8359406%2C8359412%2C8359420%2C8359431%2C8359441%2C8359637%2C8365506%2C8392744%2C8399097%2C8399099%2C8399111%2C8399112%2C8399130%2C8399132%2C8399133%2C8399134%2C8407979%2C8408076%2C8408078%2C8408084%2C8408087%2C8408090%2C8408092%2C8410453%2C8505019%2C8511659%2C8511660%2C8511661%2C8511662%2C8643514%2C8643560%2C8643589%2C8643686%2C8643748%2C8643808%2C8643881%2C8643903%2C8643943%2C8643973%2C8644038%2C8648496%2C8648497%2C8648502%2C8761737%2C8771359%2C8813308%2C8813343%2C8813346%2C8813349%2C8896437%2C8896445%2C8896457%2C8897484%2C8897495%2C8897500%2C8897529%2C8897530%2C8897532%2C8897533%2C8897534%2C8897535%2C8897869%2C8903049%2C8903064%2C8903076%2C8903099%2C8903103%2C8903105%2C8903122%2C8903123%2C8903125%2C8903128%2C8903132%2C8903531%2C8903539%2C8903563%2C8903568%2C8903594%2C8903599%2C8904004%2C8904014%2C8904020%2C8904031%2C8904037%2C8904056%2C8904059%2C8904063%2C9104939%2C9130903%2C9131544%2C9139541%2C9203023%2C9203067%2C9203116%2C9278395%2C9351038%2C9387947%2C9397722%2C9409325%2C9514351%2C9514357%2C9612423%2C9612517%2C9612648%2C9629921%2C9696006%2C9696064%2C9696100%2C9703331%2C9703486%2C9703627%2C9719551%2C9720613%2C9721538%2C9721695%2C9721702%2C9721705%2C9721709%2C9721710%2C9755110%2C9755385%2C9854757%2C9906851%2C9906874%2C9910363%2C9990666%2C9990685%2C9990686%2C10095363%2C10095797%2C10096001%2C10193236%2C10193384%2C10193807%2C10310290%2C10359145%2C10359204%2C10476365%2C10476464%2C10476611%2C10477525%2C10502301%2C10503758%2C10503885%2C10522118%2C10535412%2C10588065%2C10588071%2C10588162%2C10635997%2C10651842%2C10666631%2C10685105%2C10686491%2C10686495%2C10697806%2C10697843%2C10769787%2C10919956%2C10953320%2C10997851%2C10997980%2C10998089%2C10998386%2C10998397%2C10998435%2C10998569%2C10998579%2C11057024%2C11152558%2C11154187%2C11194193%2C11245943%2C11332680%2C11346958%2C11350004%2C11350005%2C11387804%2C11395097%2C11395212%2C11396897%2C11396924%2C11396962%2C11397033%2C11397135%2C11397140%2C11397143%2C11397144%2C11397147%2C11397214%2C11397215%2C11397216%2C11397217%2C11397218%2C11397960%2C11400745%2C11401196%2C11401197%2C11401392%2C11401427%2C11401493%2C11401640%2C11401724%2C11401976%2C11402069%2C11402079%2C11402096%2C11403979%2C11404377%2C11404384%2C11408351%2C11414595%2C11415196%2C11415197%2C11416031%2C11416034%2C11416120%2C11416161%2C11416324%2C11416553%2C11416714%2C11416754%2C11416984%2C11417111%2C11417621%2C11417683%2C11417716%2C11417751%2C11418099%2C11418103%2C11421607%2C11421608%2C11421620%2C11428320%2C11428379%2C11428382%2C11455715%2C11460659%2C11460890%2C11460892%2C11460901%2C11461357%2C11461368%2C11461404%2C11461722%2C11468652%2C11468653%2C11468655%2C11468676%2C11468681%2C11468684%2C11475669%2C11475694%2C11476530%2C11481965%2C11487671%2C11488866%2C11490520%2C11490827%2C11490868%2C11496300%2C11496628%2C11496649%2C11497244%2C11497486%2C11497968%2C11515690%2C11517479%2C11517532%2C11543793%2C11543906%2C11549890%2C11550201%2C11550202%2C11550203%2C11577232%2C11584353%2C11584887%2C11585480%2C11589019%2C11589113%2C11589120%2C11597342%2C11597367%2C11597472%2C11609630%2C11610899%2C11611100%2C11611338%2C11614059%2C11615411%2C11615420%2C11615446%2C11615498%2C11615501%2C11615504%2C11621887%2C11623768%2C11629337%2C11629339%2C11629401%2C11629580%2C11635203%2C11635277%2C11639299%2C11644447%2C11645614%2C11645616%2C11645617%2C11645658%2C11645659%2C11645660%2C11646244%2C11646540%2C11646635%2C11646660%2C11646737%2C11646758%2C11646798%2C11646818%2C11646842%2C11662987%2C11666805%2C11666880%2C11666886%2C11666910%2C11666918%2C11666976%2C11666994%2C11676263%2C11676270%2C11676293%2C11676312%2C11676368%2C11676415%2C11676451%2C11676455%2C11683311%2C11684178%2C11689123%2C11697904%2C11708513%2C11723817%2C11723818%2C11723861%2C11734201%2C11735165%2C11735305%2C11762514%2C11762691%2C11783343%2C11784015%2C11784931%2C11784993%2C11785011%2C11798208%2C11800129%2C11815343%2C11815391%2C11830759%2C11830841%2C11830975%2C11831346%2C11831372%2C11831539%2C11831549%2C11844423%2C11844425%2C11850207%2C11850209%2C11868176%2C11877510%2C11878882%2C11903230%2C11923402%2C11923553%2C11923569%2C11923571%2C11923657%2C11923673%2C11923736%2C11923737%2C11923739%2C11933607%2C11950397%2C11959998%2C11960028%2C11965353%2C11965440%2C11966901%2C11969715%2C11969801%2C11969866%2C11998069%2C11998156%2C12018471%2C12018822%2C12019250%2C12040619%2C12040854%2C12051550%2C12085845%2C12085852%2C12085930%2C12086375%2C12086624%2C12086628%2C12089273%2C12089504%2C12097231%2C12097501%2C12097542%2C12112378%2C12123555%2C12147846%2C12148109%2C12148144%2C12149117%2C12152120%2C12153186%2C12167992%2C12192400%2C12259785%2C12260127%2C12265565%2C12281316%2C12295255%2C12313833%2C12313922%2C12339057%2C12341877%2C12352272%2C12352686%2C12354121%2C12354122%2C12360312%2C12360381%2C12360409%2C12360462%2C12361864%2C12363145%2C12386789%2C12398074%2C12398113%2C12398378%2C12398381%2C12398504%2C12398509%2C12420753%2C12422577%2C12422611%2C12431515%2C12431517%2C12431978%2C12431992%2C12439905%2C12439907%2C12439909%2C12439912%2C12441386%2C12441481%2C12441510%2C12441534%2C12449202%2C12475965%2C12476042%2C12478711%2C12485943%2C12486269%2C12491060%2C12491062%2C12491069%2C12496885%2C12496889%2C12496896%2C12496903%2C12509636%2C12509663%2C12509666%2C12511664%2C12511728%2C12512481%2C12512497%2C12514254%2C12514258%2C12514259%2C12523410%2C12524165%2C12524190%2C12531093%2C12531215%2C12532951%2C12537147%2C12540453%2C12540458%2C12540504%2C12540622%2C12540637%2C12540684%2C12540821%2C12540930%2C12540932%2C12540934%2C12540935%2C12540941%2C12540942%2C12540944%2C12541090%2C12541116%2C12547910%2C12548079%2C12563220%2C12563442%2C12569091%2C12569109%2C12569915%2C12569976%2C12577340%2C12581719%2C12582312%2C12582313%2C12582329%2C12582452%2C12582536%2C12602522%2C12602557%2C12605925%2C12605958%2C12606093%2C12606151%2C12606168%2C12606214%2C12606227%2C12615985%2C12619760%2C12619773%2C12619803%2C12619812%2C12640901%2C12641206%2C12641243%2C12641682%2C12641809%2C12664238%2C12664319%2C12664996%2C12665004%2C12665396%2C12665413%2C12665421%2C12665439%2C12665455%2C12665461%2C12665475%2C12665487%2C12665495%2C12665500%2C12665503%2C12665525%2C12665546%2C12665547%2C12665597%2C12665601%2C12665607%2C12673380%2C12673381%2C12673382%2C12673464%2C12673465%2C12673466%2C12678055%2C12678172%2C12678221%2C12678226%2C12678237%2C12678299%2C12678359%2C12678463%2C12678488%2C12679930%2C12679980%2C12680219%2C12680220%2C12680222%2C12680286%2C12680287%2C12680288%2C12680289%2C12680415%2C12680416%2C12680421%2C12680422%2C12680547%2C12680555%2C12680601%2C12680602%2C12680650%2C12680663%2C12680669%2C12680670%2C12680738%2C12680769%2C12680771%2C12683429%2C12683434%2C12683503%2C12683505%2C12684229%2C12711824%2C12711834%2C12711888%2C12711901%2C12711998%2C12712007%2C12756221%2C12756544%2C12758212%2C12758217%2C12758706%2C12758709%2C12759543%2C12772370%2C12789220%2C12819638%2C12819641%2C12819731%2C12819732%2C12821228%2C12821232%2C12832058%2C12832408%2C12832429%2C12833471%2C12833555%2C12833582%2C12844715%2C12850910%2C12850918%2C12850920%2C12850967%2C12850982%2C12851052%2C12851887%2C12853335%2C12853406%2C12855587%2C12855588%2C12855593%2C12856316%2C12856317%2C12856352%2C12856353%2C12865755%2C12866030%2C12866078%2C12866196%2C12881237%2C12881625%2C12882278%2C12882663%2C12882964%2C12883397%2C12885363%2C12885422%2C12885453%2C12885505%2C12885592%2C12885613%2C12885663%2C12885862%2C12885905%2C12885918%2C12885923%2C12885927%2C12885985%2C12885990%2C12886005%2C12886680%2C12907847%2C12909272%2C12909273%2C12912682%2C12921648%2C12921769%2C12921826%2C12921855%2C12922024%2C12922087%2C12923143%2C12923684%2C12923704%2C12923773%2C12923936%2C12923939%2C12923998%2C12924001%2C12924874%2C12924902%2C12924912%2C12924956%2C12924975%2C12924990%2C12925005%2C12925090%2C12925181%2C12925195%2C12925241%2C12925261%2C12925400%2C12925442%2C12925508%2C12925517%2C12925633%2C12925873%2C12926824%2C12926843%2C12926883%2C12926944%2C12926953%2C12926973%2C12926981%2C12927175%2C12927269%2C12927332%2C12927414%2C12927418%2C12927744%2C12927838%2C12927922%2C12928066%2C12928149%2C12928164%2C12928182%2C12929571%2C12929597%2C12929716%2C12929815%2C12929978%2C12929989%2C12930024%2C12930043%2C12930100%2C12930131%2C12930164%2C12934254%2C12934305%2C12934411%2C12934440%2C12934450%2C12934452%2C12934495%2C12934513%2C12934588%2C12934594%2C12934611%2C12934639%2C12934673%2C12934687%2C12934696%2C12934700%2C12934710%2C12934763%2C12934815%2C12934845%2C12935224%2C12935234%2C12935279%2C12935281%2C12935317%2C12935345%2C12935397%2C12935507%2C12935534%2C12935633%2C12935860%2C12935899%2C12935934%2C12935954%2C12935966%2C12936000%2C12936069%2C12936101%2C12936983%2C12937233%2C12937283%2C12937313%2C12937393%2C12937404%2C12937424%2C12937904%2C12937962%2C12938122%2C12938523%2C12938579%2C12938617%2C12938638%2C12938691%2C12939517%2C12940043%2C12940181%2C12940372%2C12940871%2C12947134%2C12947167%2C12947207%2C12947216%2C12948248%2C12948375%2C12948428%2C12948498%2C12948741%2C12948794%2C12950687%2C12953811%2C12953815%2C12953843%2C12954030%2C12969597%2C12969640%2C12971115%2C12971765%2C12971885%2C12983798%2C12983859%2C12986083%2C12986160%2C12986291%2C12986844%2C12987733%2C12996965%2C12997777%2C12997845%2C12997849%2C13008703%2C13008708%2C13009209%2C13011063%2C13011066%2C13012364%2C13020630%2C13021375%2C13022053%2C13022072%2C13037641%2C13037645%2C13037884%2C13046784%2C13056244%2C13059704%2C13059741%2C13115728%2C13135619%2C13136828%2C13158557%2C13158567%2C13158580%2C13158584%2C13173610%2C13175848%2C13175893%2C13175937%2C13175972%2C13176001%2C13176069%2C13176161%2C13176365%2C13176390%2C13176420%2C13176558%2C13180060%2C13201287%2C13201333%2C13201431%2C13227834%2C13227878%2C13227899%2C13228461%2C13228467%2C13228472%2C13229742%2C13229964%2C13230150%2C13230158%2C13247905%2C13379501%2C13379527%2C13404253%2C13404255%2C13404256%2C13426762%2C13426768%2C13442957%2C13444808%2C13445193%2C13499528%2C13499558%2C13499559%2C13509560%2C13519091%2C13521499%2C13562887%2C13576597%2C13581270%2C13585037%2C13585042%2C13586704%2C13586711%2C13586718%2C13586720%2C13590402%2C13590478%2C13590485%2C13590826%2C13590912%2C13591338%2C13591340%2C13591456%2C13593057%2C13593120%2C13593124%2C13593413%2C13593470%2C13593489%2C13593491%2C13593492%2C13593952%2C13593953%2C13593955%2C13595060%2C13595186%2C13595202%2C13595232%2C13595280%2C13604577%2C13604579%2C13611236%2C13611921%2C13611926%2C13611928%2C13611930%2C13611932%2C13611935%2C13611950%2C13611955%2C13611957%2C13611959%2C13611960%2C13611961%2C13611962%2C13611980%2C13611981%2C13611990%2C13612010%2C13612013%2C13612026%2C13612030%2C13612056%2C13612507%2C13612510%2C13612514%2C13612515%2C13615293%2C13615363%2C13624271%2C13624335%2C13624366%2C13627530%2C13637445%2C13637541%2C13639429%2C13639559%2C13639822%2C13639829%2C13643700%2C13643723%2C13643732%2C13643747%2C13643753%2C13643758%2C13643773%2C13646588%2C13646593%2C13648302%2C13648333%2C13648334%2C13648335%2C13648336%2C13648337%2C13648338%2C13648396%2C13648398%2C13648400%2C13648401%2C13651559%2C13651660%2C13651676%2C13651682%2C13651716%2C13651764%2C13651797%2C13651823%2C13651854%2C13651874%2C13651905%2C13652073%2C13652074%2C13652082%2C13652086%2C13652091%2C13652092%2C13652097%2C13652098%2C13652406%2C13652414%2C13652431%2C13652432%2C13652441%2C13652458%2C13652463%2C13652502%2C13652504%2C13652553%2C13652554%2C13652652%2C13652667%2C13652685%2C13652686%2C13652691%2C13652693%2C13652706%2C13652707%2C13652888%2C13655571%2C13655675%2C13655677%2C13655748%2C13655759%2C13655772%2C13655774%2C13655815%2C13655816%2C13655928%2C13655929%2C13656062%2C13656068%2C13656075%2C13656076%2C13656137%2C13656139%2C13656166%2C13656167%2C13656224%2C13656403%2C13656413%2C13656414%2C13656698%2C13656703%2C13656715%2C13656731%2C13657593%2C13657599%2C13657611%2C13657612%2C13657646%2C13657863%2C13657864%2C13657881%2C13657883%2C13657884%2C13657887%2C13657908%2C13657921%2C13660900%2C13660902%2C13660918%2C13660927%2C13660928%2C13660964%2C13660965%2C13661137%2C13661139%2C13661201%2C13661204%2C13661205%2C13661212%2C13661213%2C13661995%2C13662002%2C13662009%2C13662012%2C13662013%2C13662086%2C13662102%2C13662113%2C13662132%2C13662133%2C13662145%2C13662146%2C13662230%2C13662241%2C13662276%2C13662293%2C13662295%2C13663428%2C13663432%2C13663437%2C13663450%2C13684419%2C13684437%2C13703524%2C13703900%2C13703963%2C13704004%2C13726085%2C13726630%2C13728187%2C13728188%2C13728189%2C13729253%2C13737386%2C13746660%2C13754902%2C13755175%2C13755177%2C13755793%2C13756319%2C13759146%2C13759454%2C13759508%2C13759747%2C13783001%2C13783005%2C13783013%2C13783058%2C13788357%2C13789606%2C13790210%2C13790356%2C13790443%2C13790445%2C13790446%2C13822025%2C13827326%2C13827616%2C13828767%2C13828768%2C13828769%2C13828942%2C13828948%2C13828950%2C13832725%2C13832749%2C13849058%2C13849117%2C13850343%2C13850357%2C13850393%2C13850549%2C13850802%2C13850854%2C13850880%2C13850899%2C13850948%2C13851106%2C13854071%2C13886580%2C13889445%2C13889455%2C13889486%2C13889961%2C13889975%2C13889994%2C13890227%2C13890239%2C13890240%2C13890241%2C13890463%2C13895571%2C13895572%2C13897024%2C13905793%2C13906529%2C13906564%2C13906592%2C13917417%2C13918132%2C13918133%2C13919181%2C13919183%2C13930356%2C13931368%2C13933484%2C13944490%2C13944551%2C13944643%2C13951734%2C13951831%2C13955623%2C13955624%2C13962873%2C13962978%2C13964343%2C13964344%2C13970253%2C13970255%2C14004524%2C14006771%2C14011339%2C14012185%2C14012197%2C14012277%2C14012280%2C14020547%2C14023284%2C14045762%2C14045763%2C14045764%2C14077128%2C14077134%5D%2C%22i%22%3A7%2C%22c%22%3A7%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=5189423&xur=lp.clevernetwork.pt%2Fpokerstars%2Faa%2F%3Fgroup%3D48188%26id%3D495034%26ref%3DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D%26r%3D714132450%26tracker%3DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkP&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A0%2C%22page_url%22%3A%22%22%2C%22dm%22%3A%22%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A0%2C%22frst_vis_ts%22%3A1614412219%2C%22prev_vis_ts%22%3A0%2C%22curr_vis_ts%22%3A1614412219%2C%22total_page_cnt%22%3A0%2C%22prev_page_cnt%22%3A0%2C%22curr_page_cnt%22%3A1%7D%7D HTTP 302
  • https://its.tradelab.fr/?type=convr&x=1&uuid2=2660798561965089759&cdata={%22a%22:645001,%22l%22:[2911043,3374860,3374870,3374871,3375631,3375634,3375636,3375869,3485777,3610728,4139570,4139577,5229563,5512754,5523904,5527627,5577407,5577415,5683612,5707327,5707518,5729834,5751995,5752074,5772094,5772112,5772126,5772157,5772186,5772205,5772383,5772421,5807843,5812186,5894602,5907913,5933676,5969498,5969642,5969671,5969675,5971810,5971880,5992671,5992999,5993021,6000363,6001937,6002209,6002253,6002382,6002507,6140505,6154762,6154871,6159236,6159578,6162984,6162989,6163852,6164009,6164071,6164072,6164436,6164437,6193482,6195004,6195041,6195042,6195043,6195531,6195532,6195533,6195609,6214062,6214063,6214064,6214094,6214097,6214101,6214202,6214204,6214208,6221015,6221229,6222282,6226174,6226212,6226218,6226221,6226226,6226446,6226454,6226458,6226476,6226484,6226643,6226796,6226877,6226880,6227027,6227558,6234208,6234214,6234248,6234255,6234287,6234366,6234427,6234545,6235523,6235651,6237797,6237800,6237832,6237857,6291044,6291049,6291104,6291106,6291111,6291118,6291124,6291138,6291946,6291953,6291969,6311673,6318389,6330471,6330749,6331140,6331216,6331277,6331301,6357110,6357745,6357758,6357771,6364697,6364707,6386022,6386029,6422150,6422153,6455878,6455884,6471290,6471292,6479718,6479764,6526614,6563367,6563414,6590178,6776590,6778340,6779076,6779365,6806511,6807202,6816216,6816242,6816247,6816326,6816335,6816341,6842289,6842296,6842320,6842381,6842396,6842507,6851735,6860538,6875822,6876078,6878676,6886610,6889819,6889820,6889829,6895218,6895221,6895281,6895289,6902404,6902406,6914830,6914832,6914833,6917298,6917319,6917321,6917325,6917329,6917415,7018738,7037742,7037747,7037879,7043219,7043221,7043222,7043223,7043356,7043359,7043387,7050757,7050810,7054802,7054821,7054845,7055172,7055180,7055199,7055243,7055269,7055280,7055313,7055360,7055754,7057671,7057780,7059421,7073089,7081770,7081774,7081869,7081871,7082029,7082088,7082091,7082175,7082177,7089154,7089369,7089726,7089791,7089907,7090617,7090621,7090626,7090631,7098648,7098649,7098654,7098664,7098673,7125571,7209540,7209542,7209543,7209544,7209546,7209548,7209549,7209550,7209995,7209997,7209999,7210001,7210195,7210198,7210208,7215834,7226638,7226689,7226691,7226766,7226777,7226784,7226796,7226942,7227046,7227047,7228256,7228261,7228262,7228265,7228268,7228270,7228272,7228273,7228277,7228284,7228285,7228289,7228298,7228299,7228300,7228302,7228320,7228331,7291167,7292156,7307100,7307264,7359086,7361643,7365559,7462205,7481343,7525396,7525559,7525623,7525690,7525745,7525847,7526713,7536183,7536493,7537492,7537579,7538501,7538532,7538638,7538719,7538977,7539323,7539357,7539424,7539466,7539475,7539506,7542691,7542814,7542908,7542924,7544348,7544399,7544474,7544514,7544544,7549646,7549719,7549749,7550152,7550161,7550213,7572162,7716684,7717144,7717791,7717812,7717827,7717839,7717845,7717929,7717945,7791362,7791430,7791447,7831211,7831225,7831261,7831271,7831809,7831811,7831815,7831831,7945977,7954109,8016142,8016159,8016171,8016175,8016181,8016206,8016306,8016315,8016332,8016350,8016357,8016364,8018483,8018490,8018538,8018546,8018559,8018567,8019394,8019396,8025229,8025244,8025246,8025250,8032818,8032824,8032827,8035172,8035174,8035175,8035176,8035180,8035184,8035188,8035190,8049459,8049473,8049493,8049509,8081387,8081422,8081425,8083336,8097798,8097803,8097831,8097833,8110565,8110587,8110595,8110599,8124939,8124944,8124953,8124960,8178320,8178327,8178331,8178333,8211948,8359406,8359412,8359420,8359431,8359441,8359637,8365506,8392744,8399097,8399099,8399111,8399112,8399130,8399132,8399133,8399134,8407979,8408076,8408078,8408084,8408087,8408090,8408092,8410453,8505019,8511659,8511660,8511661,8511662,8643514,8643560,8643589,8643686,8643748,8643808,8643881,8643903,8643943,8643973,8644038,8648496,8648497,8648502,8761737,8771359,8813308,8813343,8813346,8813349,8896437,8896445,8896457,8897484,8897495,8897500,8897529,8897530,8897532,8897533,8897534,8897535,8897869,8903049,8903064,8903076,8903099,8903103,8903105,8903122,8903123,8903125,8903128,8903132,8903531,8903539,8903563,8903568,8903594,8903599,8904004,8904014,8904020,8904031,8904037,8904056,8904059,8904063,9104939,9130903,9131544,9139541,9203023,9203067,9203116,9278395,9351038,9387947,9397722,9409325,9514351,9514357,9612423,9612517,9612648,9629921,9696006,9696064,9696100,9703331,9703486,9703627,9719551,9720613,9721538,9721695,9721702,9721705,9721709,9721710,9755110,9755385,9854757,9906851,9906874,9910363,9990666,9990685,9990686,10095363,10095797,10096001,10193236,10193384,10193807,10310290,10359145,10359204,10476365,10476464,10476611,10477525,10502301,10503758,10503885,10522118,10535412,10588065,10588071,10588162,10635997,10651842,10666631,10685105,10686491,10686495,10697806,10697843,10769787,10919956,10953320,10997851,10997980,10998089,10998386,10998397,10998435,10998569,10998579,11057024,11152558,11154187,11194193,11245943,11332680,11346958,11350004,11350005,11387804,11395097,11395212,11396897,11396924,11396962,11397033,11397135,11397140,11397143,11397144,11397147,11397214,11397215,11397216,11397217,11397218,11397960,11400745,11401196,11401197,11401392,11401427,11401493,11401640,11401724,11401976,11402069,11402079,11402096,11403979,11404377,11404384,11408351,11414595,11415196,11415197,11416031,11416034,11416120,11416161,11416324,11416553,11416714,11416754,11416984,11417111,11417621,11417683,11417716,11417751,11418099,11418103,11421607,11421608,11421620,11428320,11428379,11428382,11455715,11460659,11460890,11460892,11460901,11461357,11461368,11461404,11461722,11468652,11468653,11468655,11468676,11468681,11468684,11475669,11475694,11476530,11481965,11487671,11488866,11490520,11490827,11490868,11496300,11496628,11496649,11497244,11497486,11497968,11515690,11517479,11517532,11543793,11543906,11549890,11550201,11550202,11550203,11577232,11584353,11584887,11585480,11589019,11589113,11589120,11597342,11597367,11597472,11609630,11610899,11611100,11611338,11614059,11615411,11615420,11615446,11615498,11615501,11615504,11621887,11623768,11629337,11629339,11629401,11629580,11635203,11635277,11639299,11644447,11645614,11645616,11645617,11645658,11645659,11645660,11646244,11646540,11646635,11646660,11646737,11646758,11646798,11646818,11646842,11662987,11666805,11666880,11666886,11666910,11666918,11666976,11666994,11676263,11676270,11676293,11676312,11676368,11676415,11676451,11676455,11683311,11684178,11689123,11697904,11708513,11723817,11723818,11723861,11734201,11735165,11735305,11762514,11762691,11783343,11784015,11784931,11784993,11785011,11798208,11800129,11815343,11815391,11830759,11830841,11830975,11831346,11831372,11831539,11831549,11844423,11844425,11850207,11850209,11868176,11877510,11878882,11903230,11923402,11923553,11923569,11923571,11923657,11923673,11923736,11923737,11923739,11933607,11950397,11959998,11960028,11965353,11965440,11966901,11969715,11969801,11969866,11998069,11998156,12018471,12018822,12019250,12040619,12040854,12051550,12085845,12085852,12085930,12086375,12086624,12086628,12089273,12089504,12097231,12097501,12097542,12112378,12123555,12147846,12148109,12148144,12149117,12152120,12153186,12167992,12192400,12259785,12260127,12265565,12281316,12295255,12313833,12313922,12339057,12341877,12352272,12352686,12354121,12354122,12360312,12360381,12360409,12360462,12361864,12363145,12386789,12398074,12398113,12398378,12398381,12398504,12398509,12420753,12422577,12422611,12431515,12431517,12431978,12431992,12439905,12439907,12439909,12439912,12441386,12441481,12441510,12441534,12449202,12475965,12476042,12478711,12485943,12486269,12491060,12491062,12491069,12496885,12496889,12496896,12496903,12509636,12509663,12509666,12511664,12511728,12512481,12512497,12514254,12514258,12514259,12523410,12524165,12524190,12531093,12531215,12532951,12537147,12540453,12540458,12540504,12540622,12540637,12540684,12540821,12540930,12540932,12540934,12540935,12540941,12540942,12540944,12541090,12541116,12547910,12548079,12563220,12563442,12569091,12569109,12569915,12569976,12577340,12581719,12582312,12582313,12582329,12582452,12582536,12602522,12602557,12605925,12605958,12606093,12606151,12606168,12606214,12606227,12615985,12619760,12619773,12619803,12619812,12640901,12641206,12641243,12641682,12641809,12664238,12664319,12664996,12665004,12665396,12665413,12665421,12665439,12665455,12665461,12665475,12665487,12665495,12665500,12665503,12665525,12665546,12665547,12665597,12665601,12665607,12673380,12673381,12673382,12673464,12673465,12673466,12678055,12678172,12678221,12678226,12678237,12678299,12678359,12678463,12678488,12679930,12679980,12680219,12680220,12680222,12680286,12680287,12680288,12680289,12680415,12680416,12680421,12680422,12680547,12680555,12680601,12680602,12680650,12680663,12680669,12680670,12680738,12680769,12680771,12683429,12683434,12683503,12683505,12684229,12711824,12711834,12711888,12711901,12711998,12712007,12756221,12756544,12758212,12758217,12758706,12758709,12759543,12772370,12789220,12819638,12819641,12819731,12819732,12821228,12821232,12832058,12832408,12832429,12833471,12833555,12833582,12844715,12850910,12850918,12850920,12850967,12850982,12851052,12851887,12853335,12853406,12855587,12855588,12855593,12856316,12856317,12856352,12856353,12865755,12866030,12866078,12866196,12881237,12881625,12882278,12882663,12882964,12883397,12885363,12885422,12885453,12885505,12885592,12885613,12885663,12885862,12885905,12885918,12885923,12885927,12885985,12885990,12886005,12886680,12907847,12909272,12909273,12912682,12921648,12921769,12921826,12921855,12922024,12922087,12923143,12923684,12923704,12923773,12923936,12923939,12923998,12924001,12924874,12924902,12924912,12924956,12924975,12924990,12925005,12925090,12925181,12925195,12925241,12925261,12925400,12925442,12925508,12925517,12925633,12925873,12926824,12926843,12926883,12926944,12926953,12926973,12926981,12927175,12927269,12927332,12927414,12927418,12927744,12927838,12927922,12928066,12928149,12928164,12928182,12929571,12929597,12929716,12929815,12929978,12929989,12930024,12930043,12930100,12930131,12930164,12934254,12934305,12934411,12934440,12934450,12934452,12934495,12934513,12934588,12934594,12934611,12934639,12934673,12934687,12934696,12934700,12934710,12934763,12934815,12934845,12935224,12935234,12935279,12935281,12935317,12935345,12935397,12935507,12935534,12935633,12935860,12935899,12935934,12935954,12935966,12936000,12936069,12936101,12936983,12937233,12937283,12937313,12937393,12937404,12937424,12937904,12937962,12938122,12938523,12938579,12938617,12938638,12938691,12939517,12940043,12940181,12940372,12940871,12947134,12947167,12947207,12947216,12948248,12948375,12948428,12948498,12948741,12948794,12950687,12953811,12953815,12953843,12954030,12969597,12969640,12971115,12971765,12971885,12983798,12983859,12986083,12986160,12986291,12986844,12987733,12996965,12997777,12997845,12997849,13008703,13008708,13009209,13011063,13011066,13012364,13020630,13021375,13022053,13022072,13037641,13037645,13037884,13046784,13056244,13059704,13059741,13115728,13135619,13136828,13158557,13158567,13158580,13158584,13173610,13175848,13175893,13175937,13175972,13176001,13176069,13176161,13176365,13176390,13176420,13176558,13180060,13201287,13201333,13201431,13227834,13227878,13227899,13228461,13228467,13228472,13229742,13229964,13230150,13230158,13247905,13379501,13379527,13404253,13404255,13404256,13426762,13426768,13442957,13444808,13445193,13499528,13499558,13499559,13509560,13519091,13521499,13562887,13576597,13581270,13585037,13585042,13586704,13586711,13586718,13586720,13590402,13590478,13590485,13590826,13590912,13591338,13591340,13591456,13593057,13593120,13593124,13593413,13593470,13593489,13593491,13593492,13593952,13593953,13593955,13595060,13595186,13595202,13595232,13595280,13604577,13604579,13611236,13611921,13611926,13611928,13611930,13611932,13611935,13611950,13611955,13611957,13611959,13611960,13611961,13611962,13611980,13611981,13611990,13612010,13612013,13612026,13612030,13612056,13612507,13612510,13612514,13612515,13615293,13615363,13624271,13624335,13624366,13627530,13637445,13637541,13639429,13639559,13639822,13639829,13643700,13643723,13643732,13643747,13643753,13643758,13643773,13646588,13646593,13648302,13648333,13648334,13648335,13648336,13648337,13648338,13648396,13648398,13648400,13648401,13651559,13651660,13651676,13651682,13651716,13651764,13651797,13651823,13651854,13651874,13651905,13652073,13652074,13652082,13652086,13652091,13652092,13652097,13652098,13652406,13652414,13652431,13652432,13652441,13652458,13652463,13652502,13652504,13652553,13652554,13652652,13652667,13652685,13652686,13652691,13652693,13652706,13652707,13652888,13655571,13655675,13655677,13655748,13655759,13655772,13655774,13655815,13655816,13655928,13655929,13656062,13656068,13656075,13656076,13656137,13656139,13656166,13656167,13656224,13656403,13656413,13656414,13656698,13656703,13656715,13656731,13657593,13657599,13657611,13657612,13657646,13657863,13657864,13657881,13657883,13657884,13657887,13657908,13657921,13660900,13660902,13660918,13660927,13660928,13660964,13660965,13661137,13661139,13661201,13661204,13661205,13661212,13661213,13661995,13662002,13662009,13662012,13662013,13662086,13662102,13662113,13662132,13662133,13662145,13662146,13662230,13662241,13662276,13662293,13662295,13663428,13663432,13663437,13663450,13684419,13684437,13703524,13703900,13703963,13704004,13726085,13726630,13728187,13728188,13728189,13729253,13737386,13746660,13754902,13755175,13755177,13755793,13756319,13759146,13759454,13759508,13759747,13783001,13783005,13783013,13783058,13788357,13789606,13790210,13790356,13790443,13790445,13790446,13822025,13827326,13827616,13828767,13828768,13828769,13828942,13828948,13828950,13832725,13832749,13849058,13849117,13850343,13850357,13850393,13850549,13850802,13850854,13850880,13850899,13850948,13851106,13854071,13886580,13889445,13889455,13889486,13889961,13889975,13889994,13890227,13890239,13890240,13890241,13890463,13895571,13895572,13897024,13905793,13906529,13906564,13906592,13917417,13918132,13918133,13919181,13919183,13930356,13931368,13933484,13944490,13944551,13944643,13951734,13951831,13955623,13955624,13962873,13962978,13964343,13964344,13970253,13970255,14004524,14006771,14011339,14012185,14012197,14012277,14012280,14020547,14023284,14045762,14045763,14045764,14077128,14077134],%22i%22:7,%22c%22:7,%22t%22:%22h%22,%22m%22:%22null%22,%22vi%22:0,%22vc%22:0,%22hf%22:0,%22x%22:{}}&advid=5189423&xur=lp.clevernetwork.pt/pokerstars/aa/?group=48188&id=495034&ref=aHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw==&r=714132450&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkP&adata={%22c%22:{%22ref_url%22:%22%22,%22ref_ts%22:0,%22page_url%22:%22%22,%22dm%22:%22%22},%22v%22:{%22vis_cnt%22:0,%22frst_vis_ts%22:1614412219,%22prev_vis_ts%22:0,%22curr_vis_ts%22:1614412219,%22total_page_cnt%22:0,%22prev_page_cnt%22:0,%22curr_page_cnt%22:1}}
Request Chain 190
  • https://ib.adnxs.com/getuid?//its.tradelab.fr/?type=fseg&uuid2=$UID&sid=4232218&val=undefined&fun=825&step=1&siev=4232212&fp=0&advid=5189423&isregen=0&ua=Mozilla%252F5.0%2520(Macintosh%253B%2520Intel%2520Mac%2520OS%2520X%252010_14_5)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F83.0.4103.61%2520Safari%252F537.36&ur=https%253A%252F%252Flp.clevernetwork.pt%252Fpokerstars%252Faa%252F%253Fgroup%253D48188%2526id%253D495034%2526ref%253DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%253D%253D%2526r%253D714132450%2526tracker%253DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%252FYnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A%253D&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A0%2C%22page_url%22%3A%22%22%2C%22dm%22%3A%22%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A0%2C%22frst_vis_ts%22%3A1614412219%2C%22prev_vis_ts%22%3A0%2C%22curr_vis_ts%22%3A1614412219%2C%22total_page_cnt%22%3A0%2C%22prev_page_cnt%22%3A0%2C%22curr_page_cnt%22%3A1%7D%7D HTTP 302
  • https://its.tradelab.fr/?type=fseg&uuid2=2660798561965089759&sid=4232218&val=undefined&fun=825&step=1&siev=4232212&fp=0&advid=5189423&isregen=0&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&ur=https%3A%2F%2Flp.clevernetwork.pt%2Fpokerstars%2Faa%2F%3Fgroup%3D48188%26id%3D495034%26ref%3DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D%26r%3D714132450%26tracker%3DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A%3D&adata={%22c%22:{%22ref_url%22:%22%22,%22ref_ts%22:0,%22page_url%22:%22%22,%22dm%22:%22%22},%22v%22:{%22vis_cnt%22:0,%22frst_vis_ts%22:1614412219,%22prev_vis_ts%22:0,%22curr_vis_ts%22:1614412219,%22total_page_cnt%22:0,%22prev_page_cnt%22:0,%22curr_page_cnt%22:1}}
Request Chain 196
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/702974000/?random=431739688&cv=9&fst=1614412219396&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLmp4JbKie8CFQLs7QodtV8Bqw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D119028166756485%3Bord%3D5006243135152.868%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.com%252Fua%252F&ref=https%3A%2F%2Fwww.pokerstars.com%2Fua%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=u_k5YNWhHMbfzQbb-5WgAw&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/702974000/?random=431739688&cv=9&fst=1614412219396&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLmp4JbKie8CFQLs7QodtV8Bqw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D119028166756485%3Bord%3D5006243135152.868%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.com%252Fua%252F&ref=https%3A%2F%2Fwww.pokerstars.com%2Fua%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=u_k5YNWhHMbfzQbb-5WgAw&cid=CAQSKQCNIrLM0xp924kGrTr8RtzdvAEoPC6VkIb3ho_8736p9XU7DSzTvbX3&random=689143611&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/702974000/?random=431739688&cv=9&fst=1614412219396&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLmp4JbKie8CFQLs7QodtV8Bqw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D119028166756485%3Bord%3D5006243135152.868%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.com%252Fua%252F&ref=https%3A%2F%2Fwww.pokerstars.com%2Fua%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=u_k5YNWhHMbfzQbb-5WgAw&cid=CAQSKQCNIrLM0xp924kGrTr8RtzdvAEoPC6VkIb3ho_8736p9XU7DSzTvbX3&random=689143611&resp=GooglemKTybQhCsO&ipr=y
Request Chain 197
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/752674712/?random=1799766536&cv=9&fst=1614412219396&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLmp4JbKie8CFQLs7QodtV8Bqw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D119028166756485%3Bord%3D5006243135152.868%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.com%252Fua%252F&ref=https%3A%2F%2Fwww.pokerstars.com%2Fua%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=u_k5YMikHIKe-wbQlJDIAw&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/752674712/?random=1799766536&cv=9&fst=1614412219396&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLmp4JbKie8CFQLs7QodtV8Bqw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D119028166756485%3Bord%3D5006243135152.868%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.com%252Fua%252F&ref=https%3A%2F%2Fwww.pokerstars.com%2Fua%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=u_k5YMikHIKe-wbQlJDIAw&cid=CAQSKQCNIrLM_Qqc9DEufUk9Ov0fjvyH4sCyibZDeDxNCvDNKcmMqgAeBPcr&random=3480098906&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/752674712/?random=1799766536&cv=9&fst=1614412219396&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLmp4JbKie8CFQLs7QodtV8Bqw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D119028166756485%3Bord%3D5006243135152.868%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.com%252Fua%252F&ref=https%3A%2F%2Fwww.pokerstars.com%2Fua%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=u_k5YMikHIKe-wbQlJDIAw&cid=CAQSKQCNIrLM_Qqc9DEufUk9Ov0fjvyH4sCyibZDeDxNCvDNKcmMqgAeBPcr&random=3480098906&resp=GooglemKTybQhCsO&ipr=y

234 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.meudinheiro.xyz/ 		31 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.meudinheiro.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.23.238.99 , United States, ASN33182 (DIMENOC, US),
Reverse DNS
us138-cp.valueserver.com.br
Software
Apache /
Resource Hash
0cb1ec4dcd30d3912da0e57dfe9845ee4670863ba60a408745a90b337290b2a7

Request headers

:method
GET
:authority
www.meudinheiro.xyz
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:08 GMT
server
Apache
link
<https://www.meudinheiro.xyz/wp-json/>; rel="https://api.w.org/"
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
set-cookie
PHPSESSID=bp3suv0292r5n0bfugth97br84; path=/
vary
Accept-Encoding,User-Agent
content-encoding
gzip
content-length
6300
content-type
text/html; charset=UTF-8
style.min.css
www.meudinheiro.xyz/wp-includes/css/dist/block-library/ 		50 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.meudinheiro.xyz/wp-includes/css/dist/block-library/style.min.css?ver=5.6.2
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.23.238.99 , United States, ASN33182 (DIMENOC, US),
Reverse DNS
us138-cp.valueserver.com.br
Software
Apache /
Resource Hash
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40

Request headers

Referer
https://www.meudinheiro.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:11 GMT
content-encoding
gzip
last-modified
Mon, 22 Feb 2021 19:19:17 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
7849
expires
Sun, 27 Feb 2022 07:50:11 GMT
style.css
www.meudinheiro.xyz/wp-content/themes/styleblog/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.meudinheiro.xyz/wp-content/themes/styleblog/style.css?ver=5.6.2
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.23.238.99 , United States, ASN33182 (DIMENOC, US),
Reverse DNS
us138-cp.valueserver.com.br
Software
Apache /
Resource Hash
bcd020990e85c35214d11bdfc48a41e0082d614e681d9d38451b389090e4d4d2

Request headers

Referer
https://www.meudinheiro.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:11 GMT
content-encoding
gzip
last-modified
Thu, 28 Jan 2021 19:14:42 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4184
expires
Sun, 27 Feb 2022 07:50:11 GMT
css
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Spectral+SC%3A300%2C400%2C400i%2C500%2C600%2C700%7CPoppins%3A400%2C400i%2C500%2C500i%2C700%2C700i&subset=latin%2Clatin-ext&ver=5.6.2
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
285517cf35ba4d389b96dffba65e7f196baf0ca483e4c1d9431e9b519d430144
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.meudinheiro.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 27 Feb 2021 07:50:11 GMT
server
ESF
date
Sat, 27 Feb 2021 07:50:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 Feb 2021 07:50:11 GMT
main.min.css
www.meudinheiro.xyz/wp-content/themes/styleblog/themebeez/assets/dist/css/ 		234 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.meudinheiro.xyz/wp-content/themes/styleblog/themebeez/assets/dist/css/main.min.css?ver=5.6.2
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.23.238.99 , United States, ASN33182 (DIMENOC, US),
Reverse DNS
us138-cp.valueserver.com.br
Software
Apache /
Resource Hash
3e1609acbb7aa6a33b8c40d478ec96b0a0003924be4961258a9d7850084cfc23

Request headers

Referer
https://www.meudinheiro.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:11 GMT
content-encoding
gzip
last-modified
Thu, 28 Jan 2021 19:14:42 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
40810
expires
Sun, 27 Feb 2022 07:50:11 GMT
jquery.min.js
www.meudinheiro.xyz/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.meudinheiro.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.23.238.99 , United States, ASN33182 (DIMENOC, US),
Reverse DNS
us138-cp.valueserver.com.br
Software
Apache /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Referer
https://www.meudinheiro.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:11 GMT
content-encoding
gzip
last-modified
Thu, 08 Oct 2020 01:03:26 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
30916
expires
Sun, 27 Feb 2022 07:50:11 GMT
jquery-migrate.min.js
www.meudinheiro.xyz/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.meudinheiro.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.23.238.99 , United States, ASN33182 (DIMENOC, US),
Reverse DNS
us138-cp.valueserver.com.br
Software
Apache /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer
https://www.meudinheiro.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:11 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 18:01:14 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4169
expires
Sun, 27 Feb 2022 07:50:11 GMT
gen.js
ads.themoneytizer.com/s/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=1
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
f68870a1250e67d9eb6ae2bacb1fd3a1267db6a730f8e333fcf898c461588707

Request headers

Referer
https://www.meudinheiro.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:11 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
accept-ranges
bytes
content-length
2158
expires
Sun, 28 Feb 2021 07:49:41 GMT
requestform.js
ads.themoneytizer.com/s/ 		87 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=73646&formatId=1
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
625e872df5cce48cc87799696e4d0d5f6ff4e9299d303ea4d38ccbc8da267e3c

Request headers

Referer
https://www.meudinheiro.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:16 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
MISS
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
accept-ranges
bytes
expires
Sun, 28 Feb 2021 07:50:16 GMT
no-image-archive.png
www.meudinheiro.xyz/wp-content/themes/styleblog/themebeez/assets/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.meudinheiro.xyz/wp-content/themes/styleblog/themebeez/assets/img/no-image-archive.png
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.23.238.99 , United States, ASN33182 (DIMENOC, US),
Reverse DNS
us138-cp.valueserver.com.br
Software
Apache /
Resource Hash
36acde19f72b622d5419974d04a60c64abb3d4bfe82ef5ff62f63952a0427a38

Request headers

Referer
https://www.meudinheiro.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:11 GMT
last-modified
Thu, 28 Jan 2021 19:14:42 GMT
server
Apache
vary
User-Agent
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7921
expires
Mon, 29 Mar 2021 07:50:11 GMT
navigation.js
www.meudinheiro.xyz/wp-content/themes/styleblog/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.meudinheiro.xyz/wp-content/themes/styleblog/js/navigation.js?ver=20151215
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.23.238.99 , United States, ASN33182 (DIMENOC, US),
Reverse DNS
us138-cp.valueserver.com.br
Software
Apache /
Resource Hash
fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c

Request headers

Referer
https://www.meudinheiro.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:11 GMT
content-encoding
gzip
last-modified
Thu, 28 Jan 2021 19:14:42 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1094
expires
Sun, 27 Feb 2022 07:50:11 GMT
skip-link-focus-fix.js
www.meudinheiro.xyz/wp-content/themes/styleblog/js/ 		685 B
451 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.meudinheiro.xyz/wp-content/themes/styleblog/js/skip-link-focus-fix.js?ver=20151215
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.23.238.99 , United States, ASN33182 (DIMENOC, US),
Reverse DNS
us138-cp.valueserver.com.br
Software
Apache /
Resource Hash
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2

Request headers

Referer
https://www.meudinheiro.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:11 GMT
content-encoding
gzip
last-modified
Thu, 28 Jan 2021 19:14:42 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
417
expires
Sun, 27 Feb 2022 07:50:11 GMT
bundle.min.js
www.meudinheiro.xyz/wp-content/themes/styleblog/themebeez/assets/dist/js/ 		203 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.meudinheiro.xyz/wp-content/themes/styleblog/themebeez/assets/dist/js/bundle.min.js?ver=20151215
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.23.238.99 , United States, ASN33182 (DIMENOC, US),
Reverse DNS
us138-cp.valueserver.com.br
Software
Apache /
Resource Hash
51a086065e926db0fbeecbed095737061fb511e1764a5c4a019195b2bc9032b4

Request headers

Referer
https://www.meudinheiro.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:11 GMT
content-encoding
gzip
last-modified
Thu, 28 Jan 2021 19:14:42 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
53665
expires
Sun, 27 Feb 2022 07:50:11 GMT
wp-embed.min.js
www.meudinheiro.xyz/wp-includes/js/ 		1 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.meudinheiro.xyz/wp-includes/js/wp-embed.min.js?ver=5.6.2
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.23.238.99 , United States, ASN33182 (DIMENOC, US),
Reverse DNS
us138-cp.valueserver.com.br
Software
Apache /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Referer
https://www.meudinheiro.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:11 GMT
content-encoding
gzip
last-modified
Thu, 04 Feb 2021 07:15:21 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
765
expires
Sun, 27 Feb 2022 07:50:11 GMT
js
www.googletagmanager.com/gtag/ 		98 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-92841600-1
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d974a126a84616000288e1211f666315da1c3bbce255057cc5a11d934ef698fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.meudinheiro.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39389
x-xss-protection
0
last-modified
Sat, 27 Feb 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 27 Feb 2021 07:50:11 GMT
wp-emoji-release.min.js
www.meudinheiro.xyz/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.meudinheiro.xyz/wp-includes/js/wp-emoji-release.min.js?ver=5.6.2
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.23.238.99 , United States, ASN33182 (DIMENOC, US),
Reverse DNS
us138-cp.valueserver.com.br
Software
Apache /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Referer
https://www.meudinheiro.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:11 GMT
content-encoding
gzip
last-modified
Thu, 04 Feb 2021 07:15:21 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4662
expires
Sun, 27 Feb 2022 07:50:11 GMT
/
g.themoneytizer.net/g/ 		26 B
271 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g.themoneytizer.net/g/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
24f85d914df50a3785eaeed932eab1fd4cbec751c51376321436d853963a46dd

Request headers

Referer
https://www.meudinheiro.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:50:11 GMT
Server
nginx
X-IPLB-Request-ID
B99CAF6B:4D6A_91EFC191:01BB_6039F9B3_881F2BE:25758
X-IPLB-Instance
29821
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
smart.js
ced-ns.sascdn.com/diff/js/
Redirect Chain
  • https://ww1097.smartadserver.com/config.js?nwid=1097
  • https://ced-ns.sascdn.com/diff/js/smart.js
32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/smart.js
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
6e8c871975be29bb26543d00cd18fa047e4b4375c0f5618d29be2d6d3be67386

Request headers

Referer
https://www.meudinheiro.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:50:11 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Nov 2020 10:03:04 GMT
Server
AkamaiNetStorage
ETag
"adbdf97f38751662c160738a7d673f87:1605002589.581548"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9998

Redirect headers

location
https://ced-ns.sascdn.com/diff/js/smart.js
date
Sat, 27 Feb 2021 07:50:11 GMT
x-smrt-reason
5
content-length
0
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Spectral+SC%3A300%2C400%2C400i%2C500%2C600%2C700%7CPoppins%3A400%2C400i%2C500%2C500i%2C700%2C700i&subset=latin%2Clatin-ext&ver=5.6.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.meudinheiro.xyz
Referer
https://fonts.googleapis.com/css?family=Spectral+SC%3A300%2C400%2C400i%2C500%2C600%2C700%7CPoppins%3A400%2C400i%2C500%2C500i%2C700%2C700i&subset=latin%2Clatin-ext&ver=5.6.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 12:56:43 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:01:13 GMT
server
sffe
age
154408
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7900
x-xss-protection
0
expires
Fri, 25 Feb 2022 12:56:43 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Spectral+SC%3A300%2C400%2C400i%2C500%2C600%2C700%7CPoppins%3A400%2C400i%2C500%2C500i%2C700%2C700i&subset=latin%2Clatin-ext&ver=5.6.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.meudinheiro.xyz
Referer
https://fonts.googleapis.com/css?family=Spectral+SC%3A300%2C400%2C400i%2C500%2C600%2C700%7CPoppins%3A400%2C400i%2C500%2C500i%2C700%2C700i&subset=latin%2Clatin-ext&ver=5.6.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 19:41:26 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:01:44 GMT
server
sffe
age
130125
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7832
x-xss-protection
0
expires
Fri, 25 Feb 2022 19:41:26 GMT
moneybile.js
ads.themoneytizer.com/ 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=73646&formatId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

Referer
https://www.meudinheiro.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:16 GMT
content-encoding
gzip
last-modified
Mon, 13 Jul 2020 16:40:37 GMT
server
nginx
etag
"7ff1-981e-5aa5559ba8e59"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
16267
expires
Sun, 28 Feb 2021 07:49:41 GMT
sync
gum.criteo.com/ 		49 B
371 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=73646&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.meudinheiro.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sat, 27 Feb 2021 07:50:15 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1550
content-length
165
expires
60
libJsLP.js
tag.leadplace.fr/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=73646&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
32adcd20942cc95376c96c686e5f4c65dba39275545f6c9c7b63b72a374d9cc0

Request headers

Referer
https://www.meudinheiro.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:50:16 GMT
Last-Modified
Thu, 07 Jan 2021 17:29:20 GMT
Server
nginx/1.14.2
X-IPLB-Request-ID
B99CAF6B:ADE6_91EFC0A6:01BB_6039F9B8_1E8596:132BB
ETag
"5ff744f0-e7c"
X-IPLB-Instance
30196
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
3708
/
onetag-sys.com/usync/ Frame C251 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1614412216199
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=73646&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2a897e3f18e6769&cb=1614412216199
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.meudinheiro.xyz/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.meudinheiro.xyz/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 0CF3 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=73646&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85d0169d980a0ed9cf7f51a1e48d8cf5419d29005eaed4a8955d24ce453d8171

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/?env=mWeb&uc=2&zdid=1258&eventType=map
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.meudinheiro.xyz/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.meudinheiro.xyz/

Response headers

date
Sat, 27 Feb 2021 07:50:16 GMT
content-type
text/html
set-cookie
__cfduid=ded20e535e2c92709a510fdcb8d35851c1614412216; expires=Mon, 29-Mar-21 07:50:16 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=2efb6373-5ba5-46f8-6bea-360134046d64; Path=/; Domain=.zeotap.com; Max-Age=63072000; SameSite=None; Secure zsc=%96%ACJ%DA%8E%D8%E1%B3%CC%96%84%E23qw_U%A4%B9%0A%84%AF%FAV%0D%D7%D9%15%E8%A2%B8%22%E4%B5%27%80%3C%06n%3E%13J%EA%EF%9E%E5%04%C7%3Dc%AF%85Jvm1%1A%BF%ECp%ECy%86C%DEq%D3w%E6%C8SM%00%04%22%1F0v%D0%7F%9D%C0%0CYX%F3%E5%F67%C0%C8%043%DE%28U%A1%C5%BC%BF%3FE%5B%B1%05; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://www.meudinheiro.xyz
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
0884108f8e0000145a1707f000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6280505f48cf145a-FRA
content-encoding
br
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=73646&formatId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2cd6cff81ed30607212a76cf14df956553f17dc9f8024a720e7acb0dd2ec1b78

Request headers

Referer
https://www.meudinheiro.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:16 GMT
content-encoding
gzip
etag
"/D8P7qgiWm3WmfjhiS2eTg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sat, 06 Mar 2021 07:50:16 GMT
px.js
p.cpx.to/p// 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p//px.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=73646&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.104.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-104-217.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.meudinheiro.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:50:16 GMT
Connection
keep-alive
Content-Length
42
Content-Type
text/plain; charset=UTF-8
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=73646&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-44.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer
https://www.meudinheiro.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 00:42:28 GMT
Via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
33401
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
8_p0yMlXFZ1KqYOH2rJvAQ6RWRojALaChzVHkLsfVJMCm6lMteyuGw==
186329-261067657875242.js
js-sec.indexww.com/ht/p/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=73646&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4d2f2b768dbcce1931e736b7c88e12621167d50c36151d8bb6a697dc8aea30b7

Request headers

Referer
https://www.meudinheiro.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:50:16 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Feb 2021 06:55:30 GMT
Server
Apache
ETag
"902da9-925a-5bc4bded507f8"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=460
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
12743
Expires
Sat, 27 Feb 2021 07:57:56 GMT
prebid.js
ads.themoneytizer.com/moneybid4_18AA/build/dist/ 		493 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybid4_18AA/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=73646&formatId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
c8ea49170f990ad3ce862c2681ddae04daf36b496213451277aa803b5dab2c0b

Request headers

Referer
https://www.meudinheiro.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:16 GMT
content-encoding
gzip
last-modified
Mon, 11 Jan 2021 17:18:06 GMT
server
nginx
etag
"203dc-7b27e-5b8a316dd6509"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
158101
expires
Sun, 28 Feb 2021 07:49:50 GMT
Ktk0ALCRZonmalTgyPmRfs16x3TQN4a3X4ZA.woff2
fonts.gstatic.com/s/spectralsc/v5/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/spectralsc/v5/Ktk0ALCRZonmalTgyPmRfs16x3TQN4a3X4ZA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Spectral+SC%3A300%2C400%2C400i%2C500%2C600%2C700%7CPoppins%3A400%2C400i%2C500%2C500i%2C700%2C700i&subset=latin%2Clatin-ext&ver=5.6.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bdadaebb12ccec9dda1ea7e89314532056a699331e8d1f54a596f8632b7fe9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.meudinheiro.xyz
Referer
https://fonts.googleapis.com/css?family=Spectral+SC%3A300%2C400%2C400i%2C500%2C600%2C700%7CPoppins%3A400%2C400i%2C500%2C500i%2C700%2C700i&subset=latin%2Clatin-ext&ver=5.6.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Feb 2021 03:49:26 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 03:00:28 GMT
server
sffe
age
273650
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12980
x-xss-protection
0
expires
Thu, 24 Feb 2022 03:49:26 GMT
fontawesome-webfont.woff2
www.meudinheiro.xyz/wp-content/themes/styleblog/themebeez/assets/dist/fonts/fontAwesome/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.meudinheiro.xyz/wp-content/themes/styleblog/themebeez/assets/dist/fonts/fontAwesome/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/wp-content/themes/styleblog/themebeez/assets/dist/css/main.min.css?ver=5.6.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.23.238.99 , United States, ASN33182 (DIMENOC, US),
Reverse DNS
us138-cp.valueserver.com.br
Software
Apache /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin
https://www.meudinheiro.xyz
Referer
https://www.meudinheiro.xyz/wp-content/themes/styleblog/themebeez/assets/dist/css/main.min.css?ver=5.6.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:16 GMT
last-modified
Thu, 28 Jan 2021 19:14:42 GMT
server
Apache
vary
User-Agent
content-type
font/woff2
cache-control
max-age=2592000
accept-ranges
bytes
content-length
77160
expires
Mon, 29 Mar 2021 07:50:16 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Spectral+SC%3A300%2C400%2C400i%2C500%2C600%2C700%7CPoppins%3A400%2C400i%2C500%2C500i%2C700%2C700i&subset=latin%2Clatin-ext&ver=5.6.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.meudinheiro.xyz
Referer
https://fonts.googleapis.com/css?family=Spectral+SC%3A300%2C400%2C400i%2C500%2C600%2C700%7CPoppins%3A400%2C400i%2C500%2C500i%2C700%2C700i&subset=latin%2Clatin-ext&ver=5.6.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 18:41:10 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:01:44 GMT
server
sffe
age
306546
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7776
x-xss-protection
0
expires
Wed, 23 Feb 2022 18:41:10 GMT
7e416e56e26da6f5a0dedb4a252d2adf.min.js
clevernt.com/scripts/ 		121 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clevernt.com/scripts/7e416e56e26da6f5a0dedb4a252d2adf.min.js?20210210=1614412216315
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a49a991b3bf8741d7868098f7d8c230fa0d808c92382bda7c26a189749d9763

Request headers

Referer
https://www.meudinheiro.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:16 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8EB84B7B037022D1
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
1tSBAPFfbd54bpzYORtA8JWE/8KXQZ4ZUuX583XtjVvoXxwCz/uWXm4kv2wBH1NEr63sNJWrK+s=
last-modified
Sat, 27 Feb 2021 04:50:44 GMT
server
cloudflare
etag
W/"68c2f86e1d45309bf8a98d32e0876f51"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IOvYXNEYeHcN8317duGvcw8xtu7G9Jmr4k7I4DIKKD2cuBerRKb8l%2F%2FnLBtDTTRbdh8o0C%2B6MyOYaCCk0RYSFriSJzuhRXdmvuq4eb%2Fhe6WMOhWdNSX6vtY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=1800
cf-request-id
088410901100004e9719966000000001
cf-ray
628050601fd04e97-FRA
8.gif
id5-sync.com/c/12/104/2/
Redirect Chain
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/12/2/8/2.gif?puid=2660798561965089759&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOWQEKS7tJiG1ewpH4P2n2Z3lJZcJ4T_5L3ZtJYA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gd...
  • https://id5-sync.com/c/12/3/7/3.gif?puid=d2916039-f9b8-4a00-a7e3-40c05c23bcb6&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=a75d678e-5fc6-4109-83ef-e7396abf8c7b&ttl=%%TTL%%
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F5%2F5.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F5%2F5.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/12/10/5/5.gif?puid=8942812063601655072&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/12/19/4/6.gif?puid=${profile_id}&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/12/19/4/6.gif?puid=${profile_id}&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/12/19/4/6.gif?puid=b1492bf572a77d90eb7b2e0aa4640a02&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F3%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F3%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/12/101/3/7.gif?puid=5da73fcd-4345-4ad0-bca8-b7505f163f61&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F104%2F2%2F8.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F104%2F2%2F8.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/12/104/2/8.gif?puid=5d7a0b8d-f360-4048-beb7-ba5549a4fb1b&gdpr=0&gdpr_consent=
0
0
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-92841600-1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.meudinheiro.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
6460
date
Sat, 27 Feb 2021 06:02:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Sat, 27 Feb 2021 08:02:36 GMT
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ 		1 KB
990 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer
https://www.meudinheiro.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:44:17 GMT
content-encoding
gzip
last-modified
Mon, 19 Mar 2018 22:28:36 GMT
server
AmazonS3
age
360
etag
W/"9a93052877e57b42aeefaab6e7ec5f90"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
lLYnA773-k1aMhnvNXTI9m8_CUsbfwNJaneGVEqWkIR3witKZ6RDMw==
mw
mwzeom.zeotap.com/ Frame 0CF3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=2efb6373-5ba5-46f8-6bea-360134046d64&reqId=1a24dabe-238f-4c5d-4616-6dbdbbdcf254&...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fadnxs_uid%3D%24UID%26zpartnerid%3D2%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D2efb6373-5ba5-46f8-6bea-360134046d64%2...
  • https://mwzeom.zeotap.com/mw?adnxs_uid=9115634050970583298&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=2efb6373-5ba5-46f8-6bea-360134046d64&reqId=1a24dabe-238f-4c5d-4616-6dbdbbdcf254&uc=2&zdid=1258
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?adnxs_uid=9115634050970583298&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=2efb6373-5ba5-46f8-6bea-360134046d64&reqId=1a24dabe-238f-4c5d-4616-6dbdbbdcf254&uc=2&zdid=1258
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
62805061cb6c145a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08841091220000145ae3243000000001

Redirect headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:16 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.75:80
AN-X-Request-Uuid
7c97969d-50de-4294-9602-17c458e78104
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://mwzeom.zeotap.com/mw?adnxs_uid=9115634050970583298&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=2efb6373-5ba5-46f8-6bea-360134046d64&reqId=1a24dabe-238f-4c5d-4616-6dbdbbdcf254&uc=2&zdid=1258
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 0CF3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=2efb6373-5ba5-46f8-6bea-360134046d64&reqId=1a24dabe-238f-4c5d-4616-6dbdbbdcf254&uc=2&...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=2efb6373-5ba5-46f8-6bea-360134046d64&reqId=1a24dabe-238f-4c5d-4616-6dbdbbdcf254&uc=2...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEG0mOabyLeSRrTOTZCis4qU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=2efb6373-5ba5-46f8-6bea-360134046d64&reqId=1a24dabe-238f-4c5d-4616-6db...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEG0mOabyLeSRrTOTZCis4qU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=2efb6373-5ba5-46f8-6bea-360134046d64&reqId=1a24dabe-238f-4c5d-4616-6dbdbbdcf254&uc=2&zdid=1258
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
628050622bbd145a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08841091570000145a0e12f000000001

Redirect headers

pragma
no-cache
date
Sat, 27 Feb 2021 07:50:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEG0mOabyLeSRrTOTZCis4qU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=2efb6373-5ba5-46f8-6bea-360134046d64&reqId=1a24dabe-238f-4c5d-4616-6dbdbbdcf254&uc=2&zdid=1258
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
450
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 0CF3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D2efb6373-5ba5-46f8-6bea-360134046d64%26reqId%3D1a24dabe-238f-4c5d-4616-6dbdbb...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D2efb6373-5ba5-46f8-6bea-360134046d64%26reqId%3D1a24dabe-238f-4c5d-4616-6dbdbb...
  • https://mwzeom.zeotap.com/mw?cid=a75d678e-5fc6-4109-83ef-e7396abf8c7b&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=2efb6373-5ba5-46f8-6bea-360134046d64&reqId=1a24dabe-238f-4c5d-4616-6dbdbbdcf254&uc...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=a75d678e-5fc6-4109-83ef-e7396abf8c7b&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=2efb6373-5ba5-46f8-6bea-360134046d64&reqId=1a24dabe-238f-4c5d-4616-6dbdbbdcf254&uc=2&zdid=1258
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
628050622bc0145a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
088410915a0000145ab494a000000001

Redirect headers

pragma
no-cache
date
Sat, 27 Feb 2021 07:50:16 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=a75d678e-5fc6-4109-83ef-e7396abf8c7b&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=2efb6373-5ba5-46f8-6bea-360134046d64&reqId=1a24dabe-238f-4c5d-4616-6dbdbbdcf254&uc=2&zdid=1258
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
449
mw
mwzeom.zeotap.com/ Frame 0CF3
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=2efb6373-5ba5-46f8-6bea-360134046d64&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=2efb6373-5ba5-46f8-6bea-360134046d64&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=60870640831535040513234587718627598219&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=2efb6373-5ba5-46f8-6bea-360134046d64&reqId=1a24dabe-238f-4c5d-4616-6dbdbbdcf25...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=60870640831535040513234587718627598219&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=2efb6373-5ba5-46f8-6bea-360134046d64&reqId=1a24dabe-238f-4c5d-4616-6dbdbbdcf254&uc=2&zdid=1258
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
628050626bf8145a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08841091830000145a37a95000000001

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
ty6Ru2yTTAU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=60870640831535040513234587718627598219&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=2efb6373-5ba5-46f8-6bea-360134046d64&reqId=1a24dabe-238f-4c5d-4616-6dbdbbdcf254&uc=2&zdid=1258
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 0CF3
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&id_mid_4=2efb6373-5ba5-46f8-6bea-360134046d64&reqId=1a24dabe-238f-4c5d-4616-6dbdbbdcf254&uc=2&zdid=1258
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=51W9yRpOZqMyfFauzU8WN0g7w7V03jkK%2BS41iYitP1U%3D
95 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=51W9yRpOZqMyfFauzU8WN0g7w7V03jkK%2BS41iYitP1U%3D
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
628050617b2f145a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08841090ed0000145afc031000000001

Redirect headers

pragma
no-cache
date
Sat, 27 Feb 2021 07:50:16 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=51W9yRpOZqMyfFauzU8WN0g7w7V03jkK%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 0CF3
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D2efb637...
  • https://mwzeom.zeotap.com/mw?cid=d2916039-f9b8-4a00-a7e3-40c05c23bcb6&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=2efb6373-5ba5-46f8-6bea-360134046d64&reqId=1a24dabe-238f-4c5d-4616-6dbd...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=d2916039-f9b8-4a00-a7e3-40c05c23bcb6&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=2efb6373-5ba5-46f8-6bea-360134046d64&reqId=1a24dabe-238f-4c5d-4616-6dbdbbdcf254&uc=2&zdid=1258
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
62805061ab54145a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
088410910a0000145a3b2c5000000001

Redirect headers

Date
Sat, 27 Feb 2021 07:50:16 GMT
Server
MT3 3518 2f03077 master cdg-pixel-x28
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=d2916039-f9b8-4a00-a7e3-40c05c23bcb6&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=2efb6373-5ba5-46f8-6bea-360134046d64&reqId=1a24dabe-238f-4c5d-4616-6dbdbbdcf254&uc=2&zdid=1258
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Sat, 27 Feb 2021 07:50:52 GMT
cmp.min.js
spl.zeotap.com/ Frame 0CF3 		541 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&id_mid_4=2efb6373-5ba5-46f8-6bea-360134046d64&reqId=1a24dabe-238f-4c5d-4616-6dbdbbdcf254&uc=2&zdid=1258
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8012130088f92723244a85073d7945c43a2cd3bb1639bddfdd012c5ee28607b9

Request headers

Referer
https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray
62805060ea9d145a-FRA
date
Sat, 27 Feb 2021 07:50:16 GMT
via
1.1 google
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
cf-request-id
08841090940000145a221ad000000001
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.meudinheiro.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 12:53:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
413804
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30186
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Feb 2022 12:53:32 GMT
wckr.php
tag.leadplace.fr/ Frame 0588 		0
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fwww.meudinheiro.xyz%2F&id=MTIZ
Requested by
Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/libJsLP.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
tag.leadplace.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.meudinheiro.xyz/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.meudinheiro.xyz/

Response headers

Server
nginx/1.14.2
Date
Sat, 27 Feb 2021 07:50:16 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
X-IPLB-Request-ID
B99CAF6B:ADE6_91EFC0A6:01BB_6039F9B8_1E85AA:132BB
X-IPLB-Instance
30196
identity
api.rlcdn.com/api/ 		0
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.207.148 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
148.207.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.meudinheiro.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 Feb 2021 07:50:16 GMT
via
1.1 google
alt-svc
clear
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.meudinheiro.xyz
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
rid
match.adsrvr.org/track/ 		109 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186329
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.61.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-61-84.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f3c98611f8f32caa6629860c6134f95b569c17bdae68241fcb0570b4b9e26f60

Request headers

Referer
https://www.meudinheiro.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 Feb 2021 07:50:16 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.meudinheiro.xyz
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Mon, 29 Mar 2021 07:50:16 GMT
pixel;r=295394510;labels=Categories.personal-finance;rf=0;uht=2;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fwww.meudinheiro.xyz%2F;fpan=1;fpa=P0-1372949496-1614412216480;ns=0;ce=1;qjs=1;qv=fd8a15ce-2021021...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=295394510;labels=Categories.personal-finance;rf=0;uht=2;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fwww.meudinheiro.xyz%2F;fpan=1;fpa=P0-1372949496-1614412216480;ns=0;ce=1;qjs=1;qv=fd8a15ce-20210219171058;cm=;gdpr=0;ref=;d=meudinheiro.xyz;je=0;sr=1600x1200x24;dst=1;et=1614412216480;tzo=-60;ogl=
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.meudinheiro.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Feb 2021 07:50:16 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=2075899350&t=pageview&_s=1&dl=https%3A%2F%2Fwww.meudinheiro.xyz%2F&ul=en-us&de=UTF-8&dt=Meu%20Dinheiro%20%E2%80%93%20Dicas%20de%20Finan%C3%A7as%20%E2%80%93%20Dicas%20de%20finan%C3%A7as%20%E2%80%93%20cart%C3%B5es%20de%20cr%C3%A9dito%20e%20muito%20mais%20sobre%20dinheiro.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=915248584&gjid=1539838253&cid=927664717.1614412216&tid=UA-92841600-1&_gid=659603772.1614412216&_r=1&gtm=2ou2h0&z=1926589570
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.meudinheiro.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Feb 2021 07:50:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.meudinheiro.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
cmp
spl.zeotap.com/ Frame 0CF3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&id_mid_4=2efb6373-5ba5-46f8-6bea-360134046d64&reqId=1a24dabe-238f-4c5d-4616-6dbdbbdcf254&uc=2&zdid=1258&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&id_mid_4=2efb6373-5ba5-46f8-6bea-360134046d64&reqId=1a24dabe-238f-4c5d-4616-6dbdbbdcf254&uc=2&zdid=1258
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/cmp?env=mWeb&eventType=map&id_mid_4=2efb6373-5ba5-46f8-6bea-360134046d64&reqId=1a24dabe-238f-4c5d-4616-6dbdbbdcf254&uc=2&zdid=1258&cmp=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
zc=2efb6373-5ba5-46f8-6bea-360134046d64; zsc=%96%ACJ%DA%8E%D8%E1%B3%CC%96%84%E23qw_U%A4%B9%0A%84%AF%FAV%0D%D7%D9%15%E8%A2%B8%22%E4%B5%27%80%3C%06n%3E%13J%EA%EF%9E%E5%04%C7%3Dc%AF%85Jvm1%1A%BF%ECp%ECy%86C%DEq%D3w%E6%C8SM%00%04%22%1F0v%D0%7F%9D%C0%0CYX%F3%E5%F67%C0%C8%043%DE%28U%A1%C5%BC%BF%3FE%5B%B1%05
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map

Response headers

date
Sat, 27 Feb 2021 07:50:16 GMT
set-cookie
__cfduid=dd3e6b097c24750d241560946bceb79e91614412216; expires=Mon, 29-Mar-21 07:50:16 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
08841090ca0000145a32386000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
628050614afc145a-FRA
notifyme.php
adtrack.adleadevent.com/ 		0
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.230.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-230-227.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.meudinheiro.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:16 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Feb 2021 07:50:16 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://www.meudinheiro.xyz
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
docallbackinfo15626c37cd004f23ab2988a62928ae29.js
ui.clevernt.com/ 		694 B
1021 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ui.clevernt.com/docallbackinfo15626c37cd004f23ab2988a62928ae29.js
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.69.64.109 Porto, Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS
host-109.clevernetwork.pt
Software
nginx /
Resource Hash
afdc1e3230e9e7a3868a930a3378c56c04e0823ae295a62783a7c05b25ff36ba
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.meudinheiro.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
cache
date
Sat, 27 Feb 2021 07:50:16 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
strict-transport-security
max-age=15768000
expires
Sat, 27 Feb 2021 08:50:16 GMT
headerstats
as-sec.casalemedia.com/ 		0
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=415712&u=https%3A%2F%2Fwww.meudinheiro.xyz%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.meudinheiro.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:16 GMT
Server
Apache
Access-Control-Allow-Origin
https://www.meudinheiro.xyz
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Sat, 27 Feb 2021 07:50:16 GMT
/
lp.clevernetwork.pt/pokerstars/aa/ Frame 4200
Redirect Chain
  • https://sender.clevernt.com/transporter/48188.php?ppuc=1&ppu=0&id=495034&ref=aHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D&ruri=&r=714132450&tok=00484122702212148400&iv=-1&ctr=CH&sz=1200&wn=&res=160...
  • https://lp.clevernetwork.pt/pokerstars/aa/?group=48188&id=495034&ref=aHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw==&r=714132450&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1...
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lp.clevernetwork.pt/pokerstars/aa/?group=48188&id=495034&ref=aHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw==&r=714132450&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A=
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:447b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
445e41ca64d02ff5aef6a35d22fe32d076382adcf2e6478a5b76558f294f79b5

Request headers

:method
GET
:authority
lp.clevernetwork.pt
:scheme
https
:path
/pokerstars/aa/?group=48188&id=495034&ref=aHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw==&r=714132450&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.meudinheiro.xyz/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.meudinheiro.xyz/

Response headers

date
Sat, 27 Feb 2021 07:50:17 GMT
content-type
text/html
set-cookie
__cfduid=d6af8f834605d8b940ee0bc532059bedd1614412217; expires=Mon, 29-Mar-21 07:50:17 GMT; path=/; domain=.clevernetwork.pt; HttpOnly; SameSite=Lax; Secure
x-amz-id-2
spTHpaaoLsH+AiULvk8T3ev43zovb0Tndd4MqrmM9oqlpqyjNBD2FRVcD2jsR+FIgJwHKrC4PHw=
x-amz-request-id
4D08FC8CC85CBCE7
last-modified
Fri, 26 Feb 2021 13:47:16 GMT
cache-control
max-age=1800
cf-cache-status
MISS
cf-request-id
08841092bd00004aa3d6bd4000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6qwwyBbC172Y1ZYRG5IGvYugqulSOPbMO5Ki5cWkeqLIqjuMmVZiwX54WjLMSEYnPNdRtVsLTk8BcFCQnDPWq58tXwFgzzX9SE6FtKrz7Doz5R8IIBk0GsmT4W3apHoO"}]}
nel
{"max_age":604800,"report_to":"cf-nel"}
vary
Accept-Encoding
server
cloudflare
cf-ray
628050646c4d4aa3-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

server
nginx
date
Sat, 27 Feb 2021 07:50:16 GMT
content-type
text/html; charset=UTF-8
location
https://lp.clevernetwork.pt/pokerstars/aa/?group=48188&id=495034&ref=aHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw==&r=714132450&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A=
set-cookie
hstpv4user=eyJJRCI6Ijg3OTM0MTc4d2FuNjAzOWY5YjhlN2MwYSIsIkNUUiI6IkNIIiwiUmVnaW9uIjpudWxsLCJCcm93c2VyIjoiQ2hyb21lIiwiUGxhdGZvcm0iOiJNYWNPU1giLCJNb2JpbGUiOjAsIkJvdCI6MCwicmVtb3RlX2FkZHIiOiIzMTE0MDUzNDgzIiwiTGFzdFVwZGF0ZSI6MTYxNDQxMjIxNn0=; expires=1645948216; path=/; domain=.clevernt.com; SameSite=None; Secure
expires
Fri, 27 Jun 1986 23:00:00 GMT
last-modified
Sat, 27 Feb 2021 07:50:16 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
pragma
no-cache
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
32c37dc9434bdf2e6543b6bffaf90c5846c1515f2e2480d115fd865e9240b3c3

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
16a7b2007ea6375a98b53b67e626f89f26415cf82eb3b120f5426fcbbe62cde2

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
style.css
lp.clevernetwork.pt/pokerstars/aa/ Frame 4200 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lp.clevernetwork.pt/pokerstars/aa/style.css?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/?group=48188&id=495034&ref=aHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw==&r=714132450&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:447b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b78eadc03cee4c5ad476d3df8de773727e25c4952cc4d615fa5203d439c8095

Request headers

Referer
https://lp.clevernetwork.pt/pokerstars/aa/?group=48188&id=495034&ref=aHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw==&r=714132450&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3229
cf-polished
origSize=7159
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
2A75BB253D1AD99F
x-amz-id-2
Of3/EYDrNSny4iwRROUpgoCx3AHRHTz2BnMKhQhCEt41fz02RhELDmBPmN0Q6aOsLUbcexq7m3I=
last-modified
Thu, 18 Feb 2021 11:54:26 GMT
server
cloudflare
etag
W/"c56149724e0ef3794776547dd9150296"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FcpJkztEprWawbmWkqR7A4fT68%2B%2Bln9Z8c9PIyBtv1y4%2BLoX95MEur8zTNdlWApZ6AEs1KsuqN15iFSYwL%2FOWcEHcgnLf4%2BgbSmiHPBpfqOB924g44xNCSC8yMbwLpky"}]}
content-type
text/css
cache-control
max-age=1800
cf-request-id
088410931200004aa3e4bf5000000001
cf-ray
62805064ed024aa3-FRA
cf-bgj
minify
logo.png
lp.clevernetwork.pt/pokerstars/aa/imgs/ Frame 4200 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.clevernetwork.pt/pokerstars/aa/imgs/logo.png?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/?group=48188&id=495034&ref=aHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw==&r=714132450&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:447b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
744f85a7207ab76af9bea325844f5c39d6b3ae642acfbb4076e1e29d5cc10d57

Request headers

Referer
https://lp.clevernetwork.pt/pokerstars/aa/?group=48188&id=495034&ref=aHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw==&r=714132450&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:17 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3593
cf-ray
62805064ed054aa3-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7460
x-amz-id-2
zW5z7gZk8Q1SzFMvb5CTiKsGs/VVHc+gPby92FGey71d06EmxssnHx/ydxT3XZz31eWPnOLGnXA=
last-modified
Thu, 18 Feb 2021 11:54:26 GMT
server
cloudflare
etag
"df1c65e3078c82895a1eb424b29af06b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ShBTjuedP6lYD3qb5OafTaOMDViBPNvSGfZv8fjb91x53N%2BJ7oTfZHIdo7s8tiENVewnKRrxJ4qp%2BWwPhp2s%2B1hOKqAZHxqOqQ3nzyzwNEXGNg0zvCXxOZiCvmwAqiym"}]}
x-amz-request-id
5A008AE798A0CA43
cache-control
max-age=1800
cf-request-id
088410931100004aa3d6bda000000001
accept-ranges
bytes
content-type
image/png
copy1-bannermobile.svg
lp.clevernetwork.pt/pokerstars/aa/imgs/ Frame 4200 		13 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.clevernetwork.pt/pokerstars/aa/imgs/copy1-bannermobile.svg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/?group=48188&id=495034&ref=aHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw==&r=714132450&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:447b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1760cd328d3f336d3501133d9ecdf357483011c1d8f06be2a773ee394c142718

Request headers

Referer
https://lp.clevernetwork.pt/pokerstars/aa/?group=48188&id=495034&ref=aHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw==&r=714132450&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3357
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
BA3DFD0AA442E943
x-amz-id-2
3TnPRgwlEZcw+1pfzF92N1FKRR5cIphz6QqFyFpcS0KtN/TxLwc5sz7mANLtYIyYQvNOJLB618s=
last-modified
Thu, 18 Feb 2021 11:54:26 GMT
server
cloudflare
etag
W/"5f5445912d9549b9e290e44d55e5ff54"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2vywZe45IVZZ59veyenoqGzjiBIEcxJ%2FbhW6cWoOPp1cLwnq9WpdbCr2MgZPnHEGq6oQezYcFzFUvYMe4UTUpFt%2FMch1g6O5IT6FmahnbXhFjKTVOfd%2FOFUHJ1k%2ByOhC"}]}
content-type
image/svg+xml
cache-control
max-age=1800
cf-request-id
088410931200004aa3dea3a000000001
cf-ray
62805064ed0e4aa3-FRA
copy1-mobile.svg
lp.clevernetwork.pt/pokerstars/aa/imgs/ Frame 4200 		10 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.clevernetwork.pt/pokerstars/aa/imgs/copy1-mobile.svg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/?group=48188&id=495034&ref=aHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw==&r=714132450&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:447b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1536a4fcb5484555abbe06364bdcc0715a7ad07cdd81dea52fc0cb459bf216b7

Request headers

Referer
https://lp.clevernetwork.pt/pokerstars/aa/?group=48188&id=495034&ref=aHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw==&r=714132450&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3083
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
2F5C57DA65F18E28
x-amz-id-2
RMz4zUYJiTek827NqSErS6zHVulX6eg1JksQDAQTDSnlZgc3H7+3YiOyPXnvYtP/rjMqvouVh8E=
last-modified
Thu, 18 Feb 2021 11:54:26 GMT
server
cloudflare
etag
W/"f51291e7901209034e77976142cfc72f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rPQXry%2FanSd7eYSQIjoITFn4%2BV4TFX6oNsmuzwJ5eoW3pySQ%2BZXtENWrdTw6d620obvRrv2Gn0kkCU1X6HRmx6w1cGR2LnacrQr07TO43WyaU95alEyfk1tcwzjmZ9B5"}]}
content-type
image/svg+xml
cache-control
max-age=1800
cf-request-id
088410931200004aa3ab02f000000001
cf-ray
62805064ed0f4aa3-FRA
copy1-Interstitial.svg
lp.clevernetwork.pt/pokerstars/aa/imgs/ Frame 4200 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.clevernetwork.pt/pokerstars/aa/imgs/copy1-Interstitial.svg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/?group=48188&id=495034&ref=aHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw==&r=714132450&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:447b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c1aa1fc1b2c3981ac9d3d98fa124a90a6261986aa520225d1ffe027f8fa1ec0

Request headers

Referer
https://lp.clevernetwork.pt/pokerstars/aa/?group=48188&id=495034&ref=aHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw==&r=714132450&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3593
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
69FFBDCD4B660FA6
x-amz-id-2
AodlDJW/518oyc9sh4FqxAyxsiv9qjpzcXEmG9qHbZNmt11BFfq5ySpW46x3Zsf27xr1N5zykAA=
last-modified
Thu, 18 Feb 2021 11:54:26 GMT
server
cloudflare
etag
W/"efc9661aad028e1bd55e561bdd8da455"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WdTwqNiAWl6Y2b7bjyGPhCSa6Kwk%2F0%2F1mCiHHffd7Q6j8zNKvLUsy%2BzvxuxvALIEOWuNfN7H%2BnNu1zfDQXKaC%2BM77G%2BJNz2eHsKN%2FnFWUZxeY2LfxjMOZ3DAVHjfAhfR"}]}
content-type
image/svg+xml
cache-control
max-age=1800
cf-request-id
088410931200004aa3e43f7000000001
cf-ray
62805064ed104aa3-FRA
copy2-Interstitial.svg
lp.clevernetwork.pt/pokerstars/aa/imgs/ Frame 4200 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.clevernetwork.pt/pokerstars/aa/imgs/copy2-Interstitial.svg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/?group=48188&id=495034&ref=aHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw==&r=714132450&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:447b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53738c67f8690689a3a6b8eacba10507214031bb2f533133d05d202b080e1e58

Request headers

Referer
https://lp.clevernetwork.pt/pokerstars/aa/?group=48188&id=495034&ref=aHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw==&r=714132450&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3083
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
300C12F3D571D475
x-amz-id-2
uHVv2CLzBJgAljYbsjWNB8TBF/U4ZDylGTJp3lQAZ6E/0ABHS/H7HSjrSjYW0xSAliwTmi3H1e0=
last-modified
Thu, 18 Feb 2021 11:54:26 GMT
server
cloudflare
etag
W/"e1ad1a0b652586cf0558a24e5b9265e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qUO3xeP7IU4BaKAmIHXAw3pqtf2DDpbKWsJL2reLXomr5omAouqv68q6FwKdMqlG9WirtWwl68%2BRaAeLhTRyXzi0Fr%2FOr8U5i9BNusCv5BTgwkEsv%2FNt2hD9LxHU%2F013"}]}
content-type
image/svg+xml
cache-control
max-age=1800
cf-request-id
088410931300004aa3cea12000000001
cf-ray
62805064ed114aa3-FRA
copy3.svg
lp.clevernetwork.pt/pokerstars/aa/imgs/ Frame 4200 		36 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.clevernetwork.pt/pokerstars/aa/imgs/copy3.svg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/?group=48188&id=495034&ref=aHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw==&r=714132450&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:447b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b16975fe48dabe2e4674d67d3541badf178ed468241a34c1c6631b5a71e573c0

Request headers

Referer
https://lp.clevernetwork.pt/pokerstars/aa/?group=48188&id=495034&ref=aHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw==&r=714132450&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3083
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
662430A65ADE8C49
x-amz-id-2
3kh3qcLXXaQLBbTy1Sl+7hlPNYS0CRbBNh7MgD/R/SDPRWT0vN3GTKxzqU3oiW+kYT9Zd2EnXZY=
last-modified
Sat, 20 Feb 2021 16:30:36 GMT
server
cloudflare
etag
W/"c78d32fc90a18c43f6d57144bcf0b5da"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IwTxT%2FTzD23gzDcGZGjScO%2FkOO9MUbz3XRzK%2FPS%2BdQEvp45fR9c8PTRzE1nDsvin7UFdsLvZhlTEhhwr5Eg50ehR0B7YTQ0PHGg92A28quE6leZ2BrRz%2FEq8ALfiOSuN"}]}
content-type
image/svg+xml
cache-control
max-age=1800
cf-request-id
088410931300004aa3d6bdc000000001
cf-ray
62805064ed124aa3-FRA
cta.svg
lp.clevernetwork.pt/pokerstars/aa/imgs/ Frame 4200 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.clevernetwork.pt/pokerstars/aa/imgs/cta.svg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/?group=48188&id=495034&ref=aHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw==&r=714132450&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:447b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c0f29539692165c3704acc7f7e2565f01a47f36bfd4938ebf76113b1b49d1eb

Request headers

Referer
https://lp.clevernetwork.pt/pokerstars/aa/?group=48188&id=495034&ref=aHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw==&r=714132450&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3592
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
449941FDE6F96494
x-amz-id-2
4ojEsmolgXyJSgaYAcwmz8T3CqE+bZel80lwq9A/d7XHCI8sP9KB9fiXrpCHK0l+Ro5jUNCnnHQ=
last-modified
Thu, 18 Feb 2021 11:54:26 GMT
server
cloudflare
etag
W/"c969960e47c2a5f7629d16407ff624d2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UzfyzeBCfOkRQFRqeKmjjDlOG8ttP%2B4ThX79OqIf23bLa5QMrk9c%2B4ykQr6grDuDwvAPFma4GFVBDLQYs0uX6ZWNJab5POoDvGBjh4GH1tduP8xM6Mw7Pb%2FVD58DJMRp"}]}
content-type
image/svg+xml
cache-control
max-age=1800
cf-request-id
088410931300004aa38f959000000001
cf-ray
62805064ed134aa3-FRA
cta-mobile.svg
lp.clevernetwork.pt/pokerstars/aa/imgs/ Frame 4200 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.clevernetwork.pt/pokerstars/aa/imgs/cta-mobile.svg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/?group=48188&id=495034&ref=aHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw==&r=714132450&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:447b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7db055cbb1d8d048dde5759adefa774ae430836523a466a5e351c69db5220862

Request headers

Referer
https://lp.clevernetwork.pt/pokerstars/aa/?group=48188&id=495034&ref=aHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw==&r=714132450&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3592
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
E83A0B3B7F33E413
x-amz-id-2
/KD4XvcBU+nVkIEXS3Mb+LhNzZkKFl1JCWpAwIM3sEamLHhEJkG/1YFbQljk9b642fN21XiNnnM=
last-modified
Thu, 18 Feb 2021 11:54:26 GMT
server
cloudflare
etag
W/"fd02d53e6bde89c52d91248822edba6f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uuPv%2F3DYMB9kPdXv1C9zp%2F3cRaueSbMlnPfMtW7N0WK8hvKLZ1cclI8RDGOaxANFf7XMv4DrKsJJJssPO6FlYlNyZapZzFqWJKNWKl5ybikypWlXLX5aHarpqdvUSRpI"}]}
content-type
image/svg+xml
cache-control
max-age=1800
cf-request-id
088410931300004aa30d098000000001
cf-ray
62805064ed144aa3-FRA
steps1-mobile.svg
lp.clevernetwork.pt/pokerstars/aa/imgs/ Frame 4200 		83 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.clevernetwork.pt/pokerstars/aa/imgs/steps1-mobile.svg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/?group=48188&id=495034&ref=aHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw==&r=714132450&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:447b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc420bfbeb7f621a48d230cde485c0d3b86922a107b6d5b8bac405f025d4b206

Request headers

Referer
https://lp.clevernetwork.pt/pokerstars/aa/?group=48188&id=495034&ref=aHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw==&r=714132450&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3357
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
1456D1102939CF4B
x-amz-id-2
0VbZJPKb7ewNBka3hLS/0HVPF8gqAzobv0pKQY4zkxtW2lAjnz1RQbGZ+EdWGwF8YqO0Nb+Ga28=
last-modified
Thu, 18 Feb 2021 11:54:26 GMT
server
cloudflare
etag
W/"12e5320899dd41f4174bc9a8d4f8fc01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BjDoaK%2BIwN69CQXuEtRArToMqIQVYAZ1afxkP0yxzST64F9qJsDWVQl4JwQK6OeMolxlm2PfsJOtygh4ua1qVTY8kYqhvJqRFi%2By0h0H%2FUXsfGz%2FIfsfpwWorYsmSKjV"}]}
content-type
image/svg+xml
cache-control
max-age=1800
cf-request-id
088410931300004aa3bc0e9000000001
cf-ray
62805064ed154aa3-FRA
steps1-Interstitial.svg
lp.clevernetwork.pt/pokerstars/aa/imgs/ Frame 4200 		82 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.clevernetwork.pt/pokerstars/aa/imgs/steps1-Interstitial.svg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/?group=48188&id=495034&ref=aHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw==&r=714132450&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:447b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87c34ac385475b568c6186c57988d07ea6ff53848e46194e32a9d0687b34e2aa

Request headers

Referer
https://lp.clevernetwork.pt/pokerstars/aa/?group=48188&id=495034&ref=aHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw==&r=714132450&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3587
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
6E842AB5A8B905D9
x-amz-id-2
6+rSm1o5lLVpJ+FLya7qT9KajqkQb75ll2u6Ka19prNaWmJ3XgmL4gRh+5DSUGMRBqIwET5YEFY=
last-modified
Thu, 18 Feb 2021 11:54:26 GMT
server
cloudflare
etag
W/"f57478f63dd3d044e8369215339a8541"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qjIXRcxqVD4HWBf0kKVUXeuII0qNqP5rvLuq36LSjzmTS372cQVunfWnBArHu0CWkxx9VEJ%2B15nvxe5bG%2BjHSpHtTOWmJNJlYe5qGT4ztyN723UcQh2RsjbPAQsJfV0a"}]}
content-type
image/svg+xml
cache-control
max-age=1800
cf-request-id
088410931300004aa38c9b8000000001
cf-ray
62805064ed164aa3-FRA
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ Frame 4200 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/?group=48188&id=495034&ref=aHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw==&r=714132450&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://lp.clevernetwork.pt/pokerstars/aa/?group=48188&id=495034&ref=aHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw==&r=714132450&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
cf-request-id
0884109329000017528a04e000000001
last-modified
Thu, 18 Feb 2021 13:46:54 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"602e6fce-3016"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2F5k%2B5yqTvL36c7tv%2FBYnMH2XOYb7hZdt%2BjWevam4Jt%2FT%2BMjVxkIR9G0la61o6D6u96sEemS8qtWm8hQt43QL5k7ID%2B5cGQ3M1O4LbSXqqWCek5DoOiAYLAO5d6LdVkJi"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
628050650b191752-FRA
expires
Mon, 01 Mar 2021 07:50:17 GMT
css
fonts.googleapis.com/ Frame 4200 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/style.css?v=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a7fd2f507fb6be0688ecc84e7adf8196e459a82d5051e1621dfa9a01d3224eba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://lp.clevernetwork.pt/pokerstars/aa/style.css?v=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 27 Feb 2021 07:20:44 GMT
server
ESF
date
Sat, 27 Feb 2021 07:50:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 Feb 2021 07:50:17 GMT
Cookie set /
www.pokerstars.com/ua/ Frame A3A0
Redirect Chain
  • https://secure.starsaffiliateclub.com/C.ashx?btag=a_174459b_1915c_&affid=2356410&siteid=174459&adid=1915&c=YSAALDTFIABAAWP
  • https://secure.starsaffiliateclub.com/C.ashx?btag=a_174459b_1915c_&affid=2356410&siteid=174459&adid=1915&c=YSAALDTFIABAAWP&AutoR=1
  • https://www.pokerstars.com/ua/?btag=a_174459b_1915c_YSAALDTFIABAAWP
  • https://www.pokerstars.com/ua/
46 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.pokerstars.com/ua/
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.211.98.229 , Isle Of Man, ASN48536 (FILCO-AS, IM),
Reverse DNS
98-229.colo.sta.blacknight.ie
Software
Apache /
Resource Hash
0900dc4ebddedd0f448f4a3ee04b7fe3dd6e4ef9df4573a8bb2321e847d77c3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Host
www.pokerstars.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://lp.clevernetwork.pt/pokerstars/aa/?group=48188&id=495034&ref=aHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw==&r=714132450&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://lp.clevernetwork.pt/pokerstars/aa/?group=48188&id=495034&ref=aHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw==&r=714132450&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A=

Response headers

Date
Sat, 27 Feb 2021 07:50:17 GMT
Server
Apache
Set-Cookie
geoip_country=CH; path=/; domain=www.pokerstars.com NSC_hfofsbmIptut-8001=ffffffff0943140845525d5f4f58455e445a4a422971;expires=Sat, 27-Feb-2021 07:52:17 GMT;path=/;secure;httponly
Vary
User-Agent,Accept-Encoding
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
8875
Keep-Alive
timeout=5, max=125
Connection
Keep-Alive
Content-Type
text/html
Strict-Transport-Security
max-age=31536000

Redirect headers

Date
Sat, 27 Feb 2021 07:50:17 GMT
Server
Apache
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Expires
0
Set-Cookie
geoip_country=CH; path=/; domain=www.pokerstars.com sti=NWJ0G34bLDMTAgxocwJhKi0rJS8yNn5UDy4vKXAUPBN3T2EDJDYTUxBCIXVXFAlWSSRQb3RtJCtSGVxvdhFIVVU%2BaDxLVGx4ay1SZVgxDDpEfS5pdFNST04dFkYscxl8IDYTAhptfns9KhFORUg%2BNXpUAzQsL3oRPDcRKRZ%2FVz14X2gxKDYVWkV5F3YEKGRGHApgdnNET11TUFlCRRs1PVRJTgFhNgxzSmECJzIrMW4M; path=/ pti=NWJ0G34bLDMTAgxocwJhKi0rJS8yNn5UDy4vKXAUPBN3T2EDJDYTUxBCIXVXFAlWSSRQb3RtJCtSGVxvdhFIVVU%2BaDxLVGx4ay1SZVgxDDpEfS5pdFNST04dFkYscxl8IDYTAhptfns9KhFORUg%2BNXpUAzQsL3oRPDcRKRZ%2FVz14X2gxKDYVWkV5F3YEKGRGHApgdnNET11TUFlCRRs1PVRJTgFhNgxzSmECJzIrMW4M; path=/; expires=Sun, 27-Feb-2022 07:50:17 GMT promo_ia=a_174459b_1915c_YSAALDTFIABAAWP; path=/; expires=Sun, 27-Feb-2022 07:50:17 GMT sti2=NWJ0G34bLDMTAgxocwJhKi0rJS8yNn5UDy4vKXAUPBN3T2EDJDYTUxBCIXVXFAlWSSRQb3RtJCtSGVxvdhFIVVU%2BaDxLVGx4ay1SZVgxDDpEfS5pdFNST04dFkYscxl8IDYTAhptfns9KhFORUg%2BNXpUAzQsL3oRPDcRKRZ%2FVz14X2gxKDYVWkV5F3YEKGRGHApgdnNET11TUFlCRRs1PVRJTgFhNgxzSmECJzIrMW4M; domain=.pokerstars.com; path=/ pti2=NWJ0G34bLDMTAgxocwJhKi0rJS8yNn5UDy4vKXAUPBN3T2EDJDYTUxBCIXVXFAlWSSRQb3RtJCtSGVxvdhFIVVU%2BaDxLVGx4ay1SZVgxDDpEfS5pdFNST04dFkYscxl8IDYTAhptfns9KhFORUg%2BNXpUAzQsL3oRPDcRKRZ%2FVz14X2gxKDYVWkV5F3YEKGRGHApgdnNET11TUFlCRRs1PVRJTgFhNgxzSmECJzIrMW4M; domain=.pokerstars.com; path=/; expires=Sun, 27-Feb-2022 07:50:17 GMT stiram=NWJ0G34bLDMTAgxocwJhKi0rJS8yNn5UDy4vKXAUPBN3T2EDJDYTUxBCIXVXFAlWSSRQb3RtJCtSGVxvdhFIVVU%2BaDxLVGx4ay1SZVgxDDpEfS5pdFNST04dFkYsZQNhIFVYCFN0YXY9KhFTQ04%2BaDxLVGx4ay1SZVgxDDpEfS5pdFNBX05pJxoXLBthTjooc2gVAw4yKSotG09RRwUkCmFCLH8UPwh8GQoHLzEsYwZfT0NhL2NyYAZ0X0ZYEgkrY2tTUlonIC0yMHhUBTIsKkI%3D; domain=pokerstars.com; path=/ ptiram=NWJ0G34bLDMTAgxocwJhKi0rJS8yNn5UDy4vKXAUPBN3T2EDJDYTUxBCIXVXFAlWSSRQb3RtJCtSGVxvdhFIVVU%2BaDxLVGx4ay1SZVgxDDpEfS5pdFNST04dFkYsZQNhIFVYCFN0YXY9KhFTQ04%2BaDxLVGx4ay1SZVgxDDpEfS5pdFNBX05pJxoXLBthTjooc2gVAw4yKSotG09RRwUkCmFCLH8UPwh8GQoHLzEsYwZfT0NhL2NyYAZ0X0ZYEgkrY2tTUlonIC0yMHhUBTIsKkI%3D; domain=pokerstars.com; path=/; expires=Sun, 27-Feb-2022 07:50:17 GMT NSC_hfofsbmIptut-8001=ffffffff0943140845525d5f4f58455e445a4a422971;expires=Sat, 27-Feb-2021 07:52:17 GMT;path=/;secure;httponly
Vary
User-Agent
Location
https://www.pokerstars.com/ua/
Keep-Alive
timeout=5, max=126
Connection
Keep-Alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
bg-bannermobile.jpg
lp.clevernetwork.pt/pokerstars/aa/imgs/ Frame 4200 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.clevernetwork.pt/pokerstars/aa/imgs/bg-bannermobile.jpg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/style.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:447b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0809079a0df54cccbea6c5171eb66ced5cb708e24ae9a477939955f68ce37524

Request headers

Referer
https://lp.clevernetwork.pt/pokerstars/aa/style.css?v=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:17 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2895
cf-ray
628050655dac4aa3-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9059
x-amz-id-2
i64C108pWcAHnwamDC+B1XrArkRQCxt5JILF8vLgZnef8ciAN7uusaiYvgB5C8zyxnQ+6o4pG5o=
last-modified
Thu, 18 Feb 2021 11:54:26 GMT
server
cloudflare
etag
"805c2bb7cd82577894c350a9bbb17824"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jAt9htfFCn07uLQROwLPPyWZSD14voiPkIo%2FomOAjHftUoCCGpRjsQzImSuKdDCrcRlYY4f0B5L8VWm296x9q6MilfX6tn3oMBX%2FWQQxAbTYCJPg94t8PL5n%2B34OEpWX"}]}
x-amz-request-id
0F29FC0284D77C33
cache-control
max-age=1800
cf-request-id
088410935800004aa39604e000000001
accept-ranges
bytes
content-type
image/jpeg
cf-bgj
h2pri
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 4200 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://lp.clevernetwork.pt
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Feb 2021 13:07:32 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
240165
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Thu, 24 Feb 2022 13:07:32 GMT
bg-pushmobile.jpg
lp.clevernetwork.pt/pokerstars/aa/imgs/ Frame 4200 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.clevernetwork.pt/pokerstars/aa/imgs/bg-pushmobile.jpg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/style.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:447b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc703dab29722d073f46611612fb3475b73ad131ce2113a0505ee34571afad91

Request headers

Referer
https://lp.clevernetwork.pt/pokerstars/aa/style.css?v=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:17 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1721
cf-ray
628050660ea24aa3-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14692
x-amz-id-2
SycupF7xZcJ+JUHFQo6v8laoA4oNhbqJ082O8dPHYqJLUUE45XmNgdxeZtmo06RGf6xsIMdb4X0=
last-modified
Thu, 18 Feb 2021 11:54:26 GMT
server
cloudflare
etag
"f0dcf95c34e65053e107f1e901bfdb59"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1IxiXKeuUfgBXgxTq9TUQyHSsBx0BmsNc5h3n%2FfZ%2BHsZzZ1Vm%2BCTy2B6%2FK8G2o34YSZ7CpMVi9RLVwolfD6%2FnZFky%2FGyU0J1igeI4z9PAR3ANtoouDxECjlomzwilmEN"}]}
x-amz-request-id
D81EA2DDBF531DE1
cache-control
max-age=1800
cf-request-id
08841093c600004aa3a09a0000000001
accept-ranges
bytes
content-type
image/jpeg
cf-bgj
h2pri
bg-pushdown.jpg
lp.clevernetwork.pt/pokerstars/aa/imgs/ Frame 4200 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.clevernetwork.pt/pokerstars/aa/imgs/bg-pushdown.jpg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/aa/style.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:447b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
315e17341889b49df782825122e591e3b9be6080269cd899049f2a33336d9a4a

Request headers

Referer
https://lp.clevernetwork.pt/pokerstars/aa/style.css?v=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:17 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2137
cf-ray
628050662ec94aa3-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
87472
x-amz-id-2
aRbp7BcaHmgXEhy1+ZlbCOZwcDgyioHOlUR8m1yHrrxvZ7zz5tXuM7jTrpJcE+VwoYVsJ7ys8sc=
last-modified
Thu, 18 Feb 2021 11:54:26 GMT
server
cloudflare
etag
"0a79740c152cd5134504758708f1d955"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SWhVp%2Feg80OjOO%2BXNHU8O%2BJRoRo9k9quHH%2FAPp40iG5CwkMzcu5wmlWr%2FHV2ZA%2Fhw1Hvh8wCcca93e7dSNvHiySRhYVunQuw%2FYI%2BPa14PuKCm%2FPnQJbKNEtigXAT8oYO"}]}
x-amz-request-id
17DCD18F57ACDB0D
cache-control
max-age=1800
cf-request-id
08841093d600004aa3fc002000000001
accept-ranges
bytes
content-type
image/jpeg
cf-bgj
h2pri
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 4200 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://lp.clevernetwork.pt
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 01:51:30 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:49 GMT
server
sffe
age
21527
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9180
x-xss-protection
0
expires
Sun, 27 Feb 2022 01:51:30 GMT
bootstrap.min.css
cmsstorage.rationalcdn.com/assets/ps/assets/common/bootstrap/css/ Frame A3A0 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/bootstrap/css/bootstrap.min.css
Requested by
Host: www.pokerstars.com
URL: https://www.pokerstars.com/ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-74-148.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8878fe76a9d5f812136977a768b0292a70190104050ce601f84fd75c92c2f35d

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:18 GMT
content-encoding
gzip
last-modified
Thu, 12 Nov 2015 11:26:08 GMT
server
Apache
etag
"54f2-5245635907400"
ntcoent-length
21746
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
private, max-age=439405
accept-ranges
bytes
content-length
4529
lib.js
cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/ Frame A3A0 		117 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/lib.js?v=2
Requested by
Host: www.pokerstars.com
URL: https://www.pokerstars.com/ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-74-148.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
70bf070ead0b1c4728fa295b5e98b14cf9b228c8ede128e726d4311654fcc585

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:18 GMT
content-encoding
gzip
last-modified
Mon, 15 Feb 2021 15:15:47 GMT
server
Apache
etag
"1d377-5bb6175da0ec0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
42733
config.js
cmsstorage.rationalcdn.com/assets/ps/assets/data/ps_com/ua-ua/ Frame A3A0 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/data/ps_com/ua-ua/config.js
Requested by
Host: www.pokerstars.com
URL: https://www.pokerstars.com/ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-74-148.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0946c4dd989713d446f69d063d2b393a66565bab9949cf0dfe2c6656934da36e

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:18 GMT
last-modified
Thu, 30 Jan 2020 09:42:39 GMT
server
Apache
etag
"19a2-59d58471821c0"
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
6562
casino.assetwrapper.js
cmsstorage.rationalcdn.com/assets/psc/assets/common/scripts/cross-ux/ Frame A3A0 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmsstorage.rationalcdn.com/assets/psc/assets/common/scripts/cross-ux/casino.assetwrapper.js
Requested by
Host: www.pokerstars.com
URL: https://www.pokerstars.com/ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-74-148.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
64796d852c2396b0cf83789e9047c36eb71ce0226ac63214f453b4548f42e021

Request headers

Origin
https://www.pokerstars.com
Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:18 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 09:30:51 GMT
server
Apache
etag
"83e-5b62cf2bf68c0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
865
cvl-active.js
cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/cross-ux/ Frame A3A0 		2 KB
878 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/cross-ux/cvl-active.js
Requested by
Host: www.pokerstars.com
URL: https://www.pokerstars.com/ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-74-148.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
37406e702700804191263694d80f23af99441f8f2add8d30d9c176265c9daa0e

Request headers

Origin
https://www.pokerstars.com
Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:18 GMT
content-encoding
gzip
last-modified
Mon, 22 May 2017 08:28:36 GMT
server
Apache
etag
"8e8-55018a843b500"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
696
PstrkIdManager.js
cmsstorage.rationalcdn.com/assets/ps/assets/tracking/ Frame A3A0 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/tracking/PstrkIdManager.js
Requested by
Host: www.pokerstars.com
URL: https://www.pokerstars.com/ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-74-148.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7860b542cd2448a7ff2601a39d8817bf569fe078d2518e40236030abce5310da

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:18 GMT
content-encoding
gzip
last-modified
Mon, 08 Feb 2021 15:55:57 GMT
server
Apache
etag
"3a45-5bad5349c1d40"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
4985
mmcore.js
service.maxymiser.net/cdn/pokerstarscom/js/ Frame A3A0 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.maxymiser.net/cdn/pokerstarscom/js/mmcore.js
Requested by
Host: www.pokerstars.com
URL: https://www.pokerstars.com/ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.136.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-136-111.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c918f28e6a0ecc5bc0eb34bfe068e2d106a20f2c4c363587a952b0bdf84fbbd5

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:18 GMT
content-encoding
gzip
last-modified
Wed, 03 Aug 2016 10:41:23 GMT
server
AkamaiNetStorage
etag
"c0e92c9731c59c3240edc7a644aa9d04:1470220883"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
content-length
8705
homepage.css
cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/ Frame A3A0 		70 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Requested by
Host: www.pokerstars.com
URL: https://www.pokerstars.com/ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-74-148.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b7e327a33ffec79dd819a9186c549ad959f9f7184d5f9c10faec851b5210c064

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cteonnt-length
71481
date
Sat, 27 Feb 2021 07:50:18 GMT
content-encoding
gzip
last-modified
Tue, 24 Nov 2020 17:13:49 GMT
server
Apache
etag
"11739-5b4dd6f24ad40"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
private, max-age=1132890
accept-ranges
bytes
content-length
12788
css
fonts.googleapis.com/ Frame A3A0 		8 KB
793 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,greek,vietnamese
Requested by
Host: www.pokerstars.com
URL: https://www.pokerstars.com/ua/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b534bf5439e6346255cdfe8506bf01a71925106f3323dff2eccf2e7266b06929
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 27 Feb 2021 07:50:18 GMT
server
ESF
date
Sat, 27 Feb 2021 07:50:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 Feb 2021 07:50:18 GMT
ps_com_ua-ua.css
cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/overrides/ Frame A3A0 		0
139 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/overrides/ps_com_ua-ua.css
Requested by
Host: www.pokerstars.com
URL: https://www.pokerstars.com/ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-74-148.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:18 GMT
last-modified
Tue, 06 Mar 2018 09:55:27 GMT
server
Apache
etag
"0-566bb712941c0"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
0
loading-frame-1.jpg
cmsstorage.rationalcdn.com/assets/ps/assets/common/videos/ Frame A3A0 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/videos/loading-frame-1.jpg
Requested by
Host: www.pokerstars.com
URL: https://www.pokerstars.com/ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-74-148.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
063d8d9dd28ae87cfa41724da6afe5931c3dccb4b7f8f04cafb51efe8eff5393

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:18 GMT
last-modified
Mon, 18 Jan 2021 17:20:54 GMT
server
Apache
etag
"17c76-5b92ff1bf4980"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
97398
community-twitch.jpg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/global-one-col/ Frame A3A0 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/global-one-col/community-twitch.jpg
Requested by
Host: www.pokerstars.com
URL: https://www.pokerstars.com/ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-74-148.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d8453c0d4be5e4379a0620dc5c8a7a1d3a410a5f78ba0c379c5b840f7d9ae19c

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:18 GMT
last-modified
Tue, 20 Oct 2020 07:12:00 GMT
server
Apache
etag
"a044-5b214f26ef000"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
41028
community-ambassadors.jpg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/global-one-col/ Frame A3A0 		156 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/global-one-col/community-ambassadors.jpg
Requested by
Host: www.pokerstars.com
URL: https://www.pokerstars.com/ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-74-148.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8461d16dc5f56ee0d99897735abac9c47be6d3808e47a967ba546f69b89a2215

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:18 GMT
last-modified
Mon, 25 Jan 2021 15:08:45 GMT
server
Apache
etag
"26f32-5b9baea07f940"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
159538
facebook.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/ Frame A3A0 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/facebook.svg
Requested by
Host: www.pokerstars.com
URL: https://www.pokerstars.com/ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-74-148.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6aa11e842888cd75c787ba6e59d03d8139f93af3da4876c39b7d1600124a126c

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:18 GMT
content-encoding
gzip
last-modified
Tue, 27 Nov 2018 11:38:33 GMT
server
Apache
etag
"774-57ba3e3a9e040"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
913
twitter.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/ Frame A3A0 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/twitter.svg
Requested by
Host: www.pokerstars.com
URL: https://www.pokerstars.com/ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-74-148.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5ff86f271c2c50f1074477420ba9679ed243b281f5cfb7f66129bdf5eea43c24

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:18 GMT
content-encoding
gzip
last-modified
Tue, 27 Nov 2018 11:38:34 GMT
server
Apache
etag
"a1a-57ba3e3b92280"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
1080
youtube.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/ Frame A3A0 		1 KB
895 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/youtube.svg
Requested by
Host: www.pokerstars.com
URL: https://www.pokerstars.com/ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-74-148.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3bca67455c27a03bbaa0a91d29cbf8d2080c9c46e81f914d380528dd2e8c23cb

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:18 GMT
content-encoding
gzip
last-modified
Tue, 27 Nov 2018 12:48:01 GMT
server
Apache
etag
"573-57ba4dc188240"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
718
twitch.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/ Frame A3A0 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/twitch.svg
Requested by
Host: www.pokerstars.com
URL: https://www.pokerstars.com/ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-74-148.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4bfcd81b1c8cb16dbef3943b9e226283221681bd87a4ebd2ffd169bcd9586597

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:18 GMT
content-encoding
gzip
last-modified
Tue, 27 Nov 2018 11:38:34 GMT
server
Apache
etag
"8cb-57ba3e3b92280"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
993
instagram.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/ Frame A3A0 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/instagram.svg
Requested by
Host: www.pokerstars.com
URL: https://www.pokerstars.com/ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-74-148.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
de2d174b8956ce02c80601c3f05b3033fd83b4607df0b2700b919d9d12653365

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:18 GMT
content-encoding
gzip
last-modified
Tue, 27 Nov 2018 11:38:33 GMT
server
Apache
etag
"6b7-57ba3e3a9e040"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
899
starscrm.config.json
starscrm.com/ Frame A3A0 		77 B
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://starscrm.com/starscrm.config.json?bust=1614412218171
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/psc/assets/common/scripts/cross-ux/casino.assetwrapper.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.87.179.68 Onchan, Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
Apache /
Resource Hash
0977875c5974eb789be0e9ffe818ec53a6c9a67cb9a22390b618b8316e9a5c5a

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:50:18 GMT
Last-Modified
Tue, 19 Jan 2021 15:53:51 GMT
Server
Apache
MyHeader
member143
ETag
"4d-5b942d84601c0"
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With
Content-Length
77
Keep-Alive
timeout=15, max=172
tag.js
s.btstatic.com/ Frame A3A0 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.btstatic.com/tag.js
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/tracking/PstrkIdManager.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.218.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-218-125.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
03f57788464aacc762395c050df417bcab6f9f8159c15e237fbec864c93895c0

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:50:18 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Feb 2021 17:29:14 GMT
Server
nginx
Vary
Accept-Encoding
P3P
CP=NOI DSP COR NID
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
12487
js
pixel.mathtag.com/sync/ Frame A3A0 		649 B
972 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/sync/js?cs_jsonp=pstrkIdManager.mmUuidSync&mt_nsync=1
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/tracking/PstrkIdManager.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 3518 2f03077 master cdg-pixel-x5 /
Resource Hash
8f882effe5170862c1fb6c36141ab8fa98e3a88ca5d7c217e445ba46ad065913

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:50:18 GMT
Server
MT3 3518 2f03077 master cdg-pixel-x5
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
649
Expires
Sat, 27 Feb 2021 07:50:53 GMT
/
service.maxymiser.net/cg/v5/ Frame A3A0 		81 B
335 B 		Script
General
Check archive.org
Download Go to
Full URL
https://service.maxymiser.net/cg/v5/?fv=dmn%3Dpokerstars.com%3Bref%3Dhttps%253A%252F%252Flp.clevernetwork.pt%252Fpokerstars%252Faa%252F%253Fgroup%253D48188%2526id%253D495034%2526ref%253DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%253D%253D%2526r%253D714132450%2526tracker%253DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%252FYnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OS%3Burl%3Dhttps%253A%252F%252Fwww.pokerstars.com%252Fua%252F%3Bscrw%3D1600%3Bscrh%3D1200%3Bclrd%3D24%3Bcok%3D0&lver=1.8&jsncl=mmRequestCallbacks%5B1%5D&ri=1&lto=60&jsver=5.13.2
Requested by
Host: service.maxymiser.net
URL: https://service.maxymiser.net/cdn/pokerstarscom/js/mmcore.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.136.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-136-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9c0ab5fc5916ddf8b9395ad401e9b5a482adf6d033ddbd865ad0eb3e56d06378
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Feb 2021 07:50:18 GMT
x-content-type-options
nosniff
last-modified
02/27/2021 07:50:18
server
nginx
p3p
CP="DEV IND NOI OTC OUR PSA PSD"
cache-control
no-store, no-cache, must-revalidate,post-check=0, pre-check=0
content-type
text/javascript; charset=utf-8
content-length
81
expires
Sun, 06 Jan 1980 01:00:00 GMT
require.min.js
cashier.rationalcdn.com/common/libs-2.1.20/ Frame A3A0 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cashier.rationalcdn.com/common/libs-2.1.20/require.min.js
Requested by
Host: www.pokerstars.com
URL: https://www.pokerstars.com/ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
14a4c5164ea7f47bccc702e8e5744681e8aa0a21d513a820e231f3d921e14c0b

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:18 GMT
content-encoding
gzip
last-modified
Sun, 04 Sep 2016 11:39:34 GMT
server
Apache
etag
"3cc8-53bad04796980"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With
content-length
6356
languages.xml
cmsstorage.rationalcdn.com/assets/ps/assets/data/ps_com/ Frame A3A0 		765 B
922 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/data/ps_com/languages.xml?&sid=0.22697894106979954
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-74-148.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0c4222c854d0a37659ecb2e0657971e360743d1fc5e264798b1881332ecb82c3

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:18 GMT
last-modified
Thu, 30 Jan 2020 09:42:25 GMT
server
Apache
etag
"2fd-59d5846428240"
content-type
application/xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
765
poker-txt-v2.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/360/ Frame A3A0 		1 KB
887 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/360/poker-txt-v2.svg
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-74-148.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
357a9f9be68be9e860cd648f2edee77a8d1b2dbcdab6659afe983ede2db5229b

Request headers

Referer
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:18 GMT
content-encoding
gzip
last-modified
Tue, 28 Apr 2020 09:38:27 GMT
server
Apache
etag
"542-5a45697f34ac0"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
711
bars.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/ Frame A3A0 		1 KB
642 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/bars.svg
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-74-148.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c714ebb416fa0b15b725220bca8fbe1cbe2899605b8ef833f1de1f4f66169122

Request headers

Referer
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:18 GMT
content-encoding
gzip
last-modified
Fri, 27 Jul 2018 08:53:19 GMT
server
Apache
etag
"501-571f73e431dc0"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
465
poker-m.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/ Frame A3A0 		2 KB
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/poker-m.svg
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-74-148.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dbad85147b47c3c3e23ec704c9e572676c3b4481eff7e77b6765fea11f252b9d

Request headers

Referer
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:18 GMT
content-encoding
gzip
last-modified
Fri, 27 Jul 2018 09:08:36 GMT
server
Apache
etag
"69c-571f774eb6d00"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
763
close-black.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/ Frame A3A0 		1 KB
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/close-black.svg
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-74-148.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c65c4b1dcc3c11c6915571a25e4fe32162717f669d2cfa28517285b17bf2cdc6

Request headers

Referer
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:18 GMT
content-encoding
gzip
last-modified
Fri, 27 Jul 2018 08:53:19 GMT
server
Apache
etag
"54b-571f73e431dc0"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
597
close.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/ Frame A3A0 		1 KB
775 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/close.svg
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-74-148.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
37dd1e25d8ce3db5ce2d3a76064ee6063058bbd5f1555ea55ad002d083402dc7

Request headers

Referer
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:18 GMT
content-encoding
gzip
last-modified
Wed, 25 Apr 2018 14:08:23 GMT
server
Apache
etag
"54b-56aaccdc963c0"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
598
poker.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/360/ Frame A3A0 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/360/poker.svg
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-74-148.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
137e4d3d675eaf33f19407ccb1b72948d5669883329c020103f551c7a463fc4f

Request headers

Referer
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:18 GMT
content-encoding
gzip
last-modified
Tue, 21 Jan 2020 09:18:30 GMT
server
Apache
etag
"c82-59ca2e427c580"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
1380
poker-txt.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/360/ Frame A3A0 		1 KB
944 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/360/poker-txt.svg
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-74-148.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
aa1158b44f51119c26a4cdc3be24e7180797346aa5d835d7e61dad271cb59f59

Request headers

Referer
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:18 GMT
content-encoding
gzip
last-modified
Fri, 24 Jan 2020 13:59:32 GMT
server
Apache
etag
"5a2-59ce32abb9900"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
767
questionmark.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/ Frame A3A0 		1 KB
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/questionmark.svg
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-74-148.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9758131604411364017f6f7e517a004fd46c54ff8dc605d4c2af7ee42e2a8400

Request headers

Referer
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:18 GMT
content-encoding
gzip
last-modified
Fri, 27 Jul 2018 08:53:19 GMT
server
Apache
etag
"594-571f73e431dc0"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
755
right-arrow.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/ Frame A3A0 		1 KB
813 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/right-arrow.svg
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-74-148.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
781f29dcc6e03cbf0c62e3a9b0956dd06447878e5e0ed38ed349fabcd9c4b2d4

Request headers

Referer
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:18 GMT
content-encoding
gzip
last-modified
Fri, 27 Jul 2018 08:53:19 GMT
server
Apache
etag
"537-571f73e431dc0"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
636
down-arrow.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/ Frame A3A0 		1 KB
814 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/down-arrow.svg
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-74-148.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bd205ffe59aa5dbad8d578251c5f0a3af93f88dafaa33628f00d99ffc3eca7c4

Request headers

Referer
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:18 GMT
content-encoding
gzip
last-modified
Fri, 27 Jul 2018 08:53:19 GMT
server
Apache
etag
"533-571f73e431dc0"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
637
footer-small.png
s4.rationalcdn.com/img/bg/estate/ Frame A3A0 		462 KB
464 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s4.rationalcdn.com/img/bg/estate/footer-small.png
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
433674676291fa4acfb1be7f6e458c43afc5f44d96ddba17e0a186677c75ab0b

Request headers

Referer
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:18 GMT
last-modified
Thu, 29 Oct 2020 15:56:14 GMT
server
AkamaiNetStorage
etag
"994388838ca4d2b47dda0d453731e187:1603986974.361162"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
473455
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame A3A0 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,greek,vietnamese
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.pokerstars.com
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,greek,vietnamese
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 16:23:45 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
314793
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Wed, 23 Feb 2022 16:23:45 GMT
KFOlCnqEu92Fr1MmSU5fABc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ Frame A3A0 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fABc4AMP6lbBP.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,greek,vietnamese
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4398e863ecd066e77ee4180c582e45424471d757666f8541b10c8e95685b5ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.pokerstars.com
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,greek,vietnamese
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 08:54:30 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:34 GMT
server
sffe
age
82548
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6720
x-xss-protection
0
expires
Sat, 26 Feb 2022 08:54:30 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame A3A0 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,greek,vietnamese
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.pokerstars.com
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,greek,vietnamese
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:00:41 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
60577
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11180
x-xss-protection
0
expires
Sat, 26 Feb 2022 15:00:41 GMT
KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ Frame A3A0 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,greek,vietnamese
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af2fdef955568dc79de38bfb097d53586855945811b638d6c41513bd62e25cc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.pokerstars.com
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,greek,vietnamese
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Feb 2021 14:26:31 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:37 GMT
server
sffe
age
235427
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6864
x-xss-protection
0
expires
Thu, 24 Feb 2022 14:26:31 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame A3A0 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,greek,vietnamese
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.pokerstars.com
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,greek,vietnamese
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 03:58:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
100300
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Sat, 26 Feb 2022 03:58:38 GMT
KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/ Frame A3A0 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,greek,vietnamese
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.pokerstars.com
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,greek,vietnamese
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 06:28:54 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:40 GMT
server
sffe
age
4884
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6720
x-xss-protection
0
expires
Sun, 27 Feb 2022 06:28:54 GMT
KFOlCnqEu92Fr1MmWUlfABc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ Frame A3A0 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfABc4AMP6lbBP.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,greek,vietnamese
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4512a0f507a7df3a354a3f552a4b34e2e642ce0e4902c002dfd1ce55e33abce4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.pokerstars.com
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,greek,vietnamese
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 21 Feb 2021 15:30:55 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:10 GMT
server
sffe
age
490763
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6824
x-xss-protection
0
expires
Mon, 21 Feb 2022 15:30:55 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame A3A0 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,greek,vietnamese
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.pokerstars.com
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,greek,vietnamese
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 10:19:06 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
77472
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11056
x-xss-protection
0
expires
Sat, 26 Feb 2022 10:19:06 GMT
resolveurls
ram.pokerstars.com/ram/info/ Frame A3A0 		143 B
976 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ram.pokerstars.com/ram/info/resolveurls?tag=starsrewards_widgetservice
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/cross-ux/cvl-active.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.87.179.149 Onchan, Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
app server /
Resource Hash
33fced4e196b8568ac416675e55f9fdbd36cc9c69ade70f52a527c4d28ce2f75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache, no-store
Access-Control-Allow-Headers
Content-Type
Server
app server
Date
Sat, 27 Feb 2021 07:50:18 GMT
X-Frame-Options
DENY
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://www.pokerstars.com
Cache-Control
private, no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=60
Expires
-86400
homepage-casino-royale.mp4
cmsstorage.rationalcdn.com/assets/ps/assets/common/videos/ Frame A3A0 		5 MB
5 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/videos/homepage-casino-royale.mp4
Requested by
Host: www.pokerstars.com
URL: https://www.pokerstars.com/ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.74.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-74-148.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c15c5491059d973562247f8126972afc1ba58eee0f4ae29a12b77e83224adf68

Request headers

Referer
https://www.pokerstars.com/ua/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

date
Sat, 27 Feb 2021 07:50:18 GMT
last-modified
Mon, 18 Jan 2021 17:03:33 GMT
server
Apache
access-control-allow-origin
*
etag
"485b89-5b92fb3b2e340"
content-type
video/mp4
Content-Range
bytes 0-4742024/4742025
cache-control
public, max-age=84600
accept-ranges
bytes
Content-Length
4742025
tag
s.thebrighttag.com/ Frame A3A0 		119 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.thebrighttag.com/tag?site=G58M8eX&referrer=https%3A%2F%2Fwww.pokerstars.com%2Fua%2F&docReferrer=https%3A%2F%2Flp.clevernetwork.pt%2Fpokerstars%2Faa%2F%3Fgroup%3D48188%26id%3D495034%26ref%3DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D%26r%3D714132450%26tracker%3DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A%3D&H=-1bfaipa
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.248.248.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-248-83.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
89d1ca5e6fa203a56ee6b04bce6389d4a450f14a47402daed4d9678e5907d730

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:18 GMT
content-encoding
gzip
Server
nginx
ETag
e4a9348bef3735032bf8299d2d39fbfc
P3P
CP=NOI DSP COR NID
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Type
text/javascript
Content-Length
8199
X-BT-RequestId
6f8c79e0-78d0-11eb-971b-0000ac150bd9
img
pixel.mathtag.com/misc/ Frame A3A0 		43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: www.pokerstars.com
URL: https://www.pokerstars.com/ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 3518 2f03077 master cdg-pixel-x15 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:50:18 GMT
Server
MT3 3518 2f03077 master cdg-pixel-x15
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 27 Feb 2021 07:50:54 GMT
bundle-prod.min.js
cashier.rationalcdn.com/starscrm/2.1.37/ Frame A3A0 		189 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cashier.rationalcdn.com/starscrm/2.1.37/bundle-prod.min.js
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/psc/assets/common/scripts/cross-ux/casino.assetwrapper.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
edb0e4cf9be90dfbe2da6e6415afb682a484cfeba0869c89a94345e2ba0ae3a0

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:18 GMT
content-encoding
gzip
last-modified
Tue, 19 Jan 2021 15:53:51 GMT
server
Apache
etag
"2f447-5b942d84601c0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With
content-length
63286
ram-config.js
ram.pokerstars.com/ Frame A3A0 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ram.pokerstars.com/ram-config.js
Requested by
Host: cashier.rationalcdn.com
URL: https://cashier.rationalcdn.com/common/libs-2.1.20/require.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.87.179.149 Onchan, Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
Apache /
Resource Hash
5e41f097e99c65bc28df363f8057cecf1ec40e188032fc92477ae15bb16754a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:50:18 GMT
Last-Modified
Tue, 23 Feb 2021 20:57:51 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
application/x-javascript
Connection
Keep-Alive
MyHeader
member143
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=144
Content-Length
1187
summary.json.js
www.psimg.com/datafeed/dyn_banners/ Frame A3A0 		526 B
836 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.psimg.com/datafeed/dyn_banners/summary.json.js?callback=netcount
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.87.180.198 , Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
Apache /
Resource Hash
fad796f400527cba6a2c12b072d901a2fe5202dc6e76a7c38139e8218324a26e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:50:18 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Feb 2021 07:49:49 GMT
Server
Apache
ETag
"20e-5bc4ca1111d44-gzip"
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=248
Content-Length
276
a0e0a2ff7ef8bd1133b01d9a743feb46beda5723.js
s.btstatic.com/lib/ Frame A3A0 		40 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.btstatic.com/lib/a0e0a2ff7ef8bd1133b01d9a743feb46beda5723.js?v=2
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.218.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-218-125.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
62d354ffc611b04d6f424a170012a988fefe4618084f17c78a529c4408f46285

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
Date
Sat, 27 Feb 2021 07:50:18 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Jan 2021 15:48:35 GMT
Server
nginx
ETag
"d3c668fbc6a8b84cc3cdf91b0af1b3b3"
Vary
Accept-Encoding
P3P
CP=NOI DSP COR NID
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
3617
vendor.js
cashier.rationalcdn.com/ram/2.2.44/ Frame A3A0 		208 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cashier.rationalcdn.com/ram/2.2.44/vendor.js
Requested by
Host: cashier.rationalcdn.com
URL: https://cashier.rationalcdn.com/common/libs-2.1.20/require.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7836cf85eaa098ab43a96109a682e08f077eba5ee7451866040d47417724d6bb

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:18 GMT
content-encoding
gzip
last-modified
Tue, 23 Feb 2021 14:25:20 GMT
server
Apache
etag
"33f84-5bc01b02b6988"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With
content-length
72739
analytics.js
www.google-analytics.com/ Frame A3A0 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/lib/a0e0a2ff7ef8bd1133b01d9a743feb46beda5723.js?v=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
6462
date
Sat, 27 Feb 2021 06:02:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Sat, 27 Feb 2021 08:02:36 GMT
trk.core.idm.js
www.psimg.com/ga/ Frame A3A0 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.psimg.com/ga/trk.core.idm.js
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/lib/a0e0a2ff7ef8bd1133b01d9a743feb46beda5723.js?v=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.87.180.198 , Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
Apache /
Resource Hash
cace0a2687006def3765aa8443ffc58d003a1897b6d69abcff0d4a3112c45ec3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:50:18 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Aug 2020 13:38:58 GMT
Server
Apache
ETag
"4090-5ac8613a6e94f-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=185
Content-Length
6009
83539b7e8cea2296f498f1910b4810156f08e280.js
s.btstatic.com/lib/ Frame A3A0 		1 KB
654 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.btstatic.com/lib/83539b7e8cea2296f498f1910b4810156f08e280.js?v=2
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.218.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-218-125.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
71d5e02da18d269fd345e5741358606a56af9c4709a53185242d5989b78abc1c

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:50:18 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Mar 2019 17:13:53 GMT
Server
nginx
ETag
"3d9b2a273f38ae9a6f683c41a0590a20"
Vary
Accept-Encoding
P3P
CP=NOI DSP COR NID
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
292
b2e63ccb7863279b58e183884d5de07935db8fc9.js
s.btstatic.com/lib/ Frame A3A0 		165 B
507 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.btstatic.com/lib/b2e63ccb7863279b58e183884d5de07935db8fc9.js?v=2
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.218.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-218-125.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c452dbda60c56a8e6583f9d582b02c1a7bd39e437bf137bf076cd41bd9725533

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:50:18 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Mar 2019 17:15:21 GMT
Server
nginx
ETag
"26753accd559a9a1bc40c1444e8a299f"
Vary
Accept-Encoding
P3P
CP=NOI DSP COR NID
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
145
ram.js
cashier.rationalcdn.com/ram/2.2.44/ Frame A3A0 		2 MB
416 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cashier.rationalcdn.com/ram/2.2.44/ram.js
Requested by
Host: cashier.rationalcdn.com
URL: https://cashier.rationalcdn.com/common/libs-2.1.20/require.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
46c1c4120586c8751e0e250a306cfcda773975daecbdcfa7480a3033d96e7a10

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:18 GMT
content-encoding
gzip
last-modified
Tue, 23 Feb 2021 14:25:20 GMT
server
Apache
etag
"1beb24-5bc01b02b61b8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With
content-length
424925
a9f6f2226caa736f24989b8d804c241eb722c9e5.js
s.btstatic.com/lib/ Frame A3A0 		159 B
507 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.btstatic.com/lib/a9f6f2226caa736f24989b8d804c241eb722c9e5.js?v=2
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.218.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-218-125.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2d2602ee72623f30e96034575c2ee454a48f24338bf5bd40c6e09d877be41696

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:50:18 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Mar 2019 17:15:04 GMT
Server
nginx
ETag
"153af72ab81781c27284642861df8d85"
Vary
Accept-Encoding
P3P
CP=NOI DSP COR NID
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
145
BrightTag.jquery-1.5.1.js
s.btstatic.com/ Frame A3A0 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.btstatic.com/BrightTag.jquery-1.5.1.js
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.218.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-218-125.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1d878d54b9a998f52c94a6956310423cba9996302c42f60d9b7fe81da51992c7

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:50:18 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Feb 2021 17:50:36 GMT
Server
nginx
Vary
Accept-Encoding
P3P
CP=NOI DSP COR NID
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
29695
css
fonts.googleapis.com/ Frame A3A0 		8 KB
724 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Requested by
Host: www.pokerstars.com
URL: https://www.pokerstars.com/ua/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b534bf5439e6346255cdfe8506bf01a71925106f3323dff2eccf2e7266b06929
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 27 Feb 2021 07:50:18 GMT
server
ESF
date
Sat, 27 Feb 2021 07:50:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 Feb 2021 07:50:18 GMT
en.js
cashier.rationalcdn.com/ram/2.2.44/i18n/locales/ Frame A3A0 		310 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cashier.rationalcdn.com/ram/2.2.44/i18n/locales/en.js
Requested by
Host: cashier.rationalcdn.com
URL: https://cashier.rationalcdn.com/ram/2.2.44/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
128fbaa9e18cacff8b560ee5e1ddaf8b8646904a2195b85ccc8030006b91ed2f

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:18 GMT
content-encoding
gzip
last-modified
Mon, 22 Feb 2021 22:20:59 GMT
server
Apache
etag
"4d690-5bbf4376bd1de"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With
content-length
86974
resolvesite
ram.pokerstars.com/ram/info/ Frame A3A0 		562 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ram.pokerstars.com/ram/info/resolvesite
Requested by
Host: cashier.rationalcdn.com
URL: https://cashier.rationalcdn.com/ram/2.2.44/vendor.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.87.179.149 Onchan, Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
app server /
Resource Hash
5744926ed0da8295c7680642df08a4cf03cedfede56204a62c16a49b5b4021e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache, no-store
Access-Control-Allow-Headers
Content-Type
Server
app server
Date
Sat, 27 Feb 2021 07:50:18 GMT
X-Frame-Options
DENY
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://www.pokerstars.com
Cache-Control
private, no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=60
Expires
-86400
resolveurls
ram.pokerstars.com/ram/info/ Frame A3A0 		131 B
964 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ram.pokerstars.com/ram/info/resolveurls?tag=starsrewards_widget
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/cross-ux/cvl-active.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.87.179.149 Onchan, Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
app server /
Resource Hash
327d787d84d02c84f75a9b130f7e778bb25ab8994fdd3b6ed2665667fdbe27fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache, no-store
Access-Control-Allow-Headers
Content-Type
Server
app server
Date
Sat, 27 Feb 2021 07:50:18 GMT
X-Frame-Options
DENY
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://www.pokerstars.com
Cache-Control
private, no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=60
Expires
-86400
srwrds-path.js
rewards.starsaccount.com/widget/ Frame A3A0 		75 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rewards.starsaccount.com/widget/srwrds-path.js
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/cross-ux/cvl-active.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.87.178.197 , Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
Apache /
Resource Hash
f77f0ca0a011af69f54c878b3c3d7501b7d2b73ef0cf146829f2e5c90d532445

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:50:19 GMT
Last-Modified
Thu, 14 Jan 2021 13:07:31 GMT
Server
Apache
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
MyHeader
member143
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=67
Content-Length
75
js
pixel.mathtag.com/event/ Frame A3A0 		597 B
920 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/event/js?mt_id=398041&mt_adid=117394&
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 3518 2f03077 master cdg-pixel-x2 /
Resource Hash
acfa1f03ac087fc08ca7389b23f01c47b31c6d00d412a21d9342af3c070fff57

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:50:19 GMT
Server
MT3 3518 2f03077 master cdg-pixel-x2
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
597
Expires
Sat, 27 Feb 2021 07:50:54 GMT
fbevents.js
connect.facebook.net/en_US/ Frame A3A0 		91 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
jzoLbHPGO5s1ekMhdSQwT5DDUCEeLLwGSsbLrd08A1dpjnkhpEjYIvjn/+zJy6c5+mSVd8s3UVFXZ5J2EVbnrg==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Sat, 27 Feb 2021 07:50:19 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
6859decf69.js
cdn.tradelab.fr/tag/ Frame A3A0 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tradelab.fr/tag/6859decf69.js
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C07) /
Resource Hash
381328efe0f3a184401768b1d6f253af88b06961bf3d7caed91f66d9b70bc5ae

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:19 GMT
content-encoding
gzip
last-modified
Mon, 01 Feb 2021 15:23:52 GMT
server
ECAcc (mil/6C07)
age
583
etag
"3f77-5ba47f0ff127a-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length
5369
expires
Sat, 27 Feb 2021 08:20:19 GMT
activityi;dc_pre=CLmp4JbKie8CFQLs7QodtV8Bqw;src=8954552;type=rmcom0;cat=sg_we0;u27=119028166756485;ord=5006243135152.868;~oref=https%3A%2F%2Fwww.pokerstars.com%2Fua%2F
8954552.fls.doubleclick.net/ Frame C9F3
Redirect Chain
  • https://8954552.fls.doubleclick.net/activityi;src=8954552;type=rmcom0;cat=sg_we0;u27=119028166756485;ord=5006243135152.868;~oref=https%3A%2F%2Fwww.pokerstars.com%2Fua%2F
  • https://8954552.fls.doubleclick.net/activityi;dc_pre=CLmp4JbKie8CFQLs7QodtV8Bqw;src=8954552;type=rmcom0;cat=sg_we0;u27=119028166756485;ord=5006243135152.868;~oref=https%3A%2F%2Fwww.pokerstars.com%2...
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8954552.fls.doubleclick.net/activityi;dc_pre=CLmp4JbKie8CFQLs7QodtV8Bqw;src=8954552;type=rmcom0;cat=sg_we0;u27=119028166756485;ord=5006243135152.868;~oref=https%3A%2F%2Fwww.pokerstars.com%2Fua%2F
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
cafe /
Resource Hash
3b5a4306aab6277c32b8085c37c8e97a6e711f0645229b0911c5b69baa6c2481
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8954552.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CLmp4JbKie8CFQLs7QodtV8Bqw;src=8954552;type=rmcom0;cat=sg_we0;u27=119028166756485;ord=5006243135152.868;~oref=https%3A%2F%2Fwww.pokerstars.com%2Fua%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.pokerstars.com/ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlSxR78FepXKoVVhDj8bvKyTxm_mduPOp4JTQGfg1zgddsrDEPkUluf9j6-pAk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.pokerstars.com/ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sat, 27 Feb 2021 07:50:19 GMT
expires
Sat, 27 Feb 2021 07:50:19 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
693
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sat, 27 Feb 2021 07:50:19 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8954552.fls.doubleclick.net/activityi;dc_pre=CLmp4JbKie8CFQLs7QodtV8Bqw;src=8954552;type=rmcom0;cat=sg_we0;u27=119028166756485;ord=5006243135152.868;~oref=https%3A%2F%2Fwww.pokerstars.com%2Fua%2F
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
servedby.flashtalking.com/container/18308;120606;12865;iframe/ Frame F32C 		19 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?ft_referrer=https%3A//www.pokerstars.com/ua/&ns=https%3A//lp.clevernetwork.pt/pokerstars/aa/%3Fgroup%3D48188%26id%3D495034%26ref%3DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D%26r%3D714132450%26tracker%3DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A%3D&cb=491662.8994843322
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
prod-xre-app43.frk11 /
Resource Hash
2ccf0881dabe3c8e15736455293afc8e2ae248395e402d2e7b1351a370539b5b

Request headers

Host
servedby.flashtalking.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.pokerstars.com/ua/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.pokerstars.com/ua/

Response headers

Date
Sat, 27 Feb 2021 07:50:19 GMT
Connection
close
Cache-Control
no-cache, no-store
Content-Type
text/html
Server
prod-xre-app43.frk11
Pragma
no-cache
X-HW
1614412219.dop127.fr8.t,1614412219.cds201.fr8.shn,1614412219.dop127.fr8.t,1614412219.cds219.fr8.sc,1614412219.cds219.fr8.p
cs
s.thebrighttag.com/ Frame A3A0
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.thebrighttag.com%2Fcs?btt=0&tp=an&uid=$UID
  • https://s.thebrighttag.com/cs?btt=0&tp=an&uid=2660798561965089759
35 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=an&uid=2660798561965089759
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.248.248.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-248-83.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:19 GMT
Server
nginx
P3P
CP=NOI DSP COR NID
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
X-BT-RequestId
6ffd8b30-78d0-11eb-bcbf-0000ac150979

Redirect headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:19 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.44:80
AN-X-Request-Uuid
3a1307ff-712a-4413-9790-d91120ffb4ed
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.thebrighttag.com/cs?btt=0&tp=an&uid=2660798561965089759
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
s.thebrighttag.com/ Frame A3A0
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/epROgTTp/?redir=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3D0WCbX0j%26uid%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/epROgTTp/?redir=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3D0WCbX0j%26uid%3D%24%7BTM_USER_ID%7D&_test=YDn5uwAAALaNrizr
  • https://s.thebrighttag.com/cs?btt=0&tp=0WCbX0j&uid=YDn5uwAAALaNrizr&_test=YDn5uwAAALaNrizr
35 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=0WCbX0j&uid=YDn5uwAAALaNrizr&_test=YDn5uwAAALaNrizr
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.248.248.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-248-83.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:19 GMT
Server
nginx
P3P
CP=NOI DSP COR NID
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
X-BT-RequestId
70195090-78d0-11eb-b526-0000ac150bda

Redirect headers

pragma
no-cache
date
Sat, 27 Feb 2021 07:50:19 GMT
via
1.1 varnish
server
Varnish
x-timer
S1614412219.377586,VS0,VE0
x-served-by
cache-hhn4052-HHN
x-cache
HIT
location
https://s.thebrighttag.com/cs?btt=0&tp=0WCbX0j&uid=YDn5uwAAALaNrizr&_test=YDn5uwAAALaNrizr
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
cs
s.thebrighttag.com/ Frame A3A0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=signal_dmp&google_cm&btt=0
  • https://s.thebrighttag.com/cs?tp=gcms&btt=0&google_gid=CAESEBVE0TQ00jx1hyqFNSmxW28&google_cver=1
35 B
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.thebrighttag.com/cs?tp=gcms&btt=0&google_gid=CAESEBVE0TQ00jx1hyqFNSmxW28&google_cver=1
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.248.248.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-248-83.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:19 GMT
Server
nginx
P3P
CP=NOI DSP COR NID
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
X-BT-RequestId
6fef8171-78d0-11eb-b5f8-0000ac150af2

Redirect headers

pragma
no-cache
date
Sat, 27 Feb 2021 07:50:19 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.thebrighttag.com/cs?tp=gcms&btt=0&google_gid=CAESEBVE0TQ00jx1hyqFNSmxW28&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
305
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
s.thebrighttag.com/ Frame A3A0
Redirect Chain
  • https://sync.mathtag.com/sync/js?redir=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Ftp%3Dmm%26uid%3D%5BMM_UUID%5D%26btt%3D0
  • https://s.thebrighttag.com/cs?tp=mm&uid=d2916039-f9b8-4a00-a7e3-40c05c23bcb6&btt=0
35 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.thebrighttag.com/cs?tp=mm&uid=d2916039-f9b8-4a00-a7e3-40c05c23bcb6&btt=0
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.248.248.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-248-83.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:19 GMT
Server
nginx
P3P
CP=NOI DSP COR NID
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
X-BT-RequestId
6ff6d470-78d0-11eb-a4d0-0000ac150979

Redirect headers

Date
Sat, 27 Feb 2021 07:50:17 GMT
Server
MT3 3518 2f03077 master zrh-pixel-x14
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://s.thebrighttag.com/cs?tp=mm&uid=d2916039-f9b8-4a00-a7e3-40c05c23bcb6&btt=0
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 27 Feb 2021 07:50:16 GMT
cs
s.thebrighttag.com/ Frame A3A0
Redirect Chain
  • https://servedby.flashtalking.com/map/?key=s3lJXta567k8G63uyekk63hUj6k11&url=https://s.thebrighttag.com/cs?btt=0&tp=dJNjEOZ&uid=[%FT_GUID%]
  • https://s.thebrighttag.com/cs?btt=0&tp=dJNjEOZ&uid=48061E108CC5C4
35 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=dJNjEOZ&uid=48061E108CC5C4
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.248.248.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-248-83.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:19 GMT
Server
nginx
P3P
CP=NOI DSP COR NID
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
X-BT-RequestId
6ffdd950-78d0-11eb-971b-0000ac150bd9

Redirect headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:19 GMT
Server
prod-xre-app14.frk11
X-HW
1614412219.dop153.fr8.t,1614412219.cds206.fr8.shn,1614412219.dop153.fr8.t,1614412219.cds012.fr8.sc,1614412219.cds012.fr8.p
P3P
policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location
https://s.thebrighttag.com/cs?btt=0&tp=dJNjEOZ&uid=48061E108CC5C4
Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Length
0
/
servedby.flashtalking.com/spot/15881;115861;12199/ Frame A3A0 		42 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servedby.flashtalking.com/spot/15881;115861;12199/?spotname=SG_WebsiteVisits&U20=
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
prod-xre-app20.frk11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:19 GMT
Server
prod-xre-app20.frk11
X-HW
1614412219.dop014.fr8.t,1614412219.cds122.fr8.shn,1614412219.dop014.fr8.t,1614412219.cds015.fr8.sc,1614412219.cds015.fr8.p
Content-Type
image/gif
Cache-Control
no-cache,no-store
Connection
Keep-Alive
Content-Length
42
cs
s.thebrighttag.com/ Frame A3A0
Redirect Chain
  • https://tag.device9.com/img/img.png?D9v.Version=1&D9v.Tag=1&D9r.DeviceID=true&D9v.AdvID=14708&D9v.SiteId=1&D9c=ftSync&D9c.dest=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dv0HKuXG%26uid%3...
  • https://s.thebrighttag.com/cs?btt=0&tp=v0HKuXG&uid=e7046bb306304039b0f382cca182d5ba
35 B
744 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=v0HKuXG&uid=e7046bb306304039b0f382cca182d5ba
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.248.248.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-248-83.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:19 GMT
Server
nginx
P3P
CP=NOI DSP COR NID
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
X-BT-RequestId
700f8c90-78d0-11eb-a4d0-0000ac150979

Redirect headers

Date
Sat, 27 Feb 2021 07:50:19 GMT
Server
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
Access-Control-Allow-Origin
tag.device9.com
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location
https://s.thebrighttag.com/cs?btt=0&tp=v0HKuXG&uid=e7046bb306304039b0f382cca182d5ba
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
ram.css
cashier.rationalcdn.com/ram/2.2.44/styles/ Frame A3A0 		425 KB
154 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cashier.rationalcdn.com/ram/2.2.44/styles/ram.css
Requested by
Host: cashier.rationalcdn.com
URL: https://cashier.rationalcdn.com/ram/2.2.44/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5b821c106c787bdae441b9414fbd4d1e53716e6f564e4352d3800de38f642b53

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cteonnt-length
434724
date
Sat, 27 Feb 2021 07:50:19 GMT
content-encoding
gzip
last-modified
Mon, 22 Feb 2021 19:58:18 GMT
server
Apache
etag
"6a224-5bbf239196a80"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
private, max-age=968664
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With
content-length
156705
linkid.js
www.google-analytics.com/plugins/ua/ Frame A3A0 		2 KB
1001 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:09:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
2470
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
expires
Sat, 27 Feb 2021 08:09:09 GMT
sessionid
ram.pokerstars.com/ram/login/ Frame A3A0 		677 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ram.pokerstars.com/ram/login/sessionid
Requested by
Host: cashier.rationalcdn.com
URL: https://cashier.rationalcdn.com/ram/2.2.44/vendor.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.87.179.149 Onchan, Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
app server /
Resource Hash
53f2c48e29ca33a2a19cae8386a6c053dfe9ee9475d274765f0ee91290a7b4a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache, no-store
Access-Control-Allow-Headers
Content-Type
Server
app server
Date
Sat, 27 Feb 2021 07:50:18 GMT
X-Frame-Options
DENY
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://www.pokerstars.com
Cache-Control
private, no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=60
Expires
-86400
tag
s.thebrighttag.com/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://s.thebrighttag.com/tag
Protocol
HTTP/1.1
Server
34.248.248.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-248-83.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-requested-with
Origin
https://www.pokerstars.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Sat, 27 Feb 2021 07:50:19 GMT
Content-Length
0
Connection
keep-alive
ETag
d41d8cd98f00b204e9800998ecf8427e
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, must-revalidate
X-BT-RequestId
6ffceef0-78d0-11eb-81f6-0000ac1509e4
Access-Control-Max-Age
86400
Access-Control-Allow-Origin
https://www.pokerstars.com
Access-Control-Allow-Headers
X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Credentials
true
P3P
CP=NOI DSP COR NID
tag
s.thebrighttag.com/ Frame A3A0 		764 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.thebrighttag.com/tag
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/BrightTag.jquery-1.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.248.248.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-248-83.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
03c158b3fd0817ecc4f19e2b683c9ea63a5a48d9b246381fbb45e490792f45e4

Request headers

Accept
*/*
Referer
https://www.pokerstars.com/ua/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:19 GMT
content-encoding
gzip
Server
nginx
ETag
63d4199bdaebb5591abaa01764670025
P3P
CP=NOI DSP COR NID
Access-Control-Allow-Origin
https://www.pokerstars.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript
Content-Length
469
X-BT-RequestId
7004de30-78d0-11eb-9716-0000ac1508e9
identity.js
connect.facebook.net/signals/plugins/ Frame A3A0 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.33
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
4673
x-fb-rlafr
0
pragma
public
x-fb-debug
WC8zAuKYdfqFBggWMWoD+R06hpexvOdWyo70N9wxWeIhi3NjDVRVz6dzOUDg52gIgglYlaBhG7EzYs3nYzp9HQ==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 27 Feb 2021 07:50:19 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
origin-trial
AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
1152875091428286
connect.facebook.net/signals/config/ Frame A3A0 		242 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1152875091428286?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
31e74f3c59cb11f9adc7c46732269ab01222784f2e600a2748d485bdf1f1d40a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
71009
x-fb-rlafr
0
pragma
public
x-fb-debug
0po7WDAAebAFR+qZi6E2Py1qAwtPodf3gh4BiP7DykLR0QobGBBNrFiBT9gTsGrjTCrbMhJDMWvonGzD18iT7A==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 27 Feb 2021 07:50:19 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
origin-trial
AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
img
pixel.mathtag.com/misc/ Frame A3A0 		43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=398041&mt_adid=117394&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 3518 2f03077 master cdg-pixel-x14 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:50:19 GMT
Server
MT3 3518 2f03077 master cdg-pixel-x14
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 27 Feb 2021 07:50:54 GMT
css
fonts.googleapis.com/ Frame A3A0 		8 KB
793 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Requested by
Host: cashier.rationalcdn.com
URL: https://cashier.rationalcdn.com/ram/2.2.44/styles/ram.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b534bf5439e6346255cdfe8506bf01a71925106f3323dff2eccf2e7266b06929
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cashier.rationalcdn.com/ram/2.2.44/styles/ram.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 27 Feb 2021 07:50:19 GMT
server
ESF
date
Sat, 27 Feb 2021 07:50:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 Feb 2021 07:50:19 GMT
/
www.facebook.com/tr/ Frame A3A0 		44 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1152875091428286&ev=PageView&dl=https%3A%2F%2Fwww.pokerstars.com%2Fua%2F&rl=https%3A%2F%2Flp.clevernetwork.pt%2Fpokerstars%2Faa%2F%3Fgroup%3D48188%26id%3D495034%26ref%3DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D%26r%3D714132450%26tracker%3DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A%3D&if=true&ts=1614412219153&sw=1600&sh=1200&ud[external_id]=8c89c6f6f53511959772635d8109ac81a8df7eea1b3788bb04e6e89f80f708c5&v=2.9.33&r=stable&ec=0&o=30&it=1614412219117&coo=false&rqm=GET
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:19 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 27 Feb 2021 07:50:19 GMT
KFOlCnqEu92Fr1MmSU5fABc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ Frame A3A0 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fABc4AMP6lbBP.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4398e863ecd066e77ee4180c582e45424471d757666f8541b10c8e95685b5ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.pokerstars.com
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 08:54:30 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:34 GMT
server
sffe
age
82549
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6720
x-xss-protection
0
expires
Sat, 26 Feb 2022 08:54:30 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame A3A0 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.pokerstars.com
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 10:19:06 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
77473
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11056
x-xss-protection
0
expires
Sat, 26 Feb 2022 10:19:06 GMT
KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/ Frame A3A0 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.pokerstars.com
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 06:28:54 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:40 GMT
server
sffe
age
4885
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6720
x-xss-protection
0
expires
Sun, 27 Feb 2022 06:28:54 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame A3A0 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.pokerstars.com
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 03:58:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
100301
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Sat, 26 Feb 2022 03:58:38 GMT
KFOlCnqEu92Fr1MmWUlfABc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ Frame A3A0 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfABc4AMP6lbBP.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4512a0f507a7df3a354a3f552a4b34e2e642ce0e4902c002dfd1ce55e33abce4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.pokerstars.com
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 21 Feb 2021 15:30:55 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:10 GMT
server
sffe
age
490764
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6824
x-xss-protection
0
expires
Mon, 21 Feb 2022 15:30:55 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame A3A0 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.pokerstars.com
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 16:23:45 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
314794
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Wed, 23 Feb 2022 16:23:45 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame A3A0 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.pokerstars.com
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 15:00:41 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
60578
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11180
x-xss-protection
0
expires
Sat, 26 Feb 2022 15:00:41 GMT
KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ Frame A3A0 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af2fdef955568dc79de38bfb097d53586855945811b638d6c41513bd62e25cc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.pokerstars.com
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Feb 2021 14:26:31 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:37 GMT
server
sffe
age
235428
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6864
x-xss-protection
0
expires
Thu, 24 Feb 2022 14:26:31 GMT
825.js
cdn.tradelab.fr/fseg/ Frame A3A0 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tradelab.fr/fseg/825.js?add=4232218
Requested by
Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/tag/6859decf69.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C0E) /
Resource Hash
a77b03ac59bedd835e6261c2e0243a81824107314f736763c991f74f6c9528c4

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:19 GMT
content-encoding
gzip
last-modified
Thu, 26 Mar 2020 14:24:44 GMT
server
ECAcc (mil/6C0E)
age
1725
etag
"20b1-5a1c2bf055fd2-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length
2723
expires
Sat, 27 Feb 2021 08:20:19 GMT
activityi;dc_pre=CIrZ6pbKie8CFeNBFQgdyLgByw;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3200406439142.491
8526803.fls.doubleclick.net/ Frame D343
Redirect Chain
  • https://8526803.fls.doubleclick.net/activityi;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3200406439142.491?
  • https://8526803.fls.doubleclick.net/activityi;dc_pre=CIrZ6pbKie8CFeNBFQgdyLgByw;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3200406439142....
400 B
810 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8526803.fls.doubleclick.net/activityi;dc_pre=CIrZ6pbKie8CFeNBFQgdyLgByw;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3200406439142.491?
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f6.1e100.net
Software
cafe /
Resource Hash
8e6744837c655cd79ab23e9629a2ec6da888090d0857e73a923d51acd1fc66bd
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8526803.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CIrZ6pbKie8CFeNBFQgdyLgByw;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3200406439142.491?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.pokerstars.com/ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlSxR78FepXKoVVhDj8bvKyTxm_mduPOp4JTQGfg1zgddsrDEPkUluf9j6-pAk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.pokerstars.com/ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sat, 27 Feb 2021 07:50:19 GMT
expires
Sat, 27 Feb 2021 07:50:19 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
328
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sat, 27 Feb 2021 07:50:19 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8526803.fls.doubleclick.net/activityi;dc_pre=CIrZ6pbKie8CFeNBFQgdyLgByw;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3200406439142.491?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
seg.js
cdn.tradelab.fr/ Frame A3A0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tradelab.fr/seg.js?add=25072242
Requested by
Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/tag/6859decf69.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C0E) /
Resource Hash
4bcdad591e993084f420f4d2e05541355f3ef0a185dbe15b2cd1e8fd614039b7

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:19 GMT
content-encoding
gzip
last-modified
Wed, 06 Sep 2017 13:08:13 GMT
server
ECAcc (mil/6C0E)
age
552
etag
"a7c-558850954180e-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length
1107
expires
Sat, 27 Feb 2021 08:20:19 GMT
/
its.tradelab.fr/ Frame A3A0
Redirect Chain
  • https://ib.adnxs.com/getuid?//its.tradelab.fr/?type=tlsync&uuid2=$UID&callback=tl_sync
  • https://its.tradelab.fr/?type=tlsync&uuid2=2660798561965089759&callback=tl_sync
53 B
540 B 		Script
General
Check archive.org
Download Go to
Full URL
https://its.tradelab.fr/?type=tlsync&uuid2=2660798561965089759&callback=tl_sync
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.212.64.229 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.17.7 /
Resource Hash
4d672d5c1c5b113754473b9bce1e3e2c924c929dc60a4bb4c89a1337f938cc3b

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:19 GMT
Server
nginx/1.17.7
Transfer-Encoding
chunked
P3p
CP="CAO PSA OUR"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0,post-check=0,pre-check=0
Connection
keep-alive
Content-Type
application/javascript

Redirect headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:19 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.57:80
AN-X-Request-Uuid
29fcd8ad-178b-4054-9d10-3cc900c1c3a2
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
//its.tradelab.fr/?type=tlsync&uuid2=2660798561965089759&callback=tl_sync
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
its.tradelab.fr/ Frame A3A0
Redirect Chain
  • https://its.tradelab.fr/?type=tp&advid=727265&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1614412219%2C%22page_url%22%3A%22lp.clevernetwork.pt%2Fpokerstars%2Faa%2F%3Fgroup%3D48188...
  • https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm
  • https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEBy5g_M13rzw8G08OtE3INo&google_cver=1
43 B
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEBy5g_M13rzw8G08OtE3INo&google_cver=1
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.212.64.229 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.17.7 / Tradelab ITS / node5.tradelab.fr
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:19 GMT
Server
nginx/1.17.7
X-Powered-By
Tradelab ITS / node5.tradelab.fr
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*

Redirect headers

pragma
no-cache
date
Sat, 27 Feb 2021 07:50:19 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEBy5g_M13rzw8G08OtE3INo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c292f111f4.js
cdn.tradelab.fr/tag/ Frame A3A0 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tradelab.fr/tag/c292f111f4.js
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C48) /
Resource Hash
7f3ada208a6e93231327d013d8eab1679bfdb77977493de301f8572441eb82b2

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:19 GMT
content-encoding
gzip
last-modified
Thu, 25 Feb 2021 17:07:57 GMT
server
ECAcc (mil/6C48)
age
746
etag
"2b55-5bc2c3168b071-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length
3948
expires
Sat, 27 Feb 2021 08:20:19 GMT
rewards-widget.min.js
cashier.rationalcdn.com/widget/2.0.259/ Frame A3A0 		254 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cashier.rationalcdn.com/widget/2.0.259/rewards-widget.min.js
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/cross-ux/cvl-active.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3549c3b2c33fc2f981c8349b96c348a44cba698450525533be7d16fb97b205ec

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:19 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 19:58:39 GMT
server
Apache
etag
"3f810-5bb14f21bc8c3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With
content-length
69865
/
servedby.flashtalking.com/container/29;71832;7464;iframe/ Frame 2363
Redirect Chain
  • https://servedby.flashtalking.com/map/?key=a7rAgh52909gAgrTaAporDg928888&url=https://servedby.flashtalking.com/container/29;71832;7464;iframe/?g=[%FT_GUID%]
  • https://servedby.flashtalking.com/container/29;71832;7464;iframe/?g=48061E108CC5C4
262 B
575 B 		Document
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/container/29;71832;7464;iframe/?g=48061E108CC5C4
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?ft_referrer=https%3A//www.pokerstars.com/ua/&ns=https%3A//lp.clevernetwork.pt/pokerstars/aa/%3Fgroup%3D48188%26id%3D495034%26ref%3DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D%26r%3D714132450%26tracker%3DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A%3D&cb=491662.8994843322
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
prod-xre-app47.frk11 /
Resource Hash
fcfe8718632767474e43758fad2a1f98cdd3665a66e34a81c9d65140109d56f2

Request headers

Host
servedby.flashtalking.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?ft_referrer=https%3A//www.pokerstars.com/ua/&ns=https%3A//lp.clevernetwork.pt/pokerstars/aa/%3Fgroup%3D48188%26id%3D495034%26ref%3DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D%26r%3D714132450%26tracker%3DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A%3D&cb=491662.8994843322
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
flashtalkingad1="GUID=48061E108CC5C4"
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?ft_referrer=https%3A//www.pokerstars.com/ua/&ns=https%3A//lp.clevernetwork.pt/pokerstars/aa/%3Fgroup%3D48188%26id%3D495034%26ref%3DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D%26r%3D714132450%26tracker%3DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A%3D&cb=491662.8994843322

Response headers

Date
Sat, 27 Feb 2021 07:50:19 GMT
Connection
close
Cache-Control
no-cache, no-store
Content-Type
text/html
Server
prod-xre-app47.frk11
Pragma
no-cache
X-HW
1614412219.dop153.fr8.t,1614412219.cds206.fr8.shn,1614412219.dop153.fr8.t,1614412219.cds012.fr8.sc,1614412219.cds012.fr8.p

Redirect headers

Date
Sat, 27 Feb 2021 07:50:19 GMT
Connection
Keep-Alive
Cache-Control
no-cache, no-store
Content-Length
0
Server
prod-xre-app53.frk11
Pragma
no-cache
P3P
policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location
https://servedby.flashtalking.com/container/29;71832;7464;iframe/?g=48061E108CC5C4
X-HW
1614412219.dop153.fr8.t,1614412219.cds206.fr8.shn,1614412219.dop153.fr8.t,1614412219.cds012.fr8.sc,1614412219.cds012.fr8.p
/
servedby.flashtalking.com/segment/2/read/a;;pixel/ Frame F32C 		42 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servedby.flashtalking.com/segment/2/read/a;;pixel/?s=12865&d=www.pokerstars.com&r=ua/
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?ft_referrer=https%3A//www.pokerstars.com/ua/&ns=https%3A//lp.clevernetwork.pt/pokerstars/aa/%3Fgroup%3D48188%26id%3D495034%26ref%3DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D%26r%3D714132450%26tracker%3DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A%3D&cb=491662.8994843322
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
prod-xre-app22.frk11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?ft_referrer=https%3A//www.pokerstars.com/ua/&ns=https%3A//lp.clevernetwork.pt/pokerstars/aa/%3Fgroup%3D48188%26id%3D495034%26ref%3DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D%26r%3D714132450%26tracker%3DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A%3D&cb=491662.8994843322
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:19 GMT
Server
prod-xre-app22.frk11
X-HW
1614412219.dop014.fr8.t,1614412219.cds122.fr8.shn,1614412219.dop014.fr8.t,1614412219.cds015.fr8.sc,1614412219.cds015.fr8.p
P3P
policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Type
image/gif
Content-Length
42
645001.js
cdn.tradelab.fr/conv/ Frame A3A0 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tradelab.fr/conv/645001.js
Requested by
Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/fseg/825.js?add=4232218
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6BBC) /
Resource Hash
b2bdb6bc5062a7db0decd00a36a036f5975b19735e15ee4ca73e44de35972e4c

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:19 GMT
content-encoding
gzip
last-modified
Wed, 24 Feb 2021 16:09:23 GMT
server
ECAcc (mil/6BBC)
age
134
etag
"4a13-5bc1742218a63-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length
7024
expires
Sat, 27 Feb 2021 08:20:19 GMT
seg
secure.adnxs.com/ Frame A3A0 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/seg?add=25072242&t=2
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:19 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.101:80
AN-X-Request-Uuid
4d3b5d93-77bf-4937-b05b-e3b680202c74
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
its.tradelab.fr/ Frame A3A0
Redirect Chain
  • https://ib.adnxs.com/getuid?//its.tradelab.fr/?type=seg&uuid2=$UID&sid=25072242&val=null&fp=0&advid=727265&isregen=0&ua=Mozilla%252F5.0%2520(Macintosh%253B%2520Intel%2520Mac%2520OS%2520X%252010_14_...
  • https://its.tradelab.fr/?type=seg&uuid2=2660798561965089759&sid=25072242&val=null&fp=0&advid=727265&isregen=0&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537....
  • https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm=&google_tc=
  • https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEGFusz1thuoz92nvbrBoMpw&google_cver=1
43 B
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEGFusz1thuoz92nvbrBoMpw&google_cver=1
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.212.64.229 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.17.7 / Tradelab ITS / node3.tradelab.fr
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:19 GMT
Server
nginx/1.17.7
X-Powered-By
Tradelab ITS / node3.tradelab.fr
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*

Redirect headers

pragma
no-cache
date
Sat, 27 Feb 2021 07:50:19 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEGFusz1thuoz92nvbrBoMpw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion.js
www.googleadservices.com/pagead/ Frame C9F3 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: 8954552.fls.doubleclick.net
URL: https://8954552.fls.doubleclick.net/activityi;dc_pre=CLmp4JbKie8CFQLs7QodtV8Bqw;src=8954552;type=rmcom0;cat=sg_we0;u27=119028166756485;ord=5006243135152.868;~oref=https%3A%2F%2Fwww.pokerstars.com%2Fua%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
2d451ceb5c96c1c46a382c62cd8fc8069be4add288ff86069e55c2e5ae368af7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8954552.fls.doubleclick.net/activityi;dc_pre=CLmp4JbKie8CFQLs7QodtV8Bqw;src=8954552;type=rmcom0;cat=sg_we0;u27=119028166756485;ord=5006243135152.868;~oref=https%3A%2F%2Fwww.pokerstars.com%2Fua%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15265
x-xss-protection
0
server
cafe
etag
66064869198519017
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 27 Feb 2021 07:50:19 GMT
dc_pre=CLmp4JbKie8CFQLs7QodtV8Bqw;src=8954552;type=rmcom0;cat=sg_we0;u27=119028166756485;ord=5006243135152.868;~oref=https%3A%2F%2Fwww.pokerstars.com%2Fua%2F
adservice.google.com/ddm/fls/z/ Frame C9F3 		42 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CLmp4JbKie8CFQLs7QodtV8Bqw;src=8954552;type=rmcom0;cat=sg_we0;u27=119028166756485;ord=5006243135152.868;~oref=https%3A%2F%2Fwww.pokerstars.com%2Fua%2F
Requested by
Host: 8954552.fls.doubleclick.net
URL: https://8954552.fls.doubleclick.net/activityi;dc_pre=CLmp4JbKie8CFQLs7QodtV8Bqw;src=8954552;type=rmcom0;cat=sg_we0;u27=119028166756485;ord=5006243135152.868;~oref=https%3A%2F%2Fwww.pokerstars.com%2Fua%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8954552.fls.doubleclick.net/activityi;dc_pre=CLmp4JbKie8CFQLs7QodtV8Bqw;src=8954552;type=rmcom0;cat=sg_we0;u27=119028166756485;ord=5006243135152.868;~oref=https%3A%2F%2Fwww.pokerstars.com%2Fua%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Feb 2021 07:50:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame A3A0 		7 KB
704 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700&subset=cyrillic,greek
Requested by
Host: www.pokerstars.com
URL: https://www.pokerstars.com/ua/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f06c5f18584e8d94f0b4997820910454e00e752f9ef1d317075879769e197529
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 27 Feb 2021 07:50:19 GMT
server
ESF
date
Sat, 27 Feb 2021 07:50:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 Feb 2021 07:50:19 GMT
/
its.tradelab.fr/ Frame A3A0 		2 B
503 B 		Script
General
Check archive.org
Download Go to
Full URL
https://its.tradelab.fr/?type=token&p=tlab&gtw=%2F%2Fs.thebrighttag.com%2Fapi%3Fsite%3DG58M8eX%26referrer%3Dtlabset%26signalid%3D119028166756485
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.212.64.229 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.17.7 / Tradelab ITS / node5.tradelab.fr
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:19 GMT
Server
nginx/1.17.7
X-Powered-By
Tradelab ITS / node5.tradelab.fr
P3p
CP="CAO PSA OUR"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0,post-check=0,pre-check=0
Connection
keep-alive
Content-Type
text/html
Content-Length
2
/
its.tradelab.fr/ Frame A3A0
Redirect Chain
  • https://ib.adnxs.com/getuid?//its.tradelab.fr/?type=convr&x=1&uuid2=$UID&cdata=%7B%22a%22%3A645001%2C%22l%22%3A%5B2911043%2C3374860%2C3374870%2C3374871%2C3375631%2C3375634%2C3375636%2C3375869%2C348...
  • https://its.tradelab.fr/?type=convr&x=1&uuid2=2660798561965089759&cdata={%22a%22:645001,%22l%22:[2911043,3374860,3374870,3374871,3375631,3375634,3375636,3375869,3485777,3610728,4139570,4139577,5229...
43 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://its.tradelab.fr/?type=convr&x=1&uuid2=2660798561965089759&cdata={%22a%22:645001,%22l%22:[2911043,3374860,3374870,3374871,3375631,3375634,3375636,3375869,3485777,3610728,4139570,4139577,5229563,5512754,5523904,5527627,5577407,5577415,5683612,5707327,5707518,5729834,5751995,5752074,5772094,5772112,5772126,5772157,5772186,5772205,5772383,5772421,5807843,5812186,5894602,5907913,5933676,5969498,5969642,5969671,5969675,5971810,5971880,5992671,5992999,5993021,6000363,6001937,6002209,6002253,6002382,6002507,6140505,6154762,6154871,6159236,6159578,6162984,6162989,6163852,6164009,6164071,6164072,6164436,6164437,6193482,6195004,6195041,6195042,6195043,6195531,6195532,6195533,6195609,6214062,6214063,6214064,6214094,6214097,6214101,6214202,6214204,6214208,6221015,6221229,6222282,6226174,6226212,6226218,6226221,6226226,6226446,6226454,6226458,6226476,6226484,6226643,6226796,6226877,6226880,6227027,6227558,6234208,6234214,6234248,6234255,6234287,6234366,6234427,6234545,6235523,6235651,6237797,6237800,6237832,6237857,6291044,6291049,6291104,6291106,6291111,6291118,6291124,6291138,6291946,6291953,6291969,6311673,6318389,6330471,6330749,6331140,6331216,6331277,6331301,6357110,6357745,6357758,6357771,6364697,6364707,6386022,6386029,6422150,6422153,6455878,6455884,6471290,6471292,6479718,6479764,6526614,6563367,6563414,6590178,6776590,6778340,6779076,6779365,6806511,6807202,6816216,6816242,6816247,6816326,6816335,6816341,6842289,6842296,6842320,6842381,6842396,6842507,6851735,6860538,6875822,6876078,6878676,6886610,6889819,6889820,6889829,6895218,6895221,6895281,6895289,6902404,6902406,6914830,6914832,6914833,6917298,6917319,6917321,6917325,6917329,6917415,7018738,7037742,7037747,7037879,7043219,7043221,7043222,7043223,7043356,7043359,7043387,7050757,7050810,7054802,7054821,7054845,7055172,7055180,7055199,7055243,7055269,7055280,7055313,7055360,7055754,7057671,7057780,7059421,7073089,7081770,7081774,7081869,7081871,7082029,7082088,7082091,7082175,7082177,7089154,7089369,7089726,7089791,7089907,7090617,7090621,7090626,7090631,7098648,7098649,7098654,7098664,7098673,7125571,7209540,7209542,7209543,7209544,7209546,7209548,7209549,7209550,7209995,7209997,7209999,7210001,7210195,7210198,7210208,7215834,7226638,7226689,7226691,7226766,7226777,7226784,7226796,7226942,7227046,7227047,7228256,7228261,7228262,7228265,7228268,7228270,7228272,7228273,7228277,7228284,7228285,7228289,7228298,7228299,7228300,7228302,7228320,7228331,7291167,7292156,7307100,7307264,7359086,7361643,7365559,7462205,7481343,7525396,7525559,7525623,7525690,7525745,7525847,7526713,7536183,7536493,7537492,7537579,7538501,7538532,7538638,7538719,7538977,7539323,7539357,7539424,7539466,7539475,7539506,7542691,7542814,7542908,7542924,7544348,7544399,7544474,7544514,7544544,7549646,7549719,7549749,7550152,7550161,7550213,7572162,7716684,7717144,7717791,7717812,7717827,7717839,7717845,7717929,7717945,7791362,7791430,7791447,7831211,7831225,7831261,7831271,7831809,7831811,7831815,7831831,7945977,7954109,8016142,8016159,8016171,8016175,8016181,8016206,8016306,8016315,8016332,8016350,8016357,8016364,8018483,8018490,8018538,8018546,8018559,8018567,8019394,8019396,8025229,8025244,8025246,8025250,8032818,8032824,8032827,8035172,8035174,8035175,8035176,8035180,8035184,8035188,8035190,8049459,8049473,8049493,8049509,8081387,8081422,8081425,8083336,8097798,8097803,8097831,8097833,8110565,8110587,8110595,8110599,8124939,8124944,8124953,8124960,8178320,8178327,8178331,8178333,8211948,8359406,8359412,8359420,8359431,8359441,8359637,8365506,8392744,8399097,8399099,8399111,8399112,8399130,8399132,8399133,8399134,8407979,8408076,8408078,8408084,8408087,8408090,8408092,8410453,8505019,8511659,8511660,8511661,8511662,8643514,8643560,8643589,8643686,8643748,8643808,8643881,8643903,8643943,8643973,8644038,8648496,8648497,8648502,8761737,8771359,8813308,8813343,8813346,8813349,8896437,8896445,8896457,8897484,8897495,8897500,8897529,8897530,8897532,8897533,8897534,8897535,8897869,8903049,8903064,8903076,8903099,8903103,8903105,8903122,8903123,8903125,8903128,8903132,8903531,8903539,8903563,8903568,8903594,8903599,8904004,8904014,8904020,8904031,8904037,8904056,8904059,8904063,9104939,9130903,9131544,9139541,9203023,9203067,9203116,9278395,9351038,9387947,9397722,9409325,9514351,9514357,9612423,9612517,9612648,9629921,9696006,9696064,9696100,9703331,9703486,9703627,9719551,9720613,9721538,9721695,9721702,9721705,9721709,9721710,9755110,9755385,9854757,9906851,9906874,9910363,9990666,9990685,9990686,10095363,10095797,10096001,10193236,10193384,10193807,10310290,10359145,10359204,10476365,10476464,10476611,10477525,10502301,10503758,10503885,10522118,10535412,10588065,10588071,10588162,10635997,10651842,10666631,10685105,10686491,10686495,10697806,10697843,10769787,10919956,10953320,10997851,10997980,10998089,10998386,10998397,10998435,10998569,10998579,11057024,11152558,11154187,11194193,11245943,11332680,11346958,11350004,11350005,11387804,11395097,11395212,11396897,11396924,11396962,11397033,11397135,11397140,11397143,11397144,11397147,11397214,11397215,11397216,11397217,11397218,11397960,11400745,11401196,11401197,11401392,11401427,11401493,11401640,11401724,11401976,11402069,11402079,11402096,11403979,11404377,11404384,11408351,11414595,11415196,11415197,11416031,11416034,11416120,11416161,11416324,11416553,11416714,11416754,11416984,11417111,11417621,11417683,11417716,11417751,11418099,11418103,11421607,11421608,11421620,11428320,11428379,11428382,11455715,11460659,11460890,11460892,11460901,11461357,11461368,11461404,11461722,11468652,11468653,11468655,11468676,11468681,11468684,11475669,11475694,11476530,11481965,11487671,11488866,11490520,11490827,11490868,11496300,11496628,11496649,11497244,11497486,11497968,11515690,11517479,11517532,11543793,11543906,11549890,11550201,11550202,11550203,11577232,11584353,11584887,11585480,11589019,11589113,11589120,11597342,11597367,11597472,11609630,11610899,11611100,11611338,11614059,11615411,11615420,11615446,11615498,11615501,11615504,11621887,11623768,11629337,11629339,11629401,11629580,11635203,11635277,11639299,11644447,11645614,11645616,11645617,11645658,11645659,11645660,11646244,11646540,11646635,11646660,11646737,11646758,11646798,11646818,11646842,11662987,11666805,11666880,11666886,11666910,11666918,11666976,11666994,11676263,11676270,11676293,11676312,11676368,11676415,11676451,11676455,11683311,11684178,11689123,11697904,11708513,11723817,11723818,11723861,11734201,11735165,11735305,11762514,11762691,11783343,11784015,11784931,11784993,11785011,11798208,11800129,11815343,11815391,11830759,11830841,11830975,11831346,11831372,11831539,11831549,11844423,11844425,11850207,11850209,11868176,11877510,11878882,11903230,11923402,11923553,11923569,11923571,11923657,11923673,11923736,11923737,11923739,11933607,11950397,11959998,11960028,11965353,11965440,11966901,11969715,11969801,11969866,11998069,11998156,12018471,12018822,12019250,12040619,12040854,12051550,12085845,12085852,12085930,12086375,12086624,12086628,12089273,12089504,12097231,12097501,12097542,12112378,12123555,12147846,12148109,12148144,12149117,12152120,12153186,12167992,12192400,12259785,12260127,12265565,12281316,12295255,12313833,12313922,12339057,12341877,12352272,12352686,12354121,12354122,12360312,12360381,12360409,12360462,12361864,12363145,12386789,12398074,12398113,12398378,12398381,12398504,12398509,12420753,12422577,12422611,12431515,12431517,12431978,12431992,12439905,12439907,12439909,12439912,12441386,12441481,12441510,12441534,12449202,12475965,12476042,12478711,12485943,12486269,12491060,12491062,12491069,12496885,12496889,12496896,12496903,12509636,12509663,12509666,12511664,12511728,12512481,12512497,12514254,12514258,12514259,12523410,12524165,12524190,12531093,12531215,12532951,12537147,12540453,12540458,12540504,12540622,12540637,12540684,12540821,12540930,12540932,12540934,12540935,12540941,12540942,12540944,12541090,12541116,12547910,12548079,12563220,12563442,12569091,12569109,12569915,12569976,12577340,12581719,12582312,12582313,12582329,12582452,12582536,12602522,12602557,12605925,12605958,12606093,12606151,12606168,12606214,12606227,12615985,12619760,12619773,12619803,12619812,12640901,12641206,12641243,12641682,12641809,12664238,12664319,12664996,12665004,12665396,12665413,12665421,12665439,12665455,12665461,12665475,12665487,12665495,12665500,12665503,12665525,12665546,12665547,12665597,12665601,12665607,12673380,12673381,12673382,12673464,12673465,12673466,12678055,12678172,12678221,12678226,12678237,12678299,12678359,12678463,12678488,12679930,12679980,12680219,12680220,12680222,12680286,12680287,12680288,12680289,12680415,12680416,12680421,12680422,12680547,12680555,12680601,12680602,12680650,12680663,12680669,12680670,12680738,12680769,12680771,12683429,12683434,12683503,12683505,12684229,12711824,12711834,12711888,12711901,12711998,12712007,12756221,12756544,12758212,12758217,12758706,12758709,12759543,12772370,12789220,12819638,12819641,12819731,12819732,12821228,12821232,12832058,12832408,12832429,12833471,12833555,12833582,12844715,12850910,12850918,12850920,12850967,12850982,12851052,12851887,12853335,12853406,12855587,12855588,12855593,12856316,12856317,12856352,12856353,12865755,12866030,12866078,12866196,12881237,12881625,12882278,12882663,12882964,12883397,12885363,12885422,12885453,12885505,12885592,12885613,12885663,12885862,12885905,12885918,12885923,12885927,12885985,12885990,12886005,12886680,12907847,12909272,12909273,12912682,12921648,12921769,12921826,12921855,12922024,12922087,12923143,12923684,12923704,12923773,12923936,12923939,12923998,12924001,12924874,12924902,12924912,12924956,12924975,12924990,12925005,12925090,12925181,12925195,12925241,12925261,12925400,12925442,12925508,12925517,12925633,12925873,12926824,12926843,12926883,12926944,12926953,12926973,12926981,12927175,12927269,12927332,12927414,12927418,12927744,12927838,12927922,12928066,12928149,12928164,12928182,12929571,12929597,12929716,12929815,12929978,12929989,12930024,12930043,12930100,12930131,12930164,12934254,12934305,12934411,12934440,12934450,12934452,12934495,12934513,12934588,12934594,12934611,12934639,12934673,12934687,12934696,12934700,12934710,12934763,12934815,12934845,12935224,12935234,12935279,12935281,12935317,12935345,12935397,12935507,12935534,12935633,12935860,12935899,12935934,12935954,12935966,12936000,12936069,12936101,12936983,12937233,12937283,12937313,12937393,12937404,12937424,12937904,12937962,12938122,12938523,12938579,12938617,12938638,12938691,12939517,12940043,12940181,12940372,12940871,12947134,12947167,12947207,12947216,12948248,12948375,12948428,12948498,12948741,12948794,12950687,12953811,12953815,12953843,12954030,12969597,12969640,12971115,12971765,12971885,12983798,12983859,12986083,12986160,12986291,12986844,12987733,12996965,12997777,12997845,12997849,13008703,13008708,13009209,13011063,13011066,13012364,13020630,13021375,13022053,13022072,13037641,13037645,13037884,13046784,13056244,13059704,13059741,13115728,13135619,13136828,13158557,13158567,13158580,13158584,13173610,13175848,13175893,13175937,13175972,13176001,13176069,13176161,13176365,13176390,13176420,13176558,13180060,13201287,13201333,13201431,13227834,13227878,13227899,13228461,13228467,13228472,13229742,13229964,13230150,13230158,13247905,13379501,13379527,13404253,13404255,13404256,13426762,13426768,13442957,13444808,13445193,13499528,13499558,13499559,13509560,13519091,13521499,13562887,13576597,13581270,13585037,13585042,13586704,13586711,13586718,13586720,13590402,13590478,13590485,13590826,13590912,13591338,13591340,13591456,13593057,13593120,13593124,13593413,13593470,13593489,13593491,13593492,13593952,13593953,13593955,13595060,13595186,13595202,13595232,13595280,13604577,13604579,13611236,13611921,13611926,13611928,13611930,13611932,13611935,13611950,13611955,13611957,13611959,13611960,13611961,13611962,13611980,13611981,13611990,13612010,13612013,13612026,13612030,13612056,13612507,13612510,13612514,13612515,13615293,13615363,13624271,13624335,13624366,13627530,13637445,13637541,13639429,13639559,13639822,13639829,13643700,13643723,13643732,13643747,13643753,13643758,13643773,13646588,13646593,13648302,13648333,13648334,13648335,13648336,13648337,13648338,13648396,13648398,13648400,13648401,13651559,13651660,13651676,13651682,13651716,13651764,13651797,13651823,13651854,13651874,13651905,13652073,13652074,13652082,13652086,13652091,13652092,13652097,13652098,13652406,13652414,13652431,13652432,13652441,13652458,13652463,13652502,13652504,13652553,13652554,13652652,13652667,13652685,13652686,13652691,13652693,13652706,13652707,13652888,13655571,13655675,13655677,13655748,13655759,13655772,13655774,13655815,13655816,13655928,13655929,13656062,13656068,13656075,13656076,13656137,13656139,13656166,13656167,13656224,13656403,13656413,13656414,13656698,13656703,13656715,13656731,13657593,13657599,13657611,13657612,13657646,13657863,13657864,13657881,13657883,13657884,13657887,13657908,13657921,13660900,13660902,13660918,13660927,13660928,13660964,13660965,13661137,13661139,13661201,13661204,13661205,13661212,13661213,13661995,13662002,13662009,13662012,13662013,13662086,13662102,13662113,13662132,13662133,13662145,13662146,13662230,13662241,13662276,13662293,13662295,13663428,13663432,13663437,13663450,13684419,13684437,13703524,13703900,13703963,13704004,13726085,13726630,13728187,13728188,13728189,13729253,13737386,13746660,13754902,13755175,13755177,13755793,13756319,13759146,13759454,13759508,13759747,13783001,13783005,13783013,13783058,13788357,13789606,13790210,13790356,13790443,13790445,13790446,13822025,13827326,13827616,13828767,13828768,13828769,13828942,13828948,13828950,13832725,13832749,13849058,13849117,13850343,13850357,13850393,13850549,13850802,13850854,13850880,13850899,13850948,13851106,13854071,13886580,13889445,13889455,13889486,13889961,13889975,13889994,13890227,13890239,13890240,13890241,13890463,13895571,13895572,13897024,13905793,13906529,13906564,13906592,13917417,13918132,13918133,13919181,13919183,13930356,13931368,13933484,13944490,13944551,13944643,13951734,13951831,13955623,13955624,13962873,13962978,13964343,13964344,13970253,13970255,14004524,14006771,14011339,14012185,14012197,14012277,14012280,14020547,14023284,14045762,14045763,14045764,14077128,14077134],%22i%22:7,%22c%22:7,%22t%22:%22h%22,%22m%22:%22null%22,%22vi%22:0,%22vc%22:0,%22hf%22:0,%22x%22:{}}&advid=5189423&xur=lp.clevernetwork.pt/pokerstars/aa/?group=48188&id=495034&ref=aHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw==&r=714132450&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkP&adata={%22c%22:{%22ref_url%22:%22%22,%22ref_ts%22:0,%22page_url%22:%22%22,%22dm%22:%22%22},%22v%22:{%22vis_cnt%22:0,%22frst_vis_ts%22:1614412219,%22prev_vis_ts%22:0,%22curr_vis_ts%22:1614412219,%22total_page_cnt%22:0,%22prev_page_cnt%22:0,%22curr_page_cnt%22:1}}
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.212.64.229 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.17.7 / Tradelab ITS / node4.tradelab.fr
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:19 GMT
Server
nginx/1.17.7
X-Powered-By
Tradelab ITS / node4.tradelab.fr
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*

Redirect headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:19 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.152:80
AN-X-Request-Uuid
b5504735-accc-4a85-ba68-f2621fce3fc9
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
//its.tradelab.fr/?type=convr&x=1&uuid2=2660798561965089759&cdata={"a":645001,"l":[2911043,3374860,3374870,3374871,3375631,3375634,3375636,3375869,3485777,3610728,4139570,4139577,5229563,5512754,5523904,5527627,5577407,5577415,5683612,5707327,5707518,5729834,5751995,5752074,5772094,5772112,5772126,5772157,5772186,5772205,5772383,5772421,5807843,5812186,5894602,5907913,5933676,5969498,5969642,5969671,5969675,5971810,5971880,5992671,5992999,5993021,6000363,6001937,6002209,6002253,6002382,6002507,6140505,6154762,6154871,6159236,6159578,6162984,6162989,6163852,6164009,6164071,6164072,6164436,6164437,6193482,6195004,6195041,6195042,6195043,6195531,6195532,6195533,6195609,6214062,6214063,6214064,6214094,6214097,6214101,6214202,6214204,6214208,6221015,6221229,6222282,6226174,6226212,6226218,6226221,6226226,6226446,6226454,6226458,6226476,6226484,6226643,6226796,6226877,6226880,6227027,6227558,6234208,6234214,6234248,6234255,6234287,6234366,6234427,6234545,6235523,6235651,6237797,6237800,6237832,6237857,6291044,6291049,6291104,6291106,6291111,6291118,6291124,6291138,6291946,6291953,6291969,6311673,6318389,6330471,6330749,6331140,6331216,6331277,6331301,6357110,6357745,6357758,6357771,6364697,6364707,6386022,6386029,6422150,6422153,6455878,6455884,6471290,6471292,6479718,6479764,6526614,6563367,6563414,6590178,6776590,6778340,6779076,6779365,6806511,6807202,6816216,6816242,6816247,6816326,6816335,6816341,6842289,6842296,6842320,6842381,6842396,6842507,6851735,6860538,6875822,6876078,6878676,6886610,6889819,6889820,6889829,6895218,6895221,6895281,6895289,6902404,6902406,6914830,6914832,6914833,6917298,6917319,6917321,6917325,6917329,6917415,7018738,7037742,7037747,7037879,7043219,7043221,7043222,7043223,7043356,7043359,7043387,7050757,7050810,7054802,7054821,7054845,7055172,7055180,7055199,7055243,7055269,7055280,7055313,7055360,7055754,7057671,7057780,7059421,7073089,7081770,7081774,7081869,7081871,7082029,7082088,7082091,7082175,7082177,7089154,7089369,7089726,7089791,7089907,7090617,7090621,7090626,7090631,7098648,7098649,7098654,7098664,7098673,7125571,7209540,7209542,7209543,7209544,7209546,7209548,7209549,7209550,7209995,7209997,7209999,7210001,7210195,7210198,7210208,7215834,7226638,7226689,7226691,7226766,7226777,7226784,7226796,7226942,7227046,7227047,7228256,7228261,7228262,7228265,7228268,7228270,7228272,7228273,7228277,7228284,7228285,7228289,7228298,7228299,7228300,7228302,7228320,7228331,7291167,7292156,7307100,7307264,7359086,7361643,7365559,7462205,7481343,7525396,7525559,7525623,7525690,7525745,7525847,7526713,7536183,7536493,7537492,7537579,7538501,7538532,7538638,7538719,7538977,7539323,7539357,7539424,7539466,7539475,7539506,7542691,7542814,7542908,7542924,7544348,7544399,7544474,7544514,7544544,7549646,7549719,7549749,7550152,7550161,7550213,7572162,7716684,7717144,7717791,7717812,7717827,7717839,7717845,7717929,7717945,7791362,7791430,7791447,7831211,7831225,7831261,7831271,7831809,7831811,7831815,7831831,7945977,7954109,8016142,8016159,8016171,8016175,8016181,8016206,8016306,8016315,8016332,8016350,8016357,8016364,8018483,8018490,8018538,8018546,8018559,8018567,8019394,8019396,8025229,8025244,8025246,8025250,8032818,8032824,8032827,8035172,8035174,8035175,8035176,8035180,8035184,8035188,8035190,8049459,8049473,8049493,8049509,8081387,8081422,8081425,8083336,8097798,8097803,8097831,8097833,8110565,8110587,8110595,8110599,8124939,8124944,8124953,8124960,8178320,8178327,8178331,8178333,8211948,8359406,8359412,8359420,8359431,8359441,8359637,8365506,8392744,8399097,8399099,8399111,8399112,8399130,8399132,8399133,8399134,8407979,8408076,8408078,8408084,8408087,8408090,8408092,8410453,8505019,8511659,8511660,8511661,8511662,8643514,8643560,8643589,8643686,8643748,8643808,8643881,8643903,8643943,8643973,8644038,8648496,8648497,8648502,8761737,8771359,8813308,8813343,8813346,8813349,8896437,8896445,8896457,8897484,8897495,8897500,8897529,8897530,8897532,8897533,8897534,8897535,8897869,8903049,8903064,8903076,8903099,8903103,8903105,8903122,8903123,8903125,8903128,8903132,8903531,8903539,8903563,8903568,8903594,8903599,8904004,8904014,8904020,8904031,8904037,8904056,8904059,8904063,9104939,9130903,9131544,9139541,9203023,9203067,9203116,9278395,9351038,9387947,9397722,9409325,9514351,9514357,9612423,9612517,9612648,9629921,9696006,9696064,9696100,9703331,9703486,9703627,9719551,9720613,9721538,9721695,9721702,9721705,9721709,9721710,9755110,9755385,9854757,9906851,9906874,9910363,9990666,9990685,9990686,10095363,10095797,10096001,10193236,10193384,10193807,10310290,10359145,10359204,10476365,10476464,10476611,10477525,10502301,10503758,10503885,10522118,10535412,10588065,10588071,10588162,10635997,10651842,10666631,10685105,10686491,10686495,10697806,10697843,10769787,10919956,10953320,10997851,10997980,10998089,10998386,10998397,10998435,10998569,10998579,11057024,11152558,11154187,11194193,11245943,11332680,11346958,11350004,11350005,11387804,11395097,11395212,11396897,11396924,11396962,11397033,11397135,11397140,11397143,11397144,11397147,11397214,11397215,11397216,11397217,11397218,11397960,11400745,11401196,11401197,11401392,11401427,11401493,11401640,11401724,11401976,11402069,11402079,11402096,11403979,11404377,11404384,11408351,11414595,11415196,11415197,11416031,11416034,11416120,11416161,11416324,11416553,11416714,11416754,11416984,11417111,11417621,11417683,11417716,11417751,11418099,11418103,11421607,11421608,11421620,11428320,11428379,11428382,11455715,11460659,11460890,11460892,11460901,11461357,11461368,11461404,11461722,11468652,11468653,11468655,11468676,11468681,11468684,11475669,11475694,11476530,11481965,11487671,11488866,11490520,11490827,11490868,11496300,11496628,11496649,11497244,11497486,11497968,11515690,11517479,11517532,11543793,11543906,11549890,11550201,11550202,11550203,11577232,11584353,11584887,11585480,11589019,11589113,11589120,11597342,11597367,11597472,11609630,11610899,11611100,11611338,11614059,11615411,11615420,11615446,11615498,11615501,11615504,11621887,11623768,11629337,11629339,11629401,11629580,11635203,11635277,11639299,11644447,11645614,11645616,11645617,11645658,11645659,11645660,11646244,11646540,11646635,11646660,11646737,11646758,11646798,11646818,11646842,11662987,11666805,11666880,11666886,11666910,11666918,11666976,11666994,11676263,11676270,11676293,11676312,11676368,11676415,11676451,11676455,11683311,11684178,11689123,11697904,11708513,11723817,11723818,11723861,11734201,11735165,11735305,11762514,11762691,11783343,11784015,11784931,11784993,11785011,11798208,11800129,11815343,11815391,11830759,11830841,11830975,11831346,11831372,11831539,11831549,11844423,11844425,11850207,11850209,11868176,11877510,11878882,11903230,11923402,11923553,11923569,11923571,11923657,11923673,11923736,11923737,11923739,11933607,11950397,11959998,11960028,11965353,11965440,11966901,11969715,11969801,11969866,11998069,11998156,12018471,12018822,12019250,12040619,12040854,12051550,12085845,12085852,12085930,12086375,12086624,12086628,12089273,12089504,12097231,12097501,12097542,12112378,12123555,12147846,12148109,12148144,12149117,12152120,12153186,12167992,12192400,12259785,12260127,12265565,12281316,12295255,12313833,12313922,12339057,12341877,12352272,12352686,12354121,12354122,12360312,12360381,12360409,12360462,12361864,12363145,12386789,12398074,12398113,12398378,12398381,12398504,12398509,12420753,12422577,12422611,12431515,12431517,12431978,12431992,12439905,12439907,12439909,12439912,12441386,12441481,12441510,12441534,12449202,12475965,12476042,12478711,12485943,12486269,12491060,12491062,12491069,12496885,12496889,12496896,12496903,12509636,12509663,12509666,12511664,12511728,12512481,12512497,12514254,12514258,12514259,12523410,12524165,12524190,12531093,12531215,12532951,12537147,12540453,12540458,12540504,12540622,12540637,12540684,12540821,12540930,12540932,12540934,12540935,12540941,12540942,12540944,12541090,12541116,12547910,12548079,12563220,12563442,12569091,12569109,12569915,12569976,12577340,12581719,12582312,12582313,12582329,12582452,12582536,12602522,12602557,12605925,12605958,12606093,12606151,12606168,12606214,12606227,12615985,12619760,12619773,12619803,12619812,12640901,12641206,12641243,12641682,12641809,12664238,12664319,12664996,12665004,12665396,12665413,12665421,12665439,12665455,12665461,12665475,12665487,12665495,12665500,12665503,12665525,12665546,12665547,12665597,12665601,12665607,12673380,12673381,12673382,12673464,12673465,12673466,12678055,12678172,12678221,12678226,12678237,12678299,12678359,12678463,12678488,12679930,12679980,12680219,12680220,12680222,12680286,12680287,12680288,12680289,12680415,12680416,12680421,12680422,12680547,12680555,12680601,12680602,12680650,12680663,12680669,12680670,12680738,12680769,12680771,12683429,12683434,12683503,12683505,12684229,12711824,12711834,12711888,12711901,12711998,12712007,12756221,12756544,12758212,12758217,12758706,12758709,12759543,12772370,12789220,12819638,12819641,12819731,12819732,12821228,12821232,12832058,12832408,12832429,12833471,12833555,12833582,12844715,12850910,12850918,12850920,12850967,12850982,12851052,12851887,12853335,12853406,12855587,12855588,12855593,12856316,12856317,12856352,12856353,12865755,12866030,12866078,12866196,12881237,12881625,12882278,12882663,12882964,12883397,12885363,12885422,12885453,12885505,12885592,12885613,12885663,12885862,12885905,12885918,12885923,12885927,12885985,12885990,12886005,12886680,12907847,12909272,12909273,12912682,12921648,12921769,12921826,12921855,12922024,12922087,12923143,12923684,12923704,12923773,12923936,12923939,12923998,12924001,12924874,12924902,12924912,12924956,12924975,12924990,12925005,12925090,12925181,12925195,12925241,12925261,12925400,12925442,12925508,12925517,12925633,12925873,12926824,12926843,12926883,12926944,12926953,12926973,12926981,12927175,12927269,12927332,12927414,12927418,12927744,12927838,12927922,12928066,12928149,12928164,12928182,12929571,12929597,12929716,12929815,12929978,12929989,12930024,12930043,12930100,12930131,12930164,12934254,12934305,12934411,12934440,12934450,12934452,12934495,12934513,12934588,12934594,12934611,12934639,12934673,12934687,12934696,12934700,12934710,12934763,12934815,12934845,12935224,12935234,12935279,12935281,12935317,12935345,12935397,12935507,12935534,12935633,12935860,12935899,12935934,12935954,12935966,12936000,12936069,12936101,12936983,12937233,12937283,12937313,12937393,12937404,12937424,12937904,12937962,12938122,12938523,12938579,12938617,12938638,12938691,12939517,12940043,12940181,12940372,12940871,12947134,12947167,12947207,12947216,12948248,12948375,12948428,12948498,12948741,12948794,12950687,12953811,12953815,12953843,12954030,12969597,12969640,12971115,12971765,12971885,12983798,12983859,12986083,12986160,12986291,12986844,12987733,12996965,12997777,12997845,12997849,13008703,13008708,13009209,13011063,13011066,13012364,13020630,13021375,13022053,13022072,13037641,13037645,13037884,13046784,13056244,13059704,13059741,13115728,13135619,13136828,13158557,13158567,13158580,13158584,13173610,13175848,13175893,13175937,13175972,13176001,13176069,13176161,13176365,13176390,13176420,13176558,13180060,13201287,13201333,13201431,13227834,13227878,13227899,13228461,13228467,13228472,13229742,13229964,13230150,13230158,13247905,13379501,13379527,13404253,13404255,13404256,13426762,13426768,13442957,13444808,13445193,13499528,13499558,13499559,13509560,13519091,13521499,13562887,13576597,13581270,13585037,13585042,13586704,13586711,13586718,13586720,13590402,13590478,13590485,13590826,13590912,13591338,13591340,13591456,13593057,13593120,13593124,13593413,13593470,13593489,13593491,13593492,13593952,13593953,13593955,13595060,13595186,13595202,13595232,13595280,13604577,13604579,13611236,13611921,13611926,13611928,13611930,13611932,13611935,13611950,13611955,13611957,13611959,13611960,13611961,13611962,13611980,13611981,13611990,13612010,13612013,13612026,13612030,13612056,13612507,13612510,13612514,13612515,13615293,13615363,13624271,13624335,13624366,13627530,13637445,13637541,13639429,13639559,13639822,13639829,13643700,13643723,13643732,13643747,13643753,13643758,13643773,13646588,13646593,13648302,13648333,13648334,13648335,13648336,13648337,13648338,13648396,13648398,13648400,13648401,13651559,13651660,13651676,13651682,13651716,13651764,13651797,13651823,13651854,13651874,13651905,13652073,13652074,13652082,13652086,13652091,13652092,13652097,13652098,13652406,13652414,13652431,13652432,13652441,13652458,13652463,13652502,13652504,13652553,13652554,13652652,13652667,13652685,13652686,13652691,13652693,13652706,13652707,13652888,13655571,13655675,13655677,13655748,13655759,13655772,13655774,13655815,13655816,13655928,13655929,13656062,13656068,13656075,13656076,13656137,13656139,13656166,13656167,13656224,13656403,13656413,13656414,13656698,13656703,13656715,13656731,13657593,13657599,13657611,13657612,13657646,13657863,13657864,13657881,13657883,13657884,13657887,13657908,13657921,13660900,13660902,13660918,13660927,13660928,13660964,13660965,13661137,13661139,13661201,13661204,13661205,13661212,13661213,13661995,13662002,13662009,13662012,13662013,13662086,13662102,13662113,13662132,13662133,13662145,13662146,13662230,13662241,13662276,13662293,13662295,13663428,13663432,13663437,13663450,13684419,13684437,13703524,13703900,13703963,13704004,13726085,13726630,13728187,13728188,13728189,13729253,13737386,13746660,13754902,13755175,13755177,13755793,13756319,13759146,13759454,13759508,13759747,13783001,13783005,13783013,13783058,13788357,13789606,13790210,13790356,13790443,13790445,13790446,13822025,13827326,13827616,13828767,13828768,13828769,13828942,13828948,13828950,13832725,13832749,13849058,13849117,13850343,13850357,13850393,13850549,13850802,13850854,13850880,13850899,13850948,13851106,13854071,13886580,13889445,13889455,13889486,13889961,13889975,13889994,13890227,13890239,13890240,13890241,13890463,13895571,13895572,13897024,13905793,13906529,13906564,13906592,13917417,13918132,13918133,13919181,13919183,13930356,13931368,13933484,13944490,13944551,13944643,13951734,13951831,13955623,13955624,13962873,13962978,13964343,13964344,13970253,13970255,14004524,14006771,14011339,14012185,14012197,14012277,14012280,14020547,14023284,14045762,14045763,14045764,14077128,14077134],"i":7,"c":7,"t":"h","m":"null","vi":0,"vc":0,"hf":0,"x":{}}&advid=5189423&xur=lp.clevernetwork.pt/pokerstars/aa/?group=48188&id=495034&ref=aHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw==&r=714132450&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkP&adata={"c":{"ref_url":"","ref_ts":0,"page_url":"","dm":""},"v":{"vis_cnt":0,"frst_vis_ts":1614412219,"prev_vis_ts":0,"curr_vis_ts":1614412219,"total_page_cnt":0,"prev_page_cnt":0,"curr_page_cnt":1}}
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
px
secure.adnxs.com/ Frame A3A0 		43 B
971 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=645001&t=2
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:19 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.79:80
AN-X-Request-Uuid
3b732ab1-3fb8-47aa-b9e4-2c67e4d7a2d6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
seg
secure.adnxs.com/ Frame A3A0 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/seg?add=4232218&t=2
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:19 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.79:80
AN-X-Request-Uuid
ff5faba0-b8d7-4447-9e3f-7fd392b4704b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
its.tradelab.fr/ Frame A3A0
Redirect Chain
  • https://ib.adnxs.com/getuid?//its.tradelab.fr/?type=fseg&uuid2=$UID&sid=4232218&val=undefined&fun=825&step=1&siev=4232212&fp=0&advid=5189423&isregen=0&ua=Mozilla%252F5.0%2520(Macintosh%253B%2520Int...
  • https://its.tradelab.fr/?type=fseg&uuid2=2660798561965089759&sid=4232218&val=undefined&fun=825&step=1&siev=4232212&fp=0&advid=5189423&isregen=0&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%2...
43 B
889 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://its.tradelab.fr/?type=fseg&uuid2=2660798561965089759&sid=4232218&val=undefined&fun=825&step=1&siev=4232212&fp=0&advid=5189423&isregen=0&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&ur=https%3A%2F%2Flp.clevernetwork.pt%2Fpokerstars%2Faa%2F%3Fgroup%3D48188%26id%3D495034%26ref%3DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D%26r%3D714132450%26tracker%3DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A%3D&adata={%22c%22:{%22ref_url%22:%22%22,%22ref_ts%22:0,%22page_url%22:%22%22,%22dm%22:%22%22},%22v%22:{%22vis_cnt%22:0,%22frst_vis_ts%22:1614412219,%22prev_vis_ts%22:0,%22curr_vis_ts%22:1614412219,%22total_page_cnt%22:0,%22prev_page_cnt%22:0,%22curr_page_cnt%22:1}}
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.212.64.229 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.17.7 / Tradelab ITS / node1.tradelab.fr
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:19 GMT
Server
nginx/1.17.7
X-Powered-By
Tradelab ITS / node1.tradelab.fr
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*

Redirect headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:19 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.41:80
AN-X-Request-Uuid
59e41a9e-da29-4377-a44f-dbb061f36543
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
//its.tradelab.fr/?type=fseg&uuid2=2660798561965089759&sid=4232218&val=undefined&fun=825&step=1&siev=4232212&fp=0&advid=5189423&isregen=0&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&ur=https%3A%2F%2Flp.clevernetwork.pt%2Fpokerstars%2Faa%2F%3Fgroup%3D48188%26id%3D495034%26ref%3DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D%26r%3D714132450%26tracker%3DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A%3D&adata={"c":{"ref_url":"","ref_ts":0,"page_url":"","dm":""},"v":{"vis_cnt":0,"frst_vis_ts":1614412219,"prev_vis_ts":0,"curr_vis_ts":1614412219,"total_page_cnt":0,"prev_page_cnt":0,"curr_page_cnt":1}}
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
d9core
d9.flashtalking.com/ Frame F32C 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d9.flashtalking.com/d9core
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?ft_referrer=https%3A//www.pokerstars.com/ua/&ns=https%3A//lp.clevernetwork.pt/pokerstars/aa/%3Fgroup%3D48188%26id%3D495034%26ref%3DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D%26r%3D714132450%26tracker%3DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A%3D&cb=491662.8994843322
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.118.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
6fedd0f540a8e931e36c7ba9a04eff576ae2028c24641b8b079e22a8dfd01e40

Request headers

Referer
https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?ft_referrer=https%3A//www.pokerstars.com/ua/&ns=https%3A//lp.clevernetwork.pt/pokerstars/aa/%3Fgroup%3D48188%26id%3D495034%26ref%3DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D%26r%3D714132450%26tracker%3DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A%3D&cb=491662.8994843322
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:50:19 GMT
Content-Encoding
gzip
Server
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
ETag
c1371f93b03ae0af7d575e3774a51128
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
d9.flashtalking.com
Cache-Control
private, must-revalidate, proxy-revalidate, max-age=172800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript;charset=utf-8
Content-Length
3903
/
servedby.flashtalking.com/spot/1/18308;120607;12865/ Frame F32C 		42 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servedby.flashtalking.com/spot/1/18308;120607;12865/?ft_referrer=https%3A//www.pokerstars.com/ua/&ns=https%3A//lp.clevernetwork.pt/pokerstars/aa/%3Fgroup%3D48188%26id%3D495034%26ref%3DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D%26r%3D714132450%26tracker%3DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A%3D&cb=491662.8994843322&ft_guid=48061E108CC5C4&ft_log=1&ft_trackID=16144122-1917-9470-CD2E-E6B71381A3CC&ft_guidCreated=1
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?ft_referrer=https%3A//www.pokerstars.com/ua/&ns=https%3A//lp.clevernetwork.pt/pokerstars/aa/%3Fgroup%3D48188%26id%3D495034%26ref%3DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D%26r%3D714132450%26tracker%3DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A%3D&cb=491662.8994843322
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
prod-xre-app49.frk11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?ft_referrer=https%3A//www.pokerstars.com/ua/&ns=https%3A//lp.clevernetwork.pt/pokerstars/aa/%3Fgroup%3D48188%26id%3D495034%26ref%3DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D%26r%3D714132450%26tracker%3DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A%3D&cb=491662.8994843322
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:19 GMT
Server
prod-xre-app49.frk11
X-HW
1614412219.dop014.fr8.t,1614412219.cds122.fr8.shn,1614412219.dop014.fr8.t,1614412219.cds015.fr8.sc,1614412219.cds015.fr8.p
Content-Type
image/gif
Cache-Control
no-cache,no-store
Connection
Keep-Alive
Content-Length
42
1
tapestry.tapad.com/tapestry/ Frame F32C 		95 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tapestry.tapad.com/tapestry/1?ta_partner_id=2035&ta_partner_did=48061E108CC5C4&ta_format=png
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?ft_referrer=https%3A//www.pokerstars.com/ua/&ns=https%3A//lp.clevernetwork.pt/pokerstars/aa/%3Fgroup%3D48188%26id%3D495034%26ref%3DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D%26r%3D714132450%26tracker%3DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A%3D&cb=491662.8994843322
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?ft_referrer=https%3A//www.pokerstars.com/ua/&ns=https%3A//lp.clevernetwork.pt/pokerstars/aa/%3Fgroup%3D48188%26id%3D495034%26ref%3DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D%26r%3D714132450%26tracker%3DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A%3D&cb=491662.8994843322
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:19 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/png
alt-svc
clear
content-length
95
/
www.googleadservices.com/pagead/conversion/752674712/ Frame C9F3 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/752674712/?random=1614412219396&cv=9&fst=1614412219396&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLmp4JbKie8CFQLs7QodtV8Bqw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D119028166756485%3Bord%3D5006243135152.868%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.com%252Fua%252F&ref=https%3A%2F%2Fwww.pokerstars.com%2Fua%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
3bd9da794fa375aee93286d9e81db9dfbf6f2a29973e83a56335f766c5004d26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8954552.fls.doubleclick.net/activityi;dc_pre=CLmp4JbKie8CFQLs7QodtV8Bqw;src=8954552;type=rmcom0;cat=sg_we0;u27=119028166756485;ord=5006243135152.868;~oref=https%3A%2F%2Fwww.pokerstars.com%2Fua%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Feb 2021 07:50:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1219
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/702974000/ Frame C9F3 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/702974000/?random=1614412219400&cv=9&fst=1614412219396&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLmp4JbKie8CFQLs7QodtV8Bqw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D119028166756485%3Bord%3D5006243135152.868%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.com%252Fua%252F&ref=https%3A%2F%2Fwww.pokerstars.com%2Fua%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
33f01d65270e23c80673c17239a33cce4f78c9505bfc323b99058691214aed3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8954552.fls.doubleclick.net/activityi;dc_pre=CLmp4JbKie8CFQLs7QodtV8Bqw;src=8954552;type=rmcom0;cat=sg_we0;u27=119028166756485;ord=5006243135152.868;~oref=https%3A%2F%2Fwww.pokerstars.com%2Fua%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Feb 2021 07:50:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1222
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/702974000/ Frame C9F3
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/702974000/?random=431739688&cv=9&fst=1614412219396&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w...
  • https://www.google.com/pagead/1p-conversion/702974000/?random=431739688&cv=9&fst=1614412219396&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=...
  • https://www.google.de/pagead/1p-conversion/702974000/?random=431739688&cv=9&fst=1614412219396&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/702974000/?random=431739688&cv=9&fst=1614412219396&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLmp4JbKie8CFQLs7QodtV8Bqw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D119028166756485%3Bord%3D5006243135152.868%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.com%252Fua%252F&ref=https%3A%2F%2Fwww.pokerstars.com%2Fua%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=u_k5YNWhHMbfzQbb-5WgAw&cid=CAQSKQCNIrLM0xp924kGrTr8RtzdvAEoPC6VkIb3ho_8736p9XU7DSzTvbX3&random=689143611&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: 8954552.fls.doubleclick.net
URL: https://8954552.fls.doubleclick.net/activityi;dc_pre=CLmp4JbKie8CFQLs7QodtV8Bqw;src=8954552;type=rmcom0;cat=sg_we0;u27=119028166756485;ord=5006243135152.868;~oref=https%3A%2F%2Fwww.pokerstars.com%2Fua%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8954552.fls.doubleclick.net/activityi;dc_pre=CLmp4JbKie8CFQLs7QodtV8Bqw;src=8954552;type=rmcom0;cat=sg_we0;u27=119028166756485;ord=5006243135152.868;~oref=https%3A%2F%2Fwww.pokerstars.com%2Fua%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Feb 2021 07:50:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Feb 2021 07:50:19 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/702974000/?random=431739688&cv=9&fst=1614412219396&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLmp4JbKie8CFQLs7QodtV8Bqw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D119028166756485%3Bord%3D5006243135152.868%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.com%252Fua%252F&ref=https%3A%2F%2Fwww.pokerstars.com%2Fua%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=u_k5YNWhHMbfzQbb-5WgAw&cid=CAQSKQCNIrLM0xp924kGrTr8RtzdvAEoPC6VkIb3ho_8736p9XU7DSzTvbX3&random=689143611&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/752674712/ Frame C9F3
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/752674712/?random=1799766536&cv=9&fst=1614412219396&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_...
  • https://www.google.com/pagead/1p-conversion/752674712/?random=1799766536&cv=9&fst=1614412219396&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw...
  • https://www.google.de/pagead/1p-conversion/752674712/?random=1799766536&cv=9&fst=1614412219396&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/752674712/?random=1799766536&cv=9&fst=1614412219396&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLmp4JbKie8CFQLs7QodtV8Bqw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D119028166756485%3Bord%3D5006243135152.868%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.com%252Fua%252F&ref=https%3A%2F%2Fwww.pokerstars.com%2Fua%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=u_k5YMikHIKe-wbQlJDIAw&cid=CAQSKQCNIrLM_Qqc9DEufUk9Ov0fjvyH4sCyibZDeDxNCvDNKcmMqgAeBPcr&random=3480098906&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: 8954552.fls.doubleclick.net
URL: https://8954552.fls.doubleclick.net/activityi;dc_pre=CLmp4JbKie8CFQLs7QodtV8Bqw;src=8954552;type=rmcom0;cat=sg_we0;u27=119028166756485;ord=5006243135152.868;~oref=https%3A%2F%2Fwww.pokerstars.com%2Fua%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8954552.fls.doubleclick.net/activityi;dc_pre=CLmp4JbKie8CFQLs7QodtV8Bqw;src=8954552;type=rmcom0;cat=sg_we0;u27=119028166756485;ord=5006243135152.868;~oref=https%3A%2F%2Fwww.pokerstars.com%2Fua%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Feb 2021 07:50:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Feb 2021 07:50:19 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/752674712/?random=1799766536&cv=9&fst=1614412219396&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLmp4JbKie8CFQLs7QodtV8Bqw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D119028166756485%3Bord%3D5006243135152.868%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.com%252Fua%252F&ref=https%3A%2F%2Fwww.pokerstars.com%2Fua%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=u_k5YMikHIKe-wbQlJDIAw&cid=CAQSKQCNIrLM_Qqc9DEufUk9Ov0fjvyH4sCyibZDeDxNCvDNKcmMqgAeBPcr&random=3480098906&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
lgc
d9.flashtalking.com/ Frame F32C 		103 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d9.flashtalking.com/lgc
Requested by
Host: d9.flashtalking.com
URL: https://d9.flashtalking.com/d9core
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.118.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
40b94bce99da2352b2dc1219887b07c998f46dcd2b7c6f2e8b6f11468269c86a

Request headers

Referer
https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?ft_referrer=https%3A//www.pokerstars.com/ua/&ns=https%3A//lp.clevernetwork.pt/pokerstars/aa/%3Fgroup%3D48188%26id%3D495034%26ref%3DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D%26r%3D714132450%26tracker%3DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A%3D&cb=491662.8994843322
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Sat, 27 Feb 2021 07:50:19 GMT
Content-Encoding
gzip
Server
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
https://servedby.flashtalking.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=ISO-8859-1
Content-Length
79
seg
secure.adnxs.com/ Frame A3A0 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/seg?add=2491894:59&t=2
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:19 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.151:80
AN-X-Request-Uuid
83e4b158-462e-4ee2-ba7f-fb9b4e7679e0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
4824.js
cdn.tradelab.fr/fseg/ Frame A3A0 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tradelab.fr/fseg/4824.js?add=25237860
Requested by
Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/tag/c292f111f4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CAA) /
Resource Hash
e70dd2b13f3165a85a871f1863b5f17c7a68e961e2a2788a0921a630edf01bcc

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:19 GMT
content-encoding
gzip
last-modified
Mon, 25 Jan 2021 13:20:52 GMT
server
ECAcc (mil/6CAA)
age
697
etag
"1bc0-5b9b9683b9159-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length
2596
expires
Sat, 27 Feb 2021 08:20:19 GMT
seg.js
cdn.tradelab.fr/ Frame A3A0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tradelab.fr/seg.js?add=25695650
Requested by
Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/tag/c292f111f4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C0E) /
Resource Hash
4bcdad591e993084f420f4d2e05541355f3ef0a185dbe15b2cd1e8fd614039b7

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:19 GMT
content-encoding
gzip
last-modified
Wed, 06 Sep 2017 13:08:13 GMT
server
ECAcc (mil/6C0E)
age
552
etag
"a7c-558850954180e-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length
1107
expires
Sat, 27 Feb 2021 08:20:19 GMT
/
its.tradelab.fr/ Frame A3A0 		43 B
900 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://its.tradelab.fr/?type=tp&advid=5189423&uuid=6067240996250080839&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1614412220%2C%22page_url%22%3A%22lp.clevernetwork.pt%2Fpokerstars%2Faa%2F%3Fgroup%3D48188%26id%3D495034%26ref%3DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D%26r%3D714132450%26tracker%3DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkP%22%2C%22dm%22%3A%22pokerstars.com%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1614412219%2C%22prev_vis_ts%22%3A1614412219%2C%22curr_vis_ts%22%3A1614412220%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.212.64.229 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.17.7 / Tradelab ITS / node3.tradelab.fr
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:19 GMT
Server
nginx/1.17.7
X-Powered-By
Tradelab ITS / node3.tradelab.fr
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
dc_pre=CIrZ6pbKie8CFeNBFQgdyLgByw;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3200406439142.491
adservice.google.com/ddm/fls/z/ Frame D343 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CIrZ6pbKie8CFeNBFQgdyLgByw;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3200406439142.491
Requested by
Host: 8526803.fls.doubleclick.net
URL: https://8526803.fls.doubleclick.net/activityi;dc_pre=CIrZ6pbKie8CFeNBFQgdyLgByw;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3200406439142.491?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8526803.fls.doubleclick.net/activityi;dc_pre=CIrZ6pbKie8CFeNBFQgdyLgByw;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3200406439142.491?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Feb 2021 07:50:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
seg
secure.adnxs.com/ Frame A3A0 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/seg?add=25695650&t=2
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:19 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.87:80
AN-X-Request-Uuid
b68893e8-dca4-4272-95ac-e8f8f57a6592
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
its.tradelab.fr/ Frame A3A0 		43 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://its.tradelab.fr/?type=seg&uuid2=2660798561965089759&sid=25695650&val=null&fp=0&advid=5189423&isregen=0&ua=Mozilla%252F5.0%2520(Macintosh%253B%2520Intel%2520Mac%2520OS%2520X%252010_14_5)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F83.0.4103.61%2520Safari%252F537.36&ur=https%253A%252F%252Flp.clevernetwork.pt%252Fpokerstars%252Faa%252F%253Fgroup%253D48188%2526id%253D495034%2526ref%253DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%253D%253D%2526r%253D714132450%2526tracker%253DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%252FYnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A%253D
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.212.64.229 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.17.7 / Tradelab ITS / node5.tradelab.fr
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:19 GMT
Server
nginx/1.17.7
X-Powered-By
Tradelab ITS / node5.tradelab.fr
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
1432216.js
cdn.tradelab.fr/conv/ Frame A3A0 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tradelab.fr/conv/1432216.js
Requested by
Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/fseg/4824.js?add=25237860
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C5B) /
Resource Hash
dbcf0f829c381f9c05e87265ef3580597acf870cb8dfc2b4525f7eedacf07705

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:19 GMT
content-encoding
gzip
last-modified
Thu, 25 Feb 2021 18:53:58 GMT
server
ECAcc (mil/6C5B)
age
705
etag
"152f-5bc2dac8dfd6d-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length
1844
expires
Sat, 27 Feb 2021 08:20:19 GMT
/
servedby.flashtalking.com/track/120607;12865;403;16144122-1917-9470-CD2E-E6B71381A3CC/ Frame F32C 		42 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servedby.flashtalking.com/track/120607;12865;403;16144122-1917-9470-CD2E-E6B71381A3CC/?ft_data=d9:e7046bb306304039b0f382cca182d5ba;d9s:e7046bb306304039b0f382cca182d5ba&cachebuster=280245.3576288544
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
prod-xre-app52.frk11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?ft_referrer=https%3A//www.pokerstars.com/ua/&ns=https%3A//lp.clevernetwork.pt/pokerstars/aa/%3Fgroup%3D48188%26id%3D495034%26ref%3DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D%26r%3D714132450%26tracker%3DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A%3D&cb=491662.8994843322
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:19 GMT
Server
prod-xre-app52.frk11
X-HW
1614412219.dop014.fr8.t,1614412219.cds122.fr8.shn,1614412219.dop014.fr8.t,1614412219.cds015.fr8.sc,1614412219.cds015.fr8.p
P3P
policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Type
image/gif
Content-Length
42
Expires
Fri, 01 Jan 1990 00:00:00 GMT
1
tapestry.tapad.com/tapestry/ Frame F32C 		95 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tapestry.tapad.com/tapestry/1?ta_partner_id=2176&ta_partner_did=e7046bb306304039b0f382cca182d5ba&ta_format=png
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?ft_referrer=https%3A//www.pokerstars.com/ua/&ns=https%3A//lp.clevernetwork.pt/pokerstars/aa/%3Fgroup%3D48188%26id%3D495034%26ref%3DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D%26r%3D714132450%26tracker%3DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A%3D&cb=491662.8994843322
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:19 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/png
alt-svc
clear
content-length
95
/
its.tradelab.fr/ Frame A3A0 		43 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://its.tradelab.fr/?type=convr&x=1&cdata=%7B%22a%22%3A1432216%2C%22l%22%3A%5B14084295%2C14084296%2C14084297%2C14084298%2C14084299%2C14084300%2C14084301%2C14084302%2C14084303%2C14084304%2C14087289%2C14087695%2C14087696%2C14087698%2C14087699%2C14087700%2C14087701%2C14087702%2C14087703%2C14087704%2C14087705%2C14087707%2C14087758%2C14088588%2C14088589%2C14088590%2C14088591%2C14088592%2C14088614%2C14088615%2C14088616%2C14088617%2C14088618%2C14088619%2C14088620%2C14088621%2C14088833%2C14088834%2C14088835%2C14088836%2C14088837%2C14088838%2C14088839%2C14088840%2C14088841%2C14088842%2C14088843%2C14088844%2C14088845%2C14088846%2C14088928%2C14088929%2C14088930%2C14088931%2C14088932%2C14088933%2C14088934%2C14088935%2C14088956%2C14088967%2C14089013%2C14089014%2C14089015%2C14089016%2C14089017%2C14089018%2C14089019%2C14089020%2C14089021%2C14089022%2C14089023%2C14089024%2C14089025%2C14089026%5D%2C%22i%22%3A7%2C%22c%22%3A30%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=5189423&xur=lp.clevernetwork.pt%2Fpokerstars%2Faa%2F%3Fgroup%3D48188%26id%3D495034%26ref%3DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D%26r%3D714132450%26tracker%3DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkP&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1614412220%2C%22page_url%22%3A%22lp.clevernetwork.pt%2Fpokerstars%2Faa%2F%3Fgroup%3D48188%26id%3D495034%26ref%3DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D%26r%3D714132450%26tracker%3DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkP%22%2C%22dm%22%3A%22pokerstars.com%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1614412219%2C%22prev_vis_ts%22%3A1614412219%2C%22curr_vis_ts%22%3A1614412220%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.212.64.229 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.17.7 / Tradelab ITS / node4.tradelab.fr
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:19 GMT
Server
nginx/1.17.7
X-Powered-By
Tradelab ITS / node4.tradelab.fr
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
px
secure.adnxs.com/ Frame A3A0 		43 B
971 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=1432216&t=2
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:19 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.59:80
AN-X-Request-Uuid
1d1b5177-8efe-4b96-9235-08ea21dfb745
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
seg
secure.adnxs.com/ Frame A3A0 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/seg?add=25237860&t=2
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:19 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.91:80
AN-X-Request-Uuid
73d2e2da-a94b-47ea-9a81-abe0ad6c44dd
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
its.tradelab.fr/ Frame A3A0 		43 B
933 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://its.tradelab.fr/?type=fseg&uuid2=2660798561965089759&sid=25237860&val=undefined&fun=4824&step=1&siev=25237855&fp=0&advid=5189423&isregen=0&ua=Mozilla%252F5.0%2520(Macintosh%253B%2520Intel%2520Mac%2520OS%2520X%252010_14_5)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F83.0.4103.61%2520Safari%252F537.36&ur=https%253A%252F%252Flp.clevernetwork.pt%252Fpokerstars%252Faa%252F%253Fgroup%253D48188%2526id%253D495034%2526ref%253DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%253D%253D%2526r%253D714132450%2526tracker%253DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%252FYnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A%253D&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1614412220%2C%22page_url%22%3A%22lp.clevernetwork.pt%2Fpokerstars%2Faa%2F%3Fgroup%3D48188%26id%3D495034%26ref%3DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D%26r%3D714132450%26tracker%3DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkP%22%2C%22dm%22%3A%22pokerstars.com%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1614412219%2C%22prev_vis_ts%22%3A1614412219%2C%22curr_vis_ts%22%3A1614412220%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.212.64.229 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.17.7 / Tradelab ITS / node2.tradelab.fr
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:19 GMT
Server
nginx/1.17.7
X-Powered-By
Tradelab ITS / node2.tradelab.fr
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
/
www.facebook.com/tr/ Frame A3A0 		44 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1152875091428286&ev=Microdata&dl=https%3A%2F%2Fwww.pokerstars.com%2Fua%2F&rl=https%3A%2F%2Flp.clevernetwork.pt%2Fpokerstars%2Faa%2F%3Fgroup%3D48188%26id%3D495034%26ref%3DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D%26r%3D714132450%26tracker%3DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A%3D&if=true&ts=1614412220658&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD-%D0%BF%D0%BE%D0%BA%D0%B5%D1%80%20-%20%D0%93%D1%80%D0%B0%D0%B9%D1%82%D0%B5%20%D0%B2%20%D0%BF%D0%BE%D0%BA%D0%B5%D1%80%D0%BD%D1%96%20%D1%96%D0%B3%D1%80%D0%B8%20%D0%BD%D0%B0%20PokerStars%22%2C%22meta%3Adescription%22%3A%22%D0%9F%D1%80%D0%B8%D1%94%D0%B4%D0%BD%D1%83%D0%B9%D1%82%D0%B5%D1%81%D1%8F%20%D0%B4%D0%BE%20PokerStars%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20%E2%80%93%20%D0%BD%D0%B0%D0%B9%D0%BF%D0%BE%D0%BF%D1%83%D0%BB%D1%8F%D1%80%D0%BD%D1%96%D1%88%D0%B8%D0%B9%20%D1%83%20%D1%81%D0%B2%D1%96%D1%82%D1%96%20%D0%BF%D0%BE%D0%BA%D0%B5%D1%80%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%B7%20%D0%BD%D0%B0%D0%B9%D0%BA%D1%80%D0%B0%D1%89%D0%B8%D0%BC%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD-%D1%82%D1%83%D1%80%D0%BD%D1%96%D1%80%D0%B0%D0%BC%D0%B8.%20%D0%A7%D1%83%D0%B4%D0%BE%D0%B2%D1%96%20%D0%BF%D1%80%D0%BE%D0%BF%D0%BE%D0%B7%D0%B8%D1%86%D1%96%D1%97%20%D0%B4%D0%BB%D1%8F%20%D0%BD%D0%BE%D0%B2%D0%B8%D1%85%20%D0%B3%D1%80%D0%B0%D0%B2%D1%86%D1%96%D0%B2%2C%20%D0%BD%D0%B5%20%D0%B7%D0%B2%D0%BE%D0%BB%D1%96%D0%BA%D0%B0%D0%B9%D1%82%D0%B5!%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&ud[external_id]=8c89c6f6f53511959772635d8109ac81a8df7eea1b3788bb04e6e89f80f708c5&v=2.9.33&r=stable&ec=1&o=30&it=1614412219117&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:20 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 27 Feb 2021 07:50:20 GMT
summary.json.js
www.psimg.com/datafeed/dyn_banners/ Frame A3A0 		526 B
838 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.psimg.com/datafeed/dyn_banners/summary.json.js?callback=netcount
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.87.180.198 , Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
Apache /
Resource Hash
2ae81359bc55c3f1a2da79f7f4da133d74d62c703f8463405f9d222690471f57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:50:24 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Feb 2021 07:50:19 GMT
Server
Apache
ETag
"20e-5bc4ca2e1187e-gzip"
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=223
Content-Length
278
825.js
cdn.tradelab.fr/fseg/ Frame A3A0 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tradelab.fr/fseg/825.js?add=4232220
Requested by
Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/tag/c292f111f4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C0E) /
Resource Hash
a77b03ac59bedd835e6261c2e0243a81824107314f736763c991f74f6c9528c4

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:24 GMT
content-encoding
gzip
last-modified
Thu, 26 Mar 2020 14:24:44 GMT
server
ECAcc (mil/6C0E)
age
1730
etag
"20b1-5a1c2bf055fd2-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length
2723
expires
Sat, 27 Feb 2021 08:20:24 GMT
645002.js
cdn.tradelab.fr/conv/ Frame A3A0 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tradelab.fr/conv/645002.js
Requested by
Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/fseg/825.js?add=4232220
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C5B) /
Resource Hash
45b71a7a36718d83840240c4b86fc9dd385f797bea63b3ee3b625e25163e8458

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:24 GMT
content-encoding
gzip
last-modified
Wed, 24 Feb 2021 16:09:24 GMT
server
ECAcc (mil/6C5B)
age
623
etag
"459e-5bc1742308e32-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length
6609
expires
Sat, 27 Feb 2021 08:20:24 GMT
/
its.tradelab.fr/ Frame A3A0 		43 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://its.tradelab.fr/?type=convr&x=1&cdata=%7B%22a%22%3A645002%2C%22l%22%3A%5B2911043%2C3374860%2C3374870%2C3374871%2C3375631%2C3375634%2C3375636%2C3375869%2C3485777%2C3610728%2C4139570%2C4139577%2C5229563%2C5512754%2C5523904%2C5527627%2C5577407%2C5577415%2C5683612%2C5707327%2C5707518%2C5729834%2C5751995%2C5752074%2C5772094%2C5772112%2C5772126%2C5772157%2C5772186%2C5772205%2C5772383%2C5772421%2C5807843%2C5812186%2C5894602%2C5907913%2C5933676%2C5969498%2C5969642%2C5969671%2C5969675%2C5971810%2C5971880%2C5992671%2C5992999%2C5993021%2C6000363%2C6001937%2C6002209%2C6002253%2C6002382%2C6002507%2C6140505%2C6154762%2C6154871%2C6159236%2C6159578%2C6162984%2C6162989%2C6163852%2C6164009%2C6164071%2C6164072%2C6164436%2C6164437%2C6193482%2C6195004%2C6195041%2C6195042%2C6195043%2C6195531%2C6195532%2C6195533%2C6195609%2C6214062%2C6214063%2C6214064%2C6214094%2C6214097%2C6214101%2C6214202%2C6214204%2C6214208%2C6221015%2C6221229%2C6222282%2C6226174%2C6226212%2C6226218%2C6226221%2C6226226%2C6226446%2C6226454%2C6226458%2C6226476%2C6226484%2C6226643%2C6226796%2C6226877%2C6226880%2C6227027%2C6227558%2C6234208%2C6234214%2C6234248%2C6234255%2C6234287%2C6234366%2C6234427%2C6234545%2C6235523%2C6235651%2C6237797%2C6237800%2C6237832%2C6237857%2C6291044%2C6291049%2C6291104%2C6291106%2C6291111%2C6291118%2C6291124%2C6291138%2C6291946%2C6291953%2C6291969%2C6311673%2C6318389%2C6330471%2C6330749%2C6331140%2C6331216%2C6331277%2C6331301%2C6357110%2C6357745%2C6357758%2C6357771%2C6364697%2C6364707%2C6386022%2C6386029%2C6422150%2C6422153%2C6455878%2C6455884%2C6471290%2C6471292%2C6479718%2C6479764%2C6526614%2C6563367%2C6563414%2C6590178%2C6776590%2C6778340%2C6779076%2C6779365%2C6806511%2C6807202%2C6816216%2C6816242%2C6816247%2C6816326%2C6816335%2C6816341%2C6842289%2C6842296%2C6842320%2C6842381%2C6842396%2C6842507%2C6851735%2C6860538%2C6875822%2C6876078%2C6878676%2C6886610%2C6889819%2C6889820%2C6889829%2C6895218%2C6895221%2C6895281%2C6895289%2C6902404%2C6902406%2C6906372%2C6914830%2C6914832%2C6914833%2C6917298%2C6917319%2C6917321%2C6917325%2C6917329%2C6917415%2C7018738%2C7037742%2C7037747%2C7037879%2C7043219%2C7043221%2C7043222%2C7043223%2C7043356%2C7043359%2C7043387%2C7050757%2C7050810%2C7054802%2C7054821%2C7054845%2C7055172%2C7055180%2C7055199%2C7055243%2C7055269%2C7055280%2C7055313%2C7055360%2C7055754%2C7057671%2C7057780%2C7059421%2C7073089%2C7081770%2C7081774%2C7081869%2C7081871%2C7082029%2C7082088%2C7082091%2C7082175%2C7082177%2C7089154%2C7089369%2C7089726%2C7089791%2C7089907%2C7090617%2C7090621%2C7090626%2C7090631%2C7098648%2C7098649%2C7098654%2C7098664%2C7098673%2C7125571%2C7209540%2C7209542%2C7209543%2C7209544%2C7209546%2C7209548%2C7209549%2C7209550%2C7209995%2C7209997%2C7209999%2C7210001%2C7210195%2C7210198%2C7210208%2C7215834%2C7226638%2C7226689%2C7226691%2C7226766%2C7226777%2C7226784%2C7226796%2C7226942%2C7227046%2C7227047%2C7228256%2C7228261%2C7228262%2C7228265%2C7228268%2C7228270%2C7228272%2C7228273%2C7228277%2C7228284%2C7228285%2C7228289%2C7228298%2C7228299%2C7228300%2C7228302%2C7228320%2C7228331%2C7291167%2C7292156%2C7307100%2C7307264%2C7359086%2C7361643%2C7365559%2C7462205%2C7481343%2C7525396%2C7525559%2C7525623%2C7525690%2C7525745%2C7525847%2C7526713%2C7536183%2C7536493%2C7537492%2C7537579%2C7538501%2C7538532%2C7538638%2C7538719%2C7538977%2C7539323%2C7539357%2C7539424%2C7539466%2C7539475%2C7539506%2C7542691%2C7542814%2C7542908%2C7542924%2C7544348%2C7544399%2C7544474%2C7544514%2C7544544%2C7549646%2C7549719%2C7549749%2C7550152%2C7550161%2C7550213%2C7572162%2C7716684%2C7717144%2C7717791%2C7717812%2C7717827%2C7717839%2C7717845%2C7717929%2C7717945%2C7791362%2C7791430%2C7791447%2C7831211%2C7831225%2C7831261%2C7831271%2C7831809%2C7831811%2C7831815%2C7831831%2C7945977%2C7954109%2C8016142%2C8016159%2C8016171%2C8016175%2C8016181%2C8016206%2C8016306%2C8016315%2C8016332%2C8016350%2C8016357%2C8016364%2C8018483%2C8018490%2C8018538%2C8018546%2C8018559%2C8018567%2C8019394%2C8019396%2C8025229%2C8025244%2C8025246%2C8025250%2C8032818%2C8032824%2C8032827%2C8035172%2C8035174%2C8035175%2C8035176%2C8035180%2C8035184%2C8035188%2C8035190%2C8049459%2C8049473%2C8049493%2C8049509%2C8081387%2C8081422%2C8081425%2C8083336%2C8097798%2C8097803%2C8097831%2C8097833%2C8110565%2C8110587%2C8110595%2C8110599%2C8124939%2C8124944%2C8124953%2C8124960%2C8178320%2C8178327%2C8178331%2C8178333%2C8211948%2C8359406%2C8359412%2C8359420%2C8359431%2C8359441%2C8359637%2C8365506%2C8392744%2C8505019%2C8643514%2C8643560%2C8643589%2C8643686%2C8643748%2C8643808%2C8643881%2C8643903%2C8643943%2C8643973%2C8644038%2C8648496%2C8648497%2C8648502%2C8761737%2C8771359%2C8813308%2C8813343%2C8813346%2C8813349%2C8896437%2C8896445%2C8896457%2C8897484%2C8897495%2C8897500%2C8897529%2C8897530%2C8897532%2C8897533%2C8897534%2C8897535%2C8897869%2C8903049%2C8903064%2C8903076%2C8903099%2C8903103%2C8903105%2C8903122%2C8903123%2C8903125%2C8903128%2C8903132%2C8903531%2C8903539%2C8903563%2C8903568%2C8903594%2C8903599%2C8904004%2C8904014%2C8904020%2C8904031%2C8904037%2C8904056%2C8904059%2C8904063%2C9104939%2C9130903%2C9131544%2C9139541%2C9203023%2C9203067%2C9203116%2C9278395%2C9351038%2C9387947%2C9397722%2C9409325%2C9514351%2C9514357%2C9612423%2C9612517%2C9612648%2C9629921%2C9696006%2C9696064%2C9696100%2C9703331%2C9703486%2C9703627%2C9719551%2C9720613%2C9721538%2C9721695%2C9721702%2C9721705%2C9721709%2C9721710%2C9755110%2C9755385%2C9854757%2C9906851%2C9910363%2C9990666%2C9990685%2C9990686%2C10095057%2C10095363%2C10095797%2C10096001%2C10193236%2C10193384%2C10193807%2C10310290%2C10476464%2C10476611%2C10477525%2C10502301%2C10503758%2C10503885%2C10522118%2C10535412%2C10588065%2C10588071%2C10588162%2C10635997%2C10651842%2C10685105%2C10686491%2C10686495%2C10697806%2C10697843%2C10769787%2C10919956%2C10953320%2C10997851%2C10997980%2C10998089%2C10998386%2C10998397%2C10998435%2C10998569%2C10998579%2C11057024%2C11152558%2C11154187%2C11194193%2C11245943%2C11332680%2C11346958%2C11350004%2C11350005%2C11387804%2C11395097%2C11395212%2C11396897%2C11396924%2C11396962%2C11397033%2C11397135%2C11397140%2C11397143%2C11397144%2C11397147%2C11397214%2C11397215%2C11397216%2C11397217%2C11397218%2C11397960%2C11400745%2C11401196%2C11401197%2C11401392%2C11401427%2C11401493%2C11401640%2C11401724%2C11401976%2C11402069%2C11402079%2C11402096%2C11403979%2C11404377%2C11404384%2C11408351%2C11414595%2C11415196%2C11415197%2C11416031%2C11416034%2C11416120%2C11416161%2C11416324%2C11416553%2C11416714%2C11416754%2C11416984%2C11417111%2C11417621%2C11417683%2C11417716%2C11417751%2C11418099%2C11418103%2C11421607%2C11421608%2C11421620%2C11428320%2C11428379%2C11428382%2C11455715%2C11460659%2C11460890%2C11460892%2C11460901%2C11461357%2C11461368%2C11461404%2C11461722%2C11468652%2C11468653%2C11468655%2C11468676%2C11468681%2C11468684%2C11475669%2C11475694%2C11476530%2C11481965%2C11487671%2C11488866%2C11490520%2C11490827%2C11490868%2C11496300%2C11496628%2C11496649%2C11497244%2C11497486%2C11497968%2C11515690%2C11517479%2C11517532%2C11543793%2C11543906%2C11549890%2C11550201%2C11550202%2C11550203%2C11577232%2C11584353%2C11584887%2C11585480%2C11589019%2C11589113%2C11589120%2C11597342%2C11597367%2C11597472%2C11609630%2C11610899%2C11611100%2C11611338%2C11614059%2C11615411%2C11615420%2C11615446%2C11615498%2C11615501%2C11615504%2C11621887%2C11623768%2C11629337%2C11629339%2C11629401%2C11629580%2C11635203%2C11635277%2C11639299%2C11644447%2C11645614%2C11645616%2C11645617%2C11645658%2C11645659%2C11645660%2C11646244%2C11646540%2C11646635%2C11646660%2C11646737%2C11646758%2C11646798%2C11646818%2C11646842%2C11662987%2C11666805%2C11666880%2C11666886%2C11666910%2C11666918%2C11666976%2C11666994%2C11676263%2C11676270%2C11676293%2C11676312%2C11676368%2C11676415%2C11676451%2C11676455%2C11683311%2C11684178%2C11689123%2C11697904%2C11708513%2C11723817%2C11723818%2C11723861%2C11734201%2C11735165%2C11735305%2C11762514%2C11762691%2C11783343%2C11784015%2C11784931%2C11784993%2C11785011%2C11798208%2C11800129%2C11815343%2C11815391%2C11830759%2C11830841%2C11830975%2C11831346%2C11831372%2C11831539%2C11831549%2C11844423%2C11844425%2C11850207%2C11850209%2C11868176%2C11877510%2C11878882%2C11903230%2C11923402%2C11923553%2C11923569%2C11923571%2C11923657%2C11923673%2C11923736%2C11923737%2C11923739%2C11933607%2C11950397%2C11959998%2C11960028%2C11965353%2C11965440%2C11966901%2C11969715%2C11969801%2C11969866%2C11998069%2C11998156%2C12018471%2C12018822%2C12019250%2C12040619%2C12040854%2C12051550%2C12085845%2C12085852%2C12085930%2C12086375%2C12086624%2C12086628%2C12089273%2C12089504%2C12097231%2C12097501%2C12097542%2C12112378%2C12123555%2C12147846%2C12148109%2C12148144%2C12149117%2C12152120%2C12153186%2C12167992%2C12192400%2C12259785%2C12260127%2C12265565%2C12281316%2C12295255%2C12313833%2C12313922%2C12339057%2C12341877%2C12352272%2C12352686%2C12354121%2C12354122%2C12360312%2C12360381%2C12360409%2C12360462%2C12361864%2C12363145%2C12386789%2C12398074%2C12398113%2C12398378%2C12398381%2C12398504%2C12398509%2C12420753%2C12422577%2C12422611%2C12431515%2C12431517%2C12431978%2C12431992%2C12439905%2C12439907%2C12439909%2C12439912%2C12441386%2C12441481%2C12441510%2C12441534%2C12449202%2C12475965%2C12476042%2C12478711%2C12485943%2C12486269%2C12491060%2C12491062%2C12491069%2C12496885%2C12496889%2C12496896%2C12496903%2C12509636%2C12509663%2C12509666%2C12511664%2C12511728%2C12512481%2C12512497%2C12514254%2C12514258%2C12514259%2C12523410%2C12524165%2C12524190%2C12531093%2C12531215%2C12532951%2C12537147%2C12540453%2C12540458%2C12540504%2C12540622%2C12540637%2C12540684%2C12540821%2C12540930%2C12540932%2C12540934%2C12540935%2C12540941%2C12540942%2C12540944%2C12541090%2C12541116%2C12547910%2C12548079%2C12563220%2C12563442%2C12569091%2C12569109%2C12569915%2C12569976%2C12577340%2C12582312%2C12582536%2C12602522%2C12602557%2C12605925%2C12605958%2C12606093%2C12606151%2C12606168%2C12606214%2C12606227%2C12615985%2C12619760%2C12619773%2C12619803%2C12619812%2C12640901%2C12641206%2C12641243%2C12641682%2C12641809%2C12664238%2C12664319%2C12664996%2C12665004%2C12665396%2C12665413%2C12665421%2C12665439%2C12665455%2C12665461%2C12665475%2C12665487%2C12665495%2C12665500%2C12665503%2C12665525%2C12665546%2C12665547%2C12665597%2C12665601%2C12665607%2C12673380%2C12673381%2C12673382%2C12673464%2C12673465%2C12673466%2C12678055%2C12678172%2C12678221%2C12678226%2C12678237%2C12678299%2C12678359%2C12678463%2C12678488%2C12679930%2C12679980%2C12680219%2C12680220%2C12680222%2C12680286%2C12680287%2C12680288%2C12680289%2C12680415%2C12680416%2C12680421%2C12680422%2C12680547%2C12680555%2C12680601%2C12680602%2C12680650%2C12680663%2C12680669%2C12680670%2C12680738%2C12680769%2C12680771%2C12684229%2C12711824%2C12711834%2C12711888%2C12711901%2C12711998%2C12712007%2C12756221%2C12756544%2C12759543%2C12772370%2C12789220%2C12819638%2C12819641%2C12819731%2C12819732%2C12821228%2C12821232%2C12832058%2C12832408%2C12832429%2C12833471%2C12833555%2C12833582%2C12850910%2C12850918%2C12850920%2C12851887%2C12855587%2C12855588%2C12855593%2C12856316%2C12856317%2C12856352%2C12856353%2C12865755%2C12866030%2C12866078%2C12866196%2C12881237%2C12881625%2C12882278%2C12882663%2C12882964%2C12883397%2C12885363%2C12885422%2C12885453%2C12885505%2C12885592%2C12885613%2C12885663%2C12885862%2C12885905%2C12885918%2C12885923%2C12885927%2C12885985%2C12885990%2C12886005%2C12886680%2C12907847%2C12909272%2C12909273%2C12912682%2C12921648%2C12921769%2C12921826%2C12921855%2C12922024%2C12922087%2C12923143%2C12923684%2C12923704%2C12923773%2C12923936%2C12923939%2C12923998%2C12924001%2C12924874%2C12924902%2C12924912%2C12924956%2C12924975%2C12924990%2C12925005%2C12925090%2C12925181%2C12925195%2C12925241%2C12925261%2C12925400%2C12925442%2C12925508%2C12925517%2C12925633%2C12925873%2C12926843%2C12926883%2C12926944%2C12926953%2C12926973%2C12926981%2C12927175%2C12927332%2C12927414%2C12927418%2C12927744%2C12927838%2C12927922%2C12928066%2C12928095%2C12928107%2C12928149%2C12928164%2C12928182%2C12929571%2C12929597%2C12929716%2C12929815%2C12929978%2C12929989%2C12930024%2C12930043%2C12930100%2C12930131%2C12930164%2C12934254%2C12934305%2C12934411%2C12934440%2C12934450%2C12934452%2C12934495%2C12934513%2C12934588%2C12934594%2C12934611%2C12934639%2C12934673%2C12934687%2C12934696%2C12934700%2C12934710%2C12934763%2C12934815%2C12934845%2C12935224%2C12935234%2C12935279%2C12935281%2C12935317%2C12935345%2C12935397%2C12935507%2C12935534%2C12935633%2C12935860%2C12935899%2C12935934%2C12935954%2C12935966%2C12936000%2C12936069%2C12936101%2C12936983%2C12937233%2C12937283%2C12937313%2C12937393%2C12937404%2C12937424%2C12937904%2C12937962%2C12938523%2C12938579%2C12938617%2C12938638%2C12938691%2C12939517%2C12940043%2C12940181%2C12940372%2C12940871%2C12947134%2C12947167%2C12947207%2C12947216%2C12948248%2C12948375%2C12948428%2C12948498%2C12948741%2C12948794%2C12950687%2C12953811%2C12953815%2C12953843%2C12954030%2C12969597%2C12969640%2C12971115%2C12971765%2C12971885%2C12983798%2C12983859%2C12986083%2C12986160%2C12986291%2C12986844%2C12987733%2C12996965%2C12997777%2C12997845%2C12997849%2C13008703%2C13008708%2C13009209%2C13011063%2C13011066%2C13012364%2C13020630%2C13021375%2C13022053%2C13022072%2C13037641%2C13037645%2C13037884%2C13046784%2C13056244%2C13059704%2C13059733%2C13059741%2C13115728%2C13135619%2C13136828%2C13158557%2C13158567%2C13158580%2C13158584%2C13173610%2C13175848%2C13175893%2C13175937%2C13175972%2C13176001%2C13176069%2C13176161%2C13176365%2C13176390%2C13176420%2C13176558%2C13180060%2C13228461%2C13228467%2C13228472%2C13229742%2C13229964%2C13230150%2C13230158%2C13379501%2C13379527%2C13404253%2C13404255%2C13404256%2C13426762%2C13426768%2C13442957%2C13444808%2C13445193%2C13499528%2C13499558%2C13499559%2C13509560%2C13519091%2C13521499%2C13562887%2C13576597%2C13581270%2C13585037%2C13585042%2C13586704%2C13586711%2C13586718%2C13586720%2C13590402%2C13590478%2C13590485%2C13590826%2C13590912%2C13591338%2C13591340%2C13591456%2C13593057%2C13593413%2C13593470%2C13593489%2C13593491%2C13593492%2C13593952%2C13593953%2C13593955%2C13604577%2C13604579%2C13611921%2C13611926%2C13611928%2C13611930%2C13611932%2C13611935%2C13611950%2C13611955%2C13611957%2C13611959%2C13611960%2C13611961%2C13611962%2C13611980%2C13611981%2C13611990%2C13612010%2C13612013%2C13612026%2C13612030%2C13612056%2C13612507%2C13612510%2C13612514%2C13612515%2C13615293%2C13615363%2C13624271%2C13624335%2C13624366%2C13627530%2C13637445%2C13639429%2C13639559%2C13639822%2C13639829%2C13651559%2C13651660%2C13651676%2C13651682%2C13651716%2C13651764%2C13651797%2C13651823%2C13651854%2C13651874%2C13651905%2C13652073%2C13652074%2C13652082%2C13652086%2C13652091%2C13652092%2C13652097%2C13652098%2C13652406%2C13652414%2C13652431%2C13652432%2C13652441%2C13652458%2C13652463%2C13652502%2C13652504%2C13652553%2C13652554%2C13652652%2C13652667%2C13652685%2C13652686%2C13652691%2C13652693%2C13652706%2C13652707%2C13652888%2C13655571%2C13655675%2C13655677%2C13655748%2C13655759%2C13655772%2C13655774%2C13655815%2C13655816%2C13655928%2C13655929%2C13656062%2C13656068%2C13656075%2C13656076%2C13656137%2C13656139%2C13656166%2C13656167%2C13656224%2C13656403%2C13656413%2C13656414%2C13656703%2C13656715%2C13656731%2C13657593%2C13657599%2C13657611%2C13657612%2C13657646%2C13657863%2C13657864%2C13657881%2C13657883%2C13657887%2C13657908%2C13657921%2C13660900%2C13660902%2C13660918%2C13660927%2C13660928%2C13661137%2C13661139%2C13661201%2C13661204%2C13661205%2C13661212%2C13661213%2C13661995%2C13662002%2C13662009%2C13662012%2C13662013%2C13662086%2C13662102%2C13662113%2C13662132%2C13662133%2C13662145%2C13662146%2C13662230%2C13662241%2C13662276%2C13662293%2C13662295%2C13663428%2C13663432%2C13663437%2C13663450%2C13703524%2C13703900%2C13703963%2C13704004%2C13728187%2C13728188%2C13728189%2C13729253%2C13746660%2C13754902%2C13755175%2C13755177%2C13755793%2C13756319%2C13759454%2C13759508%2C13759747%2C13788357%2C13789606%2C13790210%2C13790356%2C13790443%2C13790445%2C13790446%2C13827326%2C13827616%2C13828942%2C13828948%2C13854071%2C13889445%2C13889455%2C13889486%2C13889961%2C13889975%2C13889994%2C13890227%2C13890239%2C13890240%2C13890241%2C13897024%2C13906529%2C13906564%2C13906592%2C13917417%2C13918132%2C13918133%2C13919181%2C13919183%2C13931368%2C13944643%2C13951734%2C13951831%2C13955623%2C13955624%2C13970253%2C13970255%2C14012185%2C14012197%2C14020547%2C14045762%2C14045763%2C14045764%2C14077128%2C14077134%5D%2C%22i%22%3A7%2C%22c%22%3A7%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=5189423&xur=lp.clevernetwork.pt%2Fpokerstars%2Faa%2F%3Fgroup%3D48188%26id%3D495034%26ref%3DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D%26r%3D714132450%26tracker%3DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkP&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1614412220%2C%22page_url%22%3A%22lp.clevernetwork.pt%2Fpokerstars%2Faa%2F%3Fgroup%3D48188%26id%3D495034%26ref%3DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D%26r%3D714132450%26tracker%3DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkP%22%2C%22dm%22%3A%22pokerstars.com%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1614412219%2C%22prev_vis_ts%22%3A1614412219%2C%22curr_vis_ts%22%3A1614412220%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.212.64.229 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.17.7 / Tradelab ITS / node3.tradelab.fr
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:24 GMT
Server
nginx/1.17.7
X-Powered-By
Tradelab ITS / node3.tradelab.fr
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
px
secure.adnxs.com/ Frame A3A0 		43 B
971 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=645002&t=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:24 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.79:80
AN-X-Request-Uuid
69180b7c-c942-4ff5-b98e-76345e413f34
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
seg
secure.adnxs.com/ Frame A3A0 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/seg?add=4232220&t=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:24 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.148:80
AN-X-Request-Uuid
75983225-35d7-4964-b06f-0c6d175f2b88
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
its.tradelab.fr/ Frame A3A0 		43 B
937 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://its.tradelab.fr/?type=fseg&uuid2=2660798561965089759&sid=4232220&val=undefined&fun=825&step=2&siev=4232213&fp=0&advid=5189423&isregen=0&ua=Mozilla%252F5.0%2520(Macintosh%253B%2520Intel%2520Mac%2520OS%2520X%252010_14_5)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F83.0.4103.61%2520Safari%252F537.36&ur=https%253A%252F%252Flp.clevernetwork.pt%252Fpokerstars%252Faa%252F%253Fgroup%253D48188%2526id%253D495034%2526ref%253DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%253D%253D%2526r%253D714132450%2526tracker%253DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%252FYnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A%253D&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1614412220%2C%22page_url%22%3A%22lp.clevernetwork.pt%2Fpokerstars%2Faa%2F%3Fgroup%3D48188%26id%3D495034%26ref%3DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D%26r%3D714132450%26tracker%3DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkP%22%2C%22dm%22%3A%22pokerstars.com%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1614412219%2C%22prev_vis_ts%22%3A1614412219%2C%22curr_vis_ts%22%3A1614412220%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.212.64.229 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.17.7 / Tradelab ITS / node2.tradelab.fr
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:24 GMT
Server
nginx/1.17.7
X-Powered-By
Tradelab ITS / node2.tradelab.fr
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
4824.js
cdn.tradelab.fr/fseg/ Frame A3A0 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tradelab.fr/fseg/4824.js?add=25237863
Requested by
Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/tag/c292f111f4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CAA) /
Resource Hash
e70dd2b13f3165a85a871f1863b5f17c7a68e961e2a2788a0921a630edf01bcc

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:24 GMT
content-encoding
gzip
last-modified
Mon, 25 Jan 2021 13:20:52 GMT
server
ECAcc (mil/6CAA)
age
702
etag
"1bc0-5b9b9683b9159-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length
2596
expires
Sat, 27 Feb 2021 08:20:24 GMT
1432217.js
cdn.tradelab.fr/conv/ Frame A3A0 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tradelab.fr/conv/1432217.js
Requested by
Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/fseg/4824.js?add=25237863
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C98) /
Resource Hash
9e23d43857c7a9f794d0d60c13db6b7054640c3f9319fa3826c2a2c69003a155

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:50:24 GMT
content-encoding
gzip
last-modified
Fri, 26 Feb 2021 09:53:48 GMT
server
ECAcc (mil/6C98)
age
719
etag
"13fd-5bc3a3ea5659f-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length
1754
expires
Sat, 27 Feb 2021 08:20:24 GMT
/
its.tradelab.fr/ Frame A3A0 		43 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://its.tradelab.fr/?type=convr&x=1&cdata=%7B%22a%22%3A1432217%2C%22l%22%3A%5B14087289%2C14087695%2C14087696%2C14087698%2C14087699%2C14087700%2C14087701%2C14087702%2C14087703%2C14087704%2C14087705%2C14087707%2C14087758%2C14088614%2C14088615%2C14088616%2C14088617%2C14088618%2C14088619%2C14088620%2C14088621%2C14088834%2C14088837%2C14088928%2C14088956%2C14088967%2C14089013%2C14089014%2C14089015%2C14089016%2C14089017%2C14089018%2C14089019%2C14089020%2C14089021%2C14089022%2C14089023%2C14089024%2C14089025%2C14089026%5D%2C%22i%22%3A7%2C%22c%22%3A30%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=5189423&xur=lp.clevernetwork.pt%2Fpokerstars%2Faa%2F%3Fgroup%3D48188%26id%3D495034%26ref%3DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D%26r%3D714132450%26tracker%3DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkP&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1614412220%2C%22page_url%22%3A%22lp.clevernetwork.pt%2Fpokerstars%2Faa%2F%3Fgroup%3D48188%26id%3D495034%26ref%3DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D%26r%3D714132450%26tracker%3DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkP%22%2C%22dm%22%3A%22pokerstars.com%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1614412219%2C%22prev_vis_ts%22%3A1614412219%2C%22curr_vis_ts%22%3A1614412220%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.212.64.229 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.17.7 / Tradelab ITS / node5.tradelab.fr
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:24 GMT
Server
nginx/1.17.7
X-Powered-By
Tradelab ITS / node5.tradelab.fr
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
px
secure.adnxs.com/ Frame A3A0 		43 B
971 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=1432217&t=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:24 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.14:80
AN-X-Request-Uuid
a40a5022-c825-4b2d-9035-191feede7a8f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
seg
secure.adnxs.com/ Frame A3A0 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/seg?add=25237863&t=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:24 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.143:80
AN-X-Request-Uuid
c3cace06-5320-4006-8198-6647276fee18
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
its.tradelab.fr/ Frame A3A0 		43 B
933 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://its.tradelab.fr/?type=fseg&uuid2=2660798561965089759&sid=25237863&val=undefined&fun=4824&step=2&siev=25237856&fp=0&advid=5189423&isregen=0&ua=Mozilla%252F5.0%2520(Macintosh%253B%2520Intel%2520Mac%2520OS%2520X%252010_14_5)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F83.0.4103.61%2520Safari%252F537.36&ur=https%253A%252F%252Flp.clevernetwork.pt%252Fpokerstars%252Faa%252F%253Fgroup%253D48188%2526id%253D495034%2526ref%253DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%253D%253D%2526r%253D714132450%2526tracker%253DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%252FYnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A%253D&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1614412220%2C%22page_url%22%3A%22lp.clevernetwork.pt%2Fpokerstars%2Faa%2F%3Fgroup%3D48188%26id%3D495034%26ref%3DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D%26r%3D714132450%26tracker%3DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkP%22%2C%22dm%22%3A%22pokerstars.com%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1614412219%2C%22prev_vis_ts%22%3A1614412219%2C%22curr_vis_ts%22%3A1614412220%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.212.64.229 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.17.7 / Tradelab ITS / node4.tradelab.fr
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:50:24 GMT
Server
nginx/1.17.7
X-Powered-By
Tradelab ITS / node4.tradelab.fr
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
img
pixel.mathtag.com/misc/ Frame A3A0 		43 B
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 3518 2f03077 master cdg-pixel-x2 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:50:28 GMT
Server
MT3 3518 2f03077 master cdg-pixel-x2
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 27 Feb 2021 07:51:04 GMT
summary.json.js
www.psimg.com/datafeed/dyn_banners/ Frame A3A0 		526 B
838 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.psimg.com/datafeed/dyn_banners/summary.json.js?callback=netcount
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.87.180.198 , Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
Apache /
Resource Hash
2ae81359bc55c3f1a2da79f7f4da133d74d62c703f8463405f9d222690471f57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:50:29 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Feb 2021 07:50:19 GMT
Server
Apache
ETag
"20e-5bc4ca2e1187e-gzip"
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=250
Content-Length
278
img
pixel.mathtag.com/misc/ Frame A3A0 		43 B
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=398041&mt_adid=117394&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 3518 2f03077 master cdg-pixel-x31 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:50:29 GMT
Server
MT3 3518 2f03077 master cdg-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 27 Feb 2021 07:51:04 GMT
collect
stats.g.doubleclick.net/j/ Frame A3A0 		1 B
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-19464553-1&cid=2063090670-1614412218&jid=1366671367&gjid=1254370576&_gid=1230313854.1614412219&_u=aLBAgEIhEAAAAE~&z=246290986
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 27 Feb 2021 07:50:34 GMT
content-type
text/plain
access-control-allow-origin
https://www.pokerstars.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ Frame A3A0 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-56166869-1&cid=2063090670-1614412218&jid=1592121296&gjid=23587280&_gid=364692492.1614412219&_u=aLBAgEIhEAAAAE~&z=411811982
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 27 Feb 2021 07:50:34 GMT
content-type
text/plain
access-control-allow-origin
https://www.pokerstars.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ Frame A3A0 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-57072753-4&cid=2063090670-1614412218&jid=1325647526&gjid=931058169&_gid=1512099114.1614412219&_u=aLBAgEIhEAAAAE~&z=363966683
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 27 Feb 2021 07:50:34 GMT
content-type
text/plain
access-control-allow-origin
https://www.pokerstars.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame A3A0 		35 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j88&a=115458614&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.pokerstars.com%2Fua%2F&dr=https%3A%2F%2Flp.clevernetwork.pt%2Fpokerstars%2Faa%2F%3Fgroup%3D48188%26id%3D495034%26ref%3DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D%26r%3D714132450%26tracker%3DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A%3D&ul=en-us&de=UTF-8&dt=%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD-%D0%BF%D0%BE%D0%BA%D0%B5%D1%80%20-%20%D0%93%D1%80%D0%B0%D0%B9%D1%82%D0%B5%20%D0%B2%20%D0%BF%D0%BE%D0%BA%D0%B5%D1%80%D0%BD%D1%96%20%D1%96%D0%B3%D1%80%D0%B8%20%D0%BD%D0%B0%20PokerStars&sd=24-bit&sr=1600x1200&vp=&je=0&ec=unbounce&ea=15_sec&_u=aLBAgEIhE~&jid=1366671367&gjid=1254370576&cid=2063090670-1614412218&tid=UA-19464553-1&_gid=1230313854.1614412219&cd60=d2916039-f9b8-4a00-a7e3-40c05c23bcb6&cd1=(none)&cd2=A&cd5=ua&cg1=ua&cd12=2063090670-1614412218&cd26=2063090670-1614412218&cd18=119028166756485&cd6=yes&z=464237042
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Feb 2021 02:28:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
19327
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame A3A0 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j88&a=115458614&t=event&ni=1&ds=web&_s=1&dl=https%3A%2F%2Fwww.pokerstars.com%2Fua%2F&dr=https%3A%2F%2Flp.clevernetwork.pt%2Fpokerstars%2Faa%2F%3Fgroup%3D48188%26id%3D495034%26ref%3DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D%26r%3D714132450%26tracker%3DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A%3D&dh=www.pokerstars.com&ul=en-us&de=UTF-8&dt=%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD-%D0%BF%D0%BE%D0%BA%D0%B5%D1%80%20-%20%D0%93%D1%80%D0%B0%D0%B9%D1%82%D0%B5%20%D0%B2%20%D0%BF%D0%BE%D0%BA%D0%B5%D1%80%D0%BD%D1%96%20%D1%96%D0%B3%D1%80%D0%B8%20%D0%BD%D0%B0%20PokerStars&sd=24-bit&sr=1600x1200&vp=&je=0&ec=unbounce&ea=15_sec&_u=aLBAgEIhEAAAAE~&jid=1592121296&gjid=23587280&cid=2063090670-1614412218&tid=UA-56166869-1&_gid=364692492.1614412219&cd60=d2916039-f9b8-4a00-a7e3-40c05c23bcb6&cd1=(none)&cd2=A&cd5=ua&cg1=ua&cd12=2063090670-1614412218&cd26=2063090670-1614412218&cd18=119028166756485&cd32=RAM&cd33=app&cd66=Not%20provided&cd67=&cd3=COM&cd64=PS&cd65=.COM&cd30=Poker&cd36=2.2.44.000afed&cd6=yes&z=1149385973
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Feb 2021 02:28:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
19327
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame A3A0 		35 B
86 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j88&a=115458614&t=event&ni=1&ds=web&_s=1&dl=https%3A%2F%2Fwww.pokerstars.com%2Fua%2F&dr=https%3A%2F%2Flp.clevernetwork.pt%2Fpokerstars%2Faa%2F%3Fgroup%3D48188%26id%3D495034%26ref%3DaHR0cHM6Ly93d3cubWV1ZGluaGVpcm8ueHl6Lw%3D%3D%26r%3D714132450%26tracker%3DaHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBTERURklBQkFBV1A%3D&dh=www.pokerstars.com&ul=en-us&de=UTF-8&dt=%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD-%D0%BF%D0%BE%D0%BA%D0%B5%D1%80%20-%20%D0%93%D1%80%D0%B0%D0%B9%D1%82%D0%B5%20%D0%B2%20%D0%BF%D0%BE%D0%BA%D0%B5%D1%80%D0%BD%D1%96%20%D1%96%D0%B3%D1%80%D0%B8%20%D0%BD%D0%B0%20PokerStars&sd=24-bit&sr=1600x1200&vp=&je=0&ec=unbounce&ea=15_sec&_u=aLBAgEIhEAAAAE~&jid=1325647526&gjid=931058169&cid=2063090670-1614412218&tid=UA-57072753-4&_gid=1512099114.1614412219&cd60=d2916039-f9b8-4a00-a7e3-40c05c23bcb6&cd1=(none)&cd2=A&cd5=ua&cg1=ua&cd12=2063090670-1614412218&cd26=2063090670-1614412218&cd18=119028166756485&cd32=RAM&cd33=app&cd66=Not%20provided&cd67=&cd3=COM&cd64=PS&cd65=.COM&cd30=Poker&cd36=2.2.44.000afed&cd6=yes&z=63047402
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Feb 2021 03:17:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
16396
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
summary.json.js
www.psimg.com/datafeed/dyn_banners/ Frame A3A0 		526 B
838 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.psimg.com/datafeed/dyn_banners/summary.json.js?callback=netcount
Requested by
Host: www.meudinheiro.xyz
URL: https://www.meudinheiro.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.87.180.198 , Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
Apache /
Resource Hash
2ae81359bc55c3f1a2da79f7f4da133d74d62c703f8463405f9d222690471f57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.pokerstars.com/ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:50:34 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Feb 2021 07:50:19 GMT
Server
Apache
ETag
"20e-5bc4ca2e1187e-gzip"
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=178
Content-Length
278

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
id5-sync.com
URL
https://id5-sync.com/c/12/104/2/8.gif?puid=5d7a0b8d-f360-4048-beb7-ba5549a4fb1b&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

155 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings undefined| $ function| jQuery function| confiantWrap number| themoneytizer_async object| geo object| node object| eucountries object| sas object| generic function| criteoCallback function| whenFormatFctDefined function| whenDefined string| moneytizergeo object| twemoji object| wp object| sas_ads boolean| sas_ajax object| sas_manager object| sas_unrenderedFormats undefined| sas_callAd undefined| sas_callAds function| sas_render function| SmartAdServerAjaxOneCall function| SmartAdServer_iframe function| SmartAdServer function| SmartAdServerAjax function| sas_gcf function| sas_appendToContainer function| sascc function| sasmobile function| sas_addCleanListener function| sas_cleanAds function| sas_cleanAd number| sas_renderMode object| criteo_gum object| pwidget_config object| iframe object| tagsObject string| website number| random undefined| pubstack object| target object| notifyme object| ix_lib object| tmzr object| d object| pbs number| random_sw object| format_size object| format_size_ix object| format_w_adform object| format_h_adform object| format_size_rubicon object| format_criteo object| format_pulsepoint object| between_w object| between_h object| counter_refresh object| smart_prebid2 function| refreshVisibility26322 string| crtg_content object| mydiv object| creatediv undefined| paragraphs undefined| counter undefined| temp undefined| myP undefined| myPNumber undefined| coeffFilterBegin undefined| coeffFilterEnd undefined| filterBegin undefined| filterEnd undefined| limitPargraphs undefined| filteringParagraphs undefined| number undefined| divs undefined| coeffFilterBeginDiv undefined| filterBeginDiv function| loadScriptTemelio function| isEmpty function| GetRichAudienceZone function| GetAdmixerZone function| GetmnameAdform function| GetwAdform function| GethAdform function| GetsizeIndex function| Getsize function| GetsizeRubicon function| GetPulseSize function| Timeout function| refreshSlot function| refreshSlotFooter undefined| convertHtmlToText number| nugg object| _qevents boolean| moneycaching object| params function| Adcall_26322 function| retinajs function| Swiper function| gtag object| dataLayer object| google_tag_manager object| nav string| menuLabel object| parentItems number| navWidth number| navIniPos object| google_tag_data string| GoogleAnalyticsObject function| ga function| quantserve function| __qc object| ezt object| _qoptions function| qtrack function| MobileDetect object| md function| tmzrChunk object| _pbjsGlobals function| JSEncrypt object| ADAGIO object| invibes object| placementBids string| nobidVersion object| nobid undefined| Adcall_48311 undefined| Adcall_26325 object| pubstack_publica string| bidder_geo undefined| bid undefined| vastUrl object| targetingParams object| libJsLeadPlace object| headertag object| gaplugins object| gaGlobal object| gaData object| hstpnetwork number| HstpnetworkRegistryLoaded boolean| hstpchecker

2 Cookies

Domain/Path Name / Value
.flashtalking.com/ Name: _D9J
Value: 3be43b189b324b17b24573cc4deec74e
.doubleclick.net/ Name: IDE
Value: AHWqTUnVspIAhe4fTTHwgb64H_AvXFy53oiiyMCYq_L0d6hSdiLx2cgUduZ2XTVz

8 Console Messages

Source Level URL
Text
console-api log URL: https://www.meudinheiro.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2
console-api log URL: https://s.btstatic.com/lib/a0e0a2ff7ef8bd1133b01d9a743feb46beda5723.js?v=2(Line 984)
Message:
on non-fb sites, tracking as usual
console-api log URL: https://s.btstatic.com/tag.js(Line 2)
Message:
Signal: error: {"type":"dbe","message":"ReferenceError: wbid is not defined","dbe.name":"pstrkidmanager wbid","pageId":4034996}
console-api warning URL: https://cashier.rationalcdn.com/ram/2.2.44/vendor.js(Line 1)
Message:
This browser does not support Web Storage!
console-api log URL: https://www.psimg.com/ga/trk.core.idm.js(Line 1)
Message:
trk.core - requestIdReadyEvent(pstrkIdmMediamathReady_TrkCore)
console-api log URL: https://www.psimg.com/ga/trk.core.idm.js(Line 1)
Message:
trk.core - set mediamath_id dim
console-api log URL: https://www.psimg.com/ga/trk.core.idm.js(Line 1)
Message:
trk.core - bPVPushed = false
console-api log (Line 2)
Message:
ok a jour global 2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8526803.fls.doubleclick.net
8954552.fls.doubleclick.net
aa.agkn.com
ads.themoneytizer.com
adservice.google.com
adtrack.adleadevent.com
ajax.cloudflare.com
ajax.googleapis.com
api.rlcdn.com
as-sec.casalemedia.com
cashier.rationalcdn.com
cdn.tradelab.fr
ced-ns.sascdn.com
clevernt.com
cm.g.doubleclick.net
cmsstorage.rationalcdn.com
connect.facebook.net
d2zur9cc2gf1tx.cloudfront.net
d9.flashtalking.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
g.themoneytizer.net
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
its.tradelab.fr
js-sec.indexww.com
lp.clevernetwork.pt
match.adsrvr.org
mwzeom.zeotap.com
onetag-sys.com
p.cpx.to
pixel.mathtag.com
pixel.quantserve.com
ram.pokerstars.com
rewards.starsaccount.com
rules.quantcount.com
s.btstatic.com
s.thebrighttag.com
s4.rationalcdn.com
secure.adnxs.com
secure.quantserve.com
secure.starsaffiliateclub.com
sender.clevernt.com
servedby.flashtalking.com
service.maxymiser.net
spl.zeotap.com
starscrm.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
tag.device9.com
tag.leadplace.fr
tapestry.tapad.com
ui.clevernt.com
ww1097.smartadserver.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.meudinheiro.xyz
www.pokerstars.com
www.psimg.com
id5-sync.com
104.109.74.148
104.111.218.125
13.225.84.44
142.250.185.226
142.250.185.70
145.239.192.166
145.239.193.145
148.69.64.109
148.69.64.76
151.101.114.49
151.139.241.23
152.199.20.219
172.217.16.130
172.217.16.134
185.29.133.52
185.86.137.32
2.18.233.201
2.18.234.21
205.185.216.10
23.37.44.205
23.79.136.111
2600:9000:20eb:2a00:6:44e3:f8c0:93a1
2606:4700:10::6816:1957
2606:4700:20::681a:b75
2606:4700:20::ac43:447b
2606:4700::6810:a723
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:801::2002
2a00:1450:4001:803::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:811::200a
2a00:1450:4001:812::2004
2a00:1450:4001:827::2002
2a00:1450:4001:828::200a
2a00:1450:400c:c00::9a
2a02:2638::1c
2a02:26f0:6c00::210:ba0b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.120.207.148
34.246.61.84
34.248.248.83
35.227.248.159
37.252.172.249
37.252.172.36
51.89.9.253
52.17.98.114
52.19.118.3
52.31.176.223
52.58.248.2
54.220.104.217
54.228.230.227
62.212.64.229
67.23.238.99
77.87.178.197
77.87.179.149
77.87.179.68
77.87.180.198
91.211.98.229
91.92.196.187
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03c158b3fd0817ecc4f19e2b683c9ea63a5a48d9b246381fbb45e490792f45e4
03f57788464aacc762395c050df417bcab6f9f8159c15e237fbec864c93895c0
063d8d9dd28ae87cfa41724da6afe5931c3dccb4b7f8f04cafb51efe8eff5393
0809079a0df54cccbea6c5171eb66ced5cb708e24ae9a477939955f68ce37524
0900dc4ebddedd0f448f4a3ee04b7fe3dd6e4ef9df4573a8bb2321e847d77c3e
0946c4dd989713d446f69d063d2b393a66565bab9949cf0dfe2c6656934da36e
0977875c5974eb789be0e9ffe818ec53a6c9a67cb9a22390b618b8316e9a5c5a
0c4222c854d0a37659ecb2e0657971e360743d1fc5e264798b1881332ecb82c3
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0cb1ec4dcd30d3912da0e57dfe9845ee4670863ba60a408745a90b337290b2a7
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
128fbaa9e18cacff8b560ee5e1ddaf8b8646904a2195b85ccc8030006b91ed2f
137e4d3d675eaf33f19407ccb1b72948d5669883329c020103f551c7a463fc4f
14a4c5164ea7f47bccc702e8e5744681e8aa0a21d513a820e231f3d921e14c0b
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2
1536a4fcb5484555abbe06364bdcc0715a7ad07cdd81dea52fc0cb459bf216b7
16a7b2007ea6375a98b53b67e626f89f26415cf82eb3b120f5426fcbbe62cde2
1760cd328d3f336d3501133d9ecdf357483011c1d8f06be2a773ee394c142718
1d878d54b9a998f52c94a6956310423cba9996302c42f60d9b7fe81da51992c7
24f85d914df50a3785eaeed932eab1fd4cbec751c51376321436d853963a46dd
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
285517cf35ba4d389b96dffba65e7f196baf0ca483e4c1d9431e9b519d430144
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ae81359bc55c3f1a2da79f7f4da133d74d62c703f8463405f9d222690471f57
2ccf0881dabe3c8e15736455293afc8e2ae248395e402d2e7b1351a370539b5b
2cd6cff81ed30607212a76cf14df956553f17dc9f8024a720e7acb0dd2ec1b78
2d2602ee72623f30e96034575c2ee454a48f24338bf5bd40c6e09d877be41696
2d451ceb5c96c1c46a382c62cd8fc8069be4add288ff86069e55c2e5ae368af7
315e17341889b49df782825122e591e3b9be6080269cd899049f2a33336d9a4a
31e74f3c59cb11f9adc7c46732269ab01222784f2e600a2748d485bdf1f1d40a
327d787d84d02c84f75a9b130f7e778bb25ab8994fdd3b6ed2665667fdbe27fe
32adcd20942cc95376c96c686e5f4c65dba39275545f6c9c7b63b72a374d9cc0
32c37dc9434bdf2e6543b6bffaf90c5846c1515f2e2480d115fd865e9240b3c3
33f01d65270e23c80673c17239a33cce4f78c9505bfc323b99058691214aed3e
33fced4e196b8568ac416675e55f9fdbd36cc9c69ade70f52a527c4d28ce2f75
3549c3b2c33fc2f981c8349b96c348a44cba698450525533be7d16fb97b205ec
357a9f9be68be9e860cd648f2edee77a8d1b2dbcdab6659afe983ede2db5229b
36acde19f72b622d5419974d04a60c64abb3d4bfe82ef5ff62f63952a0427a38
37406e702700804191263694d80f23af99441f8f2add8d30d9c176265c9daa0e
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37dd1e25d8ce3db5ce2d3a76064ee6063058bbd5f1555ea55ad002d083402dc7
381328efe0f3a184401768b1d6f253af88b06961bf3d7caed91f66d9b70bc5ae
3b5a4306aab6277c32b8085c37c8e97a6e711f0645229b0911c5b69baa6c2481
3bca67455c27a03bbaa0a91d29cbf8d2080c9c46e81f914d380528dd2e8c23cb
3bd9da794fa375aee93286d9e81db9dfbf6f2a29973e83a56335f766c5004d26
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
3e1609acbb7aa6a33b8c40d478ec96b0a0003924be4961258a9d7850084cfc23
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
40b94bce99da2352b2dc1219887b07c998f46dcd2b7c6f2e8b6f11468269c86a
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
433674676291fa4acfb1be7f6e458c43afc5f44d96ddba17e0a186677c75ab0b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
445e41ca64d02ff5aef6a35d22fe32d076382adcf2e6478a5b76558f294f79b5
4512a0f507a7df3a354a3f552a4b34e2e642ce0e4902c002dfd1ce55e33abce4
45b71a7a36718d83840240c4b86fc9dd385f797bea63b3ee3b625e25163e8458
46c1c4120586c8751e0e250a306cfcda773975daecbdcfa7480a3033d96e7a10
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b78eadc03cee4c5ad476d3df8de773727e25c4952cc4d615fa5203d439c8095
4bcdad591e993084f420f4d2e05541355f3ef0a185dbe15b2cd1e8fd614039b7
4bfcd81b1c8cb16dbef3943b9e226283221681bd87a4ebd2ffd169bcd9586597
4c0f29539692165c3704acc7f7e2565f01a47f36bfd4938ebf76113b1b49d1eb
4d2f2b768dbcce1931e736b7c88e12621167d50c36151d8bb6a697dc8aea30b7
4d672d5c1c5b113754473b9bce1e3e2c924c929dc60a4bb4c89a1337f938cc3b
51a086065e926db0fbeecbed095737061fb511e1764a5c4a019195b2bc9032b4
53738c67f8690689a3a6b8eacba10507214031bb2f533133d05d202b080e1e58
53f2c48e29ca33a2a19cae8386a6c053dfe9ee9475d274765f0ee91290a7b4a9
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5744926ed0da8295c7680642df08a4cf03cedfede56204a62c16a49b5b4021e3
5a49a991b3bf8741d7868098f7d8c230fa0d808c92382bda7c26a189749d9763
5b821c106c787bdae441b9414fbd4d1e53716e6f564e4352d3800de38f642b53
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e41f097e99c65bc28df363f8057cecf1ec40e188032fc92477ae15bb16754a1
5ff86f271c2c50f1074477420ba9679ed243b281f5cfb7f66129bdf5eea43c24
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
625e872df5cce48cc87799696e4d0d5f6ff4e9299d303ea4d38ccbc8da267e3c
62d354ffc611b04d6f424a170012a988fefe4618084f17c78a529c4408f46285
64796d852c2396b0cf83789e9047c36eb71ce0226ac63214f453b4548f42e021
6aa11e842888cd75c787ba6e59d03d8139f93af3da4876c39b7d1600124a126c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e8c871975be29bb26543d00cd18fa047e4b4375c0f5618d29be2d6d3be67386
6fedd0f540a8e931e36c7ba9a04eff576ae2028c24641b8b079e22a8dfd01e40
70bf070ead0b1c4728fa295b5e98b14cf9b228c8ede128e726d4311654fcc585
71d5e02da18d269fd345e5741358606a56af9c4709a53185242d5989b78abc1c
744f85a7207ab76af9bea325844f5c39d6b3ae642acfbb4076e1e29d5cc10d57
781f29dcc6e03cbf0c62e3a9b0956dd06447878e5e0ed38ed349fabcd9c4b2d4
7836cf85eaa098ab43a96109a682e08f077eba5ee7451866040d47417724d6bb
7860b542cd2448a7ff2601a39d8817bf569fe078d2518e40236030abce5310da
7db055cbb1d8d048dde5759adefa774ae430836523a466a5e351c69db5220862
7f3ada208a6e93231327d013d8eab1679bfdb77977493de301f8572441eb82b2
8012130088f92723244a85073d7945c43a2cd3bb1639bddfdd012c5ee28607b9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8461d16dc5f56ee0d99897735abac9c47be6d3808e47a967ba546f69b89a2215
85d0169d980a0ed9cf7f51a1e48d8cf5419d29005eaed4a8955d24ce453d8171
87c34ac385475b568c6186c57988d07ea6ff53848e46194e32a9d0687b34e2aa
8878fe76a9d5f812136977a768b0292a70190104050ce601f84fd75c92c2f35d
89d1ca5e6fa203a56ee6b04bce6389d4a450f14a47402daed4d9678e5907d730
8c1aa1fc1b2c3981ac9d3d98fa124a90a6261986aa520225d1ffe027f8fa1ec0
8e6744837c655cd79ab23e9629a2ec6da888090d0857e73a923d51acd1fc66bd
8f882effe5170862c1fb6c36141ab8fa98e3a88ca5d7c217e445ba46ad065913
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9758131604411364017f6f7e517a004fd46c54ff8dc605d4c2af7ee42e2a8400
9c0ab5fc5916ddf8b9395ad401e9b5a482adf6d033ddbd865ad0eb3e56d06378
9e23d43857c7a9f794d0d60c13db6b7054640c3f9319fa3826c2a2c69003a155
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a77b03ac59bedd835e6261c2e0243a81824107314f736763c991f74f6c9528c4
a7fd2f507fb6be0688ecc84e7adf8196e459a82d5051e1621dfa9a01d3224eba
aa1158b44f51119c26a4cdc3be24e7180797346aa5d835d7e61dad271cb59f59
acfa1f03ac087fc08ca7389b23f01c47b31c6d00d412a21d9342af3c070fff57
af2fdef955568dc79de38bfb097d53586855945811b638d6c41513bd62e25cc4
afdc1e3230e9e7a3868a930a3378c56c04e0823ae295a62783a7c05b25ff36ba
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16975fe48dabe2e4674d67d3541badf178ed468241a34c1c6631b5a71e573c0
b2bdb6bc5062a7db0decd00a36a036f5975b19735e15ee4ca73e44de35972e4c
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b534bf5439e6346255cdfe8506bf01a71925106f3323dff2eccf2e7266b06929
b7e327a33ffec79dd819a9186c549ad959f9f7184d5f9c10faec851b5210c064
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
bcd020990e85c35214d11bdfc48a41e0082d614e681d9d38451b389090e4d4d2
bd205ffe59aa5dbad8d578251c5f0a3af93f88dafaa33628f00d99ffc3eca7c4
bdadaebb12ccec9dda1ea7e89314532056a699331e8d1f54a596f8632b7fe9e0
c15c5491059d973562247f8126972afc1ba58eee0f4ae29a12b77e83224adf68
c452dbda60c56a8e6583f9d582b02c1a7bd39e437bf137bf076cd41bd9725533
c65c4b1dcc3c11c6915571a25e4fe32162717f669d2cfa28517285b17bf2cdc6
c714ebb416fa0b15b725220bca8fbe1cbe2899605b8ef833f1de1f4f66169122
c8ea49170f990ad3ce862c2681ddae04daf36b496213451277aa803b5dab2c0b
c918f28e6a0ecc5bc0eb34bfe068e2d106a20f2c4c363587a952b0bdf84fbbd5
cace0a2687006def3765aa8443ffc58d003a1897b6d69abcff0d4a3112c45ec3
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
d8453c0d4be5e4379a0620dc5c8a7a1d3a410a5f78ba0c379c5b840f7d9ae19c
d974a126a84616000288e1211f666315da1c3bbce255057cc5a11d934ef698fe
daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca
dbad85147b47c3c3e23ec704c9e572676c3b4481eff7e77b6765fea11f252b9d
dbcf0f829c381f9c05e87265ef3580597acf870cb8dfc2b4525f7eedacf07705
dc420bfbeb7f621a48d230cde485c0d3b86922a107b6d5b8bac405f025d4b206
de2d174b8956ce02c80601c3f05b3033fd83b4607df0b2700b919d9d12653365
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4398e863ecd066e77ee4180c582e45424471d757666f8541b10c8e95685b5ea
e70dd2b13f3165a85a871f1863b5f17c7a68e961e2a2788a0921a630edf01bcc
edb0e4cf9be90dfbe2da6e6415afb682a484cfeba0869c89a94345e2ba0ae3a0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347
f06c5f18584e8d94f0b4997820910454e00e752f9ef1d317075879769e197529
f3c98611f8f32caa6629860c6134f95b569c17bdae68241fcb0570b4b9e26f60
f68870a1250e67d9eb6ae2bacb1fd3a1267db6a730f8e333fcf898c461588707
f77f0ca0a011af69f54c878b3c3d7501b7d2b73ef0cf146829f2e5c90d532445
fad796f400527cba6a2c12b072d901a2fe5202dc6e76a7c38139e8218324a26e
fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c
fc703dab29722d073f46611612fb3475b73ad131ce2113a0505ee34571afad91
fcfe8718632767474e43758fad2a1f98cdd3665a66e34a81c9d65140109d56f2
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40