urlscan.io logo urlscan.io
SecurityTrails logo

abrirumaconta.com Open in urlscan Pro
108.167.183.96  Public Scan

Go To Rescan Add Verdict Report
URL: https://abrirumaconta.com/
Submission: On May 15 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 8 domains to perform 63 HTTP transactions. The main IP is 108.167.183.96, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is abrirumaconta.com.
TLS certificate: Issued by R3 on March 13th 2021. Valid for: 3 months.
This is the only time abrirumaconta.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
32 108.167.183.96 46606 (UNIFIEDLA...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
1 1 104.17.175.181 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
14 2606:4700::68... 13335 (CLOUDFLAR...)
1 192.0.77.48 2635 (AUTOMATTIC)
2 13.69.68.15 8075 (MICROSOFT...)
6 94.31.29.128 33438 (HIGHWINDS2)
3 2606:4700::68... 13335 (CLOUDFLAR...)
63 10
32    108.167.183.96 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: nubica.com
abrirumaconta.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a02:26f0:7100::687e:24eb (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ads.leovegas.com
1    104.17.175.181 (United States)

ASN13335 (CLOUDFLARENET, US)
mediaserver.gvcaffiliates.com
1    2606:4700::6812:1781 (United States)

ASN13335 (CLOUDFLARENET, US)
mediaserver.entainpartners.com
14    2606:4700::6810:abbc (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.bannerflow.com
1    192.0.77.48 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org
s.w.org
2    13.69.68.15 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
55634380f50b9613805936af.tracker.bannerflow.com
575e53c686585416146c4c3c.tracker.bannerflow.com
6    94.31.29.128 (United Kingdom)

ASN33438 (HIGHWINDS2, US)
PTR: 94.31.29.128.IPYX-077437-ZYO.above.net
leovegas-leovegas.bannerflow.com
3    2606:4700::6810:adbc (United States)

ASN13335 (CLOUDFLARENET, US)
video.bannerflow.com
Domain Requested by
32 abrirumaconta.com abrirumaconta.com
14 cdn.bannerflow.com ads.leovegas.com
cdn.bannerflow.com
mediaserver.entainpartners.com
6 leovegas-leovegas.bannerflow.com cdn.bannerflow.com
3 video.bannerflow.com
2 fonts.gstatic.com fonts.googleapis.com
1 575e53c686585416146c4c3c.tracker.bannerflow.com cdn.bannerflow.com
1 55634380f50b9613805936af.tracker.bannerflow.com cdn.bannerflow.com
1 s.w.org abrirumaconta.com
1 mediaserver.entainpartners.com abrirumaconta.com
1 mediaserver.gvcaffiliates.com 1 redirects
1 ads.leovegas.com abrirumaconta.com
1 fonts.googleapis.com abrirumaconta.com
63 12

This site contains links to these domains. Also see Links.

Domain
mediaserver.gvcaffiliates.com
Subject Issuer Validity Valid
cpcontacts.abrirumaconta.com
R3		 2021-03-13 -
2021-06-11		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
sni.netrefer.com
R3		 2021-05-10 -
2021-08-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-12-10 -
2021-12-09		 a year crt.sh
*.w.org
Sectigo RSA Domain Validation Secure Server CA		 2019-12-19 -
2021-12-18		 2 years crt.sh
*.tracker.bannerflow.com
R3		 2021-03-30 -
2021-06-28		 3 months crt.sh
*.bannerflow.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-10 -
2022-03-13		 a year crt.sh

This page contains 8 frames:

Primary Page: https://abrirumaconta.com/
Frame ID: CB05ABDB85910C4665CD709647C1FAE6
Requests: 36 HTTP requests in this frame

Frame: https://ads.leovegas.com/ad.aspx?bid=16088&pid=3655377
Frame ID: C59AB642EF9E674E8E0F4CC7CFD5CF03
Requests: 4 HTTP requests in this frame

Frame: https://mediaserver.entainpartners.com/renderBanner.do?zoneId=1908386&t=f&v=1&securedDomain=y
Frame ID: F441664ACDE068FC5002CB14B77127ED
Requests: 4 HTTP requests in this frame

Frame: https://cdn.bannerflow.com/bf-banners/5e21cdb5c4d2672c089e196f.5vmfWffrqKeC.html?cb=637292693134966765&clickpixel=%2F%2F55634380f50b9613805936af.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522leovegas%2522%252C%2522brand%2522%253A%252255634380f50b9613805936af%2522%252C%2522placement%2522%253A%25225e256959c4d2672c089f7f46%2522%252C%2522ad%2522%253A%25225e21cdb5c4d2672c089e1970%2522%252C%2522bannerset%2522%253A%25225d7796a55cad9d2de8a6e5cc%2522%252C%2522banner%2522%253A%25225e21cdb5c4d2672c089e196f%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225e21cdb5c4d2672c089e196f%2522%257D&targeturl=http%3A%2F%2Fads.leovegas.com%2Fredirect.aspx%3Fbid%3D16088%26pid%3D3655377%26redirectUrl%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fabrirumaconta.com
Frame ID: E3A304E3436694C909F7DF0E3B30AFAD
Requests: 2 HTTP requests in this frame

Frame: https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c935.51WzzLuzuSn5.html?cb=637076020670576631&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06d%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c936%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c935%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c935%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908386&trackerId=4905609&wm=4905609&zoneid=1908386&ref=https%3A%2F%2Fabrirumaconta.com%2F
Frame ID: 87F8D64AD452D359F1D2C40C76B7431E
Requests: 2 HTTP requests in this frame

Frame: https://cdn.bannerflow.com/bf-banners/5e21cdb5c4d2672c089e196f.html?cb=637292693130232776&clickpixel=%2F%2F55634380f50b9613805936af.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522leovegas%2522%252C%2522brand%2522%253A%252255634380f50b9613805936af%2522%252C%2522placement%2522%253A%25225e256959c4d2672c089f7f46%2522%252C%2522ad%2522%253A%25225e21cdb5c4d2672c089e1970%2522%252C%2522bannerset%2522%253A%25225d7796a55cad9d2de8a6e5cc%2522%252C%2522banner%2522%253A%25225e21cdb5c4d2672c089e196f%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225e21cdb5c4d2672c089e196f%2522%257D&targeturl=http%3A%2F%2Fads.leovegas.com%2Fredirect.aspx%3Fbid%3D16088%26pid%3D3655377%26redirectUrl%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fabrirumaconta.com
Frame ID: 139B4F9C8BA3D9E4B5B02911D650E47A
Requests: 6 HTTP requests in this frame

Frame: https://leovegas-leovegas.bannerflow.com/resources/custom-resource-108b0930-4fc5-4b9d-95f1-7c90f9c953eb?cb=637188148031149834
Frame ID: A7C5007C12E492C973062400050282E2
Requests: 4 HTTP requests in this frame

Frame: https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c935.html?cb=637076020655361220&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06d%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c936%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c935%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c935%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908386&trackerId=4905609&wm=4905609&zoneid=1908386&ref=https%3A%2F%2Fabrirumaconta.com%2F
Frame ID: 52A94E438A3D9979D00D0095AF615D26
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

63
Requests

100 %
HTTPS

55 %
IPv6

8
Domains

12
Subdomains

10
IPs

4
Countries

700 kB
Transfer

1550 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://mediaserver.gvcaffiliates.com/renderBanner.do?zoneId=1908386&t=f&v=1&securedDomain=y HTTP 301
  • https://mediaserver.entainpartners.com/renderBanner.do?zoneId=1908386&t=f&v=1&securedDomain=y

63 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
abrirumaconta.com/ 		32 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
923bf07951901cff1fc1c0bd7ec0978cfc4a6920dc6c6b09ac1a51fbae42935e

Request headers

:method
GET
:authority
abrirumaconta.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 17:11:36 GMT
server
Apache
link
<https://abrirumaconta.com/wp-json/>; rel="https://api.w.org/", <https://abrirumaconta.com/wp-json/wp/v2/pages/24>; rel="alternate"; type="application/json", <https://abrirumaconta.com/>; rel=shortlink
vary
Accept-Encoding,User-Agent
content-encoding
gzip
content-length
10980
content-type
text/html; charset=UTF-8
itempropwp.css
abrirumaconta.com/wp-content/plugins/itempropwp/assets/css/ 		180 B
212 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-content/plugins/itempropwp/assets/css/itempropwp.css
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
104af3afbda2c371c33726c6a020b8d871de67fc85908ece74eb7b8c6b749146

Request headers

:path
/wp-content/plugins/itempropwp/assets/css/itempropwp.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 17:11:37 GMT
content-encoding
gzip
last-modified
Sat, 29 Jun 2019 15:12:27 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
157
style.min.css
abrirumaconta.com/wp-includes/css/dist/block-library/ 		57 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 17:11:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 02:53:50 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
11763
theme.min.css
abrirumaconta.com/wp-includes/css/dist/block-library/ 		3 KB
887 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-includes/css/dist/block-library/theme.min.css
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
3ee638689e343730a82027d03714f274b6c665cf7e3bf60b5208a3a0cdb3581d

Request headers

:path
/wp-includes/css/dist/block-library/theme.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 17:11:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 02:53:50 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
855
screen.min.css
abrirumaconta.com/wp-content/plugins/table-of-contents-plus/ 		1 KB
513 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-content/plugins/table-of-contents-plus/screen.min.css
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b

Request headers

:path
/wp-content/plugins/table-of-contents-plus/screen.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 17:11:37 GMT
content-encoding
gzip
last-modified
Thu, 02 Apr 2020 01:42:00 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
458
postratings-css.css
abrirumaconta.com/wp-content/plugins/wp-postratings/css/ 		1 KB
464 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-content/plugins/wp-postratings/css/postratings-css.css
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
c56b566e17c62870ce139b3a57bfb94a9d785792bd6ac2220d52426b8590d87f

Request headers

:path
/wp-content/plugins/wp-postratings/css/postratings-css.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 17:11:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 02:49:29 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
410
style.css
abrirumaconta.com/wp-content/themes//mts_schema// 		49 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-content/themes//mts_schema//style.css
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
9d1abfa53135ce73a1a80338df122468754a067ab1806c5b9bb050d8d17fe1cc

Request headers

:path
/wp-content/themes//mts_schema//style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 17:11:37 GMT
content-encoding
gzip
last-modified
Thu, 16 Jan 2020 01:02:11 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
15766
wp-review.css
abrirumaconta.com/wp-content/plugins/wp-review/public/css/ 		37 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-content/plugins/wp-review/public/css/wp-review.css
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
438ff3af395513310c69d935eb8c6e521312075673d2fdf0e82a7ad2d3037152

Request headers

:path
/wp-content/plugins/wp-review/public/css/wp-review.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 17:11:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 02:49:24 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
9345
style.css
abrirumaconta.com/wp-content/themes/child-schema/ 		376 B
336 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-content/themes/child-schema/style.css
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
38e8b806cb1e93fd1b2f8d8424de067184b07efa3e49409055ac2648e10de1fd

Request headers

:path
/wp-content/themes/child-schema/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 17:11:37 GMT
content-encoding
gzip
last-modified
Thu, 16 Jan 2020 01:26:53 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
246
responsive.css
abrirumaconta.com/wp-content/themes//mts_schema//css/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-content/themes//mts_schema//css/responsive.css
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
b09d3fbc4b0bc1a41314ec7fa8406e7d5a1938c88abbed8bcdf738c4e5d81339

Request headers

:path
/wp-content/themes//mts_schema//css/responsive.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 17:11:37 GMT
content-encoding
gzip
last-modified
Thu, 16 Jan 2020 01:02:11 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
3751
font-awesome.min.css
abrirumaconta.com/wp-content/themes//mts_schema//css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-content/themes//mts_schema//css/font-awesome.min.css
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
795534a47cda8149a867c710d77cc20ac76f4554468e632afa23a2faa7f7489e

Request headers

:path
/wp-content/themes//mts_schema//css/font-awesome.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 17:11:37 GMT
content-encoding
gzip
last-modified
Thu, 16 Jan 2020 01:02:11 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
7095
jquery.min.js
abrirumaconta.com/wp-includes/js/jquery/ 		87 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-includes/js/jquery/jquery.min.js
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path
/wp-includes/js/jquery/jquery.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 17:11:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 02:53:50 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-type
application/javascript
jquery-migrate.min.js
abrirumaconta.com/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 17:11:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 02:53:50 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
4618
customscript.js
abrirumaconta.com/wp-content/themes//mts_schema//js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-content/themes//mts_schema//js/customscript.js
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
0157c3a07cc92063ad4474282241c72048fec0d2d23099b55ef009df682cf712

Request headers

:path
/wp-content/themes//mts_schema//js/customscript.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 17:11:37 GMT
content-encoding
gzip
last-modified
Thu, 16 Jan 2020 01:02:11 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
2820
css
fonts.googleapis.com/ 		7 KB
806 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Slab:normal|Raleway:500|Raleway:700|Roboto+Slab:300&subset=latin
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b586ee73331caf0d897fe15aa5ed60b982d59cce30183c0a8402f94f6be2cde3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 15 May 2021 16:31:31 GMT
server
ESF
date
Sat, 15 May 2021 17:11:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 15 May 2021 17:11:37 GMT
mais18small.jpg
abrirumaconta.com/wp-content/uploads/2020/01/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abrirumaconta.com/wp-content/uploads/2020/01/mais18small.jpg
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
8ed46e74610f6f05636249806fb91cf967f22496213feeda435fd6fdfbaa5b7c

Request headers

:path
/wp-content/uploads/2020/01/mais18small.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 17:11:37 GMT
last-modified
Thu, 16 Jan 2020 02:53:04 GMT
server
Apache
accept-ranges
bytes
content-length
9285
content-type
image/jpeg
icons.css
abrirumaconta.com/wp-content/plugins/shortcodes-ultimate/includes/css/ 		33 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
a8478eb35ceb97b9c5adbbd3cc588b4dbf9c87977f4100f501314cba4eb39d03

Request headers

:path
/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 17:11:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 02:49:20 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
8083
shortcodes.css
abrirumaconta.com/wp-content/plugins/shortcodes-ultimate/includes/css/ 		46 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
22573d047950fe1d93b9440ce786ea90ae0f889c29857272f8deca81399c9004

Request headers

:path
/wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 17:11:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 02:49:20 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
12066
front.min.js
abrirumaconta.com/wp-content/plugins/table-of-contents-plus/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-content/plugins/table-of-contents-plus/front.min.js
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19

Request headers

:path
/wp-content/plugins/table-of-contents-plus/front.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 17:11:37 GMT
content-encoding
gzip
last-modified
Thu, 02 Apr 2020 01:42:00 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
2574
postratings-js.js
abrirumaconta.com/wp-content/plugins/wp-postratings/js/ 		3 KB
819 B 		Script
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-content/plugins/wp-postratings/js/postratings-js.js
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
c42425f18923921089911e70f39c6dd462794df2e42ac0596abc3884da6471fc

Request headers

:path
/wp-content/plugins/wp-postratings/js/postratings-js.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 17:11:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 02:49:29 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
787
layzr.min.js
abrirumaconta.com/wp-content/themes//mts_schema//js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-content/themes//mts_schema//js/layzr.min.js
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
830d83e7db0b07cb6ee90a4d62c1c7db0559abd2ce8ecfb95f66d569b3a60029

Request headers

:path
/wp-content/themes//mts_schema//js/layzr.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 17:11:37 GMT
content-encoding
gzip
last-modified
Thu, 16 Jan 2020 01:02:11 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
1889
js.cookie.min.js
abrirumaconta.com/wp-content/plugins/wp-review/public/js/ 		2 KB
910 B 		Script
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-content/plugins/wp-review/public/js/js.cookie.min.js
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
d5b071fda01315f271998e251812dcf8465dcf34bb9e436bb502235700c40eac

Request headers

:path
/wp-content/plugins/wp-review/public/js/js.cookie.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 17:11:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 02:49:24 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
878
underscore.min.js
abrirumaconta.com/wp-includes/js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-includes/js/underscore.min.js
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
6cd0d6897b3d4779f7d88ce72531f22fbf75851b195fb14e6f3f23d051b3d1e9

Request headers

:path
/wp-includes/js/underscore.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 17:11:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 02:53:50 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
6378
wp-util.min.js
abrirumaconta.com/wp-includes/js/ 		1 KB
623 B 		Script
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-includes/js/wp-util.min.js
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
6d7c73e67cbb5215d633ce9ad65f0c0377004621fce62982568024178ac4b589

Request headers

:path
/wp-includes/js/wp-util.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 17:11:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 02:53:50 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
591
main.js
abrirumaconta.com/wp-content/plugins/wp-review/public/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-content/plugins/wp-review/public/js/main.js
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
b471033f1864708331e5945f9003e0eed1d563d673d2666aca296198b9cc6ca7

Request headers

:path
/wp-content/plugins/wp-review/public/js/main.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 17:11:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 02:49:24 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
1170
wp-embed.min.js
abrirumaconta.com/wp-includes/js/ 		1 KB
809 B 		Script
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-includes/js/wp-embed.min.js
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path
/wp-includes/js/wp-embed.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 17:11:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 02:53:50 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
777
/
abrirumaconta.com/aposta/como-funcionam-as-apostas-on-line/ 		0
22 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/aposta/como-funcionam-as-apostas-on-line/
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/aposta/como-funcionam-as-apostas-on-line/
pragma
no-cache
purpose
prefetch
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
empty
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-pingback
https://abrirumaconta.com/xmlrpc.php
date
Sat, 15 May 2021 17:11:37 GMT
content-encoding
gzip
server
Apache
link
<https://abrirumaconta.com/wp-json/>; rel="https://api.w.org/", <https://abrirumaconta.com/wp-json/wp/v2/posts/37>; rel="alternate"; type="application/json", <https://abrirumaconta.com/?p=37>; rel=shortlink
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
wp-emoji-release.min.js
abrirumaconta.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 17:11:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 02:53:50 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
4942
nobg.png
abrirumaconta.com/wp-content/themes//mts_schema//images/ 		68 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abrirumaconta.com/wp-content/themes//mts_schema//images/nobg.png
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
01fc92b7704c3e3baaefd2ce87ce17e2ea266a1bb4244f032da25931e9c6fb92

Request headers

:path
/wp-content/themes//mts_schema//images/nobg.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 17:11:37 GMT
last-modified
Thu, 16 Jan 2020 01:02:11 GMT
server
Apache
accept-ranges
bytes
content-length
68
content-type
image/png
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v19/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v19/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:normal|Raleway:500|Raleway:700|Roboto+Slab:300&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://abrirumaconta.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 10:38:22 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 22:37:32 GMT
server
sffe
age
196395
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47272
x-xss-protection
0
expires
Fri, 13 May 2022 10:38:22 GMT
BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v13/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v13/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:normal|Raleway:500|Raleway:700|Roboto+Slab:300&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c79f09d1e74eadaf897561f5d70265ed2884663d34ad9c4d7f2aebff3b85a6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://abrirumaconta.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 15:44:07 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 22:03:59 GMT
server
sffe
age
178050
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39440
x-xss-protection
0
expires
Fri, 13 May 2022 15:44:07 GMT
ad.aspx
ads.leovegas.com/ Frame C59A 		238 B
787 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.leovegas.com/ad.aspx?bid=16088&pid=3655377
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::687e:24eb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0f66e8fdd00f89936fe75ee0aefa429c2d67211a17db5a6e3c9ba0139fe660c8

Request headers

:method
GET
:authority
ads.leovegas.com
:scheme
https
:path
/ad.aspx?bid=16088&pid=3655377
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://abrirumaconta.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://abrirumaconta.com/

Response headers

content-type
text/html; charset=utf-8
p3p
CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version
4.0.30319
x-akamai-transformed
9 238 0 pmb=mRUM,1
vary
Accept-Encoding
content-encoding
gzip
expires
Sat, 15 May 2021 17:11:37 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Sat, 15 May 2021 17:11:37 GMT
content-length
207
set-cookie
NetRefer_CookieUniTrack_V=%5b%7b%22PID%22%3a3655377%2c%22BID%22%3a16088%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1621098697657)%5c%2f%22%2c%22CookieTag%22%3a%221608836553775845122129C20215151811%22%7d%5d; SameSite=None;; domain=.leovegas.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
server-timing
cdn-cache; desc=MISS edge; dur=21 origin; dur=27
renderBanner.do
mediaserver.entainpartners.com/ Frame F441
Redirect Chain
  • https://mediaserver.gvcaffiliates.com/renderBanner.do?zoneId=1908386&t=f&v=1&securedDomain=y
  • https://mediaserver.entainpartners.com/renderBanner.do?zoneId=1908386&t=f&v=1&securedDomain=y
320 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mediaserver.entainpartners.com/renderBanner.do?zoneId=1908386&t=f&v=1&securedDomain=y
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1781 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
570f8dab95da24963c5a30369c3e5f829f336dd3acc57b2d8895fa1985a1d55f

Request headers

:method
GET
:authority
mediaserver.entainpartners.com
:scheme
https
:path
/renderBanner.do?zoneId=1908386&t=f&v=1&securedDomain=y
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://abrirumaconta.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://abrirumaconta.com/

Response headers

date
Sat, 15 May 2021 17:11:37 GMT
content-type
text/html;charset=UTF-8
content-language
en-US
set-cookie
ADRUM_BTa="R:26|g:6b059505-10c7-474b-a4a5-f3992281b0dc"; Version=1; Max-Age=30; Expires=Sat, 15-May-2021 17:12:07 GMT; Path=/ ADRUM_BTa="R:26|g:6b059505-10c7-474b-a4a5-f3992281b0dc|n:customer1_3ad3683b-4f2b-49aa-91cf-d6bdadcc6baf"; Version=1; Max-Age=30; Expires=Sat, 15-May-2021 17:12:07 GMT; Path=/ SameSite=None; Expires=Sat, 15-May-2021 17:12:07 GMT; Path=/; Secure JSESSIONID=CDB970046121417974F2B5721DB9DFE2; Path=/; HttpOnly ADRUM_BT1="R:26|i:293046"; Version=1; Max-Age=30; Expires=Sat, 15-May-2021 17:12:07 GMT; Path=/ ADRUM_BT1="R:26|i:293046|e:1"; Version=1; Max-Age=30; Expires=Sat, 15-May-2021 17:12:07 GMT; Path=/ ADRUM_BT1="R:26|i:293046|e:1|d:22"; Version=1; Max-Age=30; Expires=Sat, 15-May-2021 17:12:07 GMT; Path=/ __cf_bm=fff39597a114635dcaa12204e32d6dafa9920cf6-1621098697-1800-AYq0bnlChkGgUl8RxOXyOZOQeOQQMN93sdmcu4KRlQSKwJzY3AL/urRWUkCVpcQakc9BwKsk2Czj7o3okbiEiwQ=; path=/; expires=Sat, 15-May-21 17:41:37 GMT; domain=.entainpartners.com; HttpOnly; Secure; SameSite=None
vary
Accept-Encoding
x-ua-compatible
IE=EmulateIE7
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-request-id
0a129c2c0a0000981485bdc000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
64fdfc8cdd899814-FRA
content-encoding
gzip

Redirect headers

date
Sat, 15 May 2021 17:11:37 GMT
content-type
text/html; charset=iso-8859-1
content-length
313
location
https://mediaserver.entainpartners.com/renderBanner.do?zoneId=1908386&t=f&v=1&securedDomain=y
cf-cache-status
DYNAMIC
cf-request-id
0a129c2b9100001fbae1317000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
set-cookie
__cf_bm=ecc9d6d432ca08108a2866eb6199d946e6080a58-1621098697-1800-AbFAEmdzuYBSrqPYNiPEjxV5VO31XopB5upci2OWXq+FKeoiUmD0ZUV54qr7gLKYHqzZl3qmZOh0QoIWZd0iz54=; path=/; expires=Sat, 15-May-21 17:41:37 GMT; domain=.gvcaffiliates.com; HttpOnly; Secure; SameSite=None
server
cloudflare
cf-ray
64fdfc8c1b121fba-AMS
forkawesome-webfont.woff2
abrirumaconta.com/wp-content/plugins/shortcodes-ultimate/includes/fonts/fork-awesome/ 		88 KB
89 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-content/plugins/shortcodes-ultimate/includes/fonts/fork-awesome/forkawesome-webfont.woff2?v=1.0.11
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
ec8604d4eade6552031ca2e8d3af9b3a1393bdc11b39dcb8176c41f4e5fb678c

Request headers

:path
/wp-content/plugins/shortcodes-ultimate/includes/fonts/fork-awesome/forkawesome-webfont.woff2?v=1.0.11
pragma
no-cache
origin
https://abrirumaconta.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://abrirumaconta.com
Referer
https://abrirumaconta.com/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 17:11:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 02:49:20 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-type
font/woff2
5e256959c4d2672c089f7f46
cdn.bannerflow.com/bf-placements/ Frame C59A 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bannerflow.com/bf-placements/5e256959c4d2672c089f7f46?targeturl=http%3A%2F%2Fads.leovegas.com%2Fredirect.aspx%3Fbid%3D16088%26pid%3D3655377%26redirectUrl%3D
Requested by
Host: ads.leovegas.com
URL: https://ads.leovegas.com/ad.aspx?bid=16088&pid=3655377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:abbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11627155969a1b818dd7dbe6885ef058a711095745698bf7a16903fed9b20251

Request headers

Referer
https://ads.leovegas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 15 May 2021 17:11:37 GMT
content-encoding
br
cf-cache-status
MISS
content-md5
O6hEloK32iVghT7xZuyoQw==
cf-request-id
0a129c2bdd00000621fa091000000001
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 02 Jul 2020 06:48:34 GMT
server
cloudflare
etag
W/"0x8D81E53F09A2CFE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
00631ad6-301e-00d9-53ad-49679f000000
cache-control
public,max-age=900
x-ms-version
2014-02-14
cf-ray
64fdfc8c99b90621-FRA
rating_over.gif
abrirumaconta.com/wp-content/plugins/wp-postratings/images/stars/ 		523 B
561 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abrirumaconta.com/wp-content/plugins/wp-postratings/images/stars/rating_over.gif
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
71348f4f38512af6e6ba8062fe5545a783f91d1a07bcb300c246f1bad9b0d4b6

Request headers

:path
/wp-content/plugins/wp-postratings/images/stars/rating_over.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 17:11:37 GMT
last-modified
Wed, 21 Apr 2021 02:49:29 GMT
server
Apache
accept-ranges
bytes
content-length
523
content-type
image/gif
2705.svg
s.w.org/images/core/emoji/13.0.1/svg/ 		482 B
681 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/13.0.1/svg/2705.svg
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
1f026beb67630abcdbc341651b1c17591aa76261296a9fb118793765964eb4e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Sat, 15 May 2021 17:11:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 20 Oct 2020 16:13:32 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=315360000
accept-ranges
bytes
content-length
482
expires
Thu, 31 Dec 2037 23:55:55 GMT
fontawesome-webfont.woff2
abrirumaconta.com/wp-content/themes//mts_schema//fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-content/themes//mts_schema//fonts/fontawesome-webfont.woff2
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/wp-content/themes//mts_schema//css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

:path
/wp-content/themes//mts_schema//fonts/fontawesome-webfont.woff2
pragma
no-cache
origin
https://abrirumaconta.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/wp-content/themes//mts_schema//css/font-awesome.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://abrirumaconta.com
Referer
https://abrirumaconta.com/wp-content/themes//mts_schema//css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 17:11:37 GMT
content-encoding
gzip
last-modified
Thu, 16 Jan 2020 01:02:11 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-type
font/woff2
como-apostar-on-line-70x60.jpg
abrirumaconta.com/wp-content/uploads/2021/04/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abrirumaconta.com/wp-content/uploads/2021/04/como-apostar-on-line-70x60.jpg
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
bfe111af46ceb116d2b43b72242e80eaabb244f272a90e406a01fa0a40dbcec6

Request headers

:path
/wp-content/uploads/2021/04/como-apostar-on-line-70x60.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 17:11:37 GMT
last-modified
Thu, 22 Apr 2021 00:12:20 GMT
server
Apache
accept-ranges
bytes
content-length
3132
content-type
image/jpeg
render.min.js
cdn.bannerflow.com/scripts/1.5.17/ Frame C59A 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bannerflow.com/scripts/1.5.17/render.min.js
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/bf-placements/5e256959c4d2672c089f7f46?targeturl=http%3A%2F%2Fads.leovegas.com%2Fredirect.aspx%3Fbid%3D16088%26pid%3D3655377%26redirectUrl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:abbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46ab19458f30ef96463fbabfff680bcf0f5f582ca7190652c15476eef60654e4

Request headers

Referer
https://ads.leovegas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 15 May 2021 17:11:37 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
HDirVHlqpy/3JGeewr9WFw==
age
409
cf-request-id
0a129c2c7e00000621a33d3000000001
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Mon, 13 Jan 2020 13:59:49 GMT
server
cloudflare
etag
W/"0x8D79830DAEE6783"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a3c315d5-401e-005e-205e-1f32b0000000
cache-control
public, max-age=31530000
x-ms-version
2014-02-14
cf-ray
64fdfc8d9c720621-FRA
5e21cdb5c4d2672c089e196f.5vmfWffrqKeC.html
cdn.bannerflow.com/bf-banners/ Frame E3A3 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.bannerflow.com/bf-banners/5e21cdb5c4d2672c089e196f.5vmfWffrqKeC.html?cb=637292693134966765&clickpixel=%2F%2F55634380f50b9613805936af.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522leovegas%2522%252C%2522brand%2522%253A%252255634380f50b9613805936af%2522%252C%2522placement%2522%253A%25225e256959c4d2672c089f7f46%2522%252C%2522ad%2522%253A%25225e21cdb5c4d2672c089e1970%2522%252C%2522bannerset%2522%253A%25225d7796a55cad9d2de8a6e5cc%2522%252C%2522banner%2522%253A%25225e21cdb5c4d2672c089e196f%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225e21cdb5c4d2672c089e196f%2522%257D&targeturl=http%3A%2F%2Fads.leovegas.com%2Fredirect.aspx%3Fbid%3D16088%26pid%3D3655377%26redirectUrl%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fabrirumaconta.com
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/scripts/1.5.17/render.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:abbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91399161639c7b4f866a7a88b218811ec69a93b1fe606a61e559911111e69c2c

Request headers

:method
GET
:authority
cdn.bannerflow.com
:scheme
https
:path
/bf-banners/5e21cdb5c4d2672c089e196f.5vmfWffrqKeC.html?cb=637292693134966765&clickpixel=%2F%2F55634380f50b9613805936af.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522leovegas%2522%252C%2522brand%2522%253A%252255634380f50b9613805936af%2522%252C%2522placement%2522%253A%25225e256959c4d2672c089f7f46%2522%252C%2522ad%2522%253A%25225e21cdb5c4d2672c089e1970%2522%252C%2522bannerset%2522%253A%25225d7796a55cad9d2de8a6e5cc%2522%252C%2522banner%2522%253A%25225e21cdb5c4d2672c089e196f%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225e21cdb5c4d2672c089e196f%2522%257D&targeturl=http%3A%2F%2Fads.leovegas.com%2Fredirect.aspx%3Fbid%3D16088%26pid%3D3655377%26redirectUrl%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fabrirumaconta.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.leovegas.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.leovegas.com/

Response headers

date
Sat, 15 May 2021 17:11:38 GMT
content-type
text/html
cache-control
public, max-age=900
content-md5
wTAQdM6wA+/ILh/IXGrKEA==
last-modified
Thu, 03 Sep 2020 19:27:36 GMT
x-ms-request-id
b311c37f-701e-007f-0bad-495f81000000
x-ms-version
2014-02-14
x-ms-lease-status
unlocked
x-ms-lease-state
available
x-ms-blob-type
BlockBlob
access-control-allow-origin
*
cf-cache-status
MISS
cf-request-id
0a129c2ca100000621969d9000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
64fdfc8dcd2c0621-FRA
content-encoding
br
pixel
55634380f50b9613805936af.tracker.bannerflow.com/api/tr/v1/ Frame C59A 		32 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://55634380f50b9613805936af.tracker.bannerflow.com/api/tr/v1/pixel?data=%7B%22u%22%3A%7B%22sr%22%3A%5B1600%2C1200%5D%2C%22tz%22%3A%22%2B0200%22%2C%22r%22%3A%22https%3A%2F%2Fabrirumaconta.com%22%2C%22s%22%3A%221621098697887_28678%22%7D%2C%22a%22%3A%7B%22vs%22%3A%22v1.5.17%22%2C%22a%22%3A%22leovegas%22%2C%22br%22%3A%2255634380f50b9613805936af%22%2C%22c%22%3A%225d7796a55cad9d2de8a6e5cc%22%2C%22ad%22%3A%225e21cdb5c4d2672c089e1970%22%2C%22p%22%3A%225e256959c4d2672c089f7f46%22%2C%22b%22%3A%225e21cdb5c4d2672c089e196f%22%2C%22pl%22%3A1%2C%22r%22%3A0%2C%22an%22%3A1%2C%22s%22%3A%225a84042be6383d1e0c53d3da%22%2C%22t%22%3A%225d7796a55cad9d2de8a6e5d0%22%2C%22l%22%3A%225d3846f4a929cf1f4ce1bde2%22%2C%22bf%22%3A%225e21cdb5c4d2672c089e196d%22%7D%2C%22e%22%3A%5B%7B%22d%22%3A1621098697886%2C%22t%22%3A1%2C%22v%22%3A%7B%22vw%22%3A1%2C%22s%22%3A0%7D%7D%5D%7D
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/scripts/1.5.17/render.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.68.15 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1

Request headers

Referer
https://ads.leovegas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ads.leovegas.com
date
Sat, 15 May 2021 17:11:37 GMT
cache-control
no-store, must-revalidate, no-cache
access-control-allow-credentials
true
server
Kestrel
content-type
image/gif
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
5dc30a1c509e6d169063b06d
cdn.bannerflow.com/bf-placements/ Frame F441 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bannerflow.com/bf-placements/5dc30a1c509e6d169063b06d?targetwindow=_blank&&clickservice=https%3A%2F%2Fmediaserver.entainpartners.com%2FtrackAffiliateClick.do%3FzoneId%3D1908386%26trackerId%3D4905609&wm=4905609&zoneid=1908386
Requested by
Host: mediaserver.entainpartners.com
URL: https://mediaserver.entainpartners.com/renderBanner.do?zoneId=1908386&t=f&v=1&securedDomain=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:abbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c585fa68444254e8ebc0e409903af7aebdd9e2b42d8eb8381453534595a8f89d

Request headers

Referer
https://mediaserver.entainpartners.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 15 May 2021 17:11:38 GMT
content-encoding
br
cf-cache-status
REVALIDATED
content-md5
AFFUNnjD8iDJ0gZB7yN/dA==
cf-request-id
0a129c2cb4000006218722f000000001
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 06 Nov 2019 17:59:56 GMT
server
cloudflare
etag
W/"0x8D762E3223766F9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
05bd410b-001e-00da-3aa7-3d6498000000
cache-control
public,max-age=900
x-ms-version
2014-02-14
cf-ray
64fdfc8ded8c0621-FRA
cf-bgj
minify
5e21cdb5c4d2672c089e196f.5vmfWffrqKeC.jpg
leovegas-leovegas.bannerflow.com/bf-images/ Frame E3A3 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leovegas-leovegas.bannerflow.com/bf-images/5e21cdb5c4d2672c089e196f.5vmfWffrqKeC.jpg?cb=637292693134295451
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/bf-banners/5e21cdb5c4d2672c089e196f.5vmfWffrqKeC.html?cb=637292693134966765&clickpixel=%2F%2F55634380f50b9613805936af.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522leovegas%2522%252C%2522brand%2522%253A%252255634380f50b9613805936af%2522%252C%2522placement%2522%253A%25225e256959c4d2672c089f7f46%2522%252C%2522ad%2522%253A%25225e21cdb5c4d2672c089e1970%2522%252C%2522bannerset%2522%253A%25225d7796a55cad9d2de8a6e5cc%2522%252C%2522banner%2522%253A%25225e21cdb5c4d2672c089e196f%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225e21cdb5c4d2672c089e196f%2522%257D&targeturl=http%3A%2F%2Fads.leovegas.com%2Fredirect.aspx%3Fbid%3D16088%26pid%3D3655377%26redirectUrl%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fabrirumaconta.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
6f4b209119c019a947bdf343b4149c6aac704686970f5562863baf2a8fe2e7fb

Request headers

Referer
https://cdn.bannerflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 15 May 2021 17:11:38 GMT
content-md5
zavZ+OkarTwdiKji+e6eIQ==
x-cache
MISS
content-length
60655
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 02 Jul 2020 06:48:37 GMT
server
NetDNA-cache/2.2
etag
"0x8D81E53F2F02349"
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
f02a6c9d-e01e-00f9-48ad-490b53000000
cache-control
public, max-age=900
x-ms-version
2014-02-14
accept-ranges
bytes
render.min.js
cdn.bannerflow.com/scripts/1.5.8/ Frame F441 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bannerflow.com/scripts/1.5.8/render.min.js
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/bf-placements/5dc30a1c509e6d169063b06d?targetwindow=_blank&&clickservice=https%3A%2F%2Fmediaserver.entainpartners.com%2FtrackAffiliateClick.do%3FzoneId%3D1908386%26trackerId%3D4905609&wm=4905609&zoneid=1908386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:abbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c17e2e405e202306a1593ccb35d514da7af18f411e9d7a31e0556e16bc4f43df

Request headers

Referer
https://mediaserver.entainpartners.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 15 May 2021 17:11:38 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
b6UAGszaXaX21rwCOKLyNg==
age
291
cf-request-id
0a129c2d5a00000621fa0bc000000001
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 09 Oct 2019 06:50:49 GMT
server
cloudflare
etag
W/"0x8D74C8504DB248F"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9c4adf4a-f01e-0008-5ef7-37dac0000000
cache-control
public, max-age=31530000
x-ms-version
2014-02-14
cf-ray
64fdfc8ef8160621-FRA
59561c98bd8d3e173850c935.51WzzLuzuSn5.html
cdn.bannerflow.com/bf-banners/ Frame 87F8 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c935.51WzzLuzuSn5.html?cb=637076020670576631&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06d%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c936%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c935%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c935%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908386&trackerId=4905609&wm=4905609&zoneid=1908386&ref=https%3A%2F%2Fabrirumaconta.com%2F
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/scripts/1.5.8/render.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:abbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10f1b742ff325753c7c2630d67a0bcd3be9c0a72b236ffa5178b54abacc378de

Request headers

:method
GET
:authority
cdn.bannerflow.com
:scheme
https
:path
/bf-banners/59561c98bd8d3e173850c935.51WzzLuzuSn5.html?cb=637076020670576631&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06d%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c936%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c935%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c935%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908386&trackerId=4905609&wm=4905609&zoneid=1908386&ref=https%3A%2F%2Fabrirumaconta.com%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mediaserver.entainpartners.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://mediaserver.entainpartners.com/

Response headers

date
Sat, 15 May 2021 17:11:38 GMT
content-type
text/html
cache-control
public, max-age=900
content-md5
M2DlMYMgSGAew/FDy/VH0Q==
last-modified
Tue, 01 Sep 2020 22:03:04 GMT
x-ms-request-id
f9c1da69-501e-0086-72ad-499561000000
x-ms-version
2014-02-14
x-ms-lease-status
unlocked
x-ms-lease-state
available
x-ms-blob-type
BlockBlob
access-control-allow-origin
*
cf-cache-status
MISS
cf-request-id
0a129c2d7200000621ff0fd000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
64fdfc8f18720621-FRA
content-encoding
br
pixel
575e53c686585416146c4c3c.tracker.bannerflow.com/api/tr/v1/ Frame F441 		32 B
228 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://575e53c686585416146c4c3c.tracker.bannerflow.com/api/tr/v1/pixel?data=%7B%22u%22%3A%7B%22sr%22%3A%5B1600%2C1200%5D%2C%22tz%22%3A%22%2B0200%22%2C%22r%22%3A%22https%3A%2F%2Fabrirumaconta.com%2F%22%2C%22s%22%3A%221621098698097_70891%22%7D%2C%22a%22%3A%7B%22vs%22%3A%22v1.5.8%22%2C%22a%22%3A%22pgsm%22%2C%22br%22%3A%22575e53c686585416146c4c3c%22%2C%22c%22%3A%2258d91bcf9db2143fe8a27676%22%2C%22ad%22%3A%2259561c98bd8d3e173850c936%22%2C%22p%22%3A%225dc30a1c509e6d169063b06d%22%2C%22b%22%3A%2259561c98bd8d3e173850c935%22%2C%22pl%22%3A1%2C%22r%22%3A0%2C%22an%22%3A1%2C%22s%22%3A%22575e53c686585416146c4c4d%22%2C%22t%22%3A%2259561c96bd8d3e173850c911%22%2C%22l%22%3A%2258da145b9db213171c1507f0%22%2C%22bf%22%3A%2258d91bda9db2143fe8a27699%22%7D%2C%22e%22%3A%5B%7B%22d%22%3A1621098698097%2C%22t%22%3A1%2C%22v%22%3A%7B%22vw%22%3A1%2C%22s%22%3A0%7D%7D%5D%7D
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/scripts/1.5.8/render.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.68.15 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1

Request headers

Referer
https://mediaserver.entainpartners.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://mediaserver.entainpartners.com
date
Sat, 15 May 2021 17:11:37 GMT
cache-control
no-store, must-revalidate, no-cache
access-control-allow-credentials
true
server
Kestrel
content-type
image/gif
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
59561c98bd8d3e173850c935.51WzzLuzuSn5.gif
cdn.bannerflow.com/bf-images/ Frame 87F8 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bannerflow.com/bf-images/59561c98bd8d3e173850c935.51WzzLuzuSn5.gif?cb=637076020668857631
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c935.51WzzLuzuSn5.html?cb=637076020670576631&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06d%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c936%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c935%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c935%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908386&trackerId=4905609&wm=4905609&zoneid=1908386&ref=https%3A%2F%2Fabrirumaconta.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:abbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b0d50fb6f497c6e283bc598c5843ffd418ab4cda3b5c4d28d481a40a993fcbe

Request headers

Referer
https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c935.51WzzLuzuSn5.html?cb=637076020670576631&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06d%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c936%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c935%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c935%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908386&trackerId=4905609&wm=4905609&zoneid=1908386&ref=https%3A%2F%2Fabrirumaconta.com%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 15 May 2021 17:11:38 GMT
cf-cache-status
MISS
content-md5
b+wCcsvssCvUZGlxmRWalg==
content-length
65799
cf-request-id
0a129c2dfb0000062192ae4000000001
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 25 Oct 2019 12:07:49 GMT
server
cloudflare
etag
"0x8D75943F46203D8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
cd0bd393-501e-00af-02ad-49e323000000
cache-control
public, max-age=900
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
64fdfc8ffa770621-FRA
5e21cdb5c4d2672c089e196f.html
cdn.bannerflow.com/bf-banners/ Frame 139B 		45 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.bannerflow.com/bf-banners/5e21cdb5c4d2672c089e196f.html?cb=637292693130232776&clickpixel=%2F%2F55634380f50b9613805936af.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522leovegas%2522%252C%2522brand%2522%253A%252255634380f50b9613805936af%2522%252C%2522placement%2522%253A%25225e256959c4d2672c089f7f46%2522%252C%2522ad%2522%253A%25225e21cdb5c4d2672c089e1970%2522%252C%2522bannerset%2522%253A%25225d7796a55cad9d2de8a6e5cc%2522%252C%2522banner%2522%253A%25225e21cdb5c4d2672c089e196f%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225e21cdb5c4d2672c089e196f%2522%257D&targeturl=http%3A%2F%2Fads.leovegas.com%2Fredirect.aspx%3Fbid%3D16088%26pid%3D3655377%26redirectUrl%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fabrirumaconta.com
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/scripts/1.5.17/render.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:abbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0d834e4d1a463a8186e45563b2823cab2a4fa5d375ffcc5b8416019fce9949b

Request headers

:method
GET
:authority
cdn.bannerflow.com
:scheme
https
:path
/bf-banners/5e21cdb5c4d2672c089e196f.html?cb=637292693130232776&clickpixel=%2F%2F55634380f50b9613805936af.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522leovegas%2522%252C%2522brand%2522%253A%252255634380f50b9613805936af%2522%252C%2522placement%2522%253A%25225e256959c4d2672c089f7f46%2522%252C%2522ad%2522%253A%25225e21cdb5c4d2672c089e1970%2522%252C%2522bannerset%2522%253A%25225d7796a55cad9d2de8a6e5cc%2522%252C%2522banner%2522%253A%25225e21cdb5c4d2672c089e196f%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225e21cdb5c4d2672c089e196f%2522%257D&targeturl=http%3A%2F%2Fads.leovegas.com%2Fredirect.aspx%3Fbid%3D16088%26pid%3D3655377%26redirectUrl%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fabrirumaconta.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.leovegas.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.leovegas.com/

Response headers

date
Sat, 15 May 2021 17:11:39 GMT
content-type
text/html
cache-control
public,max-age=900
content-md5
Tpp/prCdCtISj/kdP+yA8w==
last-modified
Thu, 02 Jul 2020 06:48:33 GMT
x-ms-request-id
53d4390c-801e-000c-19ad-492f42000000
x-ms-version
2014-02-14
x-ms-lease-status
unlocked
x-ms-lease-state
available
x-ms-blob-type
BlockBlob
access-control-allow-origin
*
cf-cache-status
MISS
cf-request-id
0a129c308800000621c9169000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
64fdfc940c3b0621-FRA
content-encoding
br
bf.min.js
cdn.bannerflow.com/scripts/1.5.18/ Frame 139B 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bannerflow.com/scripts/1.5.18/bf.min.js
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/bf-banners/5e21cdb5c4d2672c089e196f.html?cb=637292693130232776&clickpixel=%2F%2F55634380f50b9613805936af.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522leovegas%2522%252C%2522brand%2522%253A%252255634380f50b9613805936af%2522%252C%2522placement%2522%253A%25225e256959c4d2672c089f7f46%2522%252C%2522ad%2522%253A%25225e21cdb5c4d2672c089e1970%2522%252C%2522bannerset%2522%253A%25225d7796a55cad9d2de8a6e5cc%2522%252C%2522banner%2522%253A%25225e21cdb5c4d2672c089e196f%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225e21cdb5c4d2672c089e196f%2522%257D&targeturl=http%3A%2F%2Fads.leovegas.com%2Fredirect.aspx%3Fbid%3D16088%26pid%3D3655377%26redirectUrl%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fabrirumaconta.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:abbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d0016f5120d31b112f33f3108028739bee87928d65ee5d82760945a4a733def

Request headers

Referer
https://cdn.bannerflow.com/bf-banners/5e21cdb5c4d2672c089e196f.html?cb=637292693130232776&clickpixel=%2F%2F55634380f50b9613805936af.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522leovegas%2522%252C%2522brand%2522%253A%252255634380f50b9613805936af%2522%252C%2522placement%2522%253A%25225e256959c4d2672c089f7f46%2522%252C%2522ad%2522%253A%25225e21cdb5c4d2672c089e1970%2522%252C%2522bannerset%2522%253A%25225d7796a55cad9d2de8a6e5cc%2522%252C%2522banner%2522%253A%25225e21cdb5c4d2672c089e196f%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225e21cdb5c4d2672c089e196f%2522%257D&targeturl=http%3A%2F%2Fads.leovegas.com%2Fredirect.aspx%3Fbid%3D16088%26pid%3D3655377%26redirectUrl%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fabrirumaconta.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 15 May 2021 17:11:39 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
Z3Mxb7pJkWIHGPYtWiacMw==
age
125
cf-request-id
0a129c313000000621ffb70000000001
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Tue, 14 Jan 2020 15:07:35 GMT
server
cloudflare
etag
W/"0x8D799037CED9781"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c0bf0f14-501e-004a-385f-1ff1d4000000
cache-control
public, max-age=31530000
x-ms-version
2014-02-14
cf-ray
64fdfc951ef40621-FRA
custom-resource-108b0930-4fc5-4b9d-95f1-7c90f9c953eb
leovegas-leovegas.bannerflow.com/resources/ Frame A7C5 		61 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://leovegas-leovegas.bannerflow.com/resources/custom-resource-108b0930-4fc5-4b9d-95f1-7c90f9c953eb?cb=637188148031149834
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/bf-banners/5e21cdb5c4d2672c089e196f.html?cb=637292693130232776&clickpixel=%2F%2F55634380f50b9613805936af.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522leovegas%2522%252C%2522brand%2522%253A%252255634380f50b9613805936af%2522%252C%2522placement%2522%253A%25225e256959c4d2672c089f7f46%2522%252C%2522ad%2522%253A%25225e21cdb5c4d2672c089e1970%2522%252C%2522bannerset%2522%253A%25225d7796a55cad9d2de8a6e5cc%2522%252C%2522banner%2522%253A%25225e21cdb5c4d2672c089e196f%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225e21cdb5c4d2672c089e196f%2522%257D&targeturl=http%3A%2F%2Fads.leovegas.com%2Fredirect.aspx%3Fbid%3D16088%26pid%3D3655377%26redirectUrl%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fabrirumaconta.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
6efcbcebb1640d3c6afb66b87b4bbb16a4b4a1a257966e51cf66154f560c882b

Request headers

:method
GET
:authority
leovegas-leovegas.bannerflow.com
:scheme
https
:path
/resources/custom-resource-108b0930-4fc5-4b9d-95f1-7c90f9c953eb?cb=637188148031149834
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cdn.bannerflow.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cdn.bannerflow.com/

Response headers

date
Sat, 15 May 2021 17:11:39 GMT
content-type
text/html
cache-control
public,max-age=900
content-md5
StPx9e07aQZyuuledOVMsg==
last-modified
Thu, 14 Jan 2021 13:15:56 GMT
etag
W/"0x8D8B88E870F947A"
x-ms-request-id
53d2fa6f-801e-000c-75ac-492f42000000
x-ms-version
2014-02-14
x-ms-lease-status
unlocked
x-ms-lease-state
available
x-ms-blob-type
BlockBlob
access-control-allow-origin
*
server
NetDNA-cache/2.2
x-cache
HIT
content-encoding
gzip
bf-18-leosafeplay-white-57e8173e-ed1a-40d3-a042-687fc4dd7c3d-C8o1C.png
leovegas-leovegas.bannerflow.com/resources/ Frame 139B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leovegas-leovegas.bannerflow.com/resources/bf-18-leosafeplay-white-57e8173e-ed1a-40d3-a042-687fc4dd7c3d-C8o1C.png?v=636797791650000000
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/bf-banners/5e21cdb5c4d2672c089e196f.html?cb=637292693130232776&clickpixel=%2F%2F55634380f50b9613805936af.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522leovegas%2522%252C%2522brand%2522%253A%252255634380f50b9613805936af%2522%252C%2522placement%2522%253A%25225e256959c4d2672c089f7f46%2522%252C%2522ad%2522%253A%25225e21cdb5c4d2672c089e1970%2522%252C%2522bannerset%2522%253A%25225d7796a55cad9d2de8a6e5cc%2522%252C%2522banner%2522%253A%25225e21cdb5c4d2672c089e196f%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225e21cdb5c4d2672c089e196f%2522%257D&targeturl=http%3A%2F%2Fads.leovegas.com%2Fredirect.aspx%3Fbid%3D16088%26pid%3D3655377%26redirectUrl%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fabrirumaconta.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
7a90bcd78ad4a3f087b389c75ff7288a24f3b0fdc350c8fef380bebbf4ac8494

Request headers

Referer
https://cdn.bannerflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 15 May 2021 17:11:39 GMT
content-md5
C/ZKnsdbYAY+Qfva0+guaQ==
x-cache
HIT
content-length
1721
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 07 Dec 2018 11:32:47 GMT
server
NetDNA-cache/2.2
etag
"0x8D65C37B66141A1"
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
3dc0d871-b01e-008c-58d8-478ce8000000
cache-control
public,max-age=604800
x-ms-version
2014-02-14
accept-ranges
bytes
mga-2-white-short-eb411864-0783-4a48-bba2-5d89ebe0d284-C8o21.png
leovegas-leovegas.bannerflow.com/resources/ Frame 139B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leovegas-leovegas.bannerflow.com/resources/mga-2-white-short-eb411864-0783-4a48-bba2-5d89ebe0d284-C8o21.png?v=636961145890000000
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/bf-banners/5e21cdb5c4d2672c089e196f.html?cb=637292693130232776&clickpixel=%2F%2F55634380f50b9613805936af.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522leovegas%2522%252C%2522brand%2522%253A%252255634380f50b9613805936af%2522%252C%2522placement%2522%253A%25225e256959c4d2672c089f7f46%2522%252C%2522ad%2522%253A%25225e21cdb5c4d2672c089e1970%2522%252C%2522bannerset%2522%253A%25225d7796a55cad9d2de8a6e5cc%2522%252C%2522banner%2522%253A%25225e21cdb5c4d2672c089e196f%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225e21cdb5c4d2672c089e196f%2522%257D&targeturl=http%3A%2F%2Fads.leovegas.com%2Fredirect.aspx%3Fbid%3D16088%26pid%3D3655377%26redirectUrl%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fabrirumaconta.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
510164e18330532b5d3d3d84f2248dcb5b6693497891c3314b0d25d25059f6d7

Request headers

Referer
https://cdn.bannerflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 15 May 2021 17:11:39 GMT
content-md5
ID/Zm3mvw9B6GnChWxXOdA==
x-cache
HIT
content-length
1636
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 14 Jun 2019 13:09:50 GMT
server
NetDNA-cache/2.2
etag
"0x8D6F0C99583B666"
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
5498774d-301e-00b4-1de7-48cdb1000000
cache-control
public,max-age=604800
x-ms-version
2014-02-14
accept-ranges
bytes
gg-leovegas-logo-horizontal-59585942-12fd-477c-95cd-1031ad4991f4-12Co6C.png
leovegas-leovegas.bannerflow.com/resources/ Frame 139B 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leovegas-leovegas.bannerflow.com/resources/gg-leovegas-logo-horizontal-59585942-12fd-477c-95cd-1031ad4991f4-12Co6C.png?v=637121037330000000
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/bf-banners/5e21cdb5c4d2672c089e196f.html?cb=637292693130232776&clickpixel=%2F%2F55634380f50b9613805936af.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522leovegas%2522%252C%2522brand%2522%253A%252255634380f50b9613805936af%2522%252C%2522placement%2522%253A%25225e256959c4d2672c089f7f46%2522%252C%2522ad%2522%253A%25225e21cdb5c4d2672c089e1970%2522%252C%2522bannerset%2522%253A%25225d7796a55cad9d2de8a6e5cc%2522%252C%2522banner%2522%253A%25225e21cdb5c4d2672c089e196f%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225e21cdb5c4d2672c089e196f%2522%257D&targeturl=http%3A%2F%2Fads.leovegas.com%2Fredirect.aspx%3Fbid%3D16088%26pid%3D3655377%26redirectUrl%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fabrirumaconta.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
f7975fff08aab32a6ad3a7fafc0e5234d5f00e0eaf5732fdc01f5bf96f69dba5

Request headers

Referer
https://cdn.bannerflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 15 May 2021 17:11:39 GMT
content-md5
qGDejAHkGOVxgxJjJsinUQ==
x-cache
HIT
content-length
7380
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Mon, 16 Dec 2019 14:35:37 GMT
server
NetDNA-cache/2.2
etag
"0x8D7823537C6783D"
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
2614f654-201e-000a-3dac-49d83a000000
cache-control
public,max-age=604800
x-ms-version
2014-02-14
accept-ranges
bytes
robotoslab-bold-6e784104-bc51-4cd2-9960-ba80517bf379--2152725917732801812-subset.woff
leovegas-leovegas.bannerflow.com/resources/ Frame 139B 		6 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://leovegas-leovegas.bannerflow.com/resources/robotoslab-bold-6e784104-bc51-4cd2-9960-ba80517bf379--2152725917732801812-subset.woff
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/bf-banners/5e21cdb5c4d2672c089e196f.html?cb=637292693130232776&clickpixel=%2F%2F55634380f50b9613805936af.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522leovegas%2522%252C%2522brand%2522%253A%252255634380f50b9613805936af%2522%252C%2522placement%2522%253A%25225e256959c4d2672c089f7f46%2522%252C%2522ad%2522%253A%25225e21cdb5c4d2672c089e1970%2522%252C%2522bannerset%2522%253A%25225d7796a55cad9d2de8a6e5cc%2522%252C%2522banner%2522%253A%25225e21cdb5c4d2672c089e196f%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225e21cdb5c4d2672c089e196f%2522%257D&targeturl=http%3A%2F%2Fads.leovegas.com%2Fredirect.aspx%3Fbid%3D16088%26pid%3D3655377%26redirectUrl%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fabrirumaconta.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
934de2dabef02c1901f5f2fb4ce300350c00ded0a1f70c358f2567ee2453d2c6

Request headers

Origin
https://cdn.bannerflow.com
Referer
https://cdn.bannerflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 15 May 2021 17:11:39 GMT
content-md5
GIrw9PXX31WabfiHfaoRxg==
x-cache
HIT
content-length
6572
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 22 Jan 2020 08:29:21 GMT
server
NetDNA-cache/2.2
etag
"0x8D79F152E0E7238"
content-type
application/x-font-woff
access-control-allow-origin
*
x-ms-request-id
01a56217-f01e-004c-31ac-4906ac000000
cache-control
public,max-age=604800
x-ms-version
2014-02-14
accept-ranges
bytes
comp_1_2-a4420a00-2008-11ea-a76d-a7956d45c0e2.mp4
video.bannerflow.com/leovegas/ Frame A7C5 		36 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://video.bannerflow.com/leovegas/comp_1_2-a4420a00-2008-11ea-a76d-a7956d45c0e2.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:adbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://leovegas-leovegas.bannerflow.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 15 May 2021 17:11:39 GMT
cf-cache-status
HIT
content-md5
33DoZPPAL13pg7tnFeBSow==
age
467385
x-ms-server-encrypted
true
Content-Range
bytes 0-358041/358042
content-disposition
Content-Length
358042
cf-request-id
0a129c31930000dff3e583c000000001
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-creation-time
Wed, 04 Nov 2020 06:23:29 GMT
last-modified
Wed, 04 Nov 2020 06:23:29 GMT
server
cloudflare
etag
"0x8D8808A255B69E4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
x-ms-request-id
050f4312-301e-005b-626d-45786c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Content-Language,Cache-Control,Last-Modified,ETag,x-ms-creation-time,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31530000
x-ms-version
2020-06-12
cf-ray
64fdfc95b968dff3-FRA
comp_1_2-a4420a00-2008-11ea-a76d-a7956d45c0e2.mp4
video.bannerflow.com/leovegas/ Frame A7C5 		30 KB
30 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://video.bannerflow.com/leovegas/comp_1_2-a4420a00-2008-11ea-a76d-a7956d45c0e2.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:adbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f45e277ccec81ad88f4124dc95d126c7ab5ef0e34d6e715ce84e183da701a51f

Request headers

Referer
https://leovegas-leovegas.bannerflow.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=327680-

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 15 May 2021 17:11:39 GMT
cf-cache-status
HIT
content-md5
33DoZPPAL13pg7tnFeBSow==
age
467385
x-ms-server-encrypted
true
Content-Range
bytes 327680-358041/358042
content-disposition
Content-Length
30362
cf-request-id
0a129c31b20000dff32534b000000001
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-creation-time
Wed, 04 Nov 2020 06:23:29 GMT
last-modified
Wed, 04 Nov 2020 06:23:29 GMT
server
cloudflare
etag
"0x8D8808A255B69E4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
x-ms-request-id
050f4312-301e-005b-626d-45786c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Content-Language,Cache-Control,Last-Modified,ETag,x-ms-creation-time,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31530000
x-ms-version
2020-06-12
cf-ray
64fdfc95e9d9dff3-FRA
comp_1_2-a4420a00-2008-11ea-a76d-a7956d45c0e2.mp4
video.bannerflow.com/leovegas/ Frame A7C5 		318 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://video.bannerflow.com/leovegas/comp_1_2-a4420a00-2008-11ea-a76d-a7956d45c0e2.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:adbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://leovegas-leovegas.bannerflow.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=32768-

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 15 May 2021 17:11:39 GMT
cf-cache-status
HIT
content-md5
33DoZPPAL13pg7tnFeBSow==
age
467385
x-ms-server-encrypted
true
Content-Range
bytes 32768-358041/358042
content-disposition
Content-Length
325274
cf-request-id
0a129c31c40000dff309020000000001
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-creation-time
Wed, 04 Nov 2020 06:23:29 GMT
last-modified
Wed, 04 Nov 2020 06:23:29 GMT
server
cloudflare
etag
"0x8D8808A255B69E4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
x-ms-request-id
050f4312-301e-005b-626d-45786c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Content-Language,Cache-Control,Last-Modified,ETag,x-ms-creation-time,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31530000
x-ms-version
2020-06-12
cf-ray
64fdfc960a18dff3-FRA
59561c98bd8d3e173850c935.html
cdn.bannerflow.com/bf-banners/ Frame 52A9 		32 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c935.html?cb=637076020655361220&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06d%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c936%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c935%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c935%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908386&trackerId=4905609&wm=4905609&zoneid=1908386&ref=https%3A%2F%2Fabrirumaconta.com%2F
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/scripts/1.5.8/render.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:abbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d574dcc1e8c54d2517097598dc66f428869f33e596ff8fdabda1f9ef99dc51de

Request headers

:method
GET
:authority
cdn.bannerflow.com
:scheme
https
:path
/bf-banners/59561c98bd8d3e173850c935.html?cb=637076020655361220&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06d%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c936%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c935%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c935%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908386&trackerId=4905609&wm=4905609&zoneid=1908386&ref=https%3A%2F%2Fabrirumaconta.com%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mediaserver.entainpartners.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://mediaserver.entainpartners.com/

Response headers

date
Sat, 15 May 2021 17:11:39 GMT
content-type
text/html
cache-control
public,max-age=900
content-md5
Bn/ZRWMGr/hXe+rAvyJUaQ==
last-modified
Fri, 25 Oct 2019 12:07:45 GMT
x-ms-request-id
3bad64be-501e-000e-1e1a-3a2db8000000
x-ms-version
2014-02-14
x-ms-lease-status
unlocked
x-ms-lease-state
available
x-ms-blob-type
BlockBlob
access-control-allow-origin
*
cf-cache-status
REVALIDATED
cf-request-id
0a129c32d400000621e014c000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
64fdfc97be610621-FRA
content-encoding
br
bf.min.js
cdn.bannerflow.com/scripts/1.5.9/ Frame 52A9 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bannerflow.com/scripts/1.5.9/bf.min.js
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c935.html?cb=637076020655361220&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06d%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c936%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c935%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c935%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908386&trackerId=4905609&wm=4905609&zoneid=1908386&ref=https%3A%2F%2Fabrirumaconta.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:abbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21be47897eda6bc13da8a5746062b66466691ab5ae0d63b038ee0a74de9fe6ac

Request headers

Referer
https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c935.html?cb=637076020655361220&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06d%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c936%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c935%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c935%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908386&trackerId=4905609&wm=4905609&zoneid=1908386&ref=https%3A%2F%2Fabrirumaconta.com%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 15 May 2021 17:11:39 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
7S1P1z/Dxt3LuuUNNRjOTg==
age
474
cf-request-id
0a129c334d00000621b62db000000001
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 24 Oct 2019 08:12:37 GMT
server
cloudflare
etag
W/"0x8D75859EEE2FC64"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
2851eff2-001e-003f-696c-33766f000000
cache-control
public, max-age=31530000
x-ms-version
2014-02-14
cf-ray
64fdfc9878ac0621-FRA
sbbr-serieb-728x90-599593c2-d550-4572-bd37-128d2856c45b-2D8o5A.jpg
cdn.bannerflow.com/resources/ Frame 52A9 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bannerflow.com/resources/sbbr-serieb-728x90-599593c2-d550-4572-bd37-128d2856c45b-2D8o5A.jpg?v=636209368830000000
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c935.html?cb=637076020655361220&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06d%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c936%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c935%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c935%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908386&trackerId=4905609&wm=4905609&zoneid=1908386&ref=https%3A%2F%2Fabrirumaconta.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:abbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b1b94fc7dff0378f222f8d962f88e9f3a77a3545bfacd111ffa22e2b55c01f7

Request headers

Referer
https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c935.html?cb=637076020655361220&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06d%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c936%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c935%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c935%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908386&trackerId=4905609&wm=4905609&zoneid=1908386&ref=https%3A%2F%2Fabrirumaconta.com%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 15 May 2021 17:11:39 GMT
cf-cache-status
REVALIDATED
content-md5
ayxhSN8rmbGSZZ5xLiTkYA==
cf-polished
origSize=10480, status=webp_bigger
content-length
9439
cf-request-id
0a129c33520000062196a80000000001
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 25 Jan 2017 10:28:03 GMT
server
cloudflare
etag
"0x8D4450CD86C8CC2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
4553b180-a01e-00f5-3a61-48e5a2000000
cache-control
public,max-age=604800
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
64fdfc9888c10621-FRA
cf-bgj
imgq:100,h2pri
logo-en-nolead-99837248-7bd5-4f52-950d-818b557c1f11-200x49.png
cdn.bannerflow.com/resources/ Frame 52A9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bannerflow.com/resources/logo-en-nolead-99837248-7bd5-4f52-950d-818b557c1f11-200x49.png?v=635779176870000000
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c935.html?cb=637076020655361220&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06d%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c936%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c935%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c935%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908386&trackerId=4905609&wm=4905609&zoneid=1908386&ref=https%3A%2F%2Fabrirumaconta.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:abbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
500509caa8fd77c93b16d435edcde886c5d42e27e2e87934246b5ebf4da0a8c7

Request headers

Referer
https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c935.html?cb=637076020655361220&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06d%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c936%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c935%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c935%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908386&trackerId=4905609&wm=4905609&zoneid=1908386&ref=https%3A%2F%2Fabrirumaconta.com%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 15 May 2021 17:11:39 GMT
cf-cache-status
REVALIDATED
content-md5
oDx1Wca6lv6fUHLulmtVlQ==
cf-polished
origFmt=png, origSize=2302
content-disposition
inline; filename="logo-en-nolead-99837248-7bd5-4f52-950d-818b557c1f11-200x49.webp"
content-length
2124
cf-request-id
0a129c335300000621ea995000000001
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 28 Jun 2017 08:52:21 GMT
server
cloudflare
etag
"0x8D4BE02FD617519"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
x-ms-request-id
f82ef5fb-001e-0059-160f-38c435000000
cache-control
public,max-age=604800
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
64fdfc9888c20621-FRA
cf-bgj
imgq:100,h2pri
FrutigerNeueLTW1G-Heavy-a50ebf27-c4ac-4e24-aa28-a52fcb431e22-3209679913567323106-subset.woff
cdn.bannerflow.com/resources/ Frame 52A9 		4 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.bannerflow.com/resources/FrutigerNeueLTW1G-Heavy-a50ebf27-c4ac-4e24-aa28-a52fcb431e22-3209679913567323106-subset.woff
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c935.html?cb=637076020655361220&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06d%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c936%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c935%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c935%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908386&trackerId=4905609&wm=4905609&zoneid=1908386&ref=https%3A%2F%2Fabrirumaconta.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:abbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b010806e27150d57cc02b5b112946598f444c935fe96a7f4d655aa5e8fd3728b

Request headers

Origin
https://cdn.bannerflow.com
Referer
https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c935.html?cb=637076020655361220&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06d%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c936%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c935%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c935%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908386&trackerId=4905609&wm=4905609&zoneid=1908386&ref=https%3A%2F%2Fabrirumaconta.com%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 15 May 2021 17:11:39 GMT
cf-cache-status
REVALIDATED
content-md5
cSeX6JyjZvHLIRAoKuHi3w==
content-length
4560
cf-request-id
0a129c335300000621e015f000000001
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 25 Oct 2019 12:02:44 GMT
server
cloudflare
etag
"0x8D759433ECD1ED2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-font-woff
access-control-allow-origin
*
x-ms-request-id
6928bee9-301e-011a-0541-38a889000000
cache-control
public,max-age=604800
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
64fdfc9888c30621-FRA

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings undefined| $ function| jQuery object| mts_customscript object| tocplus object| ratingsL10n object| ratings_mouseover_image object| twemoji object| wp number| post_id number| post_rating boolean| is_being_rated function| current_rating function| ratings_off function| set_is_being_rated function| rate_post_success function| rate_post function| Cookies function| _ object| _wpUtilSettings object| wpreview function| wp_review_rate object| layzrInstance function| Layzr

2 Cookies

Domain/Path Name / Value
.entainpartners.com/ Name: __cf_bm
Value: fff39597a114635dcaa12204e32d6dafa9920cf6-1621098697-1800-AYq0bnlChkGgUl8RxOXyOZOQeOQQMN93sdmcu4KRlQSKwJzY3AL/urRWUkCVpcQakc9BwKsk2Czj7o3okbiEiwQ=
.leovegas.com/ Name: NetRefer_CookieUniTrack_V
Value: %5b%7b%22PID%22%3a3655377%2c%22BID%22%3a16088%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1621098697657)%5c%2f%22%2c%22CookieTag%22%3a%221608836553775845122129C20215151811%22%7d%5d

1 Console Messages

Source Level URL
Text
console-api log URL: https://abrirumaconta.com/wp-includes/js/jquery/jquery-migrate.min.js(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

55634380f50b9613805936af.tracker.bannerflow.com
575e53c686585416146c4c3c.tracker.bannerflow.com
abrirumaconta.com
ads.leovegas.com
cdn.bannerflow.com
fonts.googleapis.com
fonts.gstatic.com
leovegas-leovegas.bannerflow.com
mediaserver.entainpartners.com
mediaserver.gvcaffiliates.com
s.w.org
video.bannerflow.com
104.17.175.181
108.167.183.96
13.69.68.15
192.0.77.48
2606:4700::6810:abbc
2606:4700::6810:adbc
2606:4700::6812:1781
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a02:26f0:7100::687e:24eb
94.31.29.128
0157c3a07cc92063ad4474282241c72048fec0d2d23099b55ef009df682cf712
01fc92b7704c3e3baaefd2ce87ce17e2ea266a1bb4244f032da25931e9c6fb92
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0f66e8fdd00f89936fe75ee0aefa429c2d67211a17db5a6e3c9ba0139fe660c8
104af3afbda2c371c33726c6a020b8d871de67fc85908ece74eb7b8c6b749146
10f1b742ff325753c7c2630d67a0bcd3be9c0a72b236ffa5178b54abacc378de
11627155969a1b818dd7dbe6885ef058a711095745698bf7a16903fed9b20251
1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126
1b1b94fc7dff0378f222f8d962f88e9f3a77a3545bfacd111ffa22e2b55c01f7
1f026beb67630abcdbc341651b1c17591aa76261296a9fb118793765964eb4e9
21be47897eda6bc13da8a5746062b66466691ab5ae0d63b038ee0a74de9fe6ac
22573d047950fe1d93b9440ce786ea90ae0f889c29857272f8deca81399c9004
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b
38e8b806cb1e93fd1b2f8d8424de067184b07efa3e49409055ac2648e10de1fd
3ee638689e343730a82027d03714f274b6c665cf7e3bf60b5208a3a0cdb3581d
438ff3af395513310c69d935eb8c6e521312075673d2fdf0e82a7ad2d3037152
46ab19458f30ef96463fbabfff680bcf0f5f582ca7190652c15476eef60654e4
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19
500509caa8fd77c93b16d435edcde886c5d42e27e2e87934246b5ebf4da0a8c7
510164e18330532b5d3d3d84f2248dcb5b6693497891c3314b0d25d25059f6d7
570f8dab95da24963c5a30369c3e5f829f336dd3acc57b2d8895fa1985a1d55f
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
6cd0d6897b3d4779f7d88ce72531f22fbf75851b195fb14e6f3f23d051b3d1e9
6d0016f5120d31b112f33f3108028739bee87928d65ee5d82760945a4a733def
6d7c73e67cbb5215d633ce9ad65f0c0377004621fce62982568024178ac4b589
6efcbcebb1640d3c6afb66b87b4bbb16a4b4a1a257966e51cf66154f560c882b
6f4b209119c019a947bdf343b4149c6aac704686970f5562863baf2a8fe2e7fb
71348f4f38512af6e6ba8062fe5545a783f91d1a07bcb300c246f1bad9b0d4b6
795534a47cda8149a867c710d77cc20ac76f4554468e632afa23a2faa7f7489e
7a90bcd78ad4a3f087b389c75ff7288a24f3b0fdc350c8fef380bebbf4ac8494
7b0d50fb6f497c6e283bc598c5843ffd418ab4cda3b5c4d28d481a40a993fcbe
830d83e7db0b07cb6ee90a4d62c1c7db0559abd2ce8ecfb95f66d569b3a60029
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
8c79f09d1e74eadaf897561f5d70265ed2884663d34ad9c4d7f2aebff3b85a6b
8ed46e74610f6f05636249806fb91cf967f22496213feeda435fd6fdfbaa5b7c
91399161639c7b4f866a7a88b218811ec69a93b1fe606a61e559911111e69c2c
923bf07951901cff1fc1c0bd7ec0978cfc4a6920dc6c6b09ac1a51fbae42935e
934de2dabef02c1901f5f2fb4ce300350c00ded0a1f70c358f2567ee2453d2c6
9d1abfa53135ce73a1a80338df122468754a067ab1806c5b9bb050d8d17fe1cc
a8478eb35ceb97b9c5adbbd3cc588b4dbf9c87977f4100f501314cba4eb39d03
b010806e27150d57cc02b5b112946598f444c935fe96a7f4d655aa5e8fd3728b
b09d3fbc4b0bc1a41314ec7fa8406e7d5a1938c88abbed8bcdf738c4e5d81339
b471033f1864708331e5945f9003e0eed1d563d673d2666aca296198b9cc6ca7
b586ee73331caf0d897fe15aa5ed60b982d59cce30183c0a8402f94f6be2cde3
bfe111af46ceb116d2b43b72242e80eaabb244f272a90e406a01fa0a40dbcec6
c0d834e4d1a463a8186e45563b2823cab2a4fa5d375ffcc5b8416019fce9949b
c17e2e405e202306a1593ccb35d514da7af18f411e9d7a31e0556e16bc4f43df
c42425f18923921089911e70f39c6dd462794df2e42ac0596abc3884da6471fc
c56b566e17c62870ce139b3a57bfb94a9d785792bd6ac2220d52426b8590d87f
c585fa68444254e8ebc0e409903af7aebdd9e2b42d8eb8381453534595a8f89d
d574dcc1e8c54d2517097598dc66f428869f33e596ff8fdabda1f9ef99dc51de
d5b071fda01315f271998e251812dcf8465dcf34bb9e436bb502235700c40eac
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec8604d4eade6552031ca2e8d3af9b3a1393bdc11b39dcb8176c41f4e5fb678c
f45e277ccec81ad88f4124dc95d126c7ab5ef0e34d6e715ce84e183da701a51f
f7975fff08aab32a6ad3a7fafc0e5234d5f00e0eaf5732fdc01f5bf96f69dba5