urlscan.io logo urlscan.io
SecurityTrails logo

www.arnolds.com.br Open in urlscan Pro
54.36.217.27  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5Y...
Effective URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Submission Tags: falconsandbox
Submission: On May 12 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 85 IPs in 10 countries across 69 domains to perform 381 HTTP transactions. The main IP is 54.36.217.27, located in France and belongs to OVH, FR. The main domain is www.arnolds.com.br.
TLS certificate: Issued by R3 on March 27th 2021. Valid for: 3 months.
This is the only time www.arnolds.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13 54.36.217.27 16276 (OVH)
4 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:211... 16509 (AMAZON-02)
2 2600:9000:206... 16509 (AMAZON-02)
7 216.58.212.130 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 18.196.233.38 16509 (AMAZON-02)
1 2a04:4e42:1b:... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 13.224.95.69 16509 (AMAZON-02)
1 30 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 81.171.10.216 60781 (LEASEWEB-...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 67.202.94.93 32748 (STEADFAST)
1 2 54.229.187.52 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 3 2a00:1450:400... 15169 (GOOGLE)
13 23 142.250.185.98 15169 (GOOGLE)
3 7 2.18.234.21 16625 (AKAMAI-AS)
5 8 185.33.221.13 29990 (ASN-APPNEX)
1 148.69.64.109 12353 (VODAFONE-...)
3 139.45.197.243 9002 (RETN-AS)
6 142.250.186.162 15169 (GOOGLE)
1 2a03:2880:f01... 32934 (FACEBOOK)
3 54.76.195.29 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 1 148.69.64.76 12353 (VODAFONE-...)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
1 139.45.195.8 9002 (RETN-AS)
2 54.175.18.14 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 91.92.196.187 49882 (SKRILL)
1 1 77.87.181.63 43338 (RATIONAL-AS)
1 3 91.211.98.226 48536 (FILCO-AS)
10 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 4 35.244.159.8 15169 (GOOGLE)
1 2 104.111.242.245 16625 (AKAMAI-AS)
6 213.254.244.26 3257 (GTT-BACKB...)
1 3 172.217.16.134 15169 (GOOGLE)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 2a00:1288:110... 34010 (YAHOO-IRD)
2 2 64.202.112.191 22075 (AS-OUTBRAIN)
2 2 213.19.147.45 26120 (RHYTHMONE)
1 1 2.18.235.93 16625 (AKAMAI-AS)
1 52.69.69.122 16509 (AMAZON-02)
37 23.37.44.205 16625 (AKAMAI-AS)
1 77.87.179.68 43338 (RATIONAL-AS)
6 104.111.248.191 16625 (AKAMAI-AS)
7 2.18.233.201 16625 (AKAMAI-AS)
5 77.87.177.43 43338 (RATIONAL-AS)
14 54.228.243.159 16509 (AMAZON-02)
1 77.87.178.197 43338 (RATIONAL-AS)
2 77.87.180.198 43338 (RATIONAL-AS)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
4 52.215.226.154 16509 (AMAZON-02)
12 152.199.20.219 15133 (EDGECAST)
3 2a03:2880:f01... 32934 (FACEBOOK)
2 13.32.6.52 16509 (AMAZON-02)
1 2.18.232.130 16625 (AKAMAI-AS)
2 13 185.33.221.14 29990 (ASN-APPNEX)
2 2 151.101.114.49 54113 (FASTLY)
1 1 185.29.135.233 30419 (MEDIAMATH...)
3 13 209.197.3.19 20446 (HIGHWINDS3)
1 2 216.58.212.134 15169 (GOOGLE)
3 17 85.17.192.105 60781 (LEASEWEB-...)
2 2a03:2880:f11... 32934 (FACEBOOK)
6 213.254.244.11 3257 (GTT-BACKB...)
1 199.232.136.157 54113 (FASTLY)
2 35.186.226.184 15169 (GOOGLE)
3 142.250.181.226 15169 (GOOGLE)
1 104.244.42.3 13414 (TWITTER)
1 104.244.42.5 13414 (TWITTER)
2 2a00:1450:400... 15169 (GOOGLE)
5 52.17.98.114 16509 (AMAZON-02)
4 35.227.248.159 15169 (GOOGLE)
1 142.250.74.194 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
381 85
13    54.36.217.27 (France)

ASN16276 (OVH, FR)
PTR: adssuper.com
www.adssuper.com
adssuper.com
www.arnolds.com.br
4    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:211a:4800:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.optad360.io
2    2600:9000:206f:f400:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
7    216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2606:4700:20::681a:737 (United States)

ASN13335 (CLOUDFLARENET, US)
adplus.proadscdn.com
cdn.proadscdn.com
1    2606:4700:3031::ac43:a4a4 (United States)

ASN13335 (CLOUDFLARENET, US)
ad.lomadee.fun
1    2606:4700:20::ac43:4739 (United States)

ASN13335 (CLOUDFLARENET, US)
waust.at
6    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
11    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
9    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700:20::681a:637 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.proadscdn.com
1    18.196.233.38 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-233-38.eu-central-1.compute.amazonaws.com
stat.optad360.mgr.consensu.org
1    2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.fr
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
2    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    13.224.95.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-69.zrh50.r.cloudfront.net
ad.lomadee.com
30    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
adservice.google.fr
pagead2.googlesyndication.com
googleads.g.doubleclick.net
3    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
18    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    81.171.10.216 (Nijverdal, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
rotumal.com
1    2606:4700:20::681a:a75 (United States)

ASN13335 (CLOUDFLARENET, US)
clevernt.com
3    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    67.202.94.93 (United States)

ASN32748 (STEADFAST, US)
PTR: amung.us
whos.amung.us
2    54.229.187.52 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-187-52.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
7    2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
5    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
3    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
23    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
7    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
8    185.33.221.13 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    148.69.64.109 (Porto, Portugal)

ASN12353 (VODAFONE-PT Vodafone Portugal, PT)
PTR: host-109.clevernetwork.pt
ui.clevernt.com
3    139.45.197.243 (United Kingdom)

ASN9002 (RETN-AS, GB)
onmarshtompor.com
6    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2a03:2880:f01c:8004:face:b00c:0:8c (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
ad.atdmt.com
3    54.76.195.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-195-29.eu-west-1.compute.amazonaws.com
static.adsafeprotected.com
1    2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com
1    148.69.64.76 (Porto, Portugal)

ASN12353 (VODAFONE-PT Vodafone Portugal, PT)
sender.clevernt.com
6    2606:4700:20::ac43:447b (United States)

ASN13335 (CLOUDFLARENET, US)
lp.clevernetwork.pt
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
2    54.175.18.14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-18-14.compute-1.amazonaws.com
dt.adsafeprotected.com
1    2606:4700::6810:a723 (United States)

ASN13335 (CLOUDFLARENET, US)
ajax.cloudflare.com
2    91.92.196.187 (United Kingdom)

ASN49882 (SKRILL, GB)
secure.starsaffiliateclub.com
1    77.87.181.63 (Isle of Man, Isle Of Man)

ASN43338 (RATIONAL-AS, IM)
www.pokerstars.com
3    91.211.98.226 (Isle of Man, Isle Of Man)

ASN48536 (FILCO-AS, IM)
PTR: 98-226.colo.sta.blacknight.ie
www.pokerstars.fr
10    2a02:26f0:6c00:286::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
cdn3.doubleverify.com
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
2    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
6    213.254.244.26 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
rtb0.doubleverify.com
tps20516.doubleverify.com
tps.doubleverify.com
3    172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net
ad.doubleclick.net
8954552.fls.doubleclick.net
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
gcm.ctnsnet.com
1    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
2    64.202.112.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
b1sync.zemanta.com
2    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
cs.media.net
1    52.69.69.122 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-69-69-122.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
37    23.37.44.205 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-44-205.deploy.static.akamaitechnologies.com
cmsstorage.rationalcdn.com
cashier.rationalcdn.com
s4.rationalcdn.com
1    77.87.179.68 (Douglas, Isle Of Man)

ASN43338 (RATIONAL-AS, IM)
starscrm.com
6    104.111.248.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-248-191.deploy.static.akamaitechnologies.com
s.btstatic.com
7    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
5    77.87.177.43 (Isle of Man, Isle Of Man)

ASN43338 (RATIONAL-AS, IM)
ram.pokerstars.fr
14    54.228.243.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-243-159.eu-west-1.compute.amazonaws.com
s.thebrighttag.com
1    77.87.178.197 (Isle of Man, Isle Of Man)

ASN43338 (RATIONAL-AS, IM)
rewards.starsaccount.com
2    77.87.180.198 (Isle of Man, Isle Of Man)

ASN43338 (RATIONAL-AS, IM)
www.psimg.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
4    52.215.226.154 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
u360.d-bi.fr
12    152.199.20.219 (United States)

ASN15133 (EDGECAST, US)
cdn.tradelab.fr
3    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    13.32.6.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-6-52.vie50.r.cloudfront.net
sc-static.net
1    2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
13    185.33.221.14 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
secure.adnxs.com
2    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    185.29.135.233 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
13    209.197.3.19 (United States)

ASN20446 (HIGHWINDS3, US)
servedby.flashtalking.com
2    216.58.212.134 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f6.1e100.net
8526803.fls.doubleclick.net
17    85.17.192.105 (The Hague, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: tradelab.fr
its.tradelab.fr
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
6    213.254.244.11 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
tps20230.doubleverify.com
tps20245.doubleverify.com
1    199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    35.186.226.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
tr.snapchat.com
3    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
www.googleadservices.com
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
5    52.17.98.114 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d9.flashtalking.com
4    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
tapestry.tapad.com
1    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
ade.googlesyndication.com
3    2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
53 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
ad.doubleclick.net
8954552.fls.doubleclick.net
8526803.fls.doubleclick.net
stats.g.doubleclick.net
245 KB
49 googlesyndication.com
6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
ade.googlesyndication.com
218 KB
37 rationalcdn.com
cmsstorage.rationalcdn.com
cashier.rationalcdn.com
s4.rationalcdn.com
6 MB
29 tradelab.fr
cdn.tradelab.fr
its.tradelab.fr
52 KB
22 doubleverify.com
cdn.doubleverify.com
cdn3.doubleverify.com
rtb0.doubleverify.com
tps20516.doubleverify.com
tps.doubleverify.com
tps20230.doubleverify.com
tps20245.doubleverify.com
225 KB
22 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
23 KB
18 flashtalking.com
servedby.flashtalking.com
d9.flashtalking.com
65 KB
14 thebrighttag.com
s.thebrighttag.com
15 KB
11 gstatic.com
fonts.gstatic.com
172 KB
10 google-analytics.com
www.google-analytics.com
59 KB
10 arnolds.com.br
www.arnolds.com.br
76 KB
9 google.com
adservice.google.com
www.google.com
1 KB
8 mathtag.com
pixel.mathtag.com
sync.mathtag.com
5 KB
8 pokerstars.fr
www.pokerstars.fr
ram.pokerstars.fr
78 KB
7 casalemedia.com
dsum-sec.casalemedia.com
7 KB
7 2mdn.net
s0.2mdn.net
170 KB
7 adsafeprotected.com
fw.adsafeprotected.com
static.adsafeprotected.com
dt.adsafeprotected.com
93 KB
6 btstatic.com
s.btstatic.com
48 KB
6 clevernetwork.pt
lp.clevernetwork.pt
88 KB
6 googletagservices.com
www.googletagservices.com
152 KB
6 googleapis.com
fonts.googleapis.com
5 KB
5 ampproject.org
cdn.ampproject.org
101 KB
4 tapad.com
tapestry.tapad.com
1 KB
4 d-bi.fr
u360.d-bi.fr
6 KB
4 openx.net
us-u.openx.net
1 KB
4 googletagmanager.com
www.googletagmanager.com
160 KB
3 googleadservices.com
www.googleadservices.com
19 KB
3 facebook.net
connect.facebook.net
101 KB
3 bing.com
bat.bing.com
9 KB
3 onmarshtompor.com
onmarshtompor.com
1 KB
3 clevernt.com
clevernt.com
ui.clevernt.com
sender.clevernt.com
51 KB
3 lomadee.com
ad.lomadee.com
21 KB
3 proadscdn.com
adplus.proadscdn.com
cdn.proadscdn.com
33 KB
3 optad360.io
cmp.optad360.io
get.optad360.io
478 KB
3 adssuper.com
www.adssuper.com
adssuper.com
3 KB
2 google.de
www.google.de
172 B
2 snapchat.com
tr.snapchat.com
410 B
2 facebook.com
www.facebook.com
519 B
2 everesttech.net
sync-tm.everesttech.net
616 B
2 sc-static.net
sc-static.net
15 KB
2 psimg.com
www.psimg.com
7 KB
2 zemanta.com
b1sync.zemanta.com
1 KB
2 teads.tv
sync.teads.tv
407 B
2 starsaffiliateclub.com
secure.starsaffiliateclub.com
1 KB
2 rotumal.com
rotumal.com
21 KB
2 google.fr
adservice.google.fr
287 B
1 t.co
t.co
448 B
1 twitter.com
analytics.twitter.com
651 B
1 ads-twitter.com
static.ads-twitter.com
2 KB
1 starsaccount.com
rewards.starsaccount.com
384 B
1 starscrm.com
starscrm.com
428 B
1 adingo.jp
cc.adingo.jp
44 B
1 media.net
cs.media.net
1 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com
581 B
1 1rx.io
sync.1rx.io
696 B
1 yahoo.com
pr-bh.ybp.yahoo.com
932 B
1 ctnsnet.com
gcm.ctnsnet.com
478 B
1 pokerstars.com
www.pokerstars.com
548 B
1 cloudflare.com
ajax.cloudflare.com
5 KB
1 rtmark.net
my.rtmark.net
491 B
1 createjs.com
code.createjs.com
63 KB
1 atdmt.com
ad.atdmt.com
1 KB
1 amung.us
whos.amung.us
146 B
1 jsdelivr.net
cdn.jsdelivr.net
1 KB
1 consensu.org
stat.optad360.mgr.consensu.org
286 B
1 waust.at
waust.at
7 KB
1 lomadee.fun
ad.lomadee.fun
20 KB
0 netmng.com Failed
google2waycm.netmng.com Failed
0 statistcdn.com Failed
statistcdn.com Failed
381 69
Domain Requested by
29 cmsstorage.rationalcdn.com www.pokerstars.fr
www.adssuper.com
cmsstorage.rationalcdn.com
24 pagead2.googlesyndication.com 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
www.arnolds.com.br
ad.doubleclick.net
securepubads.g.doubleclick.net
23 cm.g.doubleclick.net 13 redirects googleads.g.doubleclick.net
www.arnolds.com.br
6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
20 tpc.googlesyndication.com securepubads.g.doubleclick.net
6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
www.arnolds.com.br
tpc.googlesyndication.com
googleads.g.doubleclick.net
17 its.tradelab.fr 3 redirects www.arnolds.com.br
www.adssuper.com
14 s.thebrighttag.com s.btstatic.com
www.arnolds.com.br
servedby.flashtalking.com
13 servedby.flashtalking.com 3 redirects www.adssuper.com
servedby.flashtalking.com
13 secure.adnxs.com 2 redirects www.arnolds.com.br
12 cdn.tradelab.fr s.btstatic.com
cdn.tradelab.fr
11 fonts.gstatic.com fonts.googleapis.com
10 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
ad.lomadee.com
s.btstatic.com
10 www.arnolds.com.br 1 redirects adssuper.com
www.arnolds.com.br
9 cdn.doubleverify.com 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
cdn.doubleverify.com
www.adssuper.com
ad.doubleclick.net
9 googleads.g.doubleclick.net 2 redirects 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
www.adssuper.com
www.arnolds.com.br
8 ib.adnxs.com 5 redirects googleads.g.doubleclick.net
www.arnolds.com.br
7 cashier.rationalcdn.com www.pokerstars.fr
cmsstorage.rationalcdn.com
cashier.rationalcdn.com
7 pixel.mathtag.com cmsstorage.rationalcdn.com
s.btstatic.com
www.arnolds.com.br
pixel.mathtag.com
7 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
7 s0.2mdn.net www.adssuper.com
s0.2mdn.net
6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
googleads.g.doubleclick.net
7 securepubads.g.doubleclick.net www.arnolds.com.br
securepubads.g.doubleclick.net
6 s.btstatic.com cmsstorage.rationalcdn.com
s.btstatic.com
6 lp.clevernetwork.pt www.adssuper.com
lp.clevernetwork.pt
6 googleads4.g.doubleclick.net www.adssuper.com
googleads.g.doubleclick.net
ad.doubleclick.net
6 www.googletagservices.com securepubads.g.doubleclick.net
6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
cdn.doubleverify.com
www.googletagservices.com
6 fonts.googleapis.com www.arnolds.com.br
lp.clevernetwork.pt
www.pokerstars.fr
5 d9.flashtalking.com servedby.flashtalking.com
d9.flashtalking.com
5 ram.pokerstars.fr cmsstorage.rationalcdn.com
cashier.rationalcdn.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 www.google.com 3 redirects 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
www.arnolds.com.br
4 tapestry.tapad.com servedby.flashtalking.com
4 u360.d-bi.fr www.psimg.com
u360.d-bi.fr
www.pokerstars.fr
4 us-u.openx.net 3 redirects googleads.g.doubleclick.net
4 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 adservice.google.com securepubads.g.doubleclick.net
8954552.fls.doubleclick.net
8526803.fls.doubleclick.net
4 www.googletagmanager.com www.arnolds.com.br
www.googletagmanager.com
ad.lomadee.fun
3 stats.g.doubleclick.net www.google-analytics.com
3 www.googleadservices.com 8954552.fls.doubleclick.net
www.googleadservices.com
3 tps20245.doubleverify.com cdn.doubleverify.com
3 tps20230.doubleverify.com cdn.doubleverify.com
3 connect.facebook.net www.adssuper.com
connect.facebook.net
3 bat.bing.com s.btstatic.com
bat.bing.com
www.arnolds.com.br
3 tps20516.doubleverify.com 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
www.arnolds.com.br
3 www.pokerstars.fr 1 redirects www.adssuper.com
www.pokerstars.fr
3 static.adsafeprotected.com fw.adsafeprotected.com
6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
3 onmarshtompor.com rotumal.com
3 ad.lomadee.com ad.lomadee.fun
ad.lomadee.com
2 www.google.de 8954552.fls.doubleclick.net
2 tr.snapchat.com www.arnolds.com.br
2 www.facebook.com www.arnolds.com.br
2 8526803.fls.doubleclick.net 1 redirects www.adssuper.com
2 sync-tm.everesttech.net 2 redirects
2 sc-static.net www.adssuper.com
sc-static.net
2 8954552.fls.doubleclick.net 1 redirects s.btstatic.com
2 www.psimg.com s.btstatic.com
2 b1sync.zemanta.com 2 redirects
2 tps.doubleverify.com cdn.doubleverify.com
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 secure.starsaffiliateclub.com 2 redirects
2 dt.adsafeprotected.com 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
2 fw.adsafeprotected.com 1 redirects www.adssuper.com
2 rotumal.com www.arnolds.com.br
2 adservice.google.fr securepubads.g.doubleclick.net
2 cdn.proadscdn.com adplus.proadscdn.com
cdn.proadscdn.com
2 get.optad360.io www.arnolds.com.br
get.optad360.io
2 adssuper.com www.adssuper.com
www.arnolds.com.br
1 ade.googlesyndication.com
1 t.co www.arnolds.com.br
1 analytics.twitter.com static.ads-twitter.com
1 static.ads-twitter.com s.btstatic.com
1 sync.mathtag.com 1 redirects
1 acdn.adnxs.com www.adssuper.com
1 rewards.starsaccount.com cmsstorage.rationalcdn.com
1 s4.rationalcdn.com cmsstorage.rationalcdn.com
1 starscrm.com cmsstorage.rationalcdn.com
1 cc.adingo.jp 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
1 cs.media.net 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 sync.1rx.io 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 ad.doubleclick.net www.googletagservices.com
1 rtb0.doubleverify.com cdn.doubleverify.com
1 cdn3.doubleverify.com cdn.doubleverify.com
1 www.pokerstars.com 1 redirects
1 ajax.cloudflare.com lp.clevernetwork.pt
1 my.rtmark.net onmarshtompor.com
1 sender.clevernt.com 1 redirects
1 code.createjs.com s0.2mdn.net
1 ad.atdmt.com 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
1 ui.clevernt.com www.adssuper.com
1 whos.amung.us waust.at
1 clevernt.com www.arnolds.com.br
1 cdn.jsdelivr.net get.optad360.io
1 stat.optad360.mgr.consensu.org get.optad360.io
1 waust.at www.arnolds.com.br
1 ad.lomadee.fun www.arnolds.com.br
1 adplus.proadscdn.com www.arnolds.com.br
1 cmp.optad360.io www.arnolds.com.br
1 www.adssuper.com
0 google2waycm.netmng.com Failed 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
0 statistcdn.com Failed ad.lomadee.com
381 101

This site contains links to these domains. Also see Links.

Domain
clevernetwork.pt
futebolistasonline.club
whos.amung.us
Subject Issuer Validity Valid
adssuper.com
R3		 2021-03-18 -
2021-06-16		 3 months crt.sh
arnolds.com.br
R3		 2021-03-27 -
2021-06-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.optad360.io
Amazon		 2020-12-17 -
2022-01-15		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-11 -
2021-07-11		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
stat.optad360.mgr.consensu.org
R3		 2021-02-27 -
2021-05-28		 3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-05-11 -
2022-03-26		 10 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.lomadee.com
Amazon		 2021-03-31 -
2022-04-29		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
rotumal.com
R3		 2021-04-15 -
2021-07-14		 3 months crt.sh
whos.amung.us
Sectigo RSA Domain Validation Secure Server CA		 2020-05-21 -
2022-05-21		 2 years crt.sh
fw.adsafeprotected.com
Amazon		 2020-09-09 -
2021-10-09		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.clevernt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-23 -
2022-02-23		 a year crt.sh
onmarshtompor.com
R3		 2021-04-06 -
2021-07-05		 3 months crt.sh
*.atlassolutions.com
DigiCert SHA2 High Assurance Server CA		 2021-03-26 -
2021-06-24		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2021-01-06 -
2022-02-04		 a year crt.sh
tls.adobe.com
DigiCert SHA2 Secure Server CA		 2020-06-01 -
2022-06-06		 2 years crt.sh
*.rtmark.net
Sectigo RSA Domain Validation Secure Server CA		 2020-10-27 -
2021-11-26		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2021-04-22 -
2022-05-21		 a year crt.sh
ajax.cloudflare.com
DigiCert ECC Secure Server CA		 2020-08-11 -
2022-08-16		 2 years crt.sh
www.pokerstars.fr
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-08 -
2022-05-09		 a year crt.sh
*.doubleverify.com
DigiCert SHA2 Secure Server CA		 2021-01-10 -
2022-01-17		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
teads.tv
R3		 2021-05-04 -
2021-08-02		 3 months crt.sh
*.adingo.jp
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-26 -
2022-04-14		 a year crt.sh
rationalcdn.com
GeoTrust RSA CA 2018		 2020-09-28 -
2021-08-13		 10 months crt.sh
starscrm.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2021-12-20		 a year crt.sh
s.btstatic.com
DigiCert SHA2 Secure Server CA		 2020-02-10 -
2022-02-17		 2 years crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2020-04-15 -
2021-07-15		 a year crt.sh
*.signal.co
Entrust Certification Authority - L1K		 2021-01-26 -
2022-02-25		 a year crt.sh
rewards.starsaccount.com
DigiCert SHA2 Secure Server CA		 2019-05-21 -
2021-05-25		 2 years crt.sh
www.psimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-26 -
2022-02-26		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-04-12 -
2021-10-12		 6 months crt.sh
*.d-bi.fr
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-07-20		 a year crt.sh
crealab.cdn.tradelab-apps.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-01-27 -
2021-10-09		 8 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-04-06 -
2021-07-03		 3 months crt.sh
sc-static.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-11 -
2022-02-15		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
*.tradelab.fr
Go Daddy Secure Certificate Authority - G2		 2019-07-30 -
2021-09-28		 2 years crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA		 2020-08-14 -
2021-08-19		 a year crt.sh
tr.snapchat.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-19 -
2022-01-23		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-30 -
2021-11-29		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-12 -
2022-01-11		 a year crt.sh
servedby.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-04 -
2022-02-22		 a year crt.sh
www.google.de
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
tag.device9.com
Go Daddy Secure Certificate Authority - G2		 2020-08-06 -
2021-09-17		 a year crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh

This page contains 34 frames:

Primary Page: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Frame ID: 397D9F56A5547C3091BD44957655AE4B
Requests: 61 HTTP requests in this frame

Frame: https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 418D6D6D365D1729F2D9D00368A770D7
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPZbRDgl_ECGOCe3qMBMAE&v=APEucNWq6tyYYm8N3qSzNsuumopsznpsclvUKwi-5aEQBRaSZ-8Nn6WghvtikNiYdoBfugnVe89pNZBRhVtjm2lxf3igOjy0-pRzbLMUrm_wc4BRX4x_nxEGKjr575r7Xc5sVNSnghhHReOM_Q4Ha_6zMRuBQfVRiGkoUQDCKfJ6dEUzhlGqSddlrovjcu8VfCJck2xIDkxO-Eay-0dZjBqR9VK5oBPCJKkK6KPa_kHSGWaJ4w2FgHY
Frame ID: C2ED905B6CF4B77CB0D1DB66D4974EFA
Requests: 5 HTTP requests in this frame

Frame: https://ad.lomadee.com/banner/view?sourceId=36084693&dimension=17&width=300&height=250&method=0&advertisers=&tags=
Frame ID: 4F0DC56B4BBF82CD64BC9627570195CD
Requests: 4 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032104130153000/amp4ads-v0.mjs
Frame ID: 0977803463314BBF9A619286365CAEA9
Requests: 12 HTTP requests in this frame

Frame: https://onmarshtompor.com/fac.php?OAID=778be5b28c0e427a95162c7b8c51ec31&oaidts=1620850730
Frame ID: 8C5778BFE944E5CBCBAE98CAD722A824
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/6833689/1617898212718/Html5/index.html
Frame ID: 1C489E2501069FEF3FB002554D567165
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9F77D20C0BD3A024586328FA4729303D
Requests: 3 HTTP requests in this frame

Frame: https://lp.clevernetwork.pt/pokerstars/fr/?group=43452&id=452676&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Vyc28tZWFkLWNvbS1iYWl4by1pbnZlc3RpbWVudG8vP3V0bV9zb3VyY2U9ZmFjZWJvb2smdXRtX21lZGl1bT1zb2NpYWwmdXRtX2NhbXBhaWduPWZhbnBhZ2Vz&r=91782337&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBSllPTlZSQkFBV1A=
Frame ID: F993592220F616F202DA8C1F92F86244
Requests: 12 HTTP requests in this frame

Frame: https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 794559BF6D56F95372C4E501E7C5EBC5
Requests: 13 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: 4F076176D0F8DF8971293636545C727B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKytwJ8CEJj8z8QCGL6wn6UBMAE&v=APEucNViMAIidVvWqPYF89Z6_WbOhJfwTYGlVZR7fPyIDS6B1czosgeszOfW8WpB9cZzcWADxRpGK9TmApPtF-E-9wXR3nXGM95INCdvv-tyNY0ZwVomVFBLv8XpfawVaUB5iQyo_YScWCWGth4pffLyH5YbBplLu0C2jKn_yhE3DX5kPr_n719RDfH8VWXl67oj5nuQ4sQG_7qip6MtKcYwLjXh3D6o9k2vaH4wg2KjA6YcRVe6VJo
Frame ID: DBB992AB1F20770128D5BB249E82D328
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 71EADB80F9C40EA07CD946271364FE28
Requests: 3 HTTP requests in this frame

Frame: https://www.pokerstars.fr/
Frame ID: BECED11917008BFF4BB8EC2527DEE42A
Requests: 143 HTTP requests in this frame

Frame: https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BE91222632E543CA22E2644E0F29DEA6
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARiRk8-ZATAB&v=APEucNWiMH2HKp7cQ76jYXecxM4GNdB3zdnipbQT5sQkBFd4G28_Q6A5bml1UlPWYHon2Cq8vXLChJziMgTrC2at1DJc2MfCAfI1GHFfbRlSvNGlrgvmMifVMrucbLo9ND4La9tFdL2LGl4wa434XlLOAPHthhyo_ias75dG1Lj7X4fENycqSgPmujAez8bRIB02E6ugqsk84FjrIUOax21szDkt0z-lKpdIiaFedoalPzzC8pDLRIU
Frame ID: 61043B4310D65AB720A0667762D293FD
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 687D5FFD389F2BBF2E76EE4EF68FC6F4
Requests: 3 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: 9E55A7CBA89BE984C8C7EC51200907C2
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: 53B84E8BE9AF55DD02E56163B2213F7E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3E050C22324D8BF3803F10383696015A
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1344.js
Frame ID: 2CC6626CD43B7D776C8C157141D47D8B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C6CA64DE3E9A8AE01C8E75F1C857257E
Requests: 9 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1344.js
Frame ID: 5E3DFB6DFF8BEED0927ED445D257556B
Requests: 5 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/t2tv7.html
Frame ID: CE0E23AC3AF87D37DC55AF7263B99241
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/t2tv7.html
Frame ID: A036A03D6678119E18D91C9E0F928288
Requests: 1 HTTP requests in this frame

Frame: https://8954552.fls.doubleclick.net/activityi;dc_pre=COrtgML7xPACFasEBgAdu3cFKw;src=8954552;type=rmcom0;cat=sg_we0;u27=677594753278846;ord=6943845432804.954;~oref=https%3A%2F%2Fwww.pokerstars.fr%2F
Frame ID: E80EE3B30218005C7798A405333E4629
Requests: 7 HTTP requests in this frame

Frame: https://8526803.fls.doubleclick.net/activityi;dc_pre=CJCVi8L7xPACFYHe3godNNcAPg;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4818106735651.446
Frame ID: 12F6711CF41309AA5C4D43D18C38F979
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=1666b7b9-c3bf-47cf-8574-42bbbc074d5a
Frame ID: 03C427ABE868C5D4E5AEAC30EEAE24E2
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 233F2E87BDBAD8E5735D25D2DFA638E6
Requests: 1 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=677594753278846&ft_partnerid=677594753278846&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=141497.5237771934
Frame ID: 1031CCEA0F4FC2230DEDC96E89F41A36
Requests: 10 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=677594753278846&ft_partnerid=677594753278846&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=880102.4930626706
Frame ID: E18ABF6265185DEC0FFBCE0958A5CD63
Requests: 9 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/container/29;71832;7464;iframe/?g=4880B36C810ADE
Frame ID: 2111F64612EA8130C6DCB0CA6F35DD1B
Requests: 1 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/container/29;71832;7464;iframe/?g=4880D2691BC07A
Frame ID: D7740D7864224E80CFC65A03D1FCEEBA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: A15BBA9A5B5DEF60181B7D61256D8A4C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzU... Page URL
  2. https://adssuper.com/facebook/?id===QO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkj... Page URL
  3. https://www.arnolds.com.br/facebook-ads/?id===QO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1W... Page URL
  4. http://adssuper.com/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2Fcurso-ead-com-baixo-invest... HTTP 307
    https://adssuper.com/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2Fcurso-ead-com-baixo-invest... Page URL
  5. https://www.arnolds.com.br/curso-ead-com-baixo-investimento//?utm_source=facebook&utm_medium=social&utm... HTTP 301
    https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Page Statistics

381
Requests

99 %
HTTPS

40 %
IPv6

69
Domains

101
Subdomains

85
IPs

10
Countries

8794 kB
Transfer

15610 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk Page URL
  2. https://adssuper.com/facebook/?id===QO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk&ref=downloadmegajogos Page URL
  3. https://www.arnolds.com.br/facebook-ads/?id===QO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&nome=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk&ref=downloadmegajogos Page URL
  4. http://adssuper.com/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2Fcurso-ead-com-baixo-investimento%2F HTTP 307
    https://adssuper.com/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2Fcurso-ead-com-baixo-investimento%2F Page URL
  5. https://www.arnolds.com.br/curso-ead-com-baixo-investimento//?utm_source=facebook&utm_medium=social&utm_campaign=fanpages HTTP 301
    https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • http://adssuper.com/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2Fcurso-ead-com-baixo-investimento%2F HTTP 307
  • https://adssuper.com/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2Fcurso-ead-com-baixo-investimento%2F
Request Chain 76
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjsgtWF3CkdOpmNZk1WDGU&google_cver=1
Request Chain 77
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YJw4KhTuZdO4e3l4PVL3yQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjsgtWF3CkdOpmNZk1WDGU&google_cver=1
Request Chain 78
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMnsTrQzo4VppHn3-Urg7_E&google_cver=1
Request Chain 79
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzI1MzI1NDU3OTY4NDI2NDUzOA%3D%3D
Request Chain 90
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 95
  • https://sender.clevernt.com/transporter/43452.php?ppuc=1&ppu=0&id=452676&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Vyc28tZWFkLWNvbS1iYWl4by1pbnZlc3RpbWVudG8vP3V0bV9zb3VyY2U9ZmFjZWJvb2smdXRtX21lZGl1bT1zb2NpYWwmdXRtX2NhbXBhaWduPWZhbnBhZ2Vz&ruri=aHR0cHM6Ly9hZHNzdXBlci5jb20vc29jaWFsLnBocD9zcmM9aHR0cHMlM0ElMkYlMkZ3d3cuYXJub2xkcy5jb20uYnIlMkZjdXJzby1lYWQtY29tLWJhaXhvLWludmVzdGltZW50byUyRg%3D%3D&r=91782337&tok=35323411205211432353&iv=-1&ctr=FR&sz=1200&wn=&res=1600x1200&landing=1&hei=360&ts=0.261 HTTP 302
  • https://lp.clevernetwork.pt/pokerstars/fr/?group=43452&id=452676&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Vyc28tZWFkLWNvbS1iYWl4by1pbnZlc3RpbWVudG8vP3V0bV9zb3VyY2U9ZmFjZWJvb2smdXRtX21lZGl1bT1zb2NpYWwmdXRtX2NhbXBhaWduPWZhbnBhZ2Vz&r=91782337&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBSllPTlZSQkFBV1A=
Request Chain 107
  • https://fw.adsafeprotected.com/rfw/st/447445/53987149/skeleton.js?adsafe_url=https%3A%2F%2F6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_url=https%3A%2F%2Fwww.arnolds.com.br%2Fcurso-ead-com-baixo-investimento%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&adsafe_type=e&adsafe_jsinfo=,id:e51bbeaf-5285-908a-4c89-d20c83adc188,c:craO78,sl:na,em:true,fr:false,mn:app09ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,nbld:0,fm:sxeku4Z+11*.447445-53987149%7C111%7C112%7C1131%7C12%7C13%7C14%7C15%7C16%7C17%7C18,idMap:11*,pl:,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,thd:1,et:278,oid:43c30064-b35f-11eb-8079-0ae761671616,v:19.8.198,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 121
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjsgtWF3CkdOpmNZk1WDGU&google_cver=1
Request Chain 122
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YJw4KhTuZdO4e3l4PVL3yQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjsgtWF3CkdOpmNZk1WDGU&google_cver=1
Request Chain 123
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMnsTrQzo4VppHn3-Urg7_E&google_cver=1
Request Chain 124
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzI1MzI1NDU3OTY4NDI2NDUzOA%3D%3D
Request Chain 136
  • https://secure.starsaffiliateclub.com/C.ashx?btag=a_174459b_1915c_&affid=2356410&siteid=174459&adid=1915&c=YSAAJYONVRBAAWP HTTP 302
  • https://secure.starsaffiliateclub.com/C.ashx?btag=a_174459b_1915c_&affid=2356410&siteid=174459&adid=1915&c=YSAAJYONVRBAAWP&AutoR=1 HTTP 302
  • https://www.pokerstars.com/ua/?btag=a_174459b_1915c_YSAAJYONVRBAAWP HTTP 301
  • https://www.pokerstars.fr/?btag=a_174459b_1915c_YSAAJYONVRBAAWP HTTP 301
  • https://www.pokerstars.fr/
Request Chain 153
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELwMIs1t4VBN-v2Jcd1uca8&google_cver=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESELwMIs1t4VBN-v2Jcd1uca8&google_cver=1
Request Chain 154
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTQ0ZDg3YzYtZjAyYi0yN2MyLWVkZGYtNGMxNjdjNmEwMDc3
Request Chain 155
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEDKUOhYw5KSt9WcHMZ9FqtM&google_cver=1
Request Chain 156
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YmY5Y2FlNjgtM2E3Zi00MTJhLTg4YjYtODRmZGE1YWI2ZGYw
Request Chain 185
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEL3vJ59TyjkWlwiEfbNsAtQ&google_cver=1&google_push=AQvitUIJd88Dwj0zmrj2NVHdRGcuP_2wY8hC3QhLd0j9zTF_p6Bq1aEbyQNiu6_wYNfE5ztwfDGLIMV7U2bwshZimYSHH-npSt4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUIJd88Dwj0zmrj2NVHdRGcuP_2wY8hC3QhLd0j9zTF_p6Bq1aEbyQNiu6_wYNfE5ztwfDGLIMV7U2bwshZimYSHH-npSt4&google_hm=VbacfcBPT_qj7QAzhNHCv1c
Request Chain 186
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEVy-bl0S7ePnbpBxknaClM&google_cver=1&google_push=AQvitUIj-mThOOxu4_jMnOUD3dwC5LGAota2EtWgD9kpuoP1iiYJIZt72Azeh7I229VQpBTwfQ247OVwSKxgcrHwJA7ar0PzlCM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUIj-mThOOxu4_jMnOUD3dwC5LGAota2EtWgD9kpuoP1iiYJIZt72Azeh7I229VQpBTwfQ247OVwSKxgcrHwJA7ar0PzlCM&google_hm=NjIwMzQ4MTA3MzczNzcwODYyNw%3D%3D
Request Chain 187
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESELRb5DNYTg5wuIi5G1pi_OQ&google_cver=1&google_push=AQvitUJbElYQdx1qiIzT3niblLa8gaePmxCPoE7C5oZI6rgvjZ5YXv0gc12PPM4Z9P2zfRxEo7ioQYXZhiePQlcD7bBJ-Usst1w HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESELRb5DNYTg5wuIi5G1pi_OQ&google_push=AQvitUJbElYQdx1qiIzT3niblLa8gaePmxCPoE7C5oZI6rgvjZ5YXv0gc12PPM4Z9P2zfRxEo7ioQYXZhiePQlcD7bBJ-Usst1w&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AQvitUJbElYQdx1qiIzT3niblLa8gaePmxCPoE7C5oZI6rgvjZ5YXv0gc12PPM4Z9P2zfRxEo7ioQYXZhiePQlcD7bBJ-Usst1w&google_hm=M1BiV3U0N0wwWGtBUXIzeTJmT3E=
Request Chain 188
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEPYmJ_SVZ_bivHFcfVux2wI&google_cver=1&google_push=AQvitUKMcPw9VMdtp_yGkmPOZaAFhn7MewNqQ6HwxGUMwHcYAMVwsaKE4B__1_sMP6mswJbIX4VdipfYp6WkjpptX4piS97mHTA HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-f837402a-6524-46ed-9ded-317ec23abf9f-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAQvitUKMcPw9VMdtp_yGkmPOZaAFhn7MewNqQ6HwxGUMwHcYAMVwsaKE4B__1_sMP6mswJbIX4VdipfYp6WkjpptX4piS97mHTA%26google_hm%3DA_g3QCplJEbtne0xfsI6v58 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitUKMcPw9VMdtp_yGkmPOZaAFhn7MewNqQ6HwxGUMwHcYAMVwsaKE4B__1_sMP6mswJbIX4VdipfYp6WkjpptX4piS97mHTA&google_hm=A_g3QCplJEbtne0xfsI6v58
Request Chain 189
  • https://cs.media.net/cksync?type=g&google_gid=CAESEJ2WncFsgnzgNB-b_ugUD_8&google_cver=1&google_push=AQvitUIecZIROoXp0p4V-4eNHOBvJ522qrmI6W6vfpmw_bcDVWEyHrF5ssm2ertTArLENTwPt7kVzc68EhLipP0au2sERoUibro HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjYzODUyMzMyNjA5MTk2MzAwMFYxMA%3d%3d&mn_hm=MjYzODUyMzMyNjA5MTk2MzAwMFYxMA%3d%3d&google_sc=1&google_push=AQvitUIecZIROoXp0p4V-4eNHOBvJ522qrmI6W6vfpmw_bcDVWEyHrF5ssm2ertTArLENTwPt7kVzc68EhLipP0au2sERoUibro
Request Chain 271
  • https://8954552.fls.doubleclick.net/activityi;src=8954552;type=rmcom0;cat=sg_we0;u27=677594753278846;ord=6943845432804.954;~oref=https%3A%2F%2Fwww.pokerstars.fr%2F HTTP 302
  • https://8954552.fls.doubleclick.net/activityi;dc_pre=COrtgML7xPACFasEBgAdu3cFKw;src=8954552;type=rmcom0;cat=sg_we0;u27=677594753278846;ord=6943845432804.954;~oref=https%3A%2F%2Fwww.pokerstars.fr%2F
Request Chain 274
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.thebrighttag.com%2Fcs?btt=0&tp=an&uid=$UID HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=an&uid=7253254579684264538
Request Chain 275
  • https://sync-tm.everesttech.net/upi/pid/epROgTTp/?redir=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3D0WCbX0j%26uid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/epROgTTp/?redir=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3D0WCbX0j%26uid%3D%24%7BTM_USER_ID%7D&_test=YJw4LgAA1AW4RQBg HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=0WCbX0j&uid=YJw4LgAA1AW4RQBg&_test=YJw4LgAA1AW4RQBg
Request Chain 276
  • https://cm.g.doubleclick.net/pixel?google_nid=signal_dmp&google_cm&btt=0 HTTP 302
  • https://s.thebrighttag.com/cs?tp=gcms&btt=0&google_gid=CAESEMnvh1zUqizUbzWHyKiZpUQ&google_cver=1
Request Chain 277
  • https://sync.mathtag.com/sync/js?redir=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Ftp%3Dmm%26uid%3D%5BMM_UUID%5D%26btt%3D0 HTTP 302
  • https://s.thebrighttag.com/cs?tp=mm&uid=4068609c-382c-4e00-9693-fc1a9ce2e5cc&btt=0
Request Chain 278
  • https://servedby.flashtalking.com/map/?key=s3lJXta567k8G63uyekk63hUj6k11&url=https://s.thebrighttag.com/cs?btt=0&tp=dJNjEOZ&uid=[%FT_GUID%] HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=dJNjEOZ&uid=4880AD2CE12971
Request Chain 287
  • https://8526803.fls.doubleclick.net/activityi;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4818106735651.446 HTTP 302
  • https://8526803.fls.doubleclick.net/activityi;dc_pre=CJCVi8L7xPACFYHe3godNNcAPg;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4818106735651.446
Request Chain 289
  • https://ib.adnxs.com/getuid?//its.tradelab.fr/?type=tlsync&uuid2=$UID&callback=tl_sync HTTP 302
  • https://its.tradelab.fr/?type=tlsync&uuid2=7253254579684264538&callback=tl_sync
Request Chain 290
  • https://its.tradelab.fr/?type=tp&advid=727265&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1620850734%2C%22page_url%22%3A%22lp.clevernetwork.pt%2F%22%2C%22dm%22%3A%22pokerstars.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1620850734%2C%22prev_vis_ts%22%3A1620850734%2C%22curr_vis_ts%22%3A1620850734%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm HTTP 302
  • https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEKXnB8FpDuTgrE5W1X5n4z8&google_cver=1
Request Chain 301
  • https://ib.adnxs.com/getuid?//its.tradelab.fr/?type=seg&uuid2=$UID&sid=25072242&val=null&fp=0&advid=727265&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F89.0.4389.72%2520Safari%252F537.36&ur=https%253A%252F%252Flp.clevernetwork.pt%252F HTTP 302
  • https://its.tradelab.fr/?type=seg&uuid2=7253254579684264538&sid=25072242&val=null&fp=0&advid=727265&isregen=0&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&ur=https%3A%2F%2Flp.clevernetwork.pt%2F HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm HTTP 302
  • https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEKXnB8FpDuTgrE5W1X5n4z8&google_cver=1
Request Chain 322
  • https://secure.adnxs.com/seg?add=25695650&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D25695650%26t%3D2
Request Chain 323
  • https://its.tradelab.fr/?type=seg&uuid2=7253254579684264538&sid=25695650&val=null&fp=0&advid=5189423&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F89.0.4389.72%2520Safari%252F537.36&ur=https%253A%252F%252Flp.clevernetwork.pt%252F HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm=&google_tc= HTTP 302
  • https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEOkzLcYuVancmKMn4x65hu0&google_cver=1
Request Chain 334
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/752674712/?random=1778755866&cv=9&fst=1620850734776&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOrtgML7xPACFasEBgAdu3cFKw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D677594753278846%3Bord%3D6943845432804.954%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.fr%252F&ref=https%3A%2F%2Fwww.pokerstars.fr%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=LjicYI3hMdr4gAfu4pa4AQ&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/752674712/?random=1778755866&cv=9&fst=1620850734776&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOrtgML7xPACFasEBgAdu3cFKw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D677594753278846%3Bord%3D6943845432804.954%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.fr%252F&ref=https%3A%2F%2Fwww.pokerstars.fr%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=LjicYI3hMdr4gAfu4pa4AQ&random=565660545&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/752674712/?random=1778755866&cv=9&fst=1620850734776&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOrtgML7xPACFasEBgAdu3cFKw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D677594753278846%3Bord%3D6943845432804.954%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.fr%252F&ref=https%3A%2F%2Fwww.pokerstars.fr%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=LjicYI3hMdr4gAfu4pa4AQ&random=565660545&resp=GooglemKTybQhCsO&ipr=y
Request Chain 335
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/702974000/?random=807339764&cv=9&fst=1620850734776&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOrtgML7xPACFasEBgAdu3cFKw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D677594753278846%3Bord%3D6943845432804.954%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.fr%252F&ref=https%3A%2F%2Fwww.pokerstars.fr%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=LjicYLCpMqGtx_APsdul6AY&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/702974000/?random=807339764&cv=9&fst=1620850734776&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOrtgML7xPACFasEBgAdu3cFKw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D677594753278846%3Bord%3D6943845432804.954%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.fr%252F&ref=https%3A%2F%2Fwww.pokerstars.fr%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=LjicYLCpMqGtx_APsdul6AY&cid=CAQSKQCNIrLMMpqdGJzRcI4fuzElaH4C4kVtYAr_FKuUEUV2pE4WKJxkyFyb&random=2481125610&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/702974000/?random=807339764&cv=9&fst=1620850734776&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOrtgML7xPACFasEBgAdu3cFKw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D677594753278846%3Bord%3D6943845432804.954%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.fr%252F&ref=https%3A%2F%2Fwww.pokerstars.fr%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=LjicYLCpMqGtx_APsdul6AY&cid=CAQSKQCNIrLMMpqdGJzRcI4fuzElaH4C4kVtYAr_FKuUEUV2pE4WKJxkyFyb&random=2481125610&resp=GooglemKTybQhCsO&ipr=y
Request Chain 336
  • https://servedby.flashtalking.com/map/?key=a7rAgh52909gAgrTaAporDg928888&url=https://servedby.flashtalking.com/container/29;71832;7464;iframe/?g=[%FT_GUID%] HTTP 302
  • https://servedby.flashtalking.com/container/29;71832;7464;iframe/?g=4880B36C810ADE
Request Chain 338
  • https://servedby.flashtalking.com/map/?key=a7rAgh52909gAgrTaAporDg928888&url=https://servedby.flashtalking.com/container/29;71832;7464;iframe/?g=[%FT_GUID%] HTTP 302
  • https://servedby.flashtalking.com/container/29;71832;7464;iframe/?g=4880D2691BC07A

381 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
campanha.php
www.adssuper.com/instagram/ 		872 B
997 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 , France, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
d51ca1693ea8a78ac2f2cd2a8c8db8ad29fe14a52bb7cefd2fba327f37c7717b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.adssuper.com
:scheme
https
:path
/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:48 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
idpub=9; expires=Thu, 13-May-2021 20:18:48 GMT; Max-Age=86400; path=/
protected
by dWAF 2020121701
strict-transport-security
max-age=15768000;
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
content-encoding
br
/
adssuper.com/facebook/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adssuper.com/facebook/?id===QO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk&ref=downloadmegajogos
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 , France, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
c355fe365be99f2bf92b2e7d5aa6941e8007267aec534035af846eff6389f3a7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
adssuper.com
:scheme
https
:path
/facebook/?id===QO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk&ref=downloadmegajogos
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk

Response headers

date
Wed, 12 May 2021 20:18:48 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
link
<https://adssuper.com/wp-json/>; rel="https://api.w.org/", <https://adssuper.com/wp-json/wp/v2/pages/12>; rel="alternate"; type="application/json", <https://adssuper.com/?p=12>; rel=shortlink
set-cookie
viewsAds=downloadmegajogos; expires=Thu, 13-May-2021 20:18:48 GMT; Max-Age=86400; path=/
protected
by dWAF 2020121701
strict-transport-security
max-age=15768000;
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
content-encoding
br
/
www.arnolds.com.br/facebook-ads/ 		242 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.arnolds.com.br/facebook-ads/?id===QO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&nome=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk&ref=downloadmegajogos
Requested by
Host: adssuper.com
URL: https://adssuper.com/facebook/?id===QO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk&ref=downloadmegajogos
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 , France, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
ea0f9681ea5b41b25a32628729af94a57e65aeeda9350a56a9bfc906518ca791
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.arnolds.com.br
:scheme
https
:path
/facebook-ads/?id===QO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&nome=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk&ref=downloadmegajogos
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://adssuper.com/facebook/?id===QO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk&ref=downloadmegajogos
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adssuper.com/facebook/?id===QO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk&ref=downloadmegajogos

Response headers

date
Wed, 12 May 2021 20:18:48 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
link
<https://www.arnolds.com.br/wp-json/>; rel="https://api.w.org/", <https://www.arnolds.com.br/wp-json/wp/v2/pages/11717>; rel="alternate"; type="application/json", <https://www.arnolds.com.br/?p=11717>; rel=shortlink
set-cookie
PHPSESSID=111ari3tf5532ta6soq0jnnmmn; path=/ idcriptografada=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb; expires=Thu, 13-May-2021 20:18:48 GMT; Max-Age=86400; path=/ nome=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk; expires=Thu, 13-May-2021 20:18:48 GMT; Max-Age=86400; path=/ ref=downloadmegajogos; expires=Thu, 13-May-2021 20:18:48 GMT; Max-Age=86400; path=/
protected
by dWAF 2020121701
strict-transport-security
max-age=15768000;
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
content-encoding
br
social.php
adssuper.com/
Redirect Chain
  • http://adssuper.com/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2Fcurso-ead-com-baixo-investimento%2F
  • https://adssuper.com/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2Fcurso-ead-com-baixo-investimento%2F
272 B
557 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adssuper.com/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2Fcurso-ead-com-baixo-investimento%2F
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/facebook-ads/?id===QO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&nome=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk&ref=downloadmegajogos
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 , France, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
adssuper.com
:scheme
https
:path
/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2Fcurso-ead-com-baixo-investimento%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
viewsAds=downloadmegajogos
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:48 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
linkRedir=https%3A%2F%2Fwww.arnolds.com.br%2Fcurso-ead-com-baixo-investimento%2F; expires=Thu, 13-May-2021 20:18:48 GMT; Max-Age=86400; path=/
protected
by dWAF 2020121701
strict-transport-security
max-age=15768000;
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
content-encoding
br

Redirect headers

Location
https://adssuper.com/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2Fcurso-ead-com-baixo-investimento%2F
Non-Authoritative-Reason
HSTS
Primary Request /
www.arnolds.com.br/curso-ead-com-baixo-investimento/
Redirect Chain
  • https://www.arnolds.com.br/curso-ead-com-baixo-investimento//?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
  • https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
67 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Requested by
Host: adssuper.com
URL: https://adssuper.com/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2Fcurso-ead-com-baixo-investimento%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 , France, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
623f59671d940d2d977b2cdcc0ebd3974de6d3559741e0b9b511571294168358
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.arnolds.com.br
:scheme
https
:path
/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://adssuper.com/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2Fcurso-ead-com-baixo-investimento%2F
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PHPSESSID=111ari3tf5532ta6soq0jnnmmn; idcriptografada=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb; nome=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk; ref=downloadmegajogos
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adssuper.com/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2Fcurso-ead-com-baixo-investimento%2F

Response headers

date
Wed, 12 May 2021 20:18:49 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-pingback
https://www.arnolds.com.br/xmlrpc.php
link
<https://www.arnolds.com.br/wp-json/>; rel="https://api.w.org/", <https://www.arnolds.com.br/wp-json/wp/v2/posts/7538>; rel="alternate"; type="application/json", <https://www.arnolds.com.br/?p=7538>; rel=shortlink
protected
by dWAF 2020121701
strict-transport-security
max-age=15768000;
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
content-encoding
br

Redirect headers

date
Wed, 12 May 2021 20:18:49 GMT
content-type
text/html; charset=UTF-8
content-length
0
location
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-pingback
https://www.arnolds.com.br/xmlrpc.php
x-redirect-by
WordPress
protected
by dWAF 2020121701
strict-transport-security
max-age=15768000;
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
main.css
www.arnolds.com.br/facebook/css/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.arnolds.com.br/facebook/css/main.css
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 , France, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
db1f2f4de4a134a2c6da8be0bf4f997c02d446699f4ae7e12821b90fbd583b84

Request headers

:path
/facebook/css/main.css
pragma
no-cache
cookie
PHPSESSID=111ari3tf5532ta6soq0jnnmmn; idcriptografada=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb; nome=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk; ref=downloadmegajogos
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.arnolds.com.br
referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:49 GMT
content-encoding
br
last-modified
Mon, 30 Nov 2020 05:18:29 GMT
etag
W/"5fc480a5-4084"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
protected
by dWAF 2020121701
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-3.4.0.min.js
www.arnolds.com.br/facebook/js/ 		86 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.arnolds.com.br/facebook/js/jquery-3.4.0.min.js
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 , France, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8

Request headers

:path
/facebook/js/jquery-3.4.0.min.js
pragma
no-cache
cookie
PHPSESSID=111ari3tf5532ta6soq0jnnmmn; idcriptografada=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb; nome=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk; ref=downloadmegajogos
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.arnolds.com.br
referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:49 GMT
content-encoding
br
last-modified
Thu, 01 Oct 2020 19:10:34 GMT
etag
W/"5f7629aa-15857"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
protected
by dWAF 2020121701
expires
Thu, 31 Dec 2037 23:55:55 GMT
cookie.js
www.arnolds.com.br/facebook/js/ 		1 KB
855 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.arnolds.com.br/facebook/js/cookie.js
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 , France, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
bec35833fdefd9f00dea8ea4453556d725b2c2368792502677410c6f72699636

Request headers

:path
/facebook/js/cookie.js
pragma
no-cache
cookie
PHPSESSID=111ari3tf5532ta6soq0jnnmmn; idcriptografada=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb; nome=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk; ref=downloadmegajogos
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.arnolds.com.br
referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:49 GMT
content-encoding
br
last-modified
Thu, 01 Oct 2020 19:10:34 GMT
etag
W/"5f7629aa-418"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
protected
by dWAF 2020121701
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache.js
www.arnolds.com.br/facebook/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.arnolds.com.br/facebook/js/cache.js
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 , France, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
b5633cefe7c581879292959bcb7039b1a41dad5d474103f166aa10669d54e0fe

Request headers

:path
/facebook/js/cache.js
pragma
no-cache
cookie
PHPSESSID=111ari3tf5532ta6soq0jnnmmn; idcriptografada=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb; nome=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk; ref=downloadmegajogos
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.arnolds.com.br
referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:49 GMT
content-encoding
br
last-modified
Thu, 01 Oct 2020 19:10:33 GMT
etag
W/"5f7629a9-716"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
protected
by dWAF 2020121701
expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/ 		87 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-108875794-3
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
edfad80a96eb737099e0317c5472159a5a200b12d766fe52f8c74b5da5d090b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:49 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35493
x-xss-protection
0
last-modified
Wed, 12 May 2021 19:47:54 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 12 May 2021 20:18:49 GMT
918e1eea-b7af-45da-a987-49a1ce4b265a.min.js
cmp.optad360.io/items/ 		497 B
830 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.optad360.io/items/918e1eea-b7af-45da-a987-49a1ce4b265a.min.js
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:4800:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 19:47:46 GMT
via
1.1 015d563c1df00e18321ce956266180b1.cloudfront.net (CloudFront)
last-modified
Mon, 12 Apr 2021 08:54:56 GMT
server
AmazonS3
age
1873
etag
"7acdc116a0830ba0aef5e087010246ba"
x-cache
Error from cloudfront
content-type
application/javascript
x-amz-cf-pop
VIE50-C2
accept-ranges
bytes
content-length
497
x-amz-cf-id
l1yJ_-pD5nsnlPGiOc6T6g0jbJ1o_OCXTwl1JjCK7tRr_mHv1oHONQ==
plugin.min.js
get.optad360.io/sf/db271296-3d68-4d58-aebf-31ea11eb6243/ 		340 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/db271296-3d68-4d58-aebf-31ea11eb6243/plugin.min.js
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:f400:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
74a6ac0a920a9fe4044ad605834ecab50a9fa75195fd9e6a75339e6bfb35736e

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:16:43 GMT
content-encoding
gzip
last-modified
Wed, 04 Nov 2020 08:34:16 GMT
server
AmazonS3
age
127
etag
W/"a6d453a617013bb3d4f130495841230c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
guvrgQShG0POr3PVannJaNnhG_sKkgaTNrxLix8vviidUeCjbV_JTg==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
sffe /
Resource Hash
305a811617892666b0f351b46bb698657897c89ff1a4760e854165f40dc075c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"870 / 901 of 1000 / last-modified: 1620836998"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21175
x-xss-protection
0
expires
Wed, 12 May 2021 20:18:49 GMT
carregando.gif
www.arnolds.com.br/instagram/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.arnolds.com.br/instagram/carregando.gif
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 , France, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
e69abd7e0cc82f336e61fea889e406ecbbeb7ece1df960231b7a9ba0d1dd1676

Request headers

:path
/instagram/carregando.gif
pragma
no-cache
cookie
PHPSESSID=111ari3tf5532ta6soq0jnnmmn; idcriptografada=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb; nome=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk; ref=downloadmegajogos
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.arnolds.com.br
referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:49 GMT
last-modified
Thu, 01 Oct 2020 19:10:40 GMT
etag
"5f7629b0-16fe"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
5886
protected
by dWAF 2020121701
expires
Thu, 31 Dec 2037 23:55:55 GMT
download.gif
www.arnolds.com.br/facebook/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.arnolds.com.br/facebook/img/download.gif
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 , France, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
3baee6b91d41cdf1f6876a21a763e66bd5ef64b156af02da2a1b2291f9a2b584

Request headers

:path
/facebook/img/download.gif
pragma
no-cache
cookie
PHPSESSID=111ari3tf5532ta6soq0jnnmmn; idcriptografada=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb; nome=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk; ref=downloadmegajogos
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.arnolds.com.br
referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:49 GMT
last-modified
Thu, 01 Oct 2020 19:10:24 GMT
etag
"5f7629a0-151f"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
5407
protected
by dWAF 2020121701
expires
Thu, 31 Dec 2037 23:55:55 GMT
player.js
adplus.proadscdn.com/ 		457 B
928 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adplus.proadscdn.com/player.js
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76ebd7a6319e6234be1e3f4c3f6b665db78bf2b6316fdc9e1705cfa07ff47436

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6899
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a03d478e70000c29a3e118000000001
last-modified
Thu, 06 Aug 2020 07:59:13 GMT
server
cloudflare
etag
W/"1c9-5ac30dd31f640-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oCGaUxE5EcHU9cLYPwsohkIYdbOcuHTUDcEPAu6PcA44IO2SgJqYud8tlOAfRDcOwyTU6hMnY5p6IPG6fFGkCx6wJkfZWOW40%2FvGts6WF6HefJgH56EuNLMh5mqb%2F5UzGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
64e656a17bf2c29a-FRA
expires
Wed, 26 May 2021 18:23:50 GMT
script.js
ad.lomadee.fun/banners/ 		61 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lomadee.fun/banners/script.js?sourceId=36084693&dimension=17&height=250&width=300&method=0
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a4a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4894d61da9b9fd6a88da43d6f2e7e2fb73838b994186d7ace65ff5d12ec7c53a

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:50 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FfBiMrssNMjIkfJ3r6JBH68wa8Jobi9BHHOp5y%2F9tRdt8bD8PRg5IM8tgRfU%2B3Q1UIl8NZGqVIRzd39yamZ3hoHZ0ybfxr5maGBVZpQwCy6c%2FuPdC3TTSz%2F3ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, s-maxage=60, must-revalidate
cf-ray
64e656a16d1d4ab5-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a03d478ea00004ab5c3b67000000001
d.js
waust.at/ 		13 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://waust.at/d.js
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2283
cf-request-id
0a03d478dd00004ecd3213a000000001
last-modified
Mon, 03 May 2021 17:48:32 GMT
server
cloudflare
etag
W/"60903770-3444"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PuUXH6w1w4t7c5xuJpkdvEC8jPlIPibMDitoZkydppFPFlLhJmUm%2BEY6ofyW3NLHXmvCeQxl0k4GztO2Ss%2Fj8QNJcSKQBmUtxBWwl9nDwBnzqoDMgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
64e656a16cb94ecd-FRA
expires
Thu, 13 May 2021 19:40:46 GMT
css
fonts.googleapis.com/ 		6 KB
779 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,400i,700,700i
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/facebook/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cbf396f6e3fdd00039ce9d2c3097e9b17aa25cf85c318378a212af7e292cbc04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.arnolds.com.br/facebook/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 12 May 2021 20:00:01 GMT
server
ESF
date
Wed, 12 May 2021 20:18:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 12 May 2021 20:18:49 GMT
css
fonts.googleapis.com/ 		4 KB
737 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/facebook/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
016b91219c6ed7712bdfed0dfa714b53c5df005847771cddf79e2a3a5d5679ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.arnolds.com.br/facebook/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 12 May 2021 18:21:17 GMT
server
ESF
date
Wed, 12 May 2021 20:18:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 12 May 2021 20:18:49 GMT
bg_1.png
www.arnolds.com.br/instagram/img/ 		262 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.arnolds.com.br/instagram/img/bg_1.png
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/facebook/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.217.27 , France, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
815fd8cd1ff4fb8f036b23e556f20ad5f7bf54f8cfee11c9c609de72765d3441

Request headers

:path
/instagram/img/bg_1.png
pragma
no-cache
cookie
PHPSESSID=111ari3tf5532ta6soq0jnnmmn; idcriptografada=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb; nome=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk; ref=downloadmegajogos
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.arnolds.com.br
referer
https://www.arnolds.com.br/facebook/css/main.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.arnolds.com.br/facebook/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:49 GMT
last-modified
Thu, 01 Oct 2020 19:10:53 GMT
etag
"5f7629bd-106"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
262
protected
by dWAF 2020121701
expires
Thu, 31 Dec 2037 23:55:55 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.arnolds.com.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 20:40:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:00 GMT
server
sffe
age
85091
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15056
x-xss-protection
0
expires
Wed, 11 May 2022 20:40:38 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.arnolds.com.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 01:50:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:22 GMT
server
sffe
age
152892
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14380
x-xss-protection
0
expires
Wed, 11 May 2022 01:50:37 GMT
JTUPjIg1_i6t8kCHKm459WxZcgvz_PZw.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTUPjIg1_i6t8kCHKm459WxZcgvz_PZw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d8631496cacac8ccd260ac5fb41e3e217506304f90750fd96609d91ae8720f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.arnolds.com.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 May 2021 03:59:30 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:26 GMT
server
sffe
age
317959
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19916
x-xss-protection
0
expires
Mon, 09 May 2022 03:59:30 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-108875794-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
6717
date
Wed, 12 May 2021 18:26:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Wed, 12 May 2021 20:26:52 GMT
com.br.js
cdn.proadscdn.com/d/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.proadscdn.com/d/com.br.js?t=2701418
Requested by
Host: adplus.proadscdn.com
URL: https://adplus.proadscdn.com/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2cddb9ef5cc85041e45df8eff10a57311cc3a69a27b0aa000d83d9105dc509b

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3775
content-type
application/javascript
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a03d479010000c29a3632e000000001
last-modified
Mon, 15 Mar 2021 15:42:49 GMT
server
cloudflare
etag
W/"320f-5bd951a1b2e2e-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=diRqpvokfUfqZJ2JyaNJn0xZH0fNLmhbOdlE5HLJqkbR2rHN4JZur0fwMk3INThoSruGXkGtXhZQJDrn5J5qNuI8anixOpNDIe%2BTf8xgJhFunz9uadDW4f7SUq7Krg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language
br
cache-control
max-age=1209600
cf-ray
64e656a19c46c29a-FRA
expires
Wed, 26 May 2021 19:15:54 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=765606583&t=pageview&_s=1&dl=https%3A%2F%2Fwww.arnolds.com.br%2Fcurso-ead-com-baixo-investimento%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&dr=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252Fcurso-ead-com-baixo-investimento%252F&ul=en-us&de=UTF-8&dt=Como%20criar%20um%20curso%20EAD%20com%20baixo%20investimento%20(e%20alta%20qualidade)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=429512693&gjid=619874337&cid=916297898.1620850729&tid=UA-108875794-3&_gid=1083693395.1620850729&_r=1&gtm=2ou550&z=1323537086
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.arnolds.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
arnolds.com.br.js
cdn.proadscdn.com/s/arnolds.com.br/ 		120 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.proadscdn.com/s/arnolds.com.br/arnolds.com.br.js
Requested by
Host: cdn.proadscdn.com
URL: https://cdn.proadscdn.com/d/com.br.js?t=2701418
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:637 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9393142e9906317e9ca4546b6f2e723494b8c0972b0b736a6ff73e46da5fa3e2

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2934
content-type
application/javascript
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a03d4793100003128161d6000000001
last-modified
Fri, 29 Jan 2021 15:33:30 GMT
server
cloudflare
etag
W/"1e053-5ba0bb9f2149b-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s5G0Ip0JJsabEffELeCLUn8kX6WHkQGfu7WJ%2B0869uX%2BFoGZ8CZ1SQVsep%2Bb6x6i4ohraIKtrnrpGe32pjGVpc9CREVXg5w71rdAdvA68V1knM8rdJWcQbPLb2yucQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language
br
cache-control
max-age=1209600
cf-ray
64e656a1eac13128-FRA
expires
Wed, 26 May 2021 19:29:55 GMT
pubads_impl_2021050601.js
securepubads.g.doubleclick.net/gpt/ 		303 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
sffe /
Resource Hash
9eb83620a305b5cfbd47a770dd1f649d9ae99d34becf19308f9cc75106d1b5b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 08:40:53 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
109330
x-xss-protection
0
expires
Wed, 12 May 2021 20:18:49 GMT
/
stat.optad360.mgr.consensu.org/ 		20 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stat.optad360.mgr.consensu.org/
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/db271296-3d68-4d58-aebf-31ea11eb6243/plugin.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.196.233.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-233-38.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8e721fdaed85657fea7e22eff33717764bbdd7249181ed3184a6eb3215f14d15

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 12 May 2021 20:18:49 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
prebid4.10.1.js
get.optad360.io/sf/ 		380 KB
381 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/prebid4.10.1.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/db271296-3d68-4d58-aebf-31ea11eb6243/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:f400:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b961bb522a21c8710fa523ee1b97d3ae8880606088e221a08525621d54b014ca

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 15:18:50 GMT
via
1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
last-modified
Tue, 20 Oct 2020 11:44:25 GMT
server
AmazonS3
age
6584400
etag
"8b3682ab6cf8d8156745869486e3291e"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31556926
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
389196
x-amz-cf-id
RwYnxJLpAWPbUzMTVZ9PHtZjZeNwXOPbsgyZycGLH7bXE0_T1adtCw==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210512
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.10.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2df96438ee666a81b5a8d436b66fde66960b0cdace0f645a00b0241be1b3a10f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
10780
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
956
etag
W/"69e-TJOdmC6NLOZ1me3iC9Vzngh0KBc"
x-served-by
cache-fra19124-FRA, cache-hhn4026-HHN
date
Wed, 12 May 2021 20:18:49 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
integrator.js
adservice.google.fr/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=www.arnolds.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 12 May 2021 20:18:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.arnolds.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 12 May 2021 20:18:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		13 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2294199495335901&correlator=292312425258064&output=ldjh&impl=fif&eid=31060033%2C31060790%2C31060841%2C31060398&vrg=2021050601&ptt=17&sc=1&sfv=1-0-38&ecs=20210512&iu_parts=162717810%2CAdPlus%2C300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1620850729&dt=1620850729525&dlt=1620850729102&idt=393&frm=20&biw=1600&bih=1200&oid=3&adxs=992&adys=279&adks=785115145&ucis=1&ifi=1&u_tz=120&u_his=6&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.arnolds.com.br%2Fcurso-ead-com-baixo-investimento%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&ref=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252Fcurso-ead-com-baixo-investimento%252F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=301x-1&msz=301x-1&ga_vid=916297898.1620850729&ga_sid=1620850730&ga_hid=765606583&ga_fc=false&fws=4&ohw=301&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
da2514a6d4328a60e934058ee412a091d36cb0ccec89121ce7f64512b7f2dcfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7655
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.arnolds.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		41 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2294199495335901&correlator=292312425258064&output=ldjh&impl=fif&eid=31060033%2C31060790%2C31060841%2C31060398&vrg=2021050601&ptt=17&sc=1&sfv=1-0-38&ecs=20210512&iu_parts=162717810%2CAdPlus%2C300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1620850729&dt=1620850729531&dlt=1620850729102&idt=393&frm=20&biw=1600&bih=1200&oid=3&adxs=408&adys=890&adks=1423581654&ucis=2&ifi=2&u_tz=120&u_his=6&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.arnolds.com.br%2Fcurso-ead-com-baixo-investimento%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&ref=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252Fcurso-ead-com-baixo-investimento%252F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=305x-1&msz=305x-1&ga_vid=916297898.1620850729&ga_sid=1620850730&ga_hid=765606583&ga_fc=false&fws=4&ohw=305&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
4e04d218a6508b807b096c5be070b2b119829f3a88a8b9e7a6bb36732730f635
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10264
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.arnolds.com.br
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2294199495335901&correlator=292312425258064&output=ldjh&impl=fif&eid=31060033%2C31060790%2C31060841%2C31060398&vrg=2021050601&ptt=17&sc=1&sfv=1-0-38&ecs=20210512&iu_parts=162717810%2CAdPlus%2C300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1620850729&dt=1620850729534&dlt=1620850729102&idt=393&frm=20&biw=1600&bih=1200&oid=3&adxs=992&adys=890&adks=3330864025&ucis=3&ifi=3&u_tz=120&u_his=6&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.arnolds.com.br%2Fcurso-ead-com-baixo-investimento%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&ref=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252Fcurso-ead-com-baixo-investimento%252F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=301x-1&msz=301x-1&ga_vid=916297898.1620850729&ga_sid=1620850730&ga_hid=765606583&ga_fc=false&fws=4&ohw=301&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
f9dabf8280f5805816486cde705c4646816561c5cccdd3aebb2920157b6360a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7513
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.arnolds.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		117 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0WGNHNHYZS&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-108875794-3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
66b779f1a812456121212d654083ace762335313971a4bc32fd98627dae1dd1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:50 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46111
x-xss-protection
0
expires
Wed, 12 May 2021 20:18:50 GMT
js
www.googletagmanager.com/gtag/ 		87 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-135425005-2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-108875794-3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
439389f6ba864c11375960009d2fd64e9ae2d275175c79cef8b4252b22168789
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:50 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35490
x-xss-protection
0
last-modified
Wed, 12 May 2021 19:47:54 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 12 May 2021 20:18:50 GMT
js
www.googletagmanager.com/gtag/ 		117 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0WGNHNHYZS
Requested by
Host: ad.lomadee.fun
URL: https://ad.lomadee.fun/banners/script.js?sourceId=36084693&dimension=17&height=250&width=300&method=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f9c90ee30ec66127adfefd1e68106fc94643e091337d637692d036977b89fa87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:50 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46094
x-xss-protection
0
expires
Wed, 12 May 2021 20:18:50 GMT
script.js
ad.lomadee.com/banners/ 		433 B
591 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lomadee.com/banners/script.js?sourceId=36084693&dimension=17&height=250&width=300&method=0
Requested by
Host: ad.lomadee.fun
URL: https://ad.lomadee.fun/banners/script.js?sourceId=36084693&dimension=17&height=250&width=300&method=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.95.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-69.zrh50.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
ad9f9715cc466d6b47c51f9bf3f3a86fd2796fff2e553f9cb67d7a6f4058f743

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 26 Feb 2021 18:44:10 GMT
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
age
6485680
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-language
en-US
content-encoding
gzip
x-amz-cf-pop
ZRH50-C1
content-type
text/html;charset=UTF-8
x-amz-cf-id
P1SE5ZtNJvutayMj3STmmRA-8yqpiSFIMYoej-6MifYT-PiaW-dy8Q==
container.html
6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 418D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 12 May 2021 20:18:49 GMT
expires
Thu, 12 May 2022 20:18:49 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ef9a18aef9847638b3b4344a0b2ebed14e84fb0aeb8ce29292af06826a2580a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620696588139699"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28014
x-xss-protection
0
expires
Wed, 12 May 2021 20:18:50 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-0WGNHNHYZS&gtm=2oe550&_p=765606583&sr=1600x1200&ul=en-us&cid=916297898.1620850729&_s=1&dl=https%3A%2F%2Fwww.arnolds.com.br%2Fcurso-ead-com-baixo-investimento%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&dr=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252Fcurso-ead-com-baixo-investimento%252F&dt=Como%20criar%20um%20curso%20EAD%20com%20baixo%20investimento%20(e%20alta%20qualidade)&sid=1620850730&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0WGNHNHYZS
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.arnolds.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=765606583&t=pageview&_s=1&dl=https%3A%2F%2Fwww.arnolds.com.br%2Fcurso-ead-com-baixo-investimento%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&dr=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252Fcurso-ead-com-baixo-investimento%252F&ul=en-us&de=UTF-8&dt=Como%20criar%20um%20curso%20EAD%20com%20baixo%20investimento%20(e%20alta%20qualidade)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=396002244&gjid=604199699&cid=916297898.1620850729&tid=UA-135425005-2&_gid=1083693395.1620850729&_r=1&gtm=2ou550&z=1676468467
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.arnolds.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame C2ED 		624 B
592 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPZbRDgl_ECGOCe3qMBMAE&v=APEucNWq6tyYYm8N3qSzNsuumopsznpsclvUKwi-5aEQBRaSZ-8Nn6WghvtikNiYdoBfugnVe89pNZBRhVtjm2lxf3igOjy0-pRzbLMUrm_wc4BRX4x_nxEGKjr575r7Xc5sVNSnghhHReOM_Q4Ha_6zMRuBQfVRiGkoUQDCKfJ6dEUzhlGqSddlrovjcu8VfCJck2xIDkxO-Eay-0dZjBqR9VK5oBPCJKkK6KPa_kHSGWaJ4w2FgHY
Requested by
Host: 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
URL: https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CNPZbRDgl_ECGOCe3qMBMAE&v=APEucNWq6tyYYm8N3qSzNsuumopsznpsclvUKwi-5aEQBRaSZ-8Nn6WghvtikNiYdoBfugnVe89pNZBRhVtjm2lxf3igOjy0-pRzbLMUrm_wc4BRX4x_nxEGKjr575r7Xc5sVNSnghhHReOM_Q4Ha_6zMRuBQfVRiGkoUQDCKfJ6dEUzhlGqSddlrovjcu8VfCJck2xIDkxO-Eay-0dZjBqR9VK5oBPCJKkK6KPa_kHSGWaJ4w2FgHY
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 12 May 2021 20:18:50 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUnkCQ5_1dAIQVJpwKrdBnTfwnxq7hWoJTLjnao8IRCzJxVUOfi-I1B6nnlH; expires=Mon, 06-Jun-2022 20:18:50 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 12 May 2021 20:18:50 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 418D 		67 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BuB6lJxp0DquiU8KCQPQNY8lEMvsZEkHMQ_Keeg7V9OuI1rLS6muSgJahGJPFGLWB6oQajlEI-5BfUQ_F8c_9MJv9TmVHJziTuyAKldlJugOyC6J2ruZmQd9sh5mfCm0RXTy2eJzo476ItSi5x7QjWSocK5g&dbm_d=AKAmf-B8bo0oNDeCXYAkI3wzzSv3VQ9eCEQn2CuttC_qhySus1HVEyfOyNCjbXroHlKmDyShPci2xT9DXvvAlYgv6Otok72LahIIKcH2VFVS0oN8h_otI0qYLZERItYrhaTS-qUHPx6F6HNeLQfK1ZHxpNUc1-Kq0zHD7OZJzK5L1Iudh9zzIRDkt-lZndhYtKZXFnYJgtY3oNcCsiB-77lW3w40fVgZ7AuJLZUEgAzwnp1iL3kO_ilWttq-ql59s6mHBWwCtQItMBWsOK9ovMWW4awnQmBpXmGy9Q5AyWuAgM8yvjVhj7Udy-earDgxYwze0SIMGi_lVI6zauBrBJ3m04UtNgI5g2fSifG85mS-WyVs3z7Pn9gdRIsNr7Rtej3_yab609nho1-VRblWHQO_M3SkKsuYX7EERMzl8jDUfuXdajPVzudlEEiPkN-qXcDSn4DCyQhK9uxoqWzVAMYETnp1O__beEtn6LIToAtDXw-odZ74jZIMcOj5OVO5yyvULQXZ2-oBR_TgzBvQDIsR7Zu6Ok4HR2D8oZLHrAuQjNRQvNZCo3asDuX29_nN2t1Fuk3xeABWChW9UnwWbRXL2AlOqy6wio1_cfo8cGSBgGqJv-28uRwrRk6ZnMPTyGLXsMZ5k41efWecWfYTrZFFHtY07e4Petvk1EKT8d34IiSnGPRLaYK5tTuGmhwZq6_n9mRVLkdPZQCEo8rAPguUNfHU_02f6lWghmvZ4zp18z2q1WFm2cQDrj-_xOkPRZi4qCZTC0M5r4yenVrT7xaFL6mCNuBrhJzEWOExsvfJd2F2xU9mgzndgMplX_JROi49C1AQQpt2wKCnOTOVdefPKcK7dSMsCAhNtTAhTuyr-OlnJgIpytYOyS4zPq_M8gQsPiB-u7GlY-HftC6zo1Jz1QqpOBLS2W2qCwUGDLd5MitHDRidnww8lyFUGyRYQfgv0KJU_q8m26Du9XzSNbZIDVjpI4OgnyDif5T8VMYS0AabjWFTeiE8P1cOvef9wGCP2VYWsWlw_olAHFn6qGuveL8lbuJvOdRFFVACkJcJGJ8Cfy9YBnH4jWkX9pzKPbiFdnP_ArakHnp62EfZ7H2N_CN1eipmmweMWvHebcbUvcX1L3FAIBcI3-Esg_SuuUfbwVd9rTu5BmiLSozkqvpu_oNgTLlKpmNXo77o--MJbbZ137qcmItakIWO0EE8PoXI8V8qfxHJQ8HeKA2DWVEZabP6xYtpfhIeztYZmcNlnzFmcZNNzpAjyehewUn4jLSJ-DD19ehw5q0MFPnu2rPJKELHsbfKixIkiqlfKT7tN7O1yzCQq_9uA30mf7r2C08WDHM_AeKXbP4sTIa5OLbaZ1o8FtBkepuJNDZ8eK-66w7ILuCpyj6U1vpLRDg19Rl2QUpA2d6etZcBhtVl5zcCWoRtbLxXATLbylw35QV8PYp56Ywhhe-rN_cPawGtxcDb2EQcyzIubnsyzs9M5dPmoASNON6X768dH0_5q8Qg8zYTTj0MYzrp_OhBJPe-PIPrEJ3ZY3z_oM2B-RQi5t5xhGAi33S8Hed8PDDyo5vbKFSmgp-RyFnoncdLQZS0iEAVs2fZdLclH045Oms7cW-ey35xnGlQuUYZWpQyjez9oKcvjBJ2M5CATqM5FZAv_JI8yC3OO2dJiNkS7GjgpOdgdmCoVrqWj7aaRDwF47l1eTDSuTERuoRYpHF2mQORcG-0UH9Qcs0-ly5r1BoQU8FqJmeWXyBiYk0M-QppFOTINoILSO6Vkrp1rkmPL6QUbzUCVTw1sQG6YA6YuAxdWf6urV2yC_mYnhlD6fbQzJMPkrBGu7x549_h1zOtQe4-OrLCjcELfu7VAgHvIQ2NcsFn3zNnjmI0uoTkj00gQdxaF1TIbGnMyamhO2fl2ylzjgvwzLehuE40sDpPGYde51w9wpAkufNghsY1fM49rMJ8OcdOkxWDuRO9zmOB_H5Pt3BIDdGFB-a863kqXhwpkaYPPAgTYoP34dFhtuCCKjuT0R20tb7YIOWjqwLew0EyjhrG74do0LrWDBK2fFLt2YTg-3gE-cXVp8Q7zrmju8tEG4mFSBm42zf-O3tL4pMCiiwuIBfWR4JvzZuPF3sC-tsuPFjO6EEYT4B_ENSqBzzLZPl1WbZGOc1_s7TmqIAizafRveOjq28dpAYpZjop3cviWF1rgL4M6cIGupf0uk9QvC-QCNuYCHG60y5bq9-pbOF4isk-h9jYPnPflj5AgfptVHnTh6lOOQN4uAbcOus9lwaS8Vm61P3q6qn2W9XWnUnEj3PFJRnFVB5haDC7HylJtTyuPQhSOKVsvDkQWdpToL0jUjZlnp3ZoD-Sg_a732DOJPEoHu1sQPPSX1i10lDhcQA2-cTJvw0PINbfV1VVfcANLWixs6YdQ2fea8AEkyrnTK7kpQLKxwv9BqDEX_x0Bv_fKt6t3FuwpDCbYVn5A81UbL98iEwHY6vreoWQ3kMvj4kfzy09M1E0AcKP5fx0YLm1yIdgqsXdb_nCHq926IPn9jhDnENJXvDBu-qWLkz60_1Hg3mlMQF2Hwr7v-6c4MZs0v2--NFEYcberAWYwt1BaBs6knGHSm9uyUqM-ULyZYgz62isrkyVhni7wLP3AYtAm119V0qUhFlrYX6CBu83iL1H2AIDJro-7S6yR0UfyPAsp--MmFDSk48mTFUXIogmm7UZiqbJySM3Zf6IhUfib3Iz3u6xVT5I_ZhIC8CXKwfJXU3whcCHV6-J8M_s6WojHQngVMLL6E5VyRZHN397wNQGGo2FxULK6Im6DQViHjvgQAh5Bert0f-64nnfUhdFONiLKzCrptewimnPVN1AXjJSFjmpg4tqa0xktwMec_LuAGWG9Pg657QZTREJ63QFeEiZggEooIzNn5XWWJhSRwb33TUR1QhzQ-RdawBfxb-Fym2OeENjNj5XLhP1LAorlKmbWdqz-2r3h2mZzM07VyQaMwDvTfKIcE2SegT3Bb7xbUBrCEcVmI9pphEwBS1B3bT2ZbKjLte-aVpRDul2Un05mMMhXNlgmNV9EclF3LAOXAB-nHAsuZWsKoxHAJbsUlNumG1JL8u4yf1ArW8rJfshmF12OM73nl9NCUQ8vl7TD_69wmWzLLMg8JGp3jrWIwsrFDx1BW7B0XCypI4C_-nAnEM78o06W_RdJSt_ss9UGkij4MidyOafG4RzwgK94odrojRzaHII4KUbcSHoRX8moCxLqd-3bW-zqI7V8IYyQv0blbc_vJW7RqSMxVuwopHhNUgrV7LjcMI5L-xD1wUva0e49UtiW79glpvvlOMR0-vcIxybX0qBP2pOSfZ1OIYmtgg9vzuKZJ7M1MseMd_H0iqCA3phFJE3HuuJZ1UD59InyU1pvN7ICnNCsOhcrQALQnXb26MXmCzYKYz7-L6PVWc&cid=CAASPeRoUmfVP8j1-TtYx-QMzbGkaRNzNjsvy2NkfzJHMjJQ4mvLmsGoOcabtsf71SJDSVLHOPs9-giDwgJCjJY&rfl=1%2Chttps%253A%252F%252Fwww.arnolds.com.br%252Fcurso-ead-com-baixo-investimento%252F%253Futm_source%253Dfacebook%2526utm_medium%253Dsocial%2526utm_campaign%253Dfanpages%240
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
180d5b3fbc42bacbe3420e8c9b4ec256000c916e64a791bda91554cf71e8a5d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27171
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 418D 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D3yiC9nHbCDPF0GOH0OwGdtfb0uUVmiiQh-90bqwo1BTbe-FL6pVe69w9wO3lgdkVVBrKdSd57jY4HV4UCBjEO69q_qtfcGfNU6Xe5OZZtI2W1AO0
Requested by
Host: 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
URL: https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame 418D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/window_focus_fy2019.js
Requested by
Host: 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
URL: https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:17:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 May 2021 20:17:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 418D 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
URL: https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e3de2e14d9c8708fe42cbb220f1c4d52b720493b1503aa266fac9361b64ac31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620696594685118"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36097
x-xss-protection
0
expires
Wed, 12 May 2021 20:18:50 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame 418D 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
URL: https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:15:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
194
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 May 2021 20:15:36 GMT
l
www.google.com/ads/measurement/ Frame 418D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS_FxUSIsnWU01IofiJBZ5LoNnFZ4bRDd73SQ2MOfx6obh8Fx4lGAkXOugW9Q10HMCZPCrv
Requested by
Host: 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
URL: https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
view
ad.lomadee.com/banner/ Frame 4F0D 		1 KB
982 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lomadee.com/banner/view?sourceId=36084693&dimension=17&width=300&height=250&method=0&advertisers=&tags=
Requested by
Host: ad.lomadee.com
URL: https://ad.lomadee.com/banners/script.js?sourceId=36084693&dimension=17&height=250&width=300&method=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.95.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-69.zrh50.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
b09c8f21fb8b53a6e355b9c415e1faef94f5dcab16f138261b0b76f6fb816432

Request headers

:method
GET
:authority
ad.lomadee.com
:scheme
https
:path
/banner/view?sourceId=36084693&dimension=17&width=300&height=250&method=0&advertisers=&tags=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages

Response headers

content-type
text/html;charset=UTF-8
content-encoding
gzip
content-language
en-US
date
Wed, 12 May 2021 20:15:55 GMT
server
Apache-Coyote/1.1
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
lrMGEw8P2FaMxUNI_nV09sfh9WdK6YqAmxy1RP4lUrfeG8aFqYpjyw==
age
174
/
rotumal.com/5/2748187/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rotumal.com/5/2748187/?oo=1
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.171.10.216 Nijverdal, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
aa80ecd5a87d2bc7c3ae95347c3e0c79c9b9f2f74ec25a3c8972c08e1492e6f0

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id
8bd988c26f10277e9144ea24f861c45e
pragma
no-cache, no-cache
date
Wed, 12 May 2021 20:18:50 GMT
content-encoding
gzip
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.arnolds.com.br
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
tag.min.js
rotumal.com/ 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rotumal.com/tag.min.js
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.171.10.216 Nijverdal, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
237b757471e0eda4c69dd3b31f44fc91f1b5ce56054617260250ec763ad89cd6
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-length
18870
x-trace-id
52144953080f5c90e4b2da3d492cf60c
pragma
no-cache
last-modified
Tue, 04 May 2021 16:11:51 GMT
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT
24d6c01f15a843b813b4d3c293485ea2.min.js
clevernt.com/scripts/ 		125 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clevernt.com/scripts/24d6c01f15a843b813b4d3c293485ea2.min.js?20201008=1620850730327
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dafe399acf3df107ee334a1a617a2aea5c49af4932172239b16f0c6515de0fb3

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2983
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
4V313H7ZZK6XX4JZ
x-amz-id-2
Ayos3jg730KLALbO7eRv1h6I7E50aQ5JnBP7yMfXte0us5c1Tu4o+2XathTbdLJXAUwqOaIGO6I=
last-modified
Wed, 12 May 2021 06:52:12 GMT
server
cloudflare
etag
W/"6e11499149870c38437809aa8da49a75"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iT%2F3b2AtlS%2B4Zi%2Bu%2BkfBNrCHQ8bURqx%2Fq1UH0w%2F6Wp%2BVIJb9xvQW%2FNX9vTcXU%2FrjgRQ69EThECtICtbFt%2F%2BS98zK0Q1fMBVUSFrdeRr8yFp8duTuK5QZ1Rs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=1800
cf-request-id
0a03d47d6a00004e8c638c4000000001
cf-ray
64e656a8a91a4e8c-FRA
integrator.js
adservice.google.fr/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=www.arnolds.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 12 May 2021 20:18:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.arnolds.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 12 May 2021 20:18:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2294199495335901&correlator=292312425258064&output=ldjh&impl=fif&eid=31060033%2C31060790%2C31060841%2C31060398%2C44714449&vrg=2021050601&ptt=17&sc=1&sfv=1-0-38&ecs=20210512&iu_parts=121764058%2Carnolds.com.br%2Carnolds.com.br_stat_S1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cookie=ID%3D016d69f2709e9dfa-225665ef10c800ed%3AT%3D1620850729%3AS%3DALNI_MY3lMgUaaDytJzj-ptXJzlUH_t0KQ&bc=31&abxe=1&lmt=1620850730&dt=1620850730408&dlt=1620850729102&idt=393&frm=20&biw=1600&bih=1200&oid=3&adxs=410&adys=296&adks=1722908959&ucis=4&ifi=4&u_tz=120&u_his=6&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.arnolds.com.br%2Fcurso-ead-com-baixo-investimento%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&ref=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252Fcurso-ead-com-baixo-investimento%252F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=300x-1&ga_vid=916297898.1620850729&ga_sid=1620850730&ga_hid=765606583&ga_fc=false&ga_cid=1083693395.1620850729&fws=132&ohw=305&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
f73567df489326a1d05a527fdb773ac8904b0dca6228f2d0239ae5a45ac1750d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9882
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.arnolds.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
whos.amung.us/pingjs/ 		30 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://whos.amung.us/pingjs/?k=0hpugnb9nc&t=Como%20criar%20um%20curso%20EAD%20com%20baixo%20investimento%20(e%20alta%20qualidade)&c=d&x=https%3A%2F%2Fwww.arnolds.com.br%2Fcurso-ead-com-baixo-investimento%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&y=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252Fcurso-ead-com-baixo-investimento%252F&a=0&v=27&r=2647
Requested by
Host: waust.at
URL: https://waust.at/d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.202.94.93 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
amung.us
Software
/
Resource Hash
01676e44806bdf3284f93ed7206ead53e94b5cdd219c5d348f0a4862318e68a3

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:50 GMT
content-encoding
gzip
content-type
text/javascript;charset=UTF-8
skeleton.js
fw.adsafeprotected.com/rjss/st/447445/53987149/ Frame 418D 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/447445/53987149/skeleton.js
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.187.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-187-52.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b94449e66891f575789ca399243807ab9c649ac44c42cf3b411c1ee6508c3687

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:50 GMT
content-encoding
gzip
x-server-name
app09.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 418D 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 14:18:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21608
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39287
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 May 2021 14:18:42 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210510/r20110914/elements/html/ Frame 418D 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210510/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BuB6lJxp0DquiU8KCQPQNY8lEMvsZEkHMQ_Keeg7V9OuI1rLS6muSgJahGJPFGLWB6oQajlEI-5BfUQ_F8c_9MJv9TmVHJziTuyAKldlJugOyC6J2ruZmQd9sh5mfCm0RXTy2eJzo476ItSi5x7QjWSocK5g&dbm_d=AKAmf-B8bo0oNDeCXYAkI3wzzSv3VQ9eCEQn2CuttC_qhySus1HVEyfOyNCjbXroHlKmDyShPci2xT9DXvvAlYgv6Otok72LahIIKcH2VFVS0oN8h_otI0qYLZERItYrhaTS-qUHPx6F6HNeLQfK1ZHxpNUc1-Kq0zHD7OZJzK5L1Iudh9zzIRDkt-lZndhYtKZXFnYJgtY3oNcCsiB-77lW3w40fVgZ7AuJLZUEgAzwnp1iL3kO_ilWttq-ql59s6mHBWwCtQItMBWsOK9ovMWW4awnQmBpXmGy9Q5AyWuAgM8yvjVhj7Udy-earDgxYwze0SIMGi_lVI6zauBrBJ3m04UtNgI5g2fSifG85mS-WyVs3z7Pn9gdRIsNr7Rtej3_yab609nho1-VRblWHQO_M3SkKsuYX7EERMzl8jDUfuXdajPVzudlEEiPkN-qXcDSn4DCyQhK9uxoqWzVAMYETnp1O__beEtn6LIToAtDXw-odZ74jZIMcOj5OVO5yyvULQXZ2-oBR_TgzBvQDIsR7Zu6Ok4HR2D8oZLHrAuQjNRQvNZCo3asDuX29_nN2t1Fuk3xeABWChW9UnwWbRXL2AlOqy6wio1_cfo8cGSBgGqJv-28uRwrRk6ZnMPTyGLXsMZ5k41efWecWfYTrZFFHtY07e4Petvk1EKT8d34IiSnGPRLaYK5tTuGmhwZq6_n9mRVLkdPZQCEo8rAPguUNfHU_02f6lWghmvZ4zp18z2q1WFm2cQDrj-_xOkPRZi4qCZTC0M5r4yenVrT7xaFL6mCNuBrhJzEWOExsvfJd2F2xU9mgzndgMplX_JROi49C1AQQpt2wKCnOTOVdefPKcK7dSMsCAhNtTAhTuyr-OlnJgIpytYOyS4zPq_M8gQsPiB-u7GlY-HftC6zo1Jz1QqpOBLS2W2qCwUGDLd5MitHDRidnww8lyFUGyRYQfgv0KJU_q8m26Du9XzSNbZIDVjpI4OgnyDif5T8VMYS0AabjWFTeiE8P1cOvef9wGCP2VYWsWlw_olAHFn6qGuveL8lbuJvOdRFFVACkJcJGJ8Cfy9YBnH4jWkX9pzKPbiFdnP_ArakHnp62EfZ7H2N_CN1eipmmweMWvHebcbUvcX1L3FAIBcI3-Esg_SuuUfbwVd9rTu5BmiLSozkqvpu_oNgTLlKpmNXo77o--MJbbZ137qcmItakIWO0EE8PoXI8V8qfxHJQ8HeKA2DWVEZabP6xYtpfhIeztYZmcNlnzFmcZNNzpAjyehewUn4jLSJ-DD19ehw5q0MFPnu2rPJKELHsbfKixIkiqlfKT7tN7O1yzCQq_9uA30mf7r2C08WDHM_AeKXbP4sTIa5OLbaZ1o8FtBkepuJNDZ8eK-66w7ILuCpyj6U1vpLRDg19Rl2QUpA2d6etZcBhtVl5zcCWoRtbLxXATLbylw35QV8PYp56Ywhhe-rN_cPawGtxcDb2EQcyzIubnsyzs9M5dPmoASNON6X768dH0_5q8Qg8zYTTj0MYzrp_OhBJPe-PIPrEJ3ZY3z_oM2B-RQi5t5xhGAi33S8Hed8PDDyo5vbKFSmgp-RyFnoncdLQZS0iEAVs2fZdLclH045Oms7cW-ey35xnGlQuUYZWpQyjez9oKcvjBJ2M5CATqM5FZAv_JI8yC3OO2dJiNkS7GjgpOdgdmCoVrqWj7aaRDwF47l1eTDSuTERuoRYpHF2mQORcG-0UH9Qcs0-ly5r1BoQU8FqJmeWXyBiYk0M-QppFOTINoILSO6Vkrp1rkmPL6QUbzUCVTw1sQG6YA6YuAxdWf6urV2yC_mYnhlD6fbQzJMPkrBGu7x549_h1zOtQe4-OrLCjcELfu7VAgHvIQ2NcsFn3zNnjmI0uoTkj00gQdxaF1TIbGnMyamhO2fl2ylzjgvwzLehuE40sDpPGYde51w9wpAkufNghsY1fM49rMJ8OcdOkxWDuRO9zmOB_H5Pt3BIDdGFB-a863kqXhwpkaYPPAgTYoP34dFhtuCCKjuT0R20tb7YIOWjqwLew0EyjhrG74do0LrWDBK2fFLt2YTg-3gE-cXVp8Q7zrmju8tEG4mFSBm42zf-O3tL4pMCiiwuIBfWR4JvzZuPF3sC-tsuPFjO6EEYT4B_ENSqBzzLZPl1WbZGOc1_s7TmqIAizafRveOjq28dpAYpZjop3cviWF1rgL4M6cIGupf0uk9QvC-QCNuYCHG60y5bq9-pbOF4isk-h9jYPnPflj5AgfptVHnTh6lOOQN4uAbcOus9lwaS8Vm61P3q6qn2W9XWnUnEj3PFJRnFVB5haDC7HylJtTyuPQhSOKVsvDkQWdpToL0jUjZlnp3ZoD-Sg_a732DOJPEoHu1sQPPSX1i10lDhcQA2-cTJvw0PINbfV1VVfcANLWixs6YdQ2fea8AEkyrnTK7kpQLKxwv9BqDEX_x0Bv_fKt6t3FuwpDCbYVn5A81UbL98iEwHY6vreoWQ3kMvj4kfzy09M1E0AcKP5fx0YLm1yIdgqsXdb_nCHq926IPn9jhDnENJXvDBu-qWLkz60_1Hg3mlMQF2Hwr7v-6c4MZs0v2--NFEYcberAWYwt1BaBs6knGHSm9uyUqM-ULyZYgz62isrkyVhni7wLP3AYtAm119V0qUhFlrYX6CBu83iL1H2AIDJro-7S6yR0UfyPAsp--MmFDSk48mTFUXIogmm7UZiqbJySM3Zf6IhUfib3Iz3u6xVT5I_ZhIC8CXKwfJXU3whcCHV6-J8M_s6WojHQngVMLL6E5VyRZHN397wNQGGo2FxULK6Im6DQViHjvgQAh5Bert0f-64nnfUhdFONiLKzCrptewimnPVN1AXjJSFjmpg4tqa0xktwMec_LuAGWG9Pg657QZTREJ63QFeEiZggEooIzNn5XWWJhSRwb33TUR1QhzQ-RdawBfxb-Fym2OeENjNj5XLhP1LAorlKmbWdqz-2r3h2mZzM07VyQaMwDvTfKIcE2SegT3Bb7xbUBrCEcVmI9pphEwBS1B3bT2ZbKjLte-aVpRDul2Un05mMMhXNlgmNV9EclF3LAOXAB-nHAsuZWsKoxHAJbsUlNumG1JL8u4yf1ArW8rJfshmF12OM73nl9NCUQ8vl7TD_69wmWzLLMg8JGp3jrWIwsrFDx1BW7B0XCypI4C_-nAnEM78o06W_RdJSt_ss9UGkij4MidyOafG4RzwgK94odrojRzaHII4KUbcSHoRX8moCxLqd-3bW-zqI7V8IYyQv0blbc_vJW7RqSMxVuwopHhNUgrV7LjcMI5L-xD1wUva0e49UtiW79glpvvlOMR0-vcIxybX0qBP2pOSfZ1OIYmtgg9vzuKZJ7M1MseMd_H0iqCA3phFJE3HuuJZ1UD59InyU1pvN7ICnNCsOhcrQALQnXb26MXmCzYKYz7-L6PVWc&cid=CAASPeRoUmfVP8j1-TtYx-QMzbGkaRNzNjsvy2NkfzJHMjJQ4mvLmsGoOcabtsf71SJDSVLHOPs9-giDwgJCjJY&rfl=1%2Chttps%253A%252F%252Fwww.arnolds.com.br%252Fcurso-ead-com-baixo-investimento%252F%253Futm_source%253Dfacebook%2526utm_medium%253Dsocial%2526utm_campaign%253Dfanpages%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:17:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 May 2021 20:17:19 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210510/r20110914/ Frame 418D 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210510/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BuB6lJxp0DquiU8KCQPQNY8lEMvsZEkHMQ_Keeg7V9OuI1rLS6muSgJahGJPFGLWB6oQajlEI-5BfUQ_F8c_9MJv9TmVHJziTuyAKldlJugOyC6J2ruZmQd9sh5mfCm0RXTy2eJzo476ItSi5x7QjWSocK5g&dbm_d=AKAmf-B8bo0oNDeCXYAkI3wzzSv3VQ9eCEQn2CuttC_qhySus1HVEyfOyNCjbXroHlKmDyShPci2xT9DXvvAlYgv6Otok72LahIIKcH2VFVS0oN8h_otI0qYLZERItYrhaTS-qUHPx6F6HNeLQfK1ZHxpNUc1-Kq0zHD7OZJzK5L1Iudh9zzIRDkt-lZndhYtKZXFnYJgtY3oNcCsiB-77lW3w40fVgZ7AuJLZUEgAzwnp1iL3kO_ilWttq-ql59s6mHBWwCtQItMBWsOK9ovMWW4awnQmBpXmGy9Q5AyWuAgM8yvjVhj7Udy-earDgxYwze0SIMGi_lVI6zauBrBJ3m04UtNgI5g2fSifG85mS-WyVs3z7Pn9gdRIsNr7Rtej3_yab609nho1-VRblWHQO_M3SkKsuYX7EERMzl8jDUfuXdajPVzudlEEiPkN-qXcDSn4DCyQhK9uxoqWzVAMYETnp1O__beEtn6LIToAtDXw-odZ74jZIMcOj5OVO5yyvULQXZ2-oBR_TgzBvQDIsR7Zu6Ok4HR2D8oZLHrAuQjNRQvNZCo3asDuX29_nN2t1Fuk3xeABWChW9UnwWbRXL2AlOqy6wio1_cfo8cGSBgGqJv-28uRwrRk6ZnMPTyGLXsMZ5k41efWecWfYTrZFFHtY07e4Petvk1EKT8d34IiSnGPRLaYK5tTuGmhwZq6_n9mRVLkdPZQCEo8rAPguUNfHU_02f6lWghmvZ4zp18z2q1WFm2cQDrj-_xOkPRZi4qCZTC0M5r4yenVrT7xaFL6mCNuBrhJzEWOExsvfJd2F2xU9mgzndgMplX_JROi49C1AQQpt2wKCnOTOVdefPKcK7dSMsCAhNtTAhTuyr-OlnJgIpytYOyS4zPq_M8gQsPiB-u7GlY-HftC6zo1Jz1QqpOBLS2W2qCwUGDLd5MitHDRidnww8lyFUGyRYQfgv0KJU_q8m26Du9XzSNbZIDVjpI4OgnyDif5T8VMYS0AabjWFTeiE8P1cOvef9wGCP2VYWsWlw_olAHFn6qGuveL8lbuJvOdRFFVACkJcJGJ8Cfy9YBnH4jWkX9pzKPbiFdnP_ArakHnp62EfZ7H2N_CN1eipmmweMWvHebcbUvcX1L3FAIBcI3-Esg_SuuUfbwVd9rTu5BmiLSozkqvpu_oNgTLlKpmNXo77o--MJbbZ137qcmItakIWO0EE8PoXI8V8qfxHJQ8HeKA2DWVEZabP6xYtpfhIeztYZmcNlnzFmcZNNzpAjyehewUn4jLSJ-DD19ehw5q0MFPnu2rPJKELHsbfKixIkiqlfKT7tN7O1yzCQq_9uA30mf7r2C08WDHM_AeKXbP4sTIa5OLbaZ1o8FtBkepuJNDZ8eK-66w7ILuCpyj6U1vpLRDg19Rl2QUpA2d6etZcBhtVl5zcCWoRtbLxXATLbylw35QV8PYp56Ywhhe-rN_cPawGtxcDb2EQcyzIubnsyzs9M5dPmoASNON6X768dH0_5q8Qg8zYTTj0MYzrp_OhBJPe-PIPrEJ3ZY3z_oM2B-RQi5t5xhGAi33S8Hed8PDDyo5vbKFSmgp-RyFnoncdLQZS0iEAVs2fZdLclH045Oms7cW-ey35xnGlQuUYZWpQyjez9oKcvjBJ2M5CATqM5FZAv_JI8yC3OO2dJiNkS7GjgpOdgdmCoVrqWj7aaRDwF47l1eTDSuTERuoRYpHF2mQORcG-0UH9Qcs0-ly5r1BoQU8FqJmeWXyBiYk0M-QppFOTINoILSO6Vkrp1rkmPL6QUbzUCVTw1sQG6YA6YuAxdWf6urV2yC_mYnhlD6fbQzJMPkrBGu7x549_h1zOtQe4-OrLCjcELfu7VAgHvIQ2NcsFn3zNnjmI0uoTkj00gQdxaF1TIbGnMyamhO2fl2ylzjgvwzLehuE40sDpPGYde51w9wpAkufNghsY1fM49rMJ8OcdOkxWDuRO9zmOB_H5Pt3BIDdGFB-a863kqXhwpkaYPPAgTYoP34dFhtuCCKjuT0R20tb7YIOWjqwLew0EyjhrG74do0LrWDBK2fFLt2YTg-3gE-cXVp8Q7zrmju8tEG4mFSBm42zf-O3tL4pMCiiwuIBfWR4JvzZuPF3sC-tsuPFjO6EEYT4B_ENSqBzzLZPl1WbZGOc1_s7TmqIAizafRveOjq28dpAYpZjop3cviWF1rgL4M6cIGupf0uk9QvC-QCNuYCHG60y5bq9-pbOF4isk-h9jYPnPflj5AgfptVHnTh6lOOQN4uAbcOus9lwaS8Vm61P3q6qn2W9XWnUnEj3PFJRnFVB5haDC7HylJtTyuPQhSOKVsvDkQWdpToL0jUjZlnp3ZoD-Sg_a732DOJPEoHu1sQPPSX1i10lDhcQA2-cTJvw0PINbfV1VVfcANLWixs6YdQ2fea8AEkyrnTK7kpQLKxwv9BqDEX_x0Bv_fKt6t3FuwpDCbYVn5A81UbL98iEwHY6vreoWQ3kMvj4kfzy09M1E0AcKP5fx0YLm1yIdgqsXdb_nCHq926IPn9jhDnENJXvDBu-qWLkz60_1Hg3mlMQF2Hwr7v-6c4MZs0v2--NFEYcberAWYwt1BaBs6knGHSm9uyUqM-ULyZYgz62isrkyVhni7wLP3AYtAm119V0qUhFlrYX6CBu83iL1H2AIDJro-7S6yR0UfyPAsp--MmFDSk48mTFUXIogmm7UZiqbJySM3Zf6IhUfib3Iz3u6xVT5I_ZhIC8CXKwfJXU3whcCHV6-J8M_s6WojHQngVMLL6E5VyRZHN397wNQGGo2FxULK6Im6DQViHjvgQAh5Bert0f-64nnfUhdFONiLKzCrptewimnPVN1AXjJSFjmpg4tqa0xktwMec_LuAGWG9Pg657QZTREJ63QFeEiZggEooIzNn5XWWJhSRwb33TUR1QhzQ-RdawBfxb-Fym2OeENjNj5XLhP1LAorlKmbWdqz-2r3h2mZzM07VyQaMwDvTfKIcE2SegT3Bb7xbUBrCEcVmI9pphEwBS1B3bT2ZbKjLte-aVpRDul2Un05mMMhXNlgmNV9EclF3LAOXAB-nHAsuZWsKoxHAJbsUlNumG1JL8u4yf1ArW8rJfshmF12OM73nl9NCUQ8vl7TD_69wmWzLLMg8JGp3jrWIwsrFDx1BW7B0XCypI4C_-nAnEM78o06W_RdJSt_ss9UGkij4MidyOafG4RzwgK94odrojRzaHII4KUbcSHoRX8moCxLqd-3bW-zqI7V8IYyQv0blbc_vJW7RqSMxVuwopHhNUgrV7LjcMI5L-xD1wUva0e49UtiW79glpvvlOMR0-vcIxybX0qBP2pOSfZ1OIYmtgg9vzuKZJ7M1MseMd_H0iqCA3phFJE3HuuJZ1UD59InyU1pvN7ICnNCsOhcrQALQnXb26MXmCzYKYz7-L6PVWc&cid=CAASPeRoUmfVP8j1-TtYx-QMzbGkaRNzNjsvy2NkfzJHMjJQ4mvLmsGoOcabtsf71SJDSVLHOPs9-giDwgJCjJY&rfl=1%2Chttps%253A%252F%252Fwww.arnolds.com.br%252Fcurso-ead-com-baixo-investimento%252F%253Futm_source%253Dfacebook%2526utm_medium%253Dsocial%2526utm_campaign%253Dfanpages%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df0df39146c8995f0d40836e1e0839ad95f81ad1c9d24ba85169e3c2f0560ac1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8628
x-xss-protection
0
server
cafe
etag
4958886646989192229
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 May 2021 20:18:47 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/032104130153000/ Frame 0977 		192 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032104130153000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83860ee17d1e1cdbf26eeb3d0fd3a99f253fc29e6ef7db46eefe7c1694f361ed
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
357355
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55476
x-xss-protection
0
server
sffe
date
Sat, 08 May 2021 17:02:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9bc265c4d5adfa7f"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 May 2022 17:02:55 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/032104130153000/v0/ Frame 0977 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032104130153000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3d84be67c0c5be9cfca5550b4bcc0947d40d62806652b81f7c296bfbc427357
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
354979
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4561
x-xss-protection
0
server
sffe
date
Sat, 08 May 2021 17:42:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f7d3159bb96ed225"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 May 2022 17:42:31 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/032104130153000/v0/ Frame 0977 		88 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032104130153000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb759faf67697ba0b5359e9574f85b1fe60574b6d96fce3df6eaf102501b107c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
357353
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27392
x-xss-protection
0
server
sffe
date
Sat, 08 May 2021 17:02:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"025b1bcedb95d6d9"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 May 2022 17:02:57 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/032104130153000/v0/ Frame 0977 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032104130153000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7139c86828ab90555f59fbccbf0209ed8da1f5498ba5d78f80c3b189f38e705
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
465141
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
sffe
date
Fri, 07 May 2021 11:06:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"26e8fee94434f5d6"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 May 2022 11:06:29 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/032104130153000/v0/ Frame 0977 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032104130153000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc29500273c93c58829591b68df2cd5b8885409f82654d852b5b9b65d18f7be
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
354979
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12750
x-xss-protection
0
server
sffe
date
Sat, 08 May 2021 17:42:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"73bdf441b447cfc6"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 May 2022 17:42:31 GMT
truncated
/ Frame 0977 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d8ae8b5c39fdedab8588c4409bf477ac195cb6655fb94d0c6e5f058f88b21e85

Request headers

Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
16764342870654562487
tpc.googlesyndication.com/simgad/ Frame 0977 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16764342870654562487
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d038fa339d83dce7445291e079f08b36efac879b8a4f907522a4b3df6e972c3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 12:34:32 GMT
x-content-type-options
nosniff
age
200658
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22579
x-xss-protection
0
last-modified
Thu, 29 Nov 2012 09:16:06 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 May 2022 12:34:32 GMT
pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0977 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/pt.png
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 12 May 2021 06:20:04 GMT
x-content-type-options
nosniff
server
cafe
age
50326
etag
7735524722462771930
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2886
x-xss-protection
0
expires
Thu, 13 May 2021 06:20:04 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0977 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 12 May 2021 09:25:49 GMT
x-content-type-options
nosniff
server
cafe
age
39181
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Thu, 13 May 2021 09:25:49 GMT
l
www.google.com/ads/measurement/ Frame 0977 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ5iz1eeaQpmpl-Sv_3oKNOgdE-KGww_5SYy-JnHK_yJVbhQhUn_VVDZ_wo1UqvBkdVHbSWDO5t1fDtbyM3ZzK1NPcIhg
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 0977 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CnoQ7KjicYOHKCLKprATz0oboC-vGrfVclN_L0WiN5tq_zQEQASCS2N9KYPuBgICICqABhNSH0QPIAQPgAgCoAwHIAwiqBOoBT9CICP53tvHCWNemw4QNbSoTvqbPXXKzlgjIAHN9zOVlrLyW4z990W3l0Sns4CZ1nGRcKXSo5s6p_Va3IK3nd7l0XbJUMw4j8dmnwKbumiC_7nLoFssVi5ZT4jBj3eEomnTPoCZHBzGY1oqwnBJ-NoA2Jss18cxgKp0lQi5yiXv_eByKNRJ7aHsBqjXFhfffjib7ZT-YQd3m1ewtqfrIVCWqIkAIh2COSxnUTGXVr3C7qxzhldcK31VAlYv5wNoXsuOF_M6Erk61Qkb95tbUVtAZurYHjw5mm07sYBvIP35pWcHSaHiGgKGAwASsud7uGeAEAZIFBAgEGAGSBQQIBRgEoAYDgAfkq_guqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEODqB9IICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTk1MzM4MDk0NDg3MTMwNIAKA8gLAdgTAtAVAYAXAbIXGgoYCAASFHB1Yi0yMzkzMzIwNjQ1MDU1MDIy&sigh=xroRGdqFvr0
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame C2ED
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjsgtWF3CkdOpmNZk1WDGU&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjsgtWF3CkdOpmNZk1WDGU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPZbRDgl_ECGOCe3qMBMAE&v=APEucNWq6tyYYm8N3qSzNsuumopsznpsclvUKwi-5aEQBRaSZ-8Nn6WghvtikNiYdoBfugnVe89pNZBRhVtjm2lxf3igOjy0-pRzbLMUrm_wc4BRX4x_nxEGKjr575r7Xc5sVNSnghhHReOM_Q4Ha_6zMRuBQfVRiGkoUQDCKfJ6dEUzhlGqSddlrovjcu8VfCJck2xIDkxO-Eay-0dZjBqR9VK5oBPCJKkK6KPa_kHSGWaJ4w2FgHY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:50 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 12 May 2021 20:18:50 GMT

Redirect headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjsgtWF3CkdOpmNZk1WDGU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C2ED
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YJw4KhTuZdO4e3l4PVL3yQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjsgtWF3CkdOpmNZk1WDGU&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjsgtWF3CkdOpmNZk1WDGU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPZbRDgl_ECGOCe3qMBMAE&v=APEucNWq6tyYYm8N3qSzNsuumopsznpsclvUKwi-5aEQBRaSZ-8Nn6WghvtikNiYdoBfugnVe89pNZBRhVtjm2lxf3igOjy0-pRzbLMUrm_wc4BRX4x_nxEGKjr575r7Xc5sVNSnghhHReOM_Q4Ha_6zMRuBQfVRiGkoUQDCKfJ6dEUzhlGqSddlrovjcu8VfCJck2xIDkxO-Eay-0dZjBqR9VK5oBPCJKkK6KPa_kHSGWaJ4w2FgHY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 12 May 2021 20:18:51 GMT

Redirect headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjsgtWF3CkdOpmNZk1WDGU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame C2ED
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMnsTrQzo4VppHn3-Urg7_E&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMnsTrQzo4VppHn3-Urg7_E&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPZbRDgl_ECGOCe3qMBMAE&v=APEucNWq6tyYYm8N3qSzNsuumopsznpsclvUKwi-5aEQBRaSZ-8Nn6WghvtikNiYdoBfugnVe89pNZBRhVtjm2lxf3igOjy0-pRzbLMUrm_wc4BRX4x_nxEGKjr575r7Xc5sVNSnghhHReOM_Q4Ha_6zMRuBQfVRiGkoUQDCKfJ6dEUzhlGqSddlrovjcu8VfCJck2xIDkxO-Eay-0dZjBqR9VK5oBPCJKkK6KPa_kHSGWaJ4w2FgHY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:50 GMT
X-Proxy-Origin
185.246.211.87; 185.246.211.87; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.80:80
AN-X-Request-Uuid
2c84bf95-f33d-4d81-875e-2bb274d8ae85
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMnsTrQzo4VppHn3-Urg7_E&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C2ED
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzI1MzI1NDU3OTY4NDI2NDUzOA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzI1MzI1NDU3OTY4NDI2NDUzOA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPZbRDgl_ECGOCe3qMBMAE&v=APEucNWq6tyYYm8N3qSzNsuumopsznpsclvUKwi-5aEQBRaSZ-8Nn6WghvtikNiYdoBfugnVe89pNZBRhVtjm2lxf3igOjy0-pRzbLMUrm_wc4BRX4x_nxEGKjr575r7Xc5sVNSnghhHReOM_Q4Ha_6zMRuBQfVRiGkoUQDCKfJ6dEUzhlGqSddlrovjcu8VfCJck2xIDkxO-Eay-0dZjBqR9VK5oBPCJKkK6KPa_kHSGWaJ4w2FgHY
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:50 GMT
X-Proxy-Origin
185.246.211.87; 185.246.211.87; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.139:80
AN-X-Request-Uuid
681b3d2e-f69e-49cf-a785-625451810847
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzI1MzI1NDU3OTY4NDI2NDUzOA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
docallbackinfo66021cdab5a84541949f8912df5954e2.js
ui.clevernt.com/ 		695 B
1016 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ui.clevernt.com/docallbackinfo66021cdab5a84541949f8912df5954e2.js
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.69.64.109 Porto, Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS
host-109.clevernetwork.pt
Software
nginx /
Resource Hash
243de7f4a3d480f95c288c8ce9c8e6f81845d5f9b5cdf2b02810730932432448
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
cache
date
Wed, 12 May 2021 20:18:50 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
strict-transport-security
max-age=15768000
expires
Wed, 12 May 2021 21:18:50 GMT
300x250
ad.lomadee.com/banners/superofertas/ Frame 4F0D 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.lomadee.com/banners/superofertas/300x250
Requested by
Host: ad.lomadee.com
URL: https://ad.lomadee.com/banner/view?sourceId=36084693&dimension=17&width=300&height=250&method=0&advertisers=&tags=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.95.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-69.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c3bf9a688b9ca3ba16c7e43c5ee8af2ad0f619c3a098c7ba12a14ed8975333bd

Request headers

Referer
https://ad.lomadee.com/banner/view?sourceId=36084693&dimension=17&width=300&height=250&method=0&advertisers=&tags=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Feb 2021 02:25:56 GMT
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
last-modified
Wed, 17 Jul 2019 16:40:03 GMT
server
AmazonS3
age
8272375
etag
"db5956f7a62675d44627e54cfdeeb29d"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
19203
x-amz-cf-id
Rt6bMUgkYQq54NNFcfSOxvztkUYVOveG-XNoqVhN1dAlOeA6SWnq9A==
analyze.js
statistcdn.com/ Frame 4F0D 		0
0
analytics.js
www.google-analytics.com/ Frame 4F0D 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ad.lomadee.com
URL: https://ad.lomadee.com/banner/view?sourceId=36084693&dimension=17&width=300&height=250&method=0&advertisers=&tags=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ad.lomadee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
6718
date
Wed, 12 May 2021 18:26:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Wed, 12 May 2021 20:26:52 GMT
fac.php
onmarshtompor.com/ Frame 8C57 		203 B
810 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onmarshtompor.com/fac.php?OAID=778be5b28c0e427a95162c7b8c51ec31&oaidts=1620850730
Requested by
Host: rotumal.com
URL: https://rotumal.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
8f5c6fdf5d7849e58c5799dcd141da8865e799ca59d44664a62cb16b38a02902
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
onmarshtompor.com
:scheme
https
:path
/fac.php?OAID=778be5b28c0e427a95162c7b8c51ec31&oaidts=1620850730
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages

Response headers

server
nginx
date
Wed, 12 May 2021 20:18:50 GMT
content-type
text/html; charset=utf8
content-length
203
x-trace-id
58ebfbd9c659844bce0ef5968329dca0
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
pragma
no-cache
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
expires
Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin
* *
set-cookie
OAID=778be5b28c0e427a95162c7b8c51ec31; expires=Thu, 12 May 2022 20:18:50 GMT; path=/; secure; SameSite=None oaidts=1620850730; expires=Thu, 12 May 2022 20:18:50 GMT; path=/; secure; SameSite=None
strict-transport-security
max-age=1
x-content-type-options
nosniff
index.html
s0.2mdn.net/6833689/1617898212718/Html5/ Frame 1C48 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/6833689/1617898212718/Html5/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5863569adccd9310d734e628e4fde2d790394c102d05b57127c4d54427b8478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/6833689/1617898212718/Html5/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2340
date
Tue, 11 May 2021 22:34:46 GMT
expires
Wed, 12 May 2021 22:34:46 GMT
last-modified
Thu, 08 Apr 2021 16:10:12 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
78244
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 418D 		0
575 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuSoMuVNEsPEQUbQhGx-itGkNvCxownrryQENhpJjYNOiFfpwwIp91K1z4RJu4G-v3aJ0MPYt4pEK_MOFexJ9XQT1pRUolNRIn1h3VRM01Gka3lMI3k-odWL6OOtnYCJuJPlDlCPKGggpwcGR-dFfzPGKl-l7TMF6tVYSP3qxvzrnnnDzkhsxixtxEljlAI2HJfZo7IC9jf2J2IHZyxas6_F-jh3P9pejWIm26OsbAy9sgiScqkXpA6Bg0zmfnLaY3RZC3C3l41vpPjen34G7SArBvx6yuShdyA1LHkh0NTixFEDLR_JTBZgoh2T0sYRc3Y7HnbTsP-2hR4fi_PBDLe-RqTDEL7bJXftnr0_exVx2kOdjWyW8agnTsxDT_TeUmuAIbIVXeKA_0zJP9SqikukIXg2gIs6IJrqxiAgGiPyp3Fnjtg16xYRbTnC_ndeTqqS7VWFecSuUFUI5P2GWpxX53mkxJmZS4fzjuePSSIqDBHxDVh4Uv3DC4SMCMErI2oWL89BMsxv5-YvVZa1VbR_i5eLk4V_7APYBkA3dIp9kcnQUTNAZTv8uTMLYk3N_y_AFUmBqkF-9Abr4WjmOdc76EB_a8iHFM7KI9c6IrVAVBWogghl-yCAEWpBQlzUaSqH4L1lYJG8lZVwqa8fZ_YRS05jWP7-uJcbmWb0vwoZ2KS1NREWOuysiOKkogzWifcrXM7VC0vo4REbjwpaAIK6LvKHQmt9b8VbKXv9sFe0k-B7mYnHJbiMgh4sxg-4BjL8JHMvUZFT00Q0cHBGkhASdXOL_n2KE3HLjACq4hmBQS4ej0cMTzShQpidY40EM0Jy1ghIHlKUEP2w284CBbWeTh0u5h2Z93rnJP0gwODfaM0y76Q-ceJG9PNPpqWhONN8GoVoFiHqgkPye4a0xLI-VMMOFXPNRVKeI57vrIe33cdmfo7ZWgKq6tmLH92PafnAX3lI6zMc_F6ij5js6P946phvyN5y3yDAAjcF8Jnyfb3fhXy-P9OMY3XE-XHDjtUEdXdAQueZ5Ufnyfx6WS5VqxqV9JS-KLh4TMhFWNsUQ47FaB83chxjarW_E0UmwW1Z2_FP7EfIvevvxWQehnFIqEr0i9H3eo5ZtUlsswFGqyHeRyfzt_HgAQ1DFr_vCkVgaGYPPqmfZSDfbZJkdmrEV3ldMhjraV3e4s2x7H3UZjaNDKyvi3bG87H11gO4MgCmoYe12mVnUO74NmQOnwQZs2mnUT-q7_jZn7hSexOxOgsEVCRolSo7jForGcrmP4xfnRcxS8FEAlpkQVgqGbrVY7ul4kwIIOuDEPB1iP1-JfMEQ&sai=AMfl-YTD_EHuhX4PRNGmRI44TndIE_7gZORkMP8t5GaSLyMxlDj14nl9YjRmwSV6pYVKC6s7FdXD2sYNdg8lLu79yofH7gGSO4YhmH3Zlo60bSpqxIEUg0vgDXAwdV-pbVmb3xB4SwGEZD464tOuOYqVEEWI2umNRdrhOG5EHIbHilACKSshrApyDK1y5-ZobWWFL1wT4rFCoRMuhwWqra9VCDQWCEsnqNzmTrftsR8utjaXhUtZYEFuXhZwwYv4uGgG5A&sig=Cg0ArKJSzIU3yBUumSwREAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=116&cbvp=1&cstd=113&cisv=r20210510.54314&adurl=
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 12 May 2021 20:18:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
img;adv=11277219896154;ec=11277220317283;adv.a=6833689;c.a=24188775;s.a=6057434;p.a=300642847;a.a=493295759;cache=1500014249;
ad.atdmt.com/i/ Frame 418D 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.atdmt.com/i/img;adv=11277219896154;ec=11277220317283;adv.a=6833689;c.a=24188775;s.a=6057434;p.a=300642847;a.a=493295759;cache=1500014249;
Requested by
Host: 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
URL: https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8004:face:b00c:0:8c Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
br
x-content-type-options
nosniff
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
02hddop7fS2G3wwFTKvtOOwkccDWSZhrmZlAToWuCXc/V8m4F1Pol3kIT4LFQ9wEKfF2hMMAas9jjfzEl34s0w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
date
Wed, 12 May 2021 20:18:50 GMT
vary
Accept-Encoding
report-to
{"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
image/gif
x-xss-protection
0
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 418D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
URL: https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 15:44:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16469
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 May 2022 15:44:21 GMT
truncated
/ Frame 418D 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d397777357de433a425552ffe852f0659e6cb9f64ddfe1929d4a947c3ef55a18

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0977
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Wed, 12 May 2021 20:18:50 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
main.gr.19.8.198.js
static.adsafeprotected.com/ Frame 418D 		182 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.198.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/447445/53987149/skeleton.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-195-29.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
f3e6e25d787a95a0d90f41dc93958920a16c6498130914ee14e3bf72b09d34ec

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:50 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 15:54:21 GMT
server
nginx/1.16.1
etag
W/"66c7ceb040197cc2f4530f680aec8772"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9F77 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Wed, 12 May 2021 15:44:21 GMT
expires
Thu, 12 May 2022 15:44:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
16469
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
createjs.min.js
code.createjs.com/1.0.0/ Frame 1C48 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/6833689/1617898212718/Html5/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:50 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Wed, 12 May 2021 20:33:50 GMT
ORBANM210302-CartePremium_Offre_V2_300x250px_01.js
s0.2mdn.net/6833689/1617898212718/Html5/ Frame 1C48 		134 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/6833689/1617898212718/Html5/ORBANM210302-CartePremium_Offre_V2_300x250px_01.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/6833689/1617898212718/Html5/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
76dd32e8e2bc5b6f0aa87cf306fd626d195fa2a3b1fcca155b88fc8bf4dd492a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/6833689/1617898212718/Html5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 22:34:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78243
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27719
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 16:10:12 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 12 May 2021 22:34:47 GMT
/
lp.clevernetwork.pt/pokerstars/fr/ Frame F993
Redirect Chain
  • https://sender.clevernt.com/transporter/43452.php?ppuc=1&ppu=0&id=452676&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Vyc28tZWFkLWNvbS1iYWl4by1pbnZlc3RpbWVudG8vP3V0bV9zb3VyY2U9ZmFjZWJvb2smdXRtX21lZGl1...
  • https://lp.clevernetwork.pt/pokerstars/fr/?group=43452&id=452676&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Vyc28tZWFkLWNvbS1iYWl4by1pbnZlc3RpbWVudG8vP3V0bV9zb3VyY2U9ZmFjZWJvb2smdXRtX21lZGl1bT1zb2Np...
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lp.clevernetwork.pt/pokerstars/fr/?group=43452&id=452676&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Vyc28tZWFkLWNvbS1iYWl4by1pbnZlc3RpbWVudG8vP3V0bV9zb3VyY2U9ZmFjZWJvb2smdXRtX21lZGl1bT1zb2NpYWwmdXRtX2NhbXBhaWduPWZhbnBhZ2Vz&r=91782337&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBSllPTlZSQkFBV1A=
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:447b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d14d5e991169fcd7c3ee447f005ad0f20ae7edb83bfbe9e7af6d61a06f32ea21

Request headers

:method
GET
:authority
lp.clevernetwork.pt
:scheme
https
:path
/pokerstars/fr/?group=43452&id=452676&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Vyc28tZWFkLWNvbS1iYWl4by1pbnZlc3RpbWVudG8vP3V0bV9zb3VyY2U9ZmFjZWJvb2smdXRtX21lZGl1bT1zb2NpYWwmdXRtX2NhbXBhaWduPWZhbnBhZ2Vz&r=91782337&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBSllPTlZSQkFBV1A=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages

Response headers

date
Wed, 12 May 2021 20:18:51 GMT
content-type
text/html
x-amz-id-2
7zTxGm6DcBNEbWLT1sT4VD8HKe/S5pA7H9KZmjiwDJgWS8eqt6AL68Eij0d6lLBWmPKcY/3jEJE=
x-amz-request-id
6TZJHFD22YY0P54K
last-modified
Wed, 12 May 2021 14:10:09 GMT
cache-control
max-age=1800
cf-cache-status
MISS
cf-request-id
0a03d47faf00004e07ce37c000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2BZuonTOtwEhVW3NnIObGhpqtSsBet8KxVBxBEByDteRg6R%2FOO35w3CaTLrNiS%2F9xVbg%2FwBKmI23Nrbqe%2Bya54XAjaMUXdonij63eDML4nJTHkU2sMbpmEGYi8rW%2BteZ"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
64e656ac4b064e07-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

server
nginx
date
Wed, 12 May 2021 20:18:50 GMT
content-type
text/html; charset=UTF-8
location
https://lp.clevernetwork.pt/pokerstars/fr/?group=43452&id=452676&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Vyc28tZWFkLWNvbS1iYWl4by1pbnZlc3RpbWVudG8vP3V0bV9zb3VyY2U9ZmFjZWJvb2smdXRtX21lZGl1bT1zb2NpYWwmdXRtX2NhbXBhaWduPWZhbnBhZ2Vz&r=91782337&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBSllPTlZSQkFBV1A=
set-cookie
hstpv4user=eyJJRCI6IjUzNDUyNTU5d2FuNjA5YzM4MmFkMmM4MiIsIkNUUiI6IkZSIiwiUmVnaW9uIjpudWxsLCJCcm93c2VyIjoiQ2hyb21lIiwiUGxhdGZvcm0iOiJXaW5kb3dzIiwiTW9iaWxlIjowLCJCb3QiOjAsInJlbW90ZV9hZGRyIjoiMzExOTk2MDkxOSIsIkxhc3RVcGRhdGUiOjE2MjA4NTA3MzB9; expires=1652386730; path=/; domain=.clevernt.com; SameSite=None; Secure
expires
Fri, 27 Jun 1986 23:00:00 GMT
last-modified
Wed, 12 May 2021 20:18:50 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
pragma
no-cache
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
img.gif
my.rtmark.net/ Frame 8C57 		43 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=778be5b28c0e427a95162c7b8c51ec31
Requested by
Host: onmarshtompor.com
URL: https://onmarshtompor.com/fac.php?OAID=778be5b28c0e427a95162c7b8c51ec31&oaidts=1620850730
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://onmarshtompor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:50 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
Carte_Premium.png
s0.2mdn.net/6833689/1617898212718/Html5/images/ Frame 1C48 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/6833689/1617898212718/Html5/images/Carte_Premium.png
Requested by
Host: 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
URL: https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
998b1aede45061d85650a1a217b4499f3ca5233a4c47aa246e2c27352fd2cec8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/6833689/1617898212718/Html5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 22:12:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:10:12 GMT
server
sffe
age
79610
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11354
x-xss-protection
0
expires
Wed, 12 May 2021 22:12:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 418D 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuSoMuVNEsPEQUbQhGx-itGkNvCxownrryQENhpJjYNOiFfpwwIp91K1z4RJu4G-v3aJ0MPYt4pEK_MOFexJ9XQT1pRUolNRIn1h3VRM01Gka3lMI3k-odWL6OOtnYCJuJPlDlCPKGggpwcGR-dFfzPGKl-l7TMF6tVYSP3qxvzrnnnDzkhsxixtxEljlAI2HJfZo7IC9jf2J2IHZyxas6_F-jh3P9pejWIm26OsbAy9sgiScqkXpA6Bg0zmfnLaY3RZC3C3l41vpPjen34G7SArBvx6yuShdyA1LHkh0NTixFEDLR_JTBZgoh2T0sYRc3Y7HnbTsP-2hR4fi_PBDLe-RqTDEL7bJXftnr0_exVx2kOdjWyW8agnTsxDT_TeUmuAIbIVXeKA_0zJP9SqikukIXg2gIs6IJrqxiAgGiPyp3Fnjtg16xYRbTnC_ndeTqqS7VWFecSuUFUI5P2GWpxX53mkxJmZS4fzjuePSSIqDBHxDVh4Uv3DC4SMCMErI2oWL89BMsxv5-YvVZa1VbR_i5eLk4V_7APYBkA3dIp9kcnQUTNAZTv8uTMLYk3N_y_AFUmBqkF-9Abr4WjmOdc76EB_a8iHFM7KI9c6IrVAVBWogghl-yCAEWpBQlzUaSqH4L1lYJG8lZVwqa8fZ_YRS05jWP7-uJcbmWb0vwoZ2KS1NREWOuysiOKkogzWifcrXM7VC0vo4REbjwpaAIK6LvKHQmt9b8VbKXv9sFe0k-B7mYnHJbiMgh4sxg-4BjL8JHMvUZFT00Q0cHBGkhASdXOL_n2KE3HLjACq4hmBQS4ej0cMTzShQpidY40EM0Jy1ghIHlKUEP2w284CBbWeTh0u5h2Z93rnJP0gwODfaM0y76Q-ceJG9PNPpqWhONN8GoVoFiHqgkPye4a0xLI-VMMOFXPNRVKeI57vrIe33cdmfo7ZWgKq6tmLH92PafnAX3lI6zMc_F6ij5js6P946phvyN5y3yDAAjcF8Jnyfb3fhXy-P9OMY3XE-XHDjtUEdXdAQueZ5Ufnyfx6WS5VqxqV9JS-KLh4TMhFWNsUQ47FaB83chxjarW_E0UmwW1Z2_FP7EfIvevvxWQehnFIqEr0i9H3eo5ZtUlsswFGqyHeRyfzt_HgAQ1DFr_vCkVgaGYPPqmfZSDfbZJkdmrEV3ldMhjraV3e4s2x7H3UZjaNDKyvi3bG87H11gO4MgCmoYe12mVnUO74NmQOnwQZs2mnUT-q7_jZn7hSexOxOgsEVCRolSo7jForGcrmP4xfnRcxS8FEAlpkQVgqGbrVY7ul4kwIIOuDEPB1iP1-JfMEQ&sai=AMfl-YTD_EHuhX4PRNGmRI44TndIE_7gZORkMP8t5GaSLyMxlDj14nl9YjRmwSV6pYVKC6s7FdXD2sYNdg8lLu79yofH7gGSO4YhmH3Zlo60bSpqxIEUg0vgDXAwdV-pbVmb3xB4SwGEZD464tOuOYqVEEWI2umNRdrhOG5EHIbHilACKSshrApyDK1y5-ZobWWFL1wT4rFCoRMuhwWqra9VCDQWCEsnqNzmTrftsR8utjaXhUtZYEFuXhZwwYv4uGgG5A&sig=Cg0ArKJSzIU3yBUumSwREAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=398&vt=11&dtpt=282&dett=3&cstd=113&cisv=r20210510.54314&adurl=
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 12 May 2021 20:18:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Smartphone_Main.png
s0.2mdn.net/6833689/1617898212718/Html5/images/ Frame 1C48 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/6833689/1617898212718/Html5/images/Smartphone_Main.png
Requested by
Host: 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
URL: https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
12b5e547573e37ca710f225d67e34941274d764cdff2f29d69cf53629bd89962
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/6833689/1617898212718/Html5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 22:12:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:10:12 GMT
server
sffe
age
79610
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7626
x-xss-protection
0
expires
Wed, 12 May 2021 22:12:00 GMT
VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
pagead2.googlesyndication.com/bg/ Frame 9F77 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5546f9e074ab70995f0edefafb361236f1d83da768a83e72b23587d9a4c63f3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 10:37:47 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 09:28:00 GMT
server
sffe
age
34863
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5687
x-xss-protection
0
expires
Thu, 12 May 2022 10:37:47 GMT
options
onmarshtompor.com/ 		0
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onmarshtompor.com/options?option_args=CJvepwESIDc3OGJlNWIyOGMwZTQyN2E5NTE2MmM3YjhjNTFlYzMxGi5odHRwOi8vcm90dW1hbC5jb20vYXB1LnBocD96b25laWQ9Mjc0ODE4NyZvbz0xInhodHRwczovL3d3dy5hcm5vbGRzLmNvbS5ici9jdXJzby1lYWQtY29tLWJhaXhvLWludmVzdGltZW50by8_dXRtX3NvdXJjZT1mYWNlYm9vayZ1dG1fbWVkaXVtPXNvY2lhbCZ1dG1fY2FtcGFpZ249ZmFucGFnZXMyJDJiZTJkNmNjLWFlYzQtNDg0Yi1hNWU2LTRmOTM0NjYzZWE4Yw==
Requested by
Host: rotumal.com
URL: https://rotumal.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/json

Response headers

x-trace-id
445d15a6bc0f3b2ed1a526b0603b8863
pragma
no-cache
date
Wed, 12 May 2021 20:18:51 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=utf8
access-control-allow-origin
https://www.arnolds.com.br
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
content-length
0
expires
Tue, 11 Jan 1994 10:00:00 GMT
options
onmarshtompor.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://onmarshtompor.com/options?option_args=CJvepwESIDc3OGJlNWIyOGMwZTQyN2E5NTE2MmM3YjhjNTFlYzMxGi5odHRwOi8vcm90dW1hbC5jb20vYXB1LnBocD96b25laWQ9Mjc0ODE4NyZvbz0xInhodHRwczovL3d3dy5hcm5vbGRzLmNvbS5ici9jdXJzby1lYWQtY29tLWJhaXhvLWludmVzdGltZW50by8_dXRtX3NvdXJjZT1mYWNlYm9vayZ1dG1fbWVkaXVtPXNvY2lhbCZ1dG1fY2FtcGFpZ249ZmFucGFnZXMyJDJiZTJkNmNjLWFlYzQtNDg0Yi1hNWU2LTRmOTM0NjYzZWE4Yw==
Protocol
H2
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.arnolds.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 12 May 2021 20:18:47 GMT
access-control-allow-origin
https://www.arnolds.com.br
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
pragma
no-cache
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
expires
Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin
* *
strict-transport-security
max-age=1
x-content-type-options
nosniff
container.html
6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7945 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 12 May 2021 20:18:49 GMT
expires
Thu, 12 May 2022 20:18:49 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
skeleton.js
static.adsafeprotected.com/ Frame 418D
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/447445/53987149/skeleton.js?adsafe_url=https%3A%2F%2F6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2...
  • https://static.adsafeprotected.com/skeleton.js
17 B
240 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
URL: https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-195-29.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:51 GMT
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
nginx/1.16.1
age
4510466
etag
"53fab767ecbd3bf07990b10246befbd4"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
content-length
17

Redirect headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:51 GMT
x-server-name
app01.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.5.js
static.adsafeprotected.com/ Frame 4F07 		82 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.5.js
Requested by
Host: 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
URL: https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-195-29.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:51 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 15:29:23 GMT
server
nginx/1.16.1
age
337471
etag
W/"5356fa8b6073c3eb408487be61ef7d77"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
dt
dt.adsafeprotected.com/ Frame 418D 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=447445&asId=e51bbeaf-5285-908a-4c89-d20c83adc188&tv=%7Bc:craO7U,pingTime:-2,time:325,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:225,bdZ:357,beA:511,beZ:512,mfA:763,cmA:765,inA:765,inZ:770,prA:770,prZ:782,si:788,poA:789,poZ:802,cmZ:802,mfZ:802,loA:820,loZ:823,ltA:836,ltZ:836%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:r,w:300,h:250,t:276%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:0,n:326,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:276,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B70~1%5D,as:%5B70~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sxeku4Z+11*.447445-53987149%7C111%7C112%7C1131%7C12%7C13%7C14%7C15%7C16%7C17%7C18,idMap:11*,rmeas:1,rend:0,renddet:na,sinceFw:46,readyFired:true%7D&br=u
Requested by
Host: 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
URL: https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.18.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-18-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:51 GMT
x-server-name
dt56.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
pixel
googleads.g.doubleclick.net/xbbe/ Frame DBB9 		624 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKytwJ8CEJj8z8QCGL6wn6UBMAE&v=APEucNViMAIidVvWqPYF89Z6_WbOhJfwTYGlVZR7fPyIDS6B1czosgeszOfW8WpB9cZzcWADxRpGK9TmApPtF-E-9wXR3nXGM95INCdvv-tyNY0ZwVomVFBLv8XpfawVaUB5iQyo_YScWCWGth4pffLyH5YbBplLu0C2jKn_yhE3DX5kPr_n719RDfH8VWXl67oj5nuQ4sQG_7qip6MtKcYwLjXh3D6o9k2vaH4wg2KjA6YcRVe6VJo
Requested by
Host: 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
URL: https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CKytwJ8CEJj8z8QCGL6wn6UBMAE&v=APEucNViMAIidVvWqPYF89Z6_WbOhJfwTYGlVZR7fPyIDS6B1czosgeszOfW8WpB9cZzcWADxRpGK9TmApPtF-E-9wXR3nXGM95INCdvv-tyNY0ZwVomVFBLv8XpfawVaUB5iQyo_YScWCWGth4pffLyH5YbBplLu0C2jKn_yhE3DX5kPr_n719RDfH8VWXl67oj5nuQ4sQG_7qip6MtKcYwLjXh3D6o9k2vaH4wg2KjA6YcRVe6VJo
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnJsAThB2TT5ONYTq6rEtyMP5a9G2_HThpiKMOMcPgfmIoKqNXkKpJ14QOXEeY; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 12 May 2021 20:18:51 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 12 May 2021 20:18:51 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 7945 		39 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BF1i05W23-lgByvqIIylXcA_42Z-uoJqe2dbpgm6B81DL5aeA-m6KGB3lK8u23ZCnGl6s1ZyAVgWDLw141GV0IQd2ILeSfoCYKLtMKslPJ3qCOVqa0LT1WGzh3GunFCw4i474W7btvRZPDtjbWZ_qKNg_ikw&dbm_d=AKAmf-DhpMj6RIOX32Llw8q6nisZRKNUF8_nuPVs3GFa3gtN22SVtvSHTnCNj_jRNebN3CwU4WRZWjOrhXUwCWWG9vSVMFC48t8_pyfjIramyxJyaMs-8Ut1FUgPxOXi_oxU58iRqEjPwaT6gC4znFrIP5s4fZFazIhau59I3Sz40XZLbz57nHk8_BgCRs6qENnzJaJKHtaxYwCbkF923v7iy7RNhK3xmBXrjkOT1yLEtmvi2pEHAEisjB1f1qgR4Fl-9cLkUmWTCBp3NtjdcDCGSL3KScM_jecOJXeCW6h-Qi07456dQn_G03iRc5W9zUoSlpWwTQ2DemxTDsGdxkTmhXsecuko29rvNqdSnFHFMebUNZsC6aisbpZMnUoSkG4swX8QhrJ-BEusRlE8GgZSaewHxNS2gyi2QssScYzJA-gr8V2IkWFxRvGMaGZE7abj6cdbCprfuTCQ5hOD3dVIc5iioRm6G1VGZ_aXCeTwO1lPNAT0mtWS5BlM6Hhii-hVXCdk-f9lpBCG6sfG7Ebut6mefC9BxUC4PrywNgjYdT49TDu0KGUgaDg4_KzbUjKsWxasMV9awa4HFNuWMcXA6C3uroDhX3YEN4aDcIuRL4jVdC9kmyM7Pj2wb-r2t7-COZg25Np2wRU8tZEAqD_DS7WoNLljfpGLMpMd5OMoKnKIdFpUaerQo8Bstjeab8NXQbvH7PzvNJ4GWQRr8hyjHSEZv95hmFadOces7vm1bTH1hsKkLDGpKPQTfRuMZ-dKYLXTEXE645WG0oDEoqggc7BezeK6r_Fo_HXfb0Lcn32oGKileUIl6DLPv8BMpeRxMXedel67fciFW5V83jpBTfOyvBFQ5QxlD_1QQgAdO0yNYpsb6tEFDwQlXh1PkIzqNsBuo_RN_geGAgRCxig6cx-S6KmnkxLmgMRObZsdgFnxTlEuBgR4Ci5XZikPJrVwjC-a1I5hk4cb2bTbl-y4MXMgvIwp7pNTuBsxG4-Cqd7ozeGo7Y_BGnea2acwLA44-42LVAMgugL3fbj-p98cSWHrt1-G2xhXx8Y0rFpp6fjwkZruRaXff13hl7UkbJmpbrXNa1d2YhL6p1ZZG5L8HAY3ZFJ1iuqiyL1uAb7NxjY3y8TiW4wjKvSB0hNJr088Ncv_s5tnA03mezgMUJrWLU5Y7sQds0xq6dex_SkDuh4X4522fo7Pqy65dbWcpoq7vTQqfIcZXvgQMLhSHxbEZsyRVEb8MqV2UTUxsz3yVZR4q2SSe5Nz9WJqOG2uMwiQ8cJh_0C4fQiufIAGHx8j_XCFNaWD1V7Sz1dVR5BgktVV13laPQu79KPOADLiVaEoX-9PEU_4UxTushPEattjts5GNFeqtvi_inOnUlUJcwZ_qX5lMdXz3n3SxEcE_bGV2Adtt3JI3CPSJQoxME_4CvS2Bmi8yvIamjsbPqyAHb9APAUQjBbmHQYP-NT7vuHV6Lf_9vJl7vbmuwHDpwXlIt91VOz7QQU777vaEf3xwoMhBC6frWcjASN_bibSrbeAY_xaVObprCJkmLTP1-eDD_wfi1gFZOOINVrfi7UTCanO36HAJAD9vxEmfEKn2SyD8MGldYdvupOBxegZg6PZl5wIxBKLttNIfkIOJBMesuaHi83e222ShalTgFsGXBVS-EvBZ9DvaDi6v1Zar0JGWswCVWBlO4Bx7pZkqsFYe7rNY82MrzCTo0wPxVmrQRHV-876ZWDEg1k0X2YmJWDrm0QwIQfcdSGLZhSXKs3yMRGsSm34hVZR2dhXe610mfwBN4w0652KOpasGP9WA5uV02ZBJXW88V7LuXf0NqnOoTkqwhT1kipNDGkeWNgugwi2Aei95utW7Z1iVEnJFvP43v38Lw_rHOqBiQA22sK-o5vaQiWhzQ-GNt8h4umaQWR31sBJp1w6TKDxNjS_3h__LkLN0MvFEvPxSAcrQasgozBA2bpDV_XbbTddh0Bog_E5VSukhMBShYuyQ4sBrs7X77UyMe03aPtu5cbtYTgF4jlIaEyeo7OrgymmBbvfGcwgA_5smNv_7d-Gqb-wO0LIOad3MVI0F6ca-u_MMITuyGglP99mDESZGpH61pIOMMyniSH8dHlgqwdayCpW4QIWVVl9c6baHXkYWUOuDe_eIbNtSR6iiHaZM-HaPY-TPo_kEl5-piJpvZ-FMYV4QL3wcHWMqD4nTMJZdID1pndjB3fM07RvLdFAqINYhASjH8_7Nng6sue8zr5tQK7RQL4XleqrfHUJ_0oTqan7mt1ucLtY9eYW5n8h16l4nNf0TNtV4S2nyQ8isKd2sXdY_Xtjeh-dhPTtYlk44p5TvPyd3tdVTHXHnfxGkIglqpm_qQFTr4Zd9BW2-9wNIztg30XMWsF4fqx8_1EQHf-dAPqqJn6r6FQmeiKYzmb6zvTiaFsN0XafrJrX3jEGcmm6rfUCyuJip-WM3ST_Pv6ctsWBvY92y7flHnB1OjpZaoaomn0UYY_0-GL-k-7cGqk0tSpJ8lZfig6zYeyx7JA9zOgc--Sx0jeLN5JSjd2SOjosC_lDjaZS9XUaP28n2bDCyt8doa2IqM-tR3hq_aqhLnpyFUyCLA8HG1cgv-xltmCr75p4n--BvRzadl0zNRcBCXBvswLAvVYzG-NbeIy7VFt55Czo5YoRk6I5CmAQy_AKHv5jamR1P5ht3r9a1sSj8Cum8gb1_5dQg8G43rTZWUNr_yCksNOWV24d1ld7hkGUZI4_4vRnq9UjMzT0U75eqAN2aP7YPDPKjg6k_nAOtQdF2LKpAsBZzyT515lovdDvYIe5Jw1Aq7WyxQE88wbLpMZQ2fUAqU7iRkHhWPzcxmaN4xv-1HDBADyXkhd-rGGnV158LraAlT0byKt31Wa1P-YrffVdrFC-BJHpESyFADhMjw4ZgBx0PeJYC6vhkfF_83xzECM4Xcabx8RXEUb5FHUR7fOnVD3T7pfySw7iU4kiB917yAcntM7nuAfj1AVK4_dhoVZHk0S0S6iydc_b2bpXtk8q0sLO46fSkbmxiKyM6FjvG3OnHV3nXcNoOR5_nsdxweiBbWRwtr8Yat8_0Zn7p2mMSyCkio9osN3jT9OzYqTnfUpIEF4EKQHQ9VOLBhDjGykALq8Edx1ErXpamXpxgOiKocdUINHsYDN6TH54OxuyF8d09xTKYJvnAht8abI24_8o5hGbOFXT32CJv3iVAaPtinEVh81I0KZRy3D1Ps8mrvoeijyGt_y6_E6VEeakgfXPnGxw8xsAe1GG2sIRMgIkXz5RiSlG-h2pd2QXHiPa5ZXC5dvC5t5kiJK4rQ_k31YiUlCvAY00AlUd39q6xAI3ro2eHKEGNTtQEjW6jk9eoRpXQZ28KuT4LWCaeQpcU1LzqkDuhSlYVBsUV6MK3CXSdzJI5A&cid=CAASFeRo7AnAqCcewlcOUIqq55MH_BUIww&rfl=1%2Chttps%253A%252F%252Fwww.arnolds.com.br%252Fcurso-ead-com-baixo-investimento%252F%253Futm_source%253Dfacebook%2526utm_medium%253Dsocial%2526utm_campaign%253Dfanpages%240
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4569be54f704200df9d23c677762c02d55e6237a173e7acd7f66420a4ddf0009
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19483
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7945 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dj_NJAJRm77EyczGgxTKu-zDMC6g1hDK7Sb7BviAeD3RFF-XXHdrMD9CJvH9-PruU8226g09Bb7fyYQGYpZEWIHwf_WgTOBzu5zrnOB8C7hoyrOFg
Requested by
Host: 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
URL: https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame 7945 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/window_focus_fy2019.js
Requested by
Host: 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
URL: https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:17:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 May 2021 20:17:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7945 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
URL: https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e3de2e14d9c8708fe42cbb220f1c4d52b720493b1503aa266fac9361b64ac31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620696594685118"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36097
x-xss-protection
0
expires
Wed, 12 May 2021 20:18:51 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame 7945 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
URL: https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:15:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
195
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 May 2021 20:15:36 GMT
style.css
lp.clevernetwork.pt/pokerstars/fr/ Frame F993 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lp.clevernetwork.pt/pokerstars/fr/style.css?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/fr/?group=43452&id=452676&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Vyc28tZWFkLWNvbS1iYWl4by1pbnZlc3RpbWVudG8vP3V0bV9zb3VyY2U9ZmFjZWJvb2smdXRtX21lZGl1bT1zb2NpYWwmdXRtX2NhbXBhaWduPWZhbnBhZ2Vz&r=91782337&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBSllPTlZSQkFBV1A=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:447b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94ba74a7e850ea14bcf38199674a5fc6e68fa2d1f8d742c50d400ba2f3827d49

Request headers

Referer
https://lp.clevernetwork.pt/pokerstars/fr/?group=43452&id=452676&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Vyc28tZWFkLWNvbS1iYWl4by1pbnZlc3RpbWVudG8vP3V0bV9zb3VyY2U9ZmFjZWJvb2smdXRtX21lZGl1bT1zb2NpYWwmdXRtX2NhbXBhaWduPWZhbnBhZ2Vz&r=91782337&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBSllPTlZSQkFBV1A=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
927
cf-polished
origSize=5027
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
XX6ABWGTHB62KS3Z
x-amz-id-2
TOg8Ij228/dkMNKAxwX9n15xGiTHojJE40yhtaVplPMTDbjrnxVnd/21c6K0RUiWBuQa93jKpiE=
last-modified
Thu, 29 Apr 2021 22:45:57 GMT
server
cloudflare
etag
W/"2f6593a9763172d1ea6050b39184649d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EVT7DzPt4iflvBmInQpKdYZ%2B33%2BHKKfi7sqB9qbhPF9z2%2Bfsdyzy0WRqN2bdLDg5R7m84vx6%2Barpph0%2FzoDvd7WnbHIGWPXjCMykPWjv%2Fn%2BJ05rZT%2BCP40DAdKgwyKGS"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-request-id
0a03d4804000004aa90f896000000001
cf-ray
64e656ad38b14aa9-FRA
cf-bgj
minify
logo.png
lp.clevernetwork.pt/pokerstars/fr/imgs/ Frame F993 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.clevernetwork.pt/pokerstars/fr/imgs/logo.png?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/fr/?group=43452&id=452676&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Vyc28tZWFkLWNvbS1iYWl4by1pbnZlc3RpbWVudG8vP3V0bV9zb3VyY2U9ZmFjZWJvb2smdXRtX21lZGl1bT1zb2NpYWwmdXRtX2NhbXBhaWduPWZhbnBhZ2Vz&r=91782337&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBSllPTlZSQkFBV1A=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:447b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
744f85a7207ab76af9bea325844f5c39d6b3ae642acfbb4076e1e29d5cc10d57

Request headers

Referer
https://lp.clevernetwork.pt/pokerstars/fr/?group=43452&id=452676&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Vyc28tZWFkLWNvbS1iYWl4by1pbnZlc3RpbWVudG8vP3V0bV9zb3VyY2U9ZmFjZWJvb2smdXRtX21lZGl1bT1zb2NpYWwmdXRtX2NhbXBhaWduPWZhbnBhZ2Vz&r=91782337&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBSllPTlZSQkFBV1A=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:51 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3471
cf-ray
64e656ad38b04aa9-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7460
x-amz-id-2
hFgNCJxHCL8yBtiBCTmPFKjdjaO/cFQcKGa1jTHNn/di6Vr91POWcrUVuckXsSnJV3GCaDv/b94=
last-modified
Thu, 29 Apr 2021 22:45:57 GMT
server
cloudflare
etag
"df1c65e3078c82895a1eb424b29af06b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Sx4QZjUY%2FzsCbzyFY%2BOGl%2FgDa7OfjUZ%2Btr5uXGnyQqnJU20GD1xLck%2FbTYqEcerpdj%2F1Ba2KDpLJBNW9TjRLRLgilL8MjRiinGbZvvlgDH8N9vRbW2CDVmcABt3a9t2E"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
XX642W2J0EA4W909
cache-control
max-age=1800
cf-request-id
0a03d4803f00004aa93aaea000000001
accept-ranges
bytes
content-type
image/png
cta.svg
lp.clevernetwork.pt/pokerstars/fr/imgs/ Frame F993 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.clevernetwork.pt/pokerstars/fr/imgs/cta.svg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/fr/?group=43452&id=452676&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Vyc28tZWFkLWNvbS1iYWl4by1pbnZlc3RpbWVudG8vP3V0bV9zb3VyY2U9ZmFjZWJvb2smdXRtX21lZGl1bT1zb2NpYWwmdXRtX2NhbXBhaWduPWZhbnBhZ2Vz&r=91782337&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBSllPTlZSQkFBV1A=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:447b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29e100136022f3eeaf2ff8e0fd1bd9d800224e9d5fa5567845919b97ddb5828f

Request headers

Referer
https://lp.clevernetwork.pt/pokerstars/fr/?group=43452&id=452676&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Vyc28tZWFkLWNvbS1iYWl4by1pbnZlc3RpbWVudG8vP3V0bV9zb3VyY2U9ZmFjZWJvb2smdXRtX21lZGl1bT1zb2NpYWwmdXRtX2NhbXBhaWduPWZhbnBhZ2Vz&r=91782337&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBSllPTlZSQkFBV1A=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
927
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
XX619W1V6EZWW9B8
x-amz-id-2
d8MadyxqC9y/TIBMKc/USrkshcHfk2FMa0ZEd/0FH6klLcQI3PYdKUjbYTOISvwkAWckRKlQqHo=
last-modified
Thu, 29 Apr 2021 22:45:57 GMT
server
cloudflare
etag
W/"fc72b25069e336ecf4af370090bec375"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PEReUV0bMXGELxB7YJs4IC8%2BDbx%2B43KFUg42uKqKP6uzg29OxAdQ%2BxsvIIFE3OdnnY5oNHH35W8UPGHV3cRkkSnwm3QV8WEww7sNLqPnUjCUSru8kQeqsKTlz69IDaol"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=1800
cf-request-id
0a03d4803f00004aa9cf952000000001
cf-ray
64e656ad38af4aa9-FRA
cta-mobile.svg
lp.clevernetwork.pt/pokerstars/fr/imgs/ Frame F993 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.clevernetwork.pt/pokerstars/fr/imgs/cta-mobile.svg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/fr/?group=43452&id=452676&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Vyc28tZWFkLWNvbS1iYWl4by1pbnZlc3RpbWVudG8vP3V0bV9zb3VyY2U9ZmFjZWJvb2smdXRtX21lZGl1bT1zb2NpYWwmdXRtX2NhbXBhaWduPWZhbnBhZ2Vz&r=91782337&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBSllPTlZSQkFBV1A=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:447b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcc90ac3f108449d60341a38188cf65fa419690cf9114c724c31e14d4b7f64a5

Request headers

Referer
https://lp.clevernetwork.pt/pokerstars/fr/?group=43452&id=452676&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Vyc28tZWFkLWNvbS1iYWl4by1pbnZlc3RpbWVudG8vP3V0bV9zb3VyY2U9ZmFjZWJvb2smdXRtX21lZGl1bT1zb2NpYWwmdXRtX2NhbXBhaWduPWZhbnBhZ2Vz&r=91782337&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBSllPTlZSQkFBV1A=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
927
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
XX6BYM6EE5YF0AHV
x-amz-id-2
INnUpGvuR9daiSMEsvM+MS4PDMyvzJtF43D5anI+PRIgBhupHWqTJLf9cVCfTPgRmUhmK2NTYb0=
last-modified
Thu, 29 Apr 2021 22:45:57 GMT
server
cloudflare
etag
W/"c00ec7b57044c2f734bd11db31aab137"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HOs3HQOpH1Pny1UGzySic3DUd01j5WWa%2B51CYyYcszZYW7xZnwxDhqdH4cqcXcR1auZS3X22NQd%2BEmio7pcSs0kZB8AVN7vYOelUtWXHs6KENHPtE8b2a3jKcCPtcg5d"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=1800
cf-request-id
0a03d4803f00004aa9c3b33000000001
cf-ray
64e656ad38ac4aa9-FRA
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame F993 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/fr/?group=43452&id=452676&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Vyc28tZWFkLWNvbS1iYWl4by1pbnZlc3RpbWVudG8vP3V0bV9zb3VyY2U9ZmFjZWJvb2smdXRtX21lZGl1bT1zb2NpYWwmdXRtX2NhbXBhaWduPWZhbnBhZ2Vz&r=91782337&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg/YnRhZz1hXzE3NDQ1OWJfMTkxNWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTE5MTUmYz1ZU0FBSllPTlZSQkFBV1A=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://lp.clevernetwork.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
cf-request-id
0a03d4804b000032507aadb000000001
last-modified
Fri, 07 May 2021 18:48:32 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"60958b80-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZhTpnkTWD94VfpMCQQ2SXs8Io6iD9sDXwG2KUlycSlpOD9dwnl6Ybf%2BVkdQvToeA5kFWj07mA6vmRQ%2Fa4SQwlDuWpbWN%2F0P8kjYk0Nq%2Ftb%2BCgHhTbffl6%2Flub%2BOkZEMW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
64e656ad4f003250-FRA
expires
Fri, 14 May 2021 20:18:51 GMT
rum
dsum-sec.casalemedia.com/ Frame DBB9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjsgtWF3CkdOpmNZk1WDGU&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjsgtWF3CkdOpmNZk1WDGU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKytwJ8CEJj8z8QCGL6wn6UBMAE&v=APEucNViMAIidVvWqPYF89Z6_WbOhJfwTYGlVZR7fPyIDS6B1czosgeszOfW8WpB9cZzcWADxRpGK9TmApPtF-E-9wXR3nXGM95INCdvv-tyNY0ZwVomVFBLv8XpfawVaUB5iQyo_YScWCWGth4pffLyH5YbBplLu0C2jKn_yhE3DX5kPr_n719RDfH8VWXl67oj5nuQ4sQG_7qip6MtKcYwLjXh3D6o9k2vaH4wg2KjA6YcRVe6VJo
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 12 May 2021 20:18:51 GMT

Redirect headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjsgtWF3CkdOpmNZk1WDGU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DBB9
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YJw4KhTuZdO4e3l4PVL3yQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjsgtWF3CkdOpmNZk1WDGU&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjsgtWF3CkdOpmNZk1WDGU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKytwJ8CEJj8z8QCGL6wn6UBMAE&v=APEucNViMAIidVvWqPYF89Z6_WbOhJfwTYGlVZR7fPyIDS6B1czosgeszOfW8WpB9cZzcWADxRpGK9TmApPtF-E-9wXR3nXGM95INCdvv-tyNY0ZwVomVFBLv8XpfawVaUB5iQyo_YScWCWGth4pffLyH5YbBplLu0C2jKn_yhE3DX5kPr_n719RDfH8VWXl67oj5nuQ4sQG_7qip6MtKcYwLjXh3D6o9k2vaH4wg2KjA6YcRVe6VJo
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 12 May 2021 20:18:51 GMT

Redirect headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjsgtWF3CkdOpmNZk1WDGU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame DBB9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMnsTrQzo4VppHn3-Urg7_E&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMnsTrQzo4VppHn3-Urg7_E&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKytwJ8CEJj8z8QCGL6wn6UBMAE&v=APEucNViMAIidVvWqPYF89Z6_WbOhJfwTYGlVZR7fPyIDS6B1czosgeszOfW8WpB9cZzcWADxRpGK9TmApPtF-E-9wXR3nXGM95INCdvv-tyNY0ZwVomVFBLv8XpfawVaUB5iQyo_YScWCWGth4pffLyH5YbBplLu0C2jKn_yhE3DX5kPr_n719RDfH8VWXl67oj5nuQ4sQG_7qip6MtKcYwLjXh3D6o9k2vaH4wg2KjA6YcRVe6VJo
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:51 GMT
X-Proxy-Origin
185.246.211.87; 185.246.211.87; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.112:80
AN-X-Request-Uuid
aa222d79-0aba-426e-b96b-697167ee79bb
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMnsTrQzo4VppHn3-Urg7_E&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DBB9
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzI1MzI1NDU3OTY4NDI2NDUzOA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzI1MzI1NDU3OTY4NDI2NDUzOA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKytwJ8CEJj8z8QCGL6wn6UBMAE&v=APEucNViMAIidVvWqPYF89Z6_WbOhJfwTYGlVZR7fPyIDS6B1czosgeszOfW8WpB9cZzcWADxRpGK9TmApPtF-E-9wXR3nXGM95INCdvv-tyNY0ZwVomVFBLv8XpfawVaUB5iQyo_YScWCWGth4pffLyH5YbBplLu0C2jKn_yhE3DX5kPr_n719RDfH8VWXl67oj5nuQ4sQG_7qip6MtKcYwLjXh3D6o9k2vaH4wg2KjA6YcRVe6VJo
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:51 GMT
X-Proxy-Origin
185.246.211.87; 185.246.211.87; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.105:80
AN-X-Request-Uuid
a637ea60-c0b2-4a5f-9351-4d3fbeda83e4
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzI1MzI1NDU3OTY4NDI2NDUzOA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210510/r20110914/ Frame 7945 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210510/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BF1i05W23-lgByvqIIylXcA_42Z-uoJqe2dbpgm6B81DL5aeA-m6KGB3lK8u23ZCnGl6s1ZyAVgWDLw141GV0IQd2ILeSfoCYKLtMKslPJ3qCOVqa0LT1WGzh3GunFCw4i474W7btvRZPDtjbWZ_qKNg_ikw&dbm_d=AKAmf-DhpMj6RIOX32Llw8q6nisZRKNUF8_nuPVs3GFa3gtN22SVtvSHTnCNj_jRNebN3CwU4WRZWjOrhXUwCWWG9vSVMFC48t8_pyfjIramyxJyaMs-8Ut1FUgPxOXi_oxU58iRqEjPwaT6gC4znFrIP5s4fZFazIhau59I3Sz40XZLbz57nHk8_BgCRs6qENnzJaJKHtaxYwCbkF923v7iy7RNhK3xmBXrjkOT1yLEtmvi2pEHAEisjB1f1qgR4Fl-9cLkUmWTCBp3NtjdcDCGSL3KScM_jecOJXeCW6h-Qi07456dQn_G03iRc5W9zUoSlpWwTQ2DemxTDsGdxkTmhXsecuko29rvNqdSnFHFMebUNZsC6aisbpZMnUoSkG4swX8QhrJ-BEusRlE8GgZSaewHxNS2gyi2QssScYzJA-gr8V2IkWFxRvGMaGZE7abj6cdbCprfuTCQ5hOD3dVIc5iioRm6G1VGZ_aXCeTwO1lPNAT0mtWS5BlM6Hhii-hVXCdk-f9lpBCG6sfG7Ebut6mefC9BxUC4PrywNgjYdT49TDu0KGUgaDg4_KzbUjKsWxasMV9awa4HFNuWMcXA6C3uroDhX3YEN4aDcIuRL4jVdC9kmyM7Pj2wb-r2t7-COZg25Np2wRU8tZEAqD_DS7WoNLljfpGLMpMd5OMoKnKIdFpUaerQo8Bstjeab8NXQbvH7PzvNJ4GWQRr8hyjHSEZv95hmFadOces7vm1bTH1hsKkLDGpKPQTfRuMZ-dKYLXTEXE645WG0oDEoqggc7BezeK6r_Fo_HXfb0Lcn32oGKileUIl6DLPv8BMpeRxMXedel67fciFW5V83jpBTfOyvBFQ5QxlD_1QQgAdO0yNYpsb6tEFDwQlXh1PkIzqNsBuo_RN_geGAgRCxig6cx-S6KmnkxLmgMRObZsdgFnxTlEuBgR4Ci5XZikPJrVwjC-a1I5hk4cb2bTbl-y4MXMgvIwp7pNTuBsxG4-Cqd7ozeGo7Y_BGnea2acwLA44-42LVAMgugL3fbj-p98cSWHrt1-G2xhXx8Y0rFpp6fjwkZruRaXff13hl7UkbJmpbrXNa1d2YhL6p1ZZG5L8HAY3ZFJ1iuqiyL1uAb7NxjY3y8TiW4wjKvSB0hNJr088Ncv_s5tnA03mezgMUJrWLU5Y7sQds0xq6dex_SkDuh4X4522fo7Pqy65dbWcpoq7vTQqfIcZXvgQMLhSHxbEZsyRVEb8MqV2UTUxsz3yVZR4q2SSe5Nz9WJqOG2uMwiQ8cJh_0C4fQiufIAGHx8j_XCFNaWD1V7Sz1dVR5BgktVV13laPQu79KPOADLiVaEoX-9PEU_4UxTushPEattjts5GNFeqtvi_inOnUlUJcwZ_qX5lMdXz3n3SxEcE_bGV2Adtt3JI3CPSJQoxME_4CvS2Bmi8yvIamjsbPqyAHb9APAUQjBbmHQYP-NT7vuHV6Lf_9vJl7vbmuwHDpwXlIt91VOz7QQU777vaEf3xwoMhBC6frWcjASN_bibSrbeAY_xaVObprCJkmLTP1-eDD_wfi1gFZOOINVrfi7UTCanO36HAJAD9vxEmfEKn2SyD8MGldYdvupOBxegZg6PZl5wIxBKLttNIfkIOJBMesuaHi83e222ShalTgFsGXBVS-EvBZ9DvaDi6v1Zar0JGWswCVWBlO4Bx7pZkqsFYe7rNY82MrzCTo0wPxVmrQRHV-876ZWDEg1k0X2YmJWDrm0QwIQfcdSGLZhSXKs3yMRGsSm34hVZR2dhXe610mfwBN4w0652KOpasGP9WA5uV02ZBJXW88V7LuXf0NqnOoTkqwhT1kipNDGkeWNgugwi2Aei95utW7Z1iVEnJFvP43v38Lw_rHOqBiQA22sK-o5vaQiWhzQ-GNt8h4umaQWR31sBJp1w6TKDxNjS_3h__LkLN0MvFEvPxSAcrQasgozBA2bpDV_XbbTddh0Bog_E5VSukhMBShYuyQ4sBrs7X77UyMe03aPtu5cbtYTgF4jlIaEyeo7OrgymmBbvfGcwgA_5smNv_7d-Gqb-wO0LIOad3MVI0F6ca-u_MMITuyGglP99mDESZGpH61pIOMMyniSH8dHlgqwdayCpW4QIWVVl9c6baHXkYWUOuDe_eIbNtSR6iiHaZM-HaPY-TPo_kEl5-piJpvZ-FMYV4QL3wcHWMqD4nTMJZdID1pndjB3fM07RvLdFAqINYhASjH8_7Nng6sue8zr5tQK7RQL4XleqrfHUJ_0oTqan7mt1ucLtY9eYW5n8h16l4nNf0TNtV4S2nyQ8isKd2sXdY_Xtjeh-dhPTtYlk44p5TvPyd3tdVTHXHnfxGkIglqpm_qQFTr4Zd9BW2-9wNIztg30XMWsF4fqx8_1EQHf-dAPqqJn6r6FQmeiKYzmb6zvTiaFsN0XafrJrX3jEGcmm6rfUCyuJip-WM3ST_Pv6ctsWBvY92y7flHnB1OjpZaoaomn0UYY_0-GL-k-7cGqk0tSpJ8lZfig6zYeyx7JA9zOgc--Sx0jeLN5JSjd2SOjosC_lDjaZS9XUaP28n2bDCyt8doa2IqM-tR3hq_aqhLnpyFUyCLA8HG1cgv-xltmCr75p4n--BvRzadl0zNRcBCXBvswLAvVYzG-NbeIy7VFt55Czo5YoRk6I5CmAQy_AKHv5jamR1P5ht3r9a1sSj8Cum8gb1_5dQg8G43rTZWUNr_yCksNOWV24d1ld7hkGUZI4_4vRnq9UjMzT0U75eqAN2aP7YPDPKjg6k_nAOtQdF2LKpAsBZzyT515lovdDvYIe5Jw1Aq7WyxQE88wbLpMZQ2fUAqU7iRkHhWPzcxmaN4xv-1HDBADyXkhd-rGGnV158LraAlT0byKt31Wa1P-YrffVdrFC-BJHpESyFADhMjw4ZgBx0PeJYC6vhkfF_83xzECM4Xcabx8RXEUb5FHUR7fOnVD3T7pfySw7iU4kiB917yAcntM7nuAfj1AVK4_dhoVZHk0S0S6iydc_b2bpXtk8q0sLO46fSkbmxiKyM6FjvG3OnHV3nXcNoOR5_nsdxweiBbWRwtr8Yat8_0Zn7p2mMSyCkio9osN3jT9OzYqTnfUpIEF4EKQHQ9VOLBhDjGykALq8Edx1ErXpamXpxgOiKocdUINHsYDN6TH54OxuyF8d09xTKYJvnAht8abI24_8o5hGbOFXT32CJv3iVAaPtinEVh81I0KZRy3D1Ps8mrvoeijyGt_y6_E6VEeakgfXPnGxw8xsAe1GG2sIRMgIkXz5RiSlG-h2pd2QXHiPa5ZXC5dvC5t5kiJK4rQ_k31YiUlCvAY00AlUd39q6xAI3ro2eHKEGNTtQEjW6jk9eoRpXQZ28KuT4LWCaeQpcU1LzqkDuhSlYVBsUV6MK3CXSdzJI5A&cid=CAASFeRo7AnAqCcewlcOUIqq55MH_BUIww&rfl=1%2Chttps%253A%252F%252Fwww.arnolds.com.br%252Fcurso-ead-com-baixo-investimento%252F%253Futm_source%253Dfacebook%2526utm_medium%253Dsocial%2526utm_campaign%253Dfanpages%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df0df39146c8995f0d40836e1e0839ad95f81ad1c9d24ba85169e3c2f0560ac1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8628
x-xss-protection
0
server
cafe
etag
4958886646989192229
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 May 2021 20:18:47 GMT
3_Digitalisation_MIM_TFE_PLANRELANCE_IAB_300x250_V2.gif
s0.2mdn.net/9413358/ Frame 7945 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9413358/3_Digitalisation_MIM_TFE_PLANRELANCE_IAB_300x250_V2.gif
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BF1i05W23-lgByvqIIylXcA_42Z-uoJqe2dbpgm6B81DL5aeA-m6KGB3lK8u23ZCnGl6s1ZyAVgWDLw141GV0IQd2ILeSfoCYKLtMKslPJ3qCOVqa0LT1WGzh3GunFCw4i474W7btvRZPDtjbWZ_qKNg_ikw&dbm_d=AKAmf-DhpMj6RIOX32Llw8q6nisZRKNUF8_nuPVs3GFa3gtN22SVtvSHTnCNj_jRNebN3CwU4WRZWjOrhXUwCWWG9vSVMFC48t8_pyfjIramyxJyaMs-8Ut1FUgPxOXi_oxU58iRqEjPwaT6gC4znFrIP5s4fZFazIhau59I3Sz40XZLbz57nHk8_BgCRs6qENnzJaJKHtaxYwCbkF923v7iy7RNhK3xmBXrjkOT1yLEtmvi2pEHAEisjB1f1qgR4Fl-9cLkUmWTCBp3NtjdcDCGSL3KScM_jecOJXeCW6h-Qi07456dQn_G03iRc5W9zUoSlpWwTQ2DemxTDsGdxkTmhXsecuko29rvNqdSnFHFMebUNZsC6aisbpZMnUoSkG4swX8QhrJ-BEusRlE8GgZSaewHxNS2gyi2QssScYzJA-gr8V2IkWFxRvGMaGZE7abj6cdbCprfuTCQ5hOD3dVIc5iioRm6G1VGZ_aXCeTwO1lPNAT0mtWS5BlM6Hhii-hVXCdk-f9lpBCG6sfG7Ebut6mefC9BxUC4PrywNgjYdT49TDu0KGUgaDg4_KzbUjKsWxasMV9awa4HFNuWMcXA6C3uroDhX3YEN4aDcIuRL4jVdC9kmyM7Pj2wb-r2t7-COZg25Np2wRU8tZEAqD_DS7WoNLljfpGLMpMd5OMoKnKIdFpUaerQo8Bstjeab8NXQbvH7PzvNJ4GWQRr8hyjHSEZv95hmFadOces7vm1bTH1hsKkLDGpKPQTfRuMZ-dKYLXTEXE645WG0oDEoqggc7BezeK6r_Fo_HXfb0Lcn32oGKileUIl6DLPv8BMpeRxMXedel67fciFW5V83jpBTfOyvBFQ5QxlD_1QQgAdO0yNYpsb6tEFDwQlXh1PkIzqNsBuo_RN_geGAgRCxig6cx-S6KmnkxLmgMRObZsdgFnxTlEuBgR4Ci5XZikPJrVwjC-a1I5hk4cb2bTbl-y4MXMgvIwp7pNTuBsxG4-Cqd7ozeGo7Y_BGnea2acwLA44-42LVAMgugL3fbj-p98cSWHrt1-G2xhXx8Y0rFpp6fjwkZruRaXff13hl7UkbJmpbrXNa1d2YhL6p1ZZG5L8HAY3ZFJ1iuqiyL1uAb7NxjY3y8TiW4wjKvSB0hNJr088Ncv_s5tnA03mezgMUJrWLU5Y7sQds0xq6dex_SkDuh4X4522fo7Pqy65dbWcpoq7vTQqfIcZXvgQMLhSHxbEZsyRVEb8MqV2UTUxsz3yVZR4q2SSe5Nz9WJqOG2uMwiQ8cJh_0C4fQiufIAGHx8j_XCFNaWD1V7Sz1dVR5BgktVV13laPQu79KPOADLiVaEoX-9PEU_4UxTushPEattjts5GNFeqtvi_inOnUlUJcwZ_qX5lMdXz3n3SxEcE_bGV2Adtt3JI3CPSJQoxME_4CvS2Bmi8yvIamjsbPqyAHb9APAUQjBbmHQYP-NT7vuHV6Lf_9vJl7vbmuwHDpwXlIt91VOz7QQU777vaEf3xwoMhBC6frWcjASN_bibSrbeAY_xaVObprCJkmLTP1-eDD_wfi1gFZOOINVrfi7UTCanO36HAJAD9vxEmfEKn2SyD8MGldYdvupOBxegZg6PZl5wIxBKLttNIfkIOJBMesuaHi83e222ShalTgFsGXBVS-EvBZ9DvaDi6v1Zar0JGWswCVWBlO4Bx7pZkqsFYe7rNY82MrzCTo0wPxVmrQRHV-876ZWDEg1k0X2YmJWDrm0QwIQfcdSGLZhSXKs3yMRGsSm34hVZR2dhXe610mfwBN4w0652KOpasGP9WA5uV02ZBJXW88V7LuXf0NqnOoTkqwhT1kipNDGkeWNgugwi2Aei95utW7Z1iVEnJFvP43v38Lw_rHOqBiQA22sK-o5vaQiWhzQ-GNt8h4umaQWR31sBJp1w6TKDxNjS_3h__LkLN0MvFEvPxSAcrQasgozBA2bpDV_XbbTddh0Bog_E5VSukhMBShYuyQ4sBrs7X77UyMe03aPtu5cbtYTgF4jlIaEyeo7OrgymmBbvfGcwgA_5smNv_7d-Gqb-wO0LIOad3MVI0F6ca-u_MMITuyGglP99mDESZGpH61pIOMMyniSH8dHlgqwdayCpW4QIWVVl9c6baHXkYWUOuDe_eIbNtSR6iiHaZM-HaPY-TPo_kEl5-piJpvZ-FMYV4QL3wcHWMqD4nTMJZdID1pndjB3fM07RvLdFAqINYhASjH8_7Nng6sue8zr5tQK7RQL4XleqrfHUJ_0oTqan7mt1ucLtY9eYW5n8h16l4nNf0TNtV4S2nyQ8isKd2sXdY_Xtjeh-dhPTtYlk44p5TvPyd3tdVTHXHnfxGkIglqpm_qQFTr4Zd9BW2-9wNIztg30XMWsF4fqx8_1EQHf-dAPqqJn6r6FQmeiKYzmb6zvTiaFsN0XafrJrX3jEGcmm6rfUCyuJip-WM3ST_Pv6ctsWBvY92y7flHnB1OjpZaoaomn0UYY_0-GL-k-7cGqk0tSpJ8lZfig6zYeyx7JA9zOgc--Sx0jeLN5JSjd2SOjosC_lDjaZS9XUaP28n2bDCyt8doa2IqM-tR3hq_aqhLnpyFUyCLA8HG1cgv-xltmCr75p4n--BvRzadl0zNRcBCXBvswLAvVYzG-NbeIy7VFt55Czo5YoRk6I5CmAQy_AKHv5jamR1P5ht3r9a1sSj8Cum8gb1_5dQg8G43rTZWUNr_yCksNOWV24d1ld7hkGUZI4_4vRnq9UjMzT0U75eqAN2aP7YPDPKjg6k_nAOtQdF2LKpAsBZzyT515lovdDvYIe5Jw1Aq7WyxQE88wbLpMZQ2fUAqU7iRkHhWPzcxmaN4xv-1HDBADyXkhd-rGGnV158LraAlT0byKt31Wa1P-YrffVdrFC-BJHpESyFADhMjw4ZgBx0PeJYC6vhkfF_83xzECM4Xcabx8RXEUb5FHUR7fOnVD3T7pfySw7iU4kiB917yAcntM7nuAfj1AVK4_dhoVZHk0S0S6iydc_b2bpXtk8q0sLO46fSkbmxiKyM6FjvG3OnHV3nXcNoOR5_nsdxweiBbWRwtr8Yat8_0Zn7p2mMSyCkio9osN3jT9OzYqTnfUpIEF4EKQHQ9VOLBhDjGykALq8Edx1ErXpamXpxgOiKocdUINHsYDN6TH54OxuyF8d09xTKYJvnAht8abI24_8o5hGbOFXT32CJv3iVAaPtinEVh81I0KZRy3D1Ps8mrvoeijyGt_y6_E6VEeakgfXPnGxw8xsAe1GG2sIRMgIkXz5RiSlG-h2pd2QXHiPa5ZXC5dvC5t5kiJK4rQ_k31YiUlCvAY00AlUd39q6xAI3ro2eHKEGNTtQEjW6jk9eoRpXQZ28KuT4LWCaeQpcU1LzqkDuhSlYVBsUV6MK3CXSdzJI5A&cid=CAASFeRo7AnAqCcewlcOUIqq55MH_BUIww&rfl=1%2Chttps%253A%252F%252Fwww.arnolds.com.br%252Fcurso-ead-com-baixo-investimento%252F%253Futm_source%253Dfacebook%2526utm_medium%253Dsocial%2526utm_campaign%253Dfanpages%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e4a398567f8915bebbd42c52dc60248d43b56c4bd9b1f222ed9d692b7b60fcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 07:42:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 20 Apr 2021 15:32:57 GMT
server
sffe
age
45366
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23599
x-xss-protection
0
expires
Thu, 13 May 2021 07:42:45 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210510/r20110914/elements/html/ Frame 7945 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210510/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BF1i05W23-lgByvqIIylXcA_42Z-uoJqe2dbpgm6B81DL5aeA-m6KGB3lK8u23ZCnGl6s1ZyAVgWDLw141GV0IQd2ILeSfoCYKLtMKslPJ3qCOVqa0LT1WGzh3GunFCw4i474W7btvRZPDtjbWZ_qKNg_ikw&dbm_d=AKAmf-DhpMj6RIOX32Llw8q6nisZRKNUF8_nuPVs3GFa3gtN22SVtvSHTnCNj_jRNebN3CwU4WRZWjOrhXUwCWWG9vSVMFC48t8_pyfjIramyxJyaMs-8Ut1FUgPxOXi_oxU58iRqEjPwaT6gC4znFrIP5s4fZFazIhau59I3Sz40XZLbz57nHk8_BgCRs6qENnzJaJKHtaxYwCbkF923v7iy7RNhK3xmBXrjkOT1yLEtmvi2pEHAEisjB1f1qgR4Fl-9cLkUmWTCBp3NtjdcDCGSL3KScM_jecOJXeCW6h-Qi07456dQn_G03iRc5W9zUoSlpWwTQ2DemxTDsGdxkTmhXsecuko29rvNqdSnFHFMebUNZsC6aisbpZMnUoSkG4swX8QhrJ-BEusRlE8GgZSaewHxNS2gyi2QssScYzJA-gr8V2IkWFxRvGMaGZE7abj6cdbCprfuTCQ5hOD3dVIc5iioRm6G1VGZ_aXCeTwO1lPNAT0mtWS5BlM6Hhii-hVXCdk-f9lpBCG6sfG7Ebut6mefC9BxUC4PrywNgjYdT49TDu0KGUgaDg4_KzbUjKsWxasMV9awa4HFNuWMcXA6C3uroDhX3YEN4aDcIuRL4jVdC9kmyM7Pj2wb-r2t7-COZg25Np2wRU8tZEAqD_DS7WoNLljfpGLMpMd5OMoKnKIdFpUaerQo8Bstjeab8NXQbvH7PzvNJ4GWQRr8hyjHSEZv95hmFadOces7vm1bTH1hsKkLDGpKPQTfRuMZ-dKYLXTEXE645WG0oDEoqggc7BezeK6r_Fo_HXfb0Lcn32oGKileUIl6DLPv8BMpeRxMXedel67fciFW5V83jpBTfOyvBFQ5QxlD_1QQgAdO0yNYpsb6tEFDwQlXh1PkIzqNsBuo_RN_geGAgRCxig6cx-S6KmnkxLmgMRObZsdgFnxTlEuBgR4Ci5XZikPJrVwjC-a1I5hk4cb2bTbl-y4MXMgvIwp7pNTuBsxG4-Cqd7ozeGo7Y_BGnea2acwLA44-42LVAMgugL3fbj-p98cSWHrt1-G2xhXx8Y0rFpp6fjwkZruRaXff13hl7UkbJmpbrXNa1d2YhL6p1ZZG5L8HAY3ZFJ1iuqiyL1uAb7NxjY3y8TiW4wjKvSB0hNJr088Ncv_s5tnA03mezgMUJrWLU5Y7sQds0xq6dex_SkDuh4X4522fo7Pqy65dbWcpoq7vTQqfIcZXvgQMLhSHxbEZsyRVEb8MqV2UTUxsz3yVZR4q2SSe5Nz9WJqOG2uMwiQ8cJh_0C4fQiufIAGHx8j_XCFNaWD1V7Sz1dVR5BgktVV13laPQu79KPOADLiVaEoX-9PEU_4UxTushPEattjts5GNFeqtvi_inOnUlUJcwZ_qX5lMdXz3n3SxEcE_bGV2Adtt3JI3CPSJQoxME_4CvS2Bmi8yvIamjsbPqyAHb9APAUQjBbmHQYP-NT7vuHV6Lf_9vJl7vbmuwHDpwXlIt91VOz7QQU777vaEf3xwoMhBC6frWcjASN_bibSrbeAY_xaVObprCJkmLTP1-eDD_wfi1gFZOOINVrfi7UTCanO36HAJAD9vxEmfEKn2SyD8MGldYdvupOBxegZg6PZl5wIxBKLttNIfkIOJBMesuaHi83e222ShalTgFsGXBVS-EvBZ9DvaDi6v1Zar0JGWswCVWBlO4Bx7pZkqsFYe7rNY82MrzCTo0wPxVmrQRHV-876ZWDEg1k0X2YmJWDrm0QwIQfcdSGLZhSXKs3yMRGsSm34hVZR2dhXe610mfwBN4w0652KOpasGP9WA5uV02ZBJXW88V7LuXf0NqnOoTkqwhT1kipNDGkeWNgugwi2Aei95utW7Z1iVEnJFvP43v38Lw_rHOqBiQA22sK-o5vaQiWhzQ-GNt8h4umaQWR31sBJp1w6TKDxNjS_3h__LkLN0MvFEvPxSAcrQasgozBA2bpDV_XbbTddh0Bog_E5VSukhMBShYuyQ4sBrs7X77UyMe03aPtu5cbtYTgF4jlIaEyeo7OrgymmBbvfGcwgA_5smNv_7d-Gqb-wO0LIOad3MVI0F6ca-u_MMITuyGglP99mDESZGpH61pIOMMyniSH8dHlgqwdayCpW4QIWVVl9c6baHXkYWUOuDe_eIbNtSR6iiHaZM-HaPY-TPo_kEl5-piJpvZ-FMYV4QL3wcHWMqD4nTMJZdID1pndjB3fM07RvLdFAqINYhASjH8_7Nng6sue8zr5tQK7RQL4XleqrfHUJ_0oTqan7mt1ucLtY9eYW5n8h16l4nNf0TNtV4S2nyQ8isKd2sXdY_Xtjeh-dhPTtYlk44p5TvPyd3tdVTHXHnfxGkIglqpm_qQFTr4Zd9BW2-9wNIztg30XMWsF4fqx8_1EQHf-dAPqqJn6r6FQmeiKYzmb6zvTiaFsN0XafrJrX3jEGcmm6rfUCyuJip-WM3ST_Pv6ctsWBvY92y7flHnB1OjpZaoaomn0UYY_0-GL-k-7cGqk0tSpJ8lZfig6zYeyx7JA9zOgc--Sx0jeLN5JSjd2SOjosC_lDjaZS9XUaP28n2bDCyt8doa2IqM-tR3hq_aqhLnpyFUyCLA8HG1cgv-xltmCr75p4n--BvRzadl0zNRcBCXBvswLAvVYzG-NbeIy7VFt55Czo5YoRk6I5CmAQy_AKHv5jamR1P5ht3r9a1sSj8Cum8gb1_5dQg8G43rTZWUNr_yCksNOWV24d1ld7hkGUZI4_4vRnq9UjMzT0U75eqAN2aP7YPDPKjg6k_nAOtQdF2LKpAsBZzyT515lovdDvYIe5Jw1Aq7WyxQE88wbLpMZQ2fUAqU7iRkHhWPzcxmaN4xv-1HDBADyXkhd-rGGnV158LraAlT0byKt31Wa1P-YrffVdrFC-BJHpESyFADhMjw4ZgBx0PeJYC6vhkfF_83xzECM4Xcabx8RXEUb5FHUR7fOnVD3T7pfySw7iU4kiB917yAcntM7nuAfj1AVK4_dhoVZHk0S0S6iydc_b2bpXtk8q0sLO46fSkbmxiKyM6FjvG3OnHV3nXcNoOR5_nsdxweiBbWRwtr8Yat8_0Zn7p2mMSyCkio9osN3jT9OzYqTnfUpIEF4EKQHQ9VOLBhDjGykALq8Edx1ErXpamXpxgOiKocdUINHsYDN6TH54OxuyF8d09xTKYJvnAht8abI24_8o5hGbOFXT32CJv3iVAaPtinEVh81I0KZRy3D1Ps8mrvoeijyGt_y6_E6VEeakgfXPnGxw8xsAe1GG2sIRMgIkXz5RiSlG-h2pd2QXHiPa5ZXC5dvC5t5kiJK4rQ_k31YiUlCvAY00AlUd39q6xAI3ro2eHKEGNTtQEjW6jk9eoRpXQZ28KuT4LWCaeQpcU1LzqkDuhSlYVBsUV6MK3CXSdzJI5A&cid=CAASFeRo7AnAqCcewlcOUIqq55MH_BUIww&rfl=1%2Chttps%253A%252F%252Fwww.arnolds.com.br%252Fcurso-ead-com-baixo-investimento%252F%253Futm_source%253Dfacebook%2526utm_medium%253Dsocial%2526utm_campaign%253Dfanpages%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:17:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 May 2021 20:17:19 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7945 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsupAXZdAHw-TkElaV5SRqGOvUFuD3biRPe0ksrknX0ydQnMVRLk2AbVr6ayZRZC6E2Yno-J7YfV7ywWvi1lkHiU8xgqCi5fvNxF0ptKwe2DyyDdket6N7j0KlKUV7eyt29Yju31Ufe0-dvNLtqFequ8sLrMuGqGvyn2KefclL0SUonnzKuJ8at3eb8PniPeyUh3xzy3ICk19-1UEUWSS9cNWhN3C63KX6kKGGBGv3r9NaL8EjTaq7nmH80uMKD-oHlbJHp57sz-VeoHwpxRFssogzbf_o-aSdUY8-zPUe-VLeqOnGQuagBYRlJ5lfRzFvkPT54MxjaXW3ZsITwdslrrag1fw-iNfeZrFVGL41icyRlVyQvdKMqrG65W8izkFkCabFE8tKG8OL9NWn29UvKrTcWcYQr3tNhe4tR2xmAXszI5zGGzk3KcXylKcYNTgzu1VEl7hV5WzPTN4RhnAE85ysx8Qh91KdrfYH8qQGLVdy5meBP1dSHgTTQ_B7tOpKy5hGU2z9bObf9s-F6RCEgevMuMVD3YQKOEP3RPru79NGr3dUU_PkiFSjrOdOejbwzb1v5LkyZRL24UjA9W_OmS4hz0cpRv4O7ec6m2Lb8tuBoeJxPiNLFFmQVkGENM1xlmAwjtdinpBgAZvPYT1eSGyzSNcvadfWDbRP2vGdnCFwdRktiDweuppoxZAy_uIL2_sLd2LCZAYgdLuI8izHmNivb-IMc0darmFVta9qkojijRYsf8I6pB4U_6arGj9ywc4r9x3QnMRbmJOSKJiTU0byeYF9SMSusUU036TevOuNiQzUSWRN7DLe0_TyUrOC3AXCIFlvXo8QKSQwGj1nVuyNbEcEgVTojqHKagbH0Qmc-VhwfUHYtncIpHSafF4ephORSAs5dOvsiGJx6tlxZ0M5_vW9YgkZyb8CXEpTMUqGWEEv8_Qjd0lxNF6CIjjotuKTiNOmJpPvaRC9HaNXXd-alInECyqJD-VJXmjlaVssdhOtPhrYV2d4oEwC3Mzb1sQYjvhnr2SsFqddoYJGg5jVjbwEEPrPpNI-zxmcCujBLdcKdC6bQO_FU2oG_vZVcumxxdMhHPQDJActUu2UAiw5qqZYsFazMKoQeb3rcrOyi3Ork_29T-KRlIEa2vtTWpRCT-Ohnx47cOGAAbGgUVLjzHg1AVjNkqzghrjZNTxmKH6H8qYu6b-rCaQ0Y2d7Bza7s-w0wDifk5glJKlaVyrIUh&sai=AMfl-YQPtQtWtuI3hXV-uUrnoUpxE9fc-Qn42srRUk5A6b22Az9e_GSBCYUVXqRmOI3NokHZAqyBusexhHV9YTEKjBMP6w9J7NWvR5-1jS4rf9GuWqg00kX9ZsuB5Kp7xGSGdrjLGxlPZDYH7xBeX-DaluaTBjIYIvkaCBbXJk8&sig=Cg0ArKJSzMC2XsFxDACyEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210510.47022&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BF1i05W23-lgByvqIIylXcA_42Z-uoJqe2dbpgm6B81DL5aeA-m6KGB3lK8u23ZCnGl6s1ZyAVgWDLw141GV0IQd2ILeSfoCYKLtMKslPJ3qCOVqa0LT1WGzh3GunFCw4i474W7btvRZPDtjbWZ_qKNg_ikw&dbm_d=AKAmf-DhpMj6RIOX32Llw8q6nisZRKNUF8_nuPVs3GFa3gtN22SVtvSHTnCNj_jRNebN3CwU4WRZWjOrhXUwCWWG9vSVMFC48t8_pyfjIramyxJyaMs-8Ut1FUgPxOXi_oxU58iRqEjPwaT6gC4znFrIP5s4fZFazIhau59I3Sz40XZLbz57nHk8_BgCRs6qENnzJaJKHtaxYwCbkF923v7iy7RNhK3xmBXrjkOT1yLEtmvi2pEHAEisjB1f1qgR4Fl-9cLkUmWTCBp3NtjdcDCGSL3KScM_jecOJXeCW6h-Qi07456dQn_G03iRc5W9zUoSlpWwTQ2DemxTDsGdxkTmhXsecuko29rvNqdSnFHFMebUNZsC6aisbpZMnUoSkG4swX8QhrJ-BEusRlE8GgZSaewHxNS2gyi2QssScYzJA-gr8V2IkWFxRvGMaGZE7abj6cdbCprfuTCQ5hOD3dVIc5iioRm6G1VGZ_aXCeTwO1lPNAT0mtWS5BlM6Hhii-hVXCdk-f9lpBCG6sfG7Ebut6mefC9BxUC4PrywNgjYdT49TDu0KGUgaDg4_KzbUjKsWxasMV9awa4HFNuWMcXA6C3uroDhX3YEN4aDcIuRL4jVdC9kmyM7Pj2wb-r2t7-COZg25Np2wRU8tZEAqD_DS7WoNLljfpGLMpMd5OMoKnKIdFpUaerQo8Bstjeab8NXQbvH7PzvNJ4GWQRr8hyjHSEZv95hmFadOces7vm1bTH1hsKkLDGpKPQTfRuMZ-dKYLXTEXE645WG0oDEoqggc7BezeK6r_Fo_HXfb0Lcn32oGKileUIl6DLPv8BMpeRxMXedel67fciFW5V83jpBTfOyvBFQ5QxlD_1QQgAdO0yNYpsb6tEFDwQlXh1PkIzqNsBuo_RN_geGAgRCxig6cx-S6KmnkxLmgMRObZsdgFnxTlEuBgR4Ci5XZikPJrVwjC-a1I5hk4cb2bTbl-y4MXMgvIwp7pNTuBsxG4-Cqd7ozeGo7Y_BGnea2acwLA44-42LVAMgugL3fbj-p98cSWHrt1-G2xhXx8Y0rFpp6fjwkZruRaXff13hl7UkbJmpbrXNa1d2YhL6p1ZZG5L8HAY3ZFJ1iuqiyL1uAb7NxjY3y8TiW4wjKvSB0hNJr088Ncv_s5tnA03mezgMUJrWLU5Y7sQds0xq6dex_SkDuh4X4522fo7Pqy65dbWcpoq7vTQqfIcZXvgQMLhSHxbEZsyRVEb8MqV2UTUxsz3yVZR4q2SSe5Nz9WJqOG2uMwiQ8cJh_0C4fQiufIAGHx8j_XCFNaWD1V7Sz1dVR5BgktVV13laPQu79KPOADLiVaEoX-9PEU_4UxTushPEattjts5GNFeqtvi_inOnUlUJcwZ_qX5lMdXz3n3SxEcE_bGV2Adtt3JI3CPSJQoxME_4CvS2Bmi8yvIamjsbPqyAHb9APAUQjBbmHQYP-NT7vuHV6Lf_9vJl7vbmuwHDpwXlIt91VOz7QQU777vaEf3xwoMhBC6frWcjASN_bibSrbeAY_xaVObprCJkmLTP1-eDD_wfi1gFZOOINVrfi7UTCanO36HAJAD9vxEmfEKn2SyD8MGldYdvupOBxegZg6PZl5wIxBKLttNIfkIOJBMesuaHi83e222ShalTgFsGXBVS-EvBZ9DvaDi6v1Zar0JGWswCVWBlO4Bx7pZkqsFYe7rNY82MrzCTo0wPxVmrQRHV-876ZWDEg1k0X2YmJWDrm0QwIQfcdSGLZhSXKs3yMRGsSm34hVZR2dhXe610mfwBN4w0652KOpasGP9WA5uV02ZBJXW88V7LuXf0NqnOoTkqwhT1kipNDGkeWNgugwi2Aei95utW7Z1iVEnJFvP43v38Lw_rHOqBiQA22sK-o5vaQiWhzQ-GNt8h4umaQWR31sBJp1w6TKDxNjS_3h__LkLN0MvFEvPxSAcrQasgozBA2bpDV_XbbTddh0Bog_E5VSukhMBShYuyQ4sBrs7X77UyMe03aPtu5cbtYTgF4jlIaEyeo7OrgymmBbvfGcwgA_5smNv_7d-Gqb-wO0LIOad3MVI0F6ca-u_MMITuyGglP99mDESZGpH61pIOMMyniSH8dHlgqwdayCpW4QIWVVl9c6baHXkYWUOuDe_eIbNtSR6iiHaZM-HaPY-TPo_kEl5-piJpvZ-FMYV4QL3wcHWMqD4nTMJZdID1pndjB3fM07RvLdFAqINYhASjH8_7Nng6sue8zr5tQK7RQL4XleqrfHUJ_0oTqan7mt1ucLtY9eYW5n8h16l4nNf0TNtV4S2nyQ8isKd2sXdY_Xtjeh-dhPTtYlk44p5TvPyd3tdVTHXHnfxGkIglqpm_qQFTr4Zd9BW2-9wNIztg30XMWsF4fqx8_1EQHf-dAPqqJn6r6FQmeiKYzmb6zvTiaFsN0XafrJrX3jEGcmm6rfUCyuJip-WM3ST_Pv6ctsWBvY92y7flHnB1OjpZaoaomn0UYY_0-GL-k-7cGqk0tSpJ8lZfig6zYeyx7JA9zOgc--Sx0jeLN5JSjd2SOjosC_lDjaZS9XUaP28n2bDCyt8doa2IqM-tR3hq_aqhLnpyFUyCLA8HG1cgv-xltmCr75p4n--BvRzadl0zNRcBCXBvswLAvVYzG-NbeIy7VFt55Czo5YoRk6I5CmAQy_AKHv5jamR1P5ht3r9a1sSj8Cum8gb1_5dQg8G43rTZWUNr_yCksNOWV24d1ld7hkGUZI4_4vRnq9UjMzT0U75eqAN2aP7YPDPKjg6k_nAOtQdF2LKpAsBZzyT515lovdDvYIe5Jw1Aq7WyxQE88wbLpMZQ2fUAqU7iRkHhWPzcxmaN4xv-1HDBADyXkhd-rGGnV158LraAlT0byKt31Wa1P-YrffVdrFC-BJHpESyFADhMjw4ZgBx0PeJYC6vhkfF_83xzECM4Xcabx8RXEUb5FHUR7fOnVD3T7pfySw7iU4kiB917yAcntM7nuAfj1AVK4_dhoVZHk0S0S6iydc_b2bpXtk8q0sLO46fSkbmxiKyM6FjvG3OnHV3nXcNoOR5_nsdxweiBbWRwtr8Yat8_0Zn7p2mMSyCkio9osN3jT9OzYqTnfUpIEF4EKQHQ9VOLBhDjGykALq8Edx1ErXpamXpxgOiKocdUINHsYDN6TH54OxuyF8d09xTKYJvnAht8abI24_8o5hGbOFXT32CJv3iVAaPtinEVh81I0KZRy3D1Ps8mrvoeijyGt_y6_E6VEeakgfXPnGxw8xsAe1GG2sIRMgIkXz5RiSlG-h2pd2QXHiPa5ZXC5dvC5t5kiJK4rQ_k31YiUlCvAY00AlUd39q6xAI3ro2eHKEGNTtQEjW6jk9eoRpXQZ28KuT4LWCaeQpcU1LzqkDuhSlYVBsUV6MK3CXSdzJI5A&cid=CAASFeRo7AnAqCcewlcOUIqq55MH_BUIww&rfl=1%2Chttps%253A%252F%252Fwww.arnolds.com.br%252Fcurso-ead-com-baixo-investimento%252F%253Futm_source%253Dfacebook%2526utm_medium%253Dsocial%2526utm_campaign%253Dfanpages%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 12 May 2021 20:18:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7945 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BF1i05W23-lgByvqIIylXcA_42Z-uoJqe2dbpgm6B81DL5aeA-m6KGB3lK8u23ZCnGl6s1ZyAVgWDLw141GV0IQd2ILeSfoCYKLtMKslPJ3qCOVqa0LT1WGzh3GunFCw4i474W7btvRZPDtjbWZ_qKNg_ikw&dbm_d=AKAmf-DhpMj6RIOX32Llw8q6nisZRKNUF8_nuPVs3GFa3gtN22SVtvSHTnCNj_jRNebN3CwU4WRZWjOrhXUwCWWG9vSVMFC48t8_pyfjIramyxJyaMs-8Ut1FUgPxOXi_oxU58iRqEjPwaT6gC4znFrIP5s4fZFazIhau59I3Sz40XZLbz57nHk8_BgCRs6qENnzJaJKHtaxYwCbkF923v7iy7RNhK3xmBXrjkOT1yLEtmvi2pEHAEisjB1f1qgR4Fl-9cLkUmWTCBp3NtjdcDCGSL3KScM_jecOJXeCW6h-Qi07456dQn_G03iRc5W9zUoSlpWwTQ2DemxTDsGdxkTmhXsecuko29rvNqdSnFHFMebUNZsC6aisbpZMnUoSkG4swX8QhrJ-BEusRlE8GgZSaewHxNS2gyi2QssScYzJA-gr8V2IkWFxRvGMaGZE7abj6cdbCprfuTCQ5hOD3dVIc5iioRm6G1VGZ_aXCeTwO1lPNAT0mtWS5BlM6Hhii-hVXCdk-f9lpBCG6sfG7Ebut6mefC9BxUC4PrywNgjYdT49TDu0KGUgaDg4_KzbUjKsWxasMV9awa4HFNuWMcXA6C3uroDhX3YEN4aDcIuRL4jVdC9kmyM7Pj2wb-r2t7-COZg25Np2wRU8tZEAqD_DS7WoNLljfpGLMpMd5OMoKnKIdFpUaerQo8Bstjeab8NXQbvH7PzvNJ4GWQRr8hyjHSEZv95hmFadOces7vm1bTH1hsKkLDGpKPQTfRuMZ-dKYLXTEXE645WG0oDEoqggc7BezeK6r_Fo_HXfb0Lcn32oGKileUIl6DLPv8BMpeRxMXedel67fciFW5V83jpBTfOyvBFQ5QxlD_1QQgAdO0yNYpsb6tEFDwQlXh1PkIzqNsBuo_RN_geGAgRCxig6cx-S6KmnkxLmgMRObZsdgFnxTlEuBgR4Ci5XZikPJrVwjC-a1I5hk4cb2bTbl-y4MXMgvIwp7pNTuBsxG4-Cqd7ozeGo7Y_BGnea2acwLA44-42LVAMgugL3fbj-p98cSWHrt1-G2xhXx8Y0rFpp6fjwkZruRaXff13hl7UkbJmpbrXNa1d2YhL6p1ZZG5L8HAY3ZFJ1iuqiyL1uAb7NxjY3y8TiW4wjKvSB0hNJr088Ncv_s5tnA03mezgMUJrWLU5Y7sQds0xq6dex_SkDuh4X4522fo7Pqy65dbWcpoq7vTQqfIcZXvgQMLhSHxbEZsyRVEb8MqV2UTUxsz3yVZR4q2SSe5Nz9WJqOG2uMwiQ8cJh_0C4fQiufIAGHx8j_XCFNaWD1V7Sz1dVR5BgktVV13laPQu79KPOADLiVaEoX-9PEU_4UxTushPEattjts5GNFeqtvi_inOnUlUJcwZ_qX5lMdXz3n3SxEcE_bGV2Adtt3JI3CPSJQoxME_4CvS2Bmi8yvIamjsbPqyAHb9APAUQjBbmHQYP-NT7vuHV6Lf_9vJl7vbmuwHDpwXlIt91VOz7QQU777vaEf3xwoMhBC6frWcjASN_bibSrbeAY_xaVObprCJkmLTP1-eDD_wfi1gFZOOINVrfi7UTCanO36HAJAD9vxEmfEKn2SyD8MGldYdvupOBxegZg6PZl5wIxBKLttNIfkIOJBMesuaHi83e222ShalTgFsGXBVS-EvBZ9DvaDi6v1Zar0JGWswCVWBlO4Bx7pZkqsFYe7rNY82MrzCTo0wPxVmrQRHV-876ZWDEg1k0X2YmJWDrm0QwIQfcdSGLZhSXKs3yMRGsSm34hVZR2dhXe610mfwBN4w0652KOpasGP9WA5uV02ZBJXW88V7LuXf0NqnOoTkqwhT1kipNDGkeWNgugwi2Aei95utW7Z1iVEnJFvP43v38Lw_rHOqBiQA22sK-o5vaQiWhzQ-GNt8h4umaQWR31sBJp1w6TKDxNjS_3h__LkLN0MvFEvPxSAcrQasgozBA2bpDV_XbbTddh0Bog_E5VSukhMBShYuyQ4sBrs7X77UyMe03aPtu5cbtYTgF4jlIaEyeo7OrgymmBbvfGcwgA_5smNv_7d-Gqb-wO0LIOad3MVI0F6ca-u_MMITuyGglP99mDESZGpH61pIOMMyniSH8dHlgqwdayCpW4QIWVVl9c6baHXkYWUOuDe_eIbNtSR6iiHaZM-HaPY-TPo_kEl5-piJpvZ-FMYV4QL3wcHWMqD4nTMJZdID1pndjB3fM07RvLdFAqINYhASjH8_7Nng6sue8zr5tQK7RQL4XleqrfHUJ_0oTqan7mt1ucLtY9eYW5n8h16l4nNf0TNtV4S2nyQ8isKd2sXdY_Xtjeh-dhPTtYlk44p5TvPyd3tdVTHXHnfxGkIglqpm_qQFTr4Zd9BW2-9wNIztg30XMWsF4fqx8_1EQHf-dAPqqJn6r6FQmeiKYzmb6zvTiaFsN0XafrJrX3jEGcmm6rfUCyuJip-WM3ST_Pv6ctsWBvY92y7flHnB1OjpZaoaomn0UYY_0-GL-k-7cGqk0tSpJ8lZfig6zYeyx7JA9zOgc--Sx0jeLN5JSjd2SOjosC_lDjaZS9XUaP28n2bDCyt8doa2IqM-tR3hq_aqhLnpyFUyCLA8HG1cgv-xltmCr75p4n--BvRzadl0zNRcBCXBvswLAvVYzG-NbeIy7VFt55Czo5YoRk6I5CmAQy_AKHv5jamR1P5ht3r9a1sSj8Cum8gb1_5dQg8G43rTZWUNr_yCksNOWV24d1ld7hkGUZI4_4vRnq9UjMzT0U75eqAN2aP7YPDPKjg6k_nAOtQdF2LKpAsBZzyT515lovdDvYIe5Jw1Aq7WyxQE88wbLpMZQ2fUAqU7iRkHhWPzcxmaN4xv-1HDBADyXkhd-rGGnV158LraAlT0byKt31Wa1P-YrffVdrFC-BJHpESyFADhMjw4ZgBx0PeJYC6vhkfF_83xzECM4Xcabx8RXEUb5FHUR7fOnVD3T7pfySw7iU4kiB917yAcntM7nuAfj1AVK4_dhoVZHk0S0S6iydc_b2bpXtk8q0sLO46fSkbmxiKyM6FjvG3OnHV3nXcNoOR5_nsdxweiBbWRwtr8Yat8_0Zn7p2mMSyCkio9osN3jT9OzYqTnfUpIEF4EKQHQ9VOLBhDjGykALq8Edx1ErXpamXpxgOiKocdUINHsYDN6TH54OxuyF8d09xTKYJvnAht8abI24_8o5hGbOFXT32CJv3iVAaPtinEVh81I0KZRy3D1Ps8mrvoeijyGt_y6_E6VEeakgfXPnGxw8xsAe1GG2sIRMgIkXz5RiSlG-h2pd2QXHiPa5ZXC5dvC5t5kiJK4rQ_k31YiUlCvAY00AlUd39q6xAI3ro2eHKEGNTtQEjW6jk9eoRpXQZ28KuT4LWCaeQpcU1LzqkDuhSlYVBsUV6MK3CXSdzJI5A&cid=CAASFeRo7AnAqCcewlcOUIqq55MH_BUIww&rfl=1%2Chttps%253A%252F%252Fwww.arnolds.com.br%252Fcurso-ead-com-baixo-investimento%252F%253Futm_source%253Dfacebook%2526utm_medium%253Dsocial%2526utm_campaign%253Dfanpages%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 15:44:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16470
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 May 2022 15:44:21 GMT
css2
fonts.googleapis.com/ Frame F993 		25 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/fr/style.css?v=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a837f051ac8249ce2e1c0215298ef878bc3b3017bc2b8e5bdea1cd88e8e1e54c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://lp.clevernetwork.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 12 May 2021 18:28:13 GMT
server
ESF
date
Wed, 12 May 2021 20:18:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 12 May 2021 20:18:51 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7945 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsupAXZdAHw-TkElaV5SRqGOvUFuD3biRPe0ksrknX0ydQnMVRLk2AbVr6ayZRZC6E2Yno-J7YfV7ywWvi1lkHiU8xgqCi5fvNxF0ptKwe2DyyDdket6N7j0KlKUV7eyt29Yju31Ufe0-dvNLtqFequ8sLrMuGqGvyn2KefclL0SUonnzKuJ8at3eb8PniPeyUh3xzy3ICk19-1UEUWSS9cNWhN3C63KX6kKGGBGv3r9NaL8EjTaq7nmH80uMKD-oHlbJHp57sz-VeoHwpxRFssogzbf_o-aSdUY8-zPUe-VLeqOnGQuagBYRlJ5lfRzFvkPT54MxjaXW3ZsITwdslrrag1fw-iNfeZrFVGL41icyRlVyQvdKMqrG65W8izkFkCabFE8tKG8OL9NWn29UvKrTcWcYQr3tNhe4tR2xmAXszI5zGGzk3KcXylKcYNTgzu1VEl7hV5WzPTN4RhnAE85ysx8Qh91KdrfYH8qQGLVdy5meBP1dSHgTTQ_B7tOpKy5hGU2z9bObf9s-F6RCEgevMuMVD3YQKOEP3RPru79NGr3dUU_PkiFSjrOdOejbwzb1v5LkyZRL24UjA9W_OmS4hz0cpRv4O7ec6m2Lb8tuBoeJxPiNLFFmQVkGENM1xlmAwjtdinpBgAZvPYT1eSGyzSNcvadfWDbRP2vGdnCFwdRktiDweuppoxZAy_uIL2_sLd2LCZAYgdLuI8izHmNivb-IMc0darmFVta9qkojijRYsf8I6pB4U_6arGj9ywc4r9x3QnMRbmJOSKJiTU0byeYF9SMSusUU036TevOuNiQzUSWRN7DLe0_TyUrOC3AXCIFlvXo8QKSQwGj1nVuyNbEcEgVTojqHKagbH0Qmc-VhwfUHYtncIpHSafF4ephORSAs5dOvsiGJx6tlxZ0M5_vW9YgkZyb8CXEpTMUqGWEEv8_Qjd0lxNF6CIjjotuKTiNOmJpPvaRC9HaNXXd-alInECyqJD-VJXmjlaVssdhOtPhrYV2d4oEwC3Mzb1sQYjvhnr2SsFqddoYJGg5jVjbwEEPrPpNI-zxmcCujBLdcKdC6bQO_FU2oG_vZVcumxxdMhHPQDJActUu2UAiw5qqZYsFazMKoQeb3rcrOyi3Ork_29T-KRlIEa2vtTWpRCT-Ohnx47cOGAAbGgUVLjzHg1AVjNkqzghrjZNTxmKH6H8qYu6b-rCaQ0Y2d7Bza7s-w0wDifk5glJKlaVyrIUh&sai=AMfl-YQPtQtWtuI3hXV-uUrnoUpxE9fc-Qn42srRUk5A6b22Az9e_GSBCYUVXqRmOI3NokHZAqyBusexhHV9YTEKjBMP6w9J7NWvR5-1jS4rf9GuWqg00kX9ZsuB5Kp7xGSGdrjLGxlPZDYH7xBeX-DaluaTBjIYIvkaCBbXJk8&sig=Cg0ArKJSzMC2XsFxDACyEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=23&vt=11&dtpt=22&dett=2&cstd=0&cisv=r20210510.47022&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BF1i05W23-lgByvqIIylXcA_42Z-uoJqe2dbpgm6B81DL5aeA-m6KGB3lK8u23ZCnGl6s1ZyAVgWDLw141GV0IQd2ILeSfoCYKLtMKslPJ3qCOVqa0LT1WGzh3GunFCw4i474W7btvRZPDtjbWZ_qKNg_ikw&dbm_d=AKAmf-DhpMj6RIOX32Llw8q6nisZRKNUF8_nuPVs3GFa3gtN22SVtvSHTnCNj_jRNebN3CwU4WRZWjOrhXUwCWWG9vSVMFC48t8_pyfjIramyxJyaMs-8Ut1FUgPxOXi_oxU58iRqEjPwaT6gC4znFrIP5s4fZFazIhau59I3Sz40XZLbz57nHk8_BgCRs6qENnzJaJKHtaxYwCbkF923v7iy7RNhK3xmBXrjkOT1yLEtmvi2pEHAEisjB1f1qgR4Fl-9cLkUmWTCBp3NtjdcDCGSL3KScM_jecOJXeCW6h-Qi07456dQn_G03iRc5W9zUoSlpWwTQ2DemxTDsGdxkTmhXsecuko29rvNqdSnFHFMebUNZsC6aisbpZMnUoSkG4swX8QhrJ-BEusRlE8GgZSaewHxNS2gyi2QssScYzJA-gr8V2IkWFxRvGMaGZE7abj6cdbCprfuTCQ5hOD3dVIc5iioRm6G1VGZ_aXCeTwO1lPNAT0mtWS5BlM6Hhii-hVXCdk-f9lpBCG6sfG7Ebut6mefC9BxUC4PrywNgjYdT49TDu0KGUgaDg4_KzbUjKsWxasMV9awa4HFNuWMcXA6C3uroDhX3YEN4aDcIuRL4jVdC9kmyM7Pj2wb-r2t7-COZg25Np2wRU8tZEAqD_DS7WoNLljfpGLMpMd5OMoKnKIdFpUaerQo8Bstjeab8NXQbvH7PzvNJ4GWQRr8hyjHSEZv95hmFadOces7vm1bTH1hsKkLDGpKPQTfRuMZ-dKYLXTEXE645WG0oDEoqggc7BezeK6r_Fo_HXfb0Lcn32oGKileUIl6DLPv8BMpeRxMXedel67fciFW5V83jpBTfOyvBFQ5QxlD_1QQgAdO0yNYpsb6tEFDwQlXh1PkIzqNsBuo_RN_geGAgRCxig6cx-S6KmnkxLmgMRObZsdgFnxTlEuBgR4Ci5XZikPJrVwjC-a1I5hk4cb2bTbl-y4MXMgvIwp7pNTuBsxG4-Cqd7ozeGo7Y_BGnea2acwLA44-42LVAMgugL3fbj-p98cSWHrt1-G2xhXx8Y0rFpp6fjwkZruRaXff13hl7UkbJmpbrXNa1d2YhL6p1ZZG5L8HAY3ZFJ1iuqiyL1uAb7NxjY3y8TiW4wjKvSB0hNJr088Ncv_s5tnA03mezgMUJrWLU5Y7sQds0xq6dex_SkDuh4X4522fo7Pqy65dbWcpoq7vTQqfIcZXvgQMLhSHxbEZsyRVEb8MqV2UTUxsz3yVZR4q2SSe5Nz9WJqOG2uMwiQ8cJh_0C4fQiufIAGHx8j_XCFNaWD1V7Sz1dVR5BgktVV13laPQu79KPOADLiVaEoX-9PEU_4UxTushPEattjts5GNFeqtvi_inOnUlUJcwZ_qX5lMdXz3n3SxEcE_bGV2Adtt3JI3CPSJQoxME_4CvS2Bmi8yvIamjsbPqyAHb9APAUQjBbmHQYP-NT7vuHV6Lf_9vJl7vbmuwHDpwXlIt91VOz7QQU777vaEf3xwoMhBC6frWcjASN_bibSrbeAY_xaVObprCJkmLTP1-eDD_wfi1gFZOOINVrfi7UTCanO36HAJAD9vxEmfEKn2SyD8MGldYdvupOBxegZg6PZl5wIxBKLttNIfkIOJBMesuaHi83e222ShalTgFsGXBVS-EvBZ9DvaDi6v1Zar0JGWswCVWBlO4Bx7pZkqsFYe7rNY82MrzCTo0wPxVmrQRHV-876ZWDEg1k0X2YmJWDrm0QwIQfcdSGLZhSXKs3yMRGsSm34hVZR2dhXe610mfwBN4w0652KOpasGP9WA5uV02ZBJXW88V7LuXf0NqnOoTkqwhT1kipNDGkeWNgugwi2Aei95utW7Z1iVEnJFvP43v38Lw_rHOqBiQA22sK-o5vaQiWhzQ-GNt8h4umaQWR31sBJp1w6TKDxNjS_3h__LkLN0MvFEvPxSAcrQasgozBA2bpDV_XbbTddh0Bog_E5VSukhMBShYuyQ4sBrs7X77UyMe03aPtu5cbtYTgF4jlIaEyeo7OrgymmBbvfGcwgA_5smNv_7d-Gqb-wO0LIOad3MVI0F6ca-u_MMITuyGglP99mDESZGpH61pIOMMyniSH8dHlgqwdayCpW4QIWVVl9c6baHXkYWUOuDe_eIbNtSR6iiHaZM-HaPY-TPo_kEl5-piJpvZ-FMYV4QL3wcHWMqD4nTMJZdID1pndjB3fM07RvLdFAqINYhASjH8_7Nng6sue8zr5tQK7RQL4XleqrfHUJ_0oTqan7mt1ucLtY9eYW5n8h16l4nNf0TNtV4S2nyQ8isKd2sXdY_Xtjeh-dhPTtYlk44p5TvPyd3tdVTHXHnfxGkIglqpm_qQFTr4Zd9BW2-9wNIztg30XMWsF4fqx8_1EQHf-dAPqqJn6r6FQmeiKYzmb6zvTiaFsN0XafrJrX3jEGcmm6rfUCyuJip-WM3ST_Pv6ctsWBvY92y7flHnB1OjpZaoaomn0UYY_0-GL-k-7cGqk0tSpJ8lZfig6zYeyx7JA9zOgc--Sx0jeLN5JSjd2SOjosC_lDjaZS9XUaP28n2bDCyt8doa2IqM-tR3hq_aqhLnpyFUyCLA8HG1cgv-xltmCr75p4n--BvRzadl0zNRcBCXBvswLAvVYzG-NbeIy7VFt55Czo5YoRk6I5CmAQy_AKHv5jamR1P5ht3r9a1sSj8Cum8gb1_5dQg8G43rTZWUNr_yCksNOWV24d1ld7hkGUZI4_4vRnq9UjMzT0U75eqAN2aP7YPDPKjg6k_nAOtQdF2LKpAsBZzyT515lovdDvYIe5Jw1Aq7WyxQE88wbLpMZQ2fUAqU7iRkHhWPzcxmaN4xv-1HDBADyXkhd-rGGnV158LraAlT0byKt31Wa1P-YrffVdrFC-BJHpESyFADhMjw4ZgBx0PeJYC6vhkfF_83xzECM4Xcabx8RXEUb5FHUR7fOnVD3T7pfySw7iU4kiB917yAcntM7nuAfj1AVK4_dhoVZHk0S0S6iydc_b2bpXtk8q0sLO46fSkbmxiKyM6FjvG3OnHV3nXcNoOR5_nsdxweiBbWRwtr8Yat8_0Zn7p2mMSyCkio9osN3jT9OzYqTnfUpIEF4EKQHQ9VOLBhDjGykALq8Edx1ErXpamXpxgOiKocdUINHsYDN6TH54OxuyF8d09xTKYJvnAht8abI24_8o5hGbOFXT32CJv3iVAaPtinEVh81I0KZRy3D1Ps8mrvoeijyGt_y6_E6VEeakgfXPnGxw8xsAe1GG2sIRMgIkXz5RiSlG-h2pd2QXHiPa5ZXC5dvC5t5kiJK4rQ_k31YiUlCvAY00AlUd39q6xAI3ro2eHKEGNTtQEjW6jk9eoRpXQZ28KuT4LWCaeQpcU1LzqkDuhSlYVBsUV6MK3CXSdzJI5A&cid=CAASFeRo7AnAqCcewlcOUIqq55MH_BUIww&rfl=1%2Chttps%253A%252F%252Fwww.arnolds.com.br%252Fcurso-ead-com-baixo-investimento%252F%253Futm_source%253Dfacebook%2526utm_medium%253Dsocial%2526utm_campaign%253Dfanpages%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 12 May 2021 20:18:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 71EA 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Wed, 12 May 2021 15:44:21 GMT
expires
Thu, 12 May 2022 15:44:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
16470
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 7945 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8802c3d889014dc6bd5e16f5b5048e9e11d486f2218342f4ff70230cadb2e767

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame F993 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://lp.clevernetwork.pt
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 15:35:29 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
535402
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Fri, 06 May 2022 15:35:29 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame F993 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://lp.clevernetwork.pt
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 01:43:32 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
585319
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Fri, 06 May 2022 01:43:32 GMT
Cookie set /
www.pokerstars.fr/ Frame BECE
Redirect Chain
  • https://secure.starsaffiliateclub.com/C.ashx?btag=a_174459b_1915c_&affid=2356410&siteid=174459&adid=1915&c=YSAAJYONVRBAAWP
  • https://secure.starsaffiliateclub.com/C.ashx?btag=a_174459b_1915c_&affid=2356410&siteid=174459&adid=1915&c=YSAAJYONVRBAAWP&AutoR=1
  • https://www.pokerstars.com/ua/?btag=a_174459b_1915c_YSAAJYONVRBAAWP
  • https://www.pokerstars.fr/?btag=a_174459b_1915c_YSAAJYONVRBAAWP
  • https://www.pokerstars.fr/
42 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.pokerstars.fr/
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.211.98.226 Isle of Man, Isle Of Man, ASN48536 (FILCO-AS, IM),
Reverse DNS
98-226.colo.sta.blacknight.ie
Software
Apache /
Resource Hash
f5001e6b9c28ae7973218e1c52a9ddf5030a814f9771a84ac4c671b043b172a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Host
www.pokerstars.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://lp.clevernetwork.pt/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://lp.clevernetwork.pt/

Response headers

Date
Wed, 12 May 2021 20:18:52 GMT
Server
Apache
Set-Cookie
geoip_country=FR; path=/; domain=www.pokerstars.fr NSC_hfofsbmIptut-8001=ffffffff0943141745525d5f4f58455e445a4a422971;expires=Wed, 12-May-2021 20:20:52 GMT;path=/;secure;httponly
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
8068
Keep-Alive
timeout=5, max=238
Connection
Keep-Alive
Content-Type
text/html
Strict-Transport-Security
max-age=31536000

Redirect headers

Date
Wed, 12 May 2021 20:18:51 GMT
Server
Apache
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Expires
0
Set-Cookie
geoip_country=FR; path=/; domain=www.pokerstars.fr sti=NWJ0G34bLDMTAgxocwJhKi0oISM2NHtWBC4sJXsYOBN9TGcFJDcTUxBCIXVXFAlWSSRQb3RtJCtSGVlyEUleXyZvdGIGW2VreDpObkkyFCddOHBtCg1VUD9GES1zcAYILA1eBhVocwIxEU9OQiYyMn5VDzUtKnsSAWkXOBx3K2FGMW4yKDcZAXgXH34AflhAFhhgfWZPVU1IU1pCUxxvY1ROVAkdOgt3S20DJjcqMlM%3D; path=/ pti=NWJ0G34bLDMTAgxocwJhKi0oISM2NHtWBC4sJXsYOBN9TGcFJDcTUxBCIXVXFAlWSSRQb3RtJCtSGVlyEUleXyZvdGIGW2VreDpObkkyFCddOHBtCg1VUD9GES1zcAYILA1eBhVocwIxEU9OQiYyMn5VDzUtKnsSAWkXOBx3K2FGMW4yKDcZAXgXH34AflhAFhhgfWZPVU1IU1pCUxxvY1ROVAkdOgt3S20DJjcqMlM%3D; path=/; expires=Thu, 12-May-2022 20:18:52 GMT promo_ia=a_174459b_1915c_YSAAJYONVRBAAWP; path=/; expires=Thu, 12-May-2022 20:18:52 GMT sti2=NWJ0G34bLDMTAgxocwJhKi0oISM2NHtWBC4sJXsYOBN9TGcFJDcTUxBCIXVXFAlWSSRQb3RtJCtSGVlyEUleXyZvdGIGW2VreDpObkkyFCddOHBtCg1VUD9GES1zcAYILA1eBhVocwIxEU9OQiYyMn5VDzUtKnsSAWkXOBx3K2FGMW4yKDcZAXgXH34AflhAFhhgfWZPVU1IU1pCUxxvY1ROVAkdOgt3S20DJjcqMlM%3D; domain=.pokerstars.fr; path=/ pti2=NWJ0G34bLDMTAgxocwJhKi0oISM2NHtWBC4sJXsYOBN9TGcFJDcTUxBCIXVXFAlWSSRQb3RtJCtSGVlyEUleXyZvdGIGW2VreDpObkkyFCddOHBtCg1VUD9GES1zcAYILA1eBhVocwIxEU9OQiYyMn5VDzUtKnsSAWkXOBx3K2FGMW4yKDcZAXgXH34AflhAFhhgfWZPVU1IU1pCUxxvY1ROVAkdOgt3S20DJjcqMlM%3D; domain=.pokerstars.fr; path=/; expires=Thu, 12-May-2022 20:18:52 GMT stiram=NWJ0G34bLDMTAgxocwJhKi0oISM2NHtWBC4sJXsYOBN9TGcFJDcTUxBCIXVXFAlWSSRQb3RtJCtSGVlyEUleXyZvdGIGW2VreDpObkkyFCddOHBtCg1VUD9GES1lahsIT0ZUTwx3fgIxEVJIRCZvdGIGW2VreDpObkkyFCddOHBtCh5FUEtkXhYschtmIDYvd2kZAg83KCkQRUlATQ1YVl8sKnwUPgQnJGQPJzV6XwBVXUNqOmhocB13XEZOFVN1Y2xJWiYrJykzPHlVADMvFw%3D%3D; domain=pokerstars.fr; path=/ ptiram=NWJ0G34bLDMTAgxocwJhKi0oISM2NHtWBC4sJXsYOBN9TGcFJDcTUxBCIXVXFAlWSSRQb3RtJCtSGVlyEUleXyZvdGIGW2VreDpObkkyFCddOHBtCg1VUD9GES1lahsIT0ZUTwx3fgIxEVJIRCZvdGIGW2VreDpObkkyFCddOHBtCh5FUEtkXhYschtmIDYvd2kZAg83KCkQRUlATQ1YVl8sKnwUPgQnJGQPJzV6XwBVXUNqOmhocB13XEZOFVN1Y2xJWiYrJykzPHlVADMvFw%3D%3D; domain=pokerstars.fr; path=/; expires=Thu, 12-May-2022 20:18:52 GMT NSC_hfofsbmIptut-8001=ffffffff0943141745525d5f4f58455e445a4a422971;expires=Wed, 12-May-2021 20:20:52 GMT;path=/;secure;httponly
Location
https://www.pokerstars.fr/
Keep-Alive
timeout=5, max=123
Connection
Keep-Alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame F993 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://lp.clevernetwork.pt
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 23:23:51 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:50 GMT
server
sffe
age
161700
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15724
x-xss-protection
0
expires
Tue, 10 May 2022 23:23:51 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame F993 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://lp.clevernetwork.pt
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 00:12:11 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
age
158800
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
expires
Wed, 11 May 2022 00:12:11 GMT
container.html
6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BE91 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 12 May 2021 20:18:49 GMT
expires
Thu, 12 May 2022 20:18:49 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dt
dt.adsafeprotected.com/ Frame 418D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=447445&asId=e51bbeaf-5285-908a-4c89-d20c83adc188&tv=%7Bc:craOdl,pingTime:-10,time:662,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1620850731362%7C%7C17ea0517826d7b0f55e81931bf3c36ea%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Ceb7fbb0e5e6cc7553cacba4d8f2dac3e%7C%7C12ae9b6c05bb211b1c3edecddee0f1c6%7C%7Cbd94397f910d8c97435d92b5d2038a5f%7C%7C9242a2559d7d46d38594f37945321f5f%7C%7Cf47c0f6119860893d518f64545a40cfc%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,im:%7Bimprf:%7Bttecl:665,ecd:37,tsecr:7%7D%7D%7D
Requested by
Host: 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
URL: https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.18.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-18-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:51 GMT
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
bg-pushdown.jpg
lp.clevernetwork.pt/pokerstars/fr/imgs/ Frame F993 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.clevernetwork.pt/pokerstars/fr/imgs/bg-pushdown.jpg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/pokerstars/fr/style.css?v=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:447b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d9412299bc7aef4f743926337a8910fb725e536e2c28cd31e0d715b738b28b5

Request headers

Referer
https://lp.clevernetwork.pt/pokerstars/fr/style.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:51 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
241
cf-ray
64e656af5d794aa9-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
70630
x-amz-id-2
LRKt/nts4/SbIHBJjIMYjJwbI34+xUAN8E3LBvwB/PgTVpO+kivohF+3c0ByaRrStkwWEBE4w7A=
last-modified
Tue, 04 May 2021 18:25:06 GMT
server
cloudflare
etag
"c3749918565dda01dd22477c50373155"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=U2WJtlmcxftYVFWEjpl%2B77HLs8JKF9QWaSWwyVoDTW3l%2BdL%2FqLRR49Rg2KzdTggq1gScIWM6LRbpINF3keKL9HGv4g0ZhF%2FpSFY1%2FaP%2BQCDPQKC0jYjy8LClS%2BukDkDr"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
HR71JZNZRR43D813
cache-control
max-age=1800
cf-request-id
0a03d4819300004aa9d62ed000000001
accept-ranges
bytes
content-type
image/jpeg
cf-bgj
h2pri
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9F77 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Ba9m7KjicYKLSENvG7_UPnu2X8AEAAAAAOAHgBAI&bg=!IyClIGTNAAY59bwoOfU7ACkAdvg8Wl0-6UzR78vFIu77DXMgIxHlEcmPWN8I32ZXVnbDiZncG5sbTQIAAAEeUgAAAIdoAQeZApWAOLYjSSkMBSAtiuHslz7hR2FA2DuzO_00FZ-l6QMbN8RPDa-bXzcXXbm8FYJKZOZ2zRlBIYraNN3ZYwx4pTD2WyvRSA9_90FmthZS6p3t0UlM3E0pIVSX4FO12vn6ccNJd161WO1k5ArJQhc00rLLas7YHhkHVhEytz2bVWtZexdt9dqc8SikBfcfg_1do07iTQ74sv4HHlpPrvdTRrvAO36KwGOSoJAahHUxpH9VqoDJWg8sS93h5uCmbCAcQQkwwAKdSgw80cbQWqBVYXOIQinypsj6rB2b2zttK3_sJc7L4z4P_DskMf8dGUeayQbFlf3qYHkHU8ZKhltkYWXb6r1lspJj-4WcfqYkqpDaybj_p8FE6vMN-UCBgCJtnwVsO0bGkdWPD6F9ysL4V_8ntmwD2v0Tg4M1GgaEWXKwpekIO0UEfPa8xlvzHnANxTyx4gicP88Hkwq3XFL3mOm1k7iiVtQ_t-VUAyJTg0e_ltNY-srkdbCNBqzami8Uqyws5WPI44HUsEIEVaTkmL-VtE5dfRgHKNFIjicc0D_fLDJtzAe76iGaeMlacJBybslcwx6iSJSLzWxQi-fT7qXOEWuqQRH12-aIxKcvk8ImFEeYE5klFGuSQdAciiI8ZVkYSKjcvIIn0_L5jxosnPFtQJyy3HQvjDcRqxYkm_CgepgIHFmaJDy0v3o1QaAR6wSbgMMbkfxjKy1zHBJMXW4znR8PMhBzzle-_YQACcSD36dGWNMJIhhFHluJwKgfaaP6hXDvPuqb63IiqvShBfLaI_xdDAHpENRSUlZT4Dqk8HhNqssnEh-AhmUg053dtWKX4nOXiuSP7eNQEj8tZQfOrHvgWRdk-RQQdXqMEXhcy40tTBfs
Requested by
Host: 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
URL: https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
pagead2.googlesyndication.com/bg/ Frame 71EA 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5546f9e074ab70995f0edefafb361236f1d83da768a83e72b23587d9a4c63f3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 10:37:47 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 09:28:00 GMT
server
sffe
age
34864
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5687
x-xss-protection
0
expires
Thu, 12 May 2022 10:37:47 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6104 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARiRk8-ZATAB&v=APEucNWiMH2HKp7cQ76jYXecxM4GNdB3zdnipbQT5sQkBFd4G28_Q6A5bml1UlPWYHon2Cq8vXLChJziMgTrC2at1DJc2MfCAfI1GHFfbRlSvNGlrgvmMifVMrucbLo9ND4La9tFdL2LGl4wa434XlLOAPHthhyo_ias75dG1Lj7X4fENycqSgPmujAez8bRIB02E6ugqsk84FjrIUOax21szDkt0z-lKpdIiaFedoalPzzC8pDLRIU
Requested by
Host: 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
URL: https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CJfnugEQw7j0ARiRk8-ZATAB&v=APEucNWiMH2HKp7cQ76jYXecxM4GNdB3zdnipbQT5sQkBFd4G28_Q6A5bml1UlPWYHon2Cq8vXLChJziMgTrC2at1DJc2MfCAfI1GHFfbRlSvNGlrgvmMifVMrucbLo9ND4La9tFdL2LGl4wa434XlLOAPHthhyo_ias75dG1Lj7X4fENycqSgPmujAez8bRIB02E6ugqsk84FjrIUOax21szDkt0z-lKpdIiaFedoalPzzC8pDLRIU
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnJsAThB2TT5ONYTq6rEtyMP5a9G2_HThpiKMOMcPgfmIoKqNXkKpJ14QOXEeY; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 12 May 2021 20:18:51 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
get_page_signal_url_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/elements/html/ Frame BE91 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/elements/html/get_page_signal_url_fy2019.js
Requested by
Host: 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
URL: https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
858361d285ad5b0369469afc26ff28e975019a3b3a25ad4748e95178eae88192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 18:17:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7310
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2074
x-xss-protection
0
server
cafe
etag
10027585619949027602
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 May 2021 18:17:01 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame BE91 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115845&plc=4228872&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0juqUfubKM1mA1yE8YccmvL&DVP_DBM_1=3060631&DVP_DBM_2=11817077&DVP_DBM_3=32228421&DVP_DBM_4=322161041&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=58742128459&turl=https://www.arnolds.com.br/curso-ead-com-baixo-investimento/&DVP_PP_BUNDLE_ID=
Requested by
Host: 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
URL: https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
68af7d95d32570af49c8988fa9285f76add19e574354b0d7136b65b205d2f5da

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 20:18:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 May 2021 09:20:07 GMT
Server
Microsoft-IIS/10.0
ETag
"82d9bc15942d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1338
dvtp_src.js
cdn.doubleverify.com/ Frame BE91 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0juqUfubKM1mA1yE8YccmvL&DVP_DBM_1=3060631&DVP_DBM_2=11817077&DVP_DBM_3=32228421&DVP_DBM_4=322161041&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=58742128459&turl=https://www.arnolds.com.br/curso-ead-com-baixo-investimento/&DVP_PP_BUNDLE_ID=
Requested by
Host: 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
URL: https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7c3e4f7379ab36145201000303ce7b35f6862e261d7a362b0491454278d81354

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 20:18:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 May 2021 17:26:02 GMT
Server
Microsoft-IIS/10.0
ETag
"031fab68a46d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3005
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame BE91 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/window_focus_fy2019.js
Requested by
Host: 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
URL: https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:17:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 May 2021 20:17:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BE91 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
URL: https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e3de2e14d9c8708fe42cbb220f1c4d52b720493b1503aa266fac9361b64ac31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620696594685118"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36097
x-xss-protection
0
expires
Wed, 12 May 2021 20:18:51 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame BE91 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
URL: https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:15:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
195
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 May 2021 20:15:36 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BE91 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Al1ObgrcqDr6t8i-0exndMmlblMmMwehYx6BKLA7803oZOQC4rLxo1TVXWpbxvWSbSi0hItmMNTIAuOPKVLhntmSy9TdRWD0FbrcXLF9mZuN4hws4
Requested by
Host: 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
URL: https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame BE91 		24 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BupPmDK0quoT1d1z4594Y_r22b642uhJcNBvKBYYoCXdnHx2KrDtVqcug4LQt_OmEoM_EEZtCj6kLE5k6JHykl94VQBprPJUaJpU2wg1cmP38NAyqT5uTzU3FekRkSqEMz0pEA5nncWI2jUyYeZGJWbn57wA&cry=1&dbm_d=AKAmf-BDXRzlpzlpUV5wkMbyYVswMrYxtcReBTId-hiryAsKkfvdkRrz8Rog4Ha7yIgkLWRaS4rIv1gsDduY0RPlaIqPM2x1xlcqbf_qDnVMvFZ_mOU-LbBCF0Z9j8OiDXQ4WY9xqWcSxJgRxucjj6G1xbgpH7ICU16bPrkDoMJCtW8ELJAn_kocxQpDNG1TRTGU0kx1MYCmMXw4VGi9NvRquu9gn5Vj8Ir6qaPEaHaJl-uoMjABspfo9cW5xXqObQbVfIhizfcX78FxVHjSsRktS5LoDdODfY1iXoYUxNmweiZObqB8gseKIUJkLh-29VgKoixB6cNiiH3ErLCyHQFmLzby18g8NVG3eVmG_huY_Avn8VJuTry2ac88irDQvXI4dBnBPJtjRD_ivRVNkf2n9-z8Ja0TgvmDOz2qmOUHdL0Eu7YiGGYkVlynbuoIhd92CGz-Ed59MNKAwhEMUpaIrvSLffq5AYc-TdyoxNfHOSQNIKdeSl36fmbDYZmZmiGIVt9VJm4X2SLmN1EFWR7nfCeL1MiLzcdwHMXNEQYr3x4ImZg2NUElUV_oybDE8q8kQeNLHtzIoyL-Dk-iHjBt5TlZEkP8pf6nG8H81gCkUqmSD5iGZts-ID9itxWis9oL3QkJIAjwr4jvMNSCwQJ4dTPMoqvh3YXMYkFVZM3uUEc96Nm23835W13X0BVBoH-s6A_fETufHi83YCf0kPiJigOVV9ypIT5aDQIdz33EXMXdVY_kndySxoi7S109Xa8UCWjHb8bgF212YCyvocTz9j3LClA9zg-HEE6Qi5ovAZc_m9ROTjDtf4ablfVUl6QXIzXsJIY4bdLVMtcoXKVxbOTLu5zpW5_MwzjAd-W7kVkV9HIa_BXi-AxPK28mUdGVQHn_HMLTvEQUZbtGyzQdLtz2SHKoQgmWKdvCINNVXURspPtQgIbG__stt80vGnpSn8-k3xE4nK0SOk6tU2-VRuomcEkvpXfVs6IB1c2phfr8kRaPiRJm0cUQAJ5o-wdwRpD7TyPauPLbTIOeEl7vyc1IjsusryjfdOohoqTltGNevycbtzwmfs2mJ8GL7SWMKuX293VRUQAZkm9VC7DZ9uS9GLa8yXsu9ogpIKUp6Ww_FEFN2a-oY2ZoxegbuH4A03Ns43TWxMEPaT12cQ8WID7s8pVDpcZlq3K95N1DETT_LbFwFXkIOoXGPe_VlaAas4XVFoDIA_NgxM6z_ETYSDWYO-ZpmBeOka7iHoqVZqZEQomoh0z26ikbfo0ZdsaovzhDfiGOx2H3s6B7pi07qmDufEqRRiyxPFHfwUXyaIN2xcmsKhREu-qXnPjMKIszvh83FTHMB-mhqIemtEdpM6WpRlor_o0bmhsAcVQpqe1rXLXwwQ7RoUX1ooCYKeZkMIYNqNw2oleEael5bA22jKbKhM_e8Fo81Vwrnfx9ZUxyNxCfb82YmlTIdBihvnihkKj47lrK7xSp5my6fwyGxzogMPTcTyq6uFCd3ujflIjd1SQ-HJzg5iOmZ_8XapStEJ2Sh6vdD-xXqX9aJ56s-mgFLYV-8ZSWrKU895xdcKR8E7pC62x9lW0bQFdjGtS4hNH-ArQ112JgO-PbOdv0AgeUzPJFHfngciGNG8Oltp5yWf8sFHjvEoQyVojNu3vwUXRLhbbnIQdbNnaO2h60ex9oXAn1UC28YsAgeCLR8l16CnP5Lk2-o_jeZywgBBmnvAxVuTjP0MyClz18roQpNlALPQUDpPma2sPniRUX-UiLyRAYz134u9CucLrSHRD3rLwmjpy-c5WCkFYIEDLlhRLfJJoHbm3-eNIi0fSYASnnOfZwwjdzPuMJbj0QpHtaDBST8sR8pcIf3Y0BO4P_sgPNvO0_IgXikB-YUrCI6jXaCl5CImrRJ0Vypu1wkzc3EHP8vaAwfc4RcVYOdWMydl0XXkI7ugLytaFZ3c6OuMfZodB5dgp-5ZOV_KZfasdMqr_XZhcZdywSJrZNNQxvcJcfM9WQTdH5bx6E85r2MQlUgMs3PS7B6iYiLmdu_hGj2vaX3JPda1wbhPiW9e_etRGnRrCCU7rLKQD0sMbkDNQkbOCTNjr1MK8GiNMi7GDpmkYV3nIJMSsG6QRT-a_EZwLPOWQDxdUFL7IWYvzwG3jzT1hJLRvgPjkEXrVH_SCrvpymqmp7FuINwZ5KLm3xloZQ0MLggMSPWp7DO1T4F5JHdr4Hwn-_SK_xrAE9jVGS2peb8LgftVK-_jB7a0aPZbJosgMrS7zxXnSTAIH6xVddLvA5No0uWzEXbrlCva-lyP3-l_XW2xXtCua70afxaTks7SFiR-qu2AG68LYwD6SJKKVJrgwyo33sAkL0vUC5IEg_Hm8gt20PDv0mbWjZkI-ZuRmpmWnrixV6J0370_0X7bJKuIVwg7kSugMDMTHhZTWvz7Z9dkfyTdFUul2MkhaZBMet6GgRrm9RgAL3BeqYUExWN6gpHcp4d7u4T5y-1lm2U9_PcI2wL3FVsxoklLJFJgLqMvgmrmwvB2SqB67VFHeHTn07QgCtrVnv_bzs_uJuh6u5UYhWIoUEIxnK4rfLWEdxtTCRCpuEbVL08nbg3Z4kCYJ87_9Qk6m61K6qhOcWmmLmHVilKdTOM9WzelSgseiB3A0ePVN507ewaNzVOWFvqOyAmhNfRWVjVfe2GS7sg2FQCWCgCTwNSJf1VYHeu8jfZw9k0AaaKhA4qCdy2ajuqEZy3QbEhasEXm86tTBBaNCu6WbvEhFKC_O3o0l6Tu7tQLWxGigfnVlWIz4EIBZ3O3epyF_F3yjZA4K_fwnktvYyBpFI4wR-Ajnx3TeG9hBDRuizaXgZaG0SjbB_ka9izXR2iiXxzLdDA94s0Ip1bG5LkN3ydXcOW7shrqZBvIHzoHfm2ngjW6hKkU9R2O6qkNVs4VVWsiNGtGmAX3N72WqRLa-vR3Q7cW13HNTsS6XkDISGvDkPnsipQZdvdDznR0q34TmkjL5duPTkCNCbpojpgevcmU6eJ8FbKWs6Gcaz7Pu4J3MsrndJ9g-mMAy3UPRhK01SHdbe1Xcfo0kDx6uUNyxeG5f_ccAJOdr4q3ODQU56FmyBzq2NYfIRE_rLX6ENYZUAqr7LxeXNjnzuNKrBVXyASXpz4EwTFqVsQrfs21EvZ9IffwEDp-eEpMMAW97nGoCc9w5u5mqQ27xiF3vKtsyK4qPVn861KtiZJLA5H20skjqTZk4gNp7jf3uMVCidtCJio4zTEJp5ssBYB7KPp07uExISFMb7p1AuJoySVQ&cid=CAASEuRoxvuWZ60XdsBaeNbYVHPQKg&rfl=1%2Chttps%253A%252F%252Fwww.arnolds.com.br%252Fcurso-ead-com-baixo-investimento%252F%253Futm_source%253Dfacebook%2526utm_medium%253Dsocial%2526utm_campaign%253Dfanpages%240
Requested by
Host: 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
URL: https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
14f4489ec259bfb8f5b8a6bcf18ac634adf813f6614f387eb1e7ab3ff9b0f00c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12155
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 6104
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELwMIs1t4VBN-v2Jcd1uca8&google_cver=1
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESELwMIs1t4VBN-v2Jcd1uca8&google_cver=1
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESELwMIs1t4VBN-v2Jcd1uca8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARiRk8-ZATAB&v=APEucNWiMH2HKp7cQ76jYXecxM4GNdB3zdnipbQT5sQkBFd4G28_Q6A5bml1UlPWYHon2Cq8vXLChJziMgTrC2at1DJc2MfCAfI1GHFfbRlSvNGlrgvmMifVMrucbLo9ND4La9tFdL2LGl4wa434XlLOAPHthhyo_ias75dG1Lj7X4fENycqSgPmujAez8bRIB02E6ugqsk84FjrIUOax21szDkt0z-lKpdIiaFedoalPzzC8pDLRIU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:51 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESELwMIs1t4VBN-v2Jcd1uca8&google_cver=1
date
Wed, 12 May 2021 20:18:51 GMT
via
1.1 google
server
OXGW/16.207.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
pixel
cm.g.doubleclick.net/ Frame 6104
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTQ0ZDg3YzYtZjAyYi0yN2MyLWVkZGYtNGMxNjdjNmEwMDc3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTQ0ZDg3YzYtZjAyYi0yN2MyLWVkZGYtNGMxNjdjNmEwMDc3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARiRk8-ZATAB&v=APEucNWiMH2HKp7cQ76jYXecxM4GNdB3zdnipbQT5sQkBFd4G28_Q6A5bml1UlPWYHon2Cq8vXLChJziMgTrC2at1DJc2MfCAfI1GHFfbRlSvNGlrgvmMifVMrucbLo9ND4La9tFdL2LGl4wa434XlLOAPHthhyo_ias75dG1Lj7X4fENycqSgPmujAez8bRIB02E6ugqsk84FjrIUOax21szDkt0z-lKpdIiaFedoalPzzC8pDLRIU
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 12 May 2021 20:18:51 GMT
content-encoding
gzip
server
OXGW/16.207.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTQ0ZDg3YzYtZjAyYi0yN2MyLWVkZGYtNGMxNjdjNmEwMDc3
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame 6104
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEDKUOhYw5KSt9WcHMZ9FqtM&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEDKUOhYw5KSt9WcHMZ9FqtM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARiRk8-ZATAB&v=APEucNWiMH2HKp7cQ76jYXecxM4GNdB3zdnipbQT5sQkBFd4G28_Q6A5bml1UlPWYHon2Cq8vXLChJziMgTrC2at1DJc2MfCAfI1GHFfbRlSvNGlrgvmMifVMrucbLo9ND4La9tFdL2LGl4wa434XlLOAPHthhyo_ias75dG1Lj7X4fENycqSgPmujAez8bRIB02E6ugqsk84FjrIUOax21szDkt0z-lKpdIiaFedoalPzzC8pDLRIU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.3 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:51 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 12 May 2021 20:18:51 GMT
server
akka-http/10.2.3
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEDKUOhYw5KSt9WcHMZ9FqtM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6104
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YmY5Y2FlNjgtM2E3Zi00MTJhLTg4YjYtODRmZGE1YWI2ZGYw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YmY5Y2FlNjgtM2E3Zi00MTJhLTg4YjYtODRmZGE1YWI2ZGYw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARiRk8-ZATAB&v=APEucNWiMH2HKp7cQ76jYXecxM4GNdB3zdnipbQT5sQkBFd4G28_Q6A5bml1UlPWYHon2Cq8vXLChJziMgTrC2at1DJc2MfCAfI1GHFfbRlSvNGlrgvmMifVMrucbLo9ND4La9tFdL2LGl4wa434XlLOAPHthhyo_ias75dG1Lj7X4fENycqSgPmujAez8bRIB02E6ugqsk84FjrIUOax21szDkt0z-lKpdIiaFedoalPzzC8pDLRIU
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:51 GMT
server
akka-http/10.2.3
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YmY5Y2FlNjgtM2E3Zi00MTJhLTg4YjYtODRmZGE1YWI2ZGYw
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Wed, 12 May 2021 20:18:51 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210510/r20110914/ Frame BE91 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210510/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BupPmDK0quoT1d1z4594Y_r22b642uhJcNBvKBYYoCXdnHx2KrDtVqcug4LQt_OmEoM_EEZtCj6kLE5k6JHykl94VQBprPJUaJpU2wg1cmP38NAyqT5uTzU3FekRkSqEMz0pEA5nncWI2jUyYeZGJWbn57wA&cry=1&dbm_d=AKAmf-BDXRzlpzlpUV5wkMbyYVswMrYxtcReBTId-hiryAsKkfvdkRrz8Rog4Ha7yIgkLWRaS4rIv1gsDduY0RPlaIqPM2x1xlcqbf_qDnVMvFZ_mOU-LbBCF0Z9j8OiDXQ4WY9xqWcSxJgRxucjj6G1xbgpH7ICU16bPrkDoMJCtW8ELJAn_kocxQpDNG1TRTGU0kx1MYCmMXw4VGi9NvRquu9gn5Vj8Ir6qaPEaHaJl-uoMjABspfo9cW5xXqObQbVfIhizfcX78FxVHjSsRktS5LoDdODfY1iXoYUxNmweiZObqB8gseKIUJkLh-29VgKoixB6cNiiH3ErLCyHQFmLzby18g8NVG3eVmG_huY_Avn8VJuTry2ac88irDQvXI4dBnBPJtjRD_ivRVNkf2n9-z8Ja0TgvmDOz2qmOUHdL0Eu7YiGGYkVlynbuoIhd92CGz-Ed59MNKAwhEMUpaIrvSLffq5AYc-TdyoxNfHOSQNIKdeSl36fmbDYZmZmiGIVt9VJm4X2SLmN1EFWR7nfCeL1MiLzcdwHMXNEQYr3x4ImZg2NUElUV_oybDE8q8kQeNLHtzIoyL-Dk-iHjBt5TlZEkP8pf6nG8H81gCkUqmSD5iGZts-ID9itxWis9oL3QkJIAjwr4jvMNSCwQJ4dTPMoqvh3YXMYkFVZM3uUEc96Nm23835W13X0BVBoH-s6A_fETufHi83YCf0kPiJigOVV9ypIT5aDQIdz33EXMXdVY_kndySxoi7S109Xa8UCWjHb8bgF212YCyvocTz9j3LClA9zg-HEE6Qi5ovAZc_m9ROTjDtf4ablfVUl6QXIzXsJIY4bdLVMtcoXKVxbOTLu5zpW5_MwzjAd-W7kVkV9HIa_BXi-AxPK28mUdGVQHn_HMLTvEQUZbtGyzQdLtz2SHKoQgmWKdvCINNVXURspPtQgIbG__stt80vGnpSn8-k3xE4nK0SOk6tU2-VRuomcEkvpXfVs6IB1c2phfr8kRaPiRJm0cUQAJ5o-wdwRpD7TyPauPLbTIOeEl7vyc1IjsusryjfdOohoqTltGNevycbtzwmfs2mJ8GL7SWMKuX293VRUQAZkm9VC7DZ9uS9GLa8yXsu9ogpIKUp6Ww_FEFN2a-oY2ZoxegbuH4A03Ns43TWxMEPaT12cQ8WID7s8pVDpcZlq3K95N1DETT_LbFwFXkIOoXGPe_VlaAas4XVFoDIA_NgxM6z_ETYSDWYO-ZpmBeOka7iHoqVZqZEQomoh0z26ikbfo0ZdsaovzhDfiGOx2H3s6B7pi07qmDufEqRRiyxPFHfwUXyaIN2xcmsKhREu-qXnPjMKIszvh83FTHMB-mhqIemtEdpM6WpRlor_o0bmhsAcVQpqe1rXLXwwQ7RoUX1ooCYKeZkMIYNqNw2oleEael5bA22jKbKhM_e8Fo81Vwrnfx9ZUxyNxCfb82YmlTIdBihvnihkKj47lrK7xSp5my6fwyGxzogMPTcTyq6uFCd3ujflIjd1SQ-HJzg5iOmZ_8XapStEJ2Sh6vdD-xXqX9aJ56s-mgFLYV-8ZSWrKU895xdcKR8E7pC62x9lW0bQFdjGtS4hNH-ArQ112JgO-PbOdv0AgeUzPJFHfngciGNG8Oltp5yWf8sFHjvEoQyVojNu3vwUXRLhbbnIQdbNnaO2h60ex9oXAn1UC28YsAgeCLR8l16CnP5Lk2-o_jeZywgBBmnvAxVuTjP0MyClz18roQpNlALPQUDpPma2sPniRUX-UiLyRAYz134u9CucLrSHRD3rLwmjpy-c5WCkFYIEDLlhRLfJJoHbm3-eNIi0fSYASnnOfZwwjdzPuMJbj0QpHtaDBST8sR8pcIf3Y0BO4P_sgPNvO0_IgXikB-YUrCI6jXaCl5CImrRJ0Vypu1wkzc3EHP8vaAwfc4RcVYOdWMydl0XXkI7ugLytaFZ3c6OuMfZodB5dgp-5ZOV_KZfasdMqr_XZhcZdywSJrZNNQxvcJcfM9WQTdH5bx6E85r2MQlUgMs3PS7B6iYiLmdu_hGj2vaX3JPda1wbhPiW9e_etRGnRrCCU7rLKQD0sMbkDNQkbOCTNjr1MK8GiNMi7GDpmkYV3nIJMSsG6QRT-a_EZwLPOWQDxdUFL7IWYvzwG3jzT1hJLRvgPjkEXrVH_SCrvpymqmp7FuINwZ5KLm3xloZQ0MLggMSPWp7DO1T4F5JHdr4Hwn-_SK_xrAE9jVGS2peb8LgftVK-_jB7a0aPZbJosgMrS7zxXnSTAIH6xVddLvA5No0uWzEXbrlCva-lyP3-l_XW2xXtCua70afxaTks7SFiR-qu2AG68LYwD6SJKKVJrgwyo33sAkL0vUC5IEg_Hm8gt20PDv0mbWjZkI-ZuRmpmWnrixV6J0370_0X7bJKuIVwg7kSugMDMTHhZTWvz7Z9dkfyTdFUul2MkhaZBMet6GgRrm9RgAL3BeqYUExWN6gpHcp4d7u4T5y-1lm2U9_PcI2wL3FVsxoklLJFJgLqMvgmrmwvB2SqB67VFHeHTn07QgCtrVnv_bzs_uJuh6u5UYhWIoUEIxnK4rfLWEdxtTCRCpuEbVL08nbg3Z4kCYJ87_9Qk6m61K6qhOcWmmLmHVilKdTOM9WzelSgseiB3A0ePVN507ewaNzVOWFvqOyAmhNfRWVjVfe2GS7sg2FQCWCgCTwNSJf1VYHeu8jfZw9k0AaaKhA4qCdy2ajuqEZy3QbEhasEXm86tTBBaNCu6WbvEhFKC_O3o0l6Tu7tQLWxGigfnVlWIz4EIBZ3O3epyF_F3yjZA4K_fwnktvYyBpFI4wR-Ajnx3TeG9hBDRuizaXgZaG0SjbB_ka9izXR2iiXxzLdDA94s0Ip1bG5LkN3ydXcOW7shrqZBvIHzoHfm2ngjW6hKkU9R2O6qkNVs4VVWsiNGtGmAX3N72WqRLa-vR3Q7cW13HNTsS6XkDISGvDkPnsipQZdvdDznR0q34TmkjL5duPTkCNCbpojpgevcmU6eJ8FbKWs6Gcaz7Pu4J3MsrndJ9g-mMAy3UPRhK01SHdbe1Xcfo0kDx6uUNyxeG5f_ccAJOdr4q3ODQU56FmyBzq2NYfIRE_rLX6ENYZUAqr7LxeXNjnzuNKrBVXyASXpz4EwTFqVsQrfs21EvZ9IffwEDp-eEpMMAW97nGoCc9w5u5mqQ27xiF3vKtsyK4qPVn861KtiZJLA5H20skjqTZk4gNp7jf3uMVCidtCJio4zTEJp5ssBYB7KPp07uExISFMb7p1AuJoySVQ&cid=CAASEuRoxvuWZ60XdsBaeNbYVHPQKg&rfl=1%2Chttps%253A%252F%252Fwww.arnolds.com.br%252Fcurso-ead-com-baixo-investimento%252F%253Futm_source%253Dfacebook%2526utm_medium%253Dsocial%2526utm_campaign%253Dfanpages%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df0df39146c8995f0d40836e1e0839ad95f81ad1c9d24ba85169e3c2f0560ac1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8628
x-xss-protection
0
server
cafe
etag
4958886646989192229
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 May 2021 20:18:47 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame BE91 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BupPmDK0quoT1d1z4594Y_r22b642uhJcNBvKBYYoCXdnHx2KrDtVqcug4LQt_OmEoM_EEZtCj6kLE5k6JHykl94VQBprPJUaJpU2wg1cmP38NAyqT5uTzU3FekRkSqEMz0pEA5nncWI2jUyYeZGJWbn57wA&cry=1&dbm_d=AKAmf-BDXRzlpzlpUV5wkMbyYVswMrYxtcReBTId-hiryAsKkfvdkRrz8Rog4Ha7yIgkLWRaS4rIv1gsDduY0RPlaIqPM2x1xlcqbf_qDnVMvFZ_mOU-LbBCF0Z9j8OiDXQ4WY9xqWcSxJgRxucjj6G1xbgpH7ICU16bPrkDoMJCtW8ELJAn_kocxQpDNG1TRTGU0kx1MYCmMXw4VGi9NvRquu9gn5Vj8Ir6qaPEaHaJl-uoMjABspfo9cW5xXqObQbVfIhizfcX78FxVHjSsRktS5LoDdODfY1iXoYUxNmweiZObqB8gseKIUJkLh-29VgKoixB6cNiiH3ErLCyHQFmLzby18g8NVG3eVmG_huY_Avn8VJuTry2ac88irDQvXI4dBnBPJtjRD_ivRVNkf2n9-z8Ja0TgvmDOz2qmOUHdL0Eu7YiGGYkVlynbuoIhd92CGz-Ed59MNKAwhEMUpaIrvSLffq5AYc-TdyoxNfHOSQNIKdeSl36fmbDYZmZmiGIVt9VJm4X2SLmN1EFWR7nfCeL1MiLzcdwHMXNEQYr3x4ImZg2NUElUV_oybDE8q8kQeNLHtzIoyL-Dk-iHjBt5TlZEkP8pf6nG8H81gCkUqmSD5iGZts-ID9itxWis9oL3QkJIAjwr4jvMNSCwQJ4dTPMoqvh3YXMYkFVZM3uUEc96Nm23835W13X0BVBoH-s6A_fETufHi83YCf0kPiJigOVV9ypIT5aDQIdz33EXMXdVY_kndySxoi7S109Xa8UCWjHb8bgF212YCyvocTz9j3LClA9zg-HEE6Qi5ovAZc_m9ROTjDtf4ablfVUl6QXIzXsJIY4bdLVMtcoXKVxbOTLu5zpW5_MwzjAd-W7kVkV9HIa_BXi-AxPK28mUdGVQHn_HMLTvEQUZbtGyzQdLtz2SHKoQgmWKdvCINNVXURspPtQgIbG__stt80vGnpSn8-k3xE4nK0SOk6tU2-VRuomcEkvpXfVs6IB1c2phfr8kRaPiRJm0cUQAJ5o-wdwRpD7TyPauPLbTIOeEl7vyc1IjsusryjfdOohoqTltGNevycbtzwmfs2mJ8GL7SWMKuX293VRUQAZkm9VC7DZ9uS9GLa8yXsu9ogpIKUp6Ww_FEFN2a-oY2ZoxegbuH4A03Ns43TWxMEPaT12cQ8WID7s8pVDpcZlq3K95N1DETT_LbFwFXkIOoXGPe_VlaAas4XVFoDIA_NgxM6z_ETYSDWYO-ZpmBeOka7iHoqVZqZEQomoh0z26ikbfo0ZdsaovzhDfiGOx2H3s6B7pi07qmDufEqRRiyxPFHfwUXyaIN2xcmsKhREu-qXnPjMKIszvh83FTHMB-mhqIemtEdpM6WpRlor_o0bmhsAcVQpqe1rXLXwwQ7RoUX1ooCYKeZkMIYNqNw2oleEael5bA22jKbKhM_e8Fo81Vwrnfx9ZUxyNxCfb82YmlTIdBihvnihkKj47lrK7xSp5my6fwyGxzogMPTcTyq6uFCd3ujflIjd1SQ-HJzg5iOmZ_8XapStEJ2Sh6vdD-xXqX9aJ56s-mgFLYV-8ZSWrKU895xdcKR8E7pC62x9lW0bQFdjGtS4hNH-ArQ112JgO-PbOdv0AgeUzPJFHfngciGNG8Oltp5yWf8sFHjvEoQyVojNu3vwUXRLhbbnIQdbNnaO2h60ex9oXAn1UC28YsAgeCLR8l16CnP5Lk2-o_jeZywgBBmnvAxVuTjP0MyClz18roQpNlALPQUDpPma2sPniRUX-UiLyRAYz134u9CucLrSHRD3rLwmjpy-c5WCkFYIEDLlhRLfJJoHbm3-eNIi0fSYASnnOfZwwjdzPuMJbj0QpHtaDBST8sR8pcIf3Y0BO4P_sgPNvO0_IgXikB-YUrCI6jXaCl5CImrRJ0Vypu1wkzc3EHP8vaAwfc4RcVYOdWMydl0XXkI7ugLytaFZ3c6OuMfZodB5dgp-5ZOV_KZfasdMqr_XZhcZdywSJrZNNQxvcJcfM9WQTdH5bx6E85r2MQlUgMs3PS7B6iYiLmdu_hGj2vaX3JPda1wbhPiW9e_etRGnRrCCU7rLKQD0sMbkDNQkbOCTNjr1MK8GiNMi7GDpmkYV3nIJMSsG6QRT-a_EZwLPOWQDxdUFL7IWYvzwG3jzT1hJLRvgPjkEXrVH_SCrvpymqmp7FuINwZ5KLm3xloZQ0MLggMSPWp7DO1T4F5JHdr4Hwn-_SK_xrAE9jVGS2peb8LgftVK-_jB7a0aPZbJosgMrS7zxXnSTAIH6xVddLvA5No0uWzEXbrlCva-lyP3-l_XW2xXtCua70afxaTks7SFiR-qu2AG68LYwD6SJKKVJrgwyo33sAkL0vUC5IEg_Hm8gt20PDv0mbWjZkI-ZuRmpmWnrixV6J0370_0X7bJKuIVwg7kSugMDMTHhZTWvz7Z9dkfyTdFUul2MkhaZBMet6GgRrm9RgAL3BeqYUExWN6gpHcp4d7u4T5y-1lm2U9_PcI2wL3FVsxoklLJFJgLqMvgmrmwvB2SqB67VFHeHTn07QgCtrVnv_bzs_uJuh6u5UYhWIoUEIxnK4rfLWEdxtTCRCpuEbVL08nbg3Z4kCYJ87_9Qk6m61K6qhOcWmmLmHVilKdTOM9WzelSgseiB3A0ePVN507ewaNzVOWFvqOyAmhNfRWVjVfe2GS7sg2FQCWCgCTwNSJf1VYHeu8jfZw9k0AaaKhA4qCdy2ajuqEZy3QbEhasEXm86tTBBaNCu6WbvEhFKC_O3o0l6Tu7tQLWxGigfnVlWIz4EIBZ3O3epyF_F3yjZA4K_fwnktvYyBpFI4wR-Ajnx3TeG9hBDRuizaXgZaG0SjbB_ka9izXR2iiXxzLdDA94s0Ip1bG5LkN3ydXcOW7shrqZBvIHzoHfm2ngjW6hKkU9R2O6qkNVs4VVWsiNGtGmAX3N72WqRLa-vR3Q7cW13HNTsS6XkDISGvDkPnsipQZdvdDznR0q34TmkjL5duPTkCNCbpojpgevcmU6eJ8FbKWs6Gcaz7Pu4J3MsrndJ9g-mMAy3UPRhK01SHdbe1Xcfo0kDx6uUNyxeG5f_ccAJOdr4q3ODQU56FmyBzq2NYfIRE_rLX6ENYZUAqr7LxeXNjnzuNKrBVXyASXpz4EwTFqVsQrfs21EvZ9IffwEDp-eEpMMAW97nGoCc9w5u5mqQ27xiF3vKtsyK4qPVn861KtiZJLA5H20skjqTZk4gNp7jf3uMVCidtCJio4zTEJp5ssBYB7KPp07uExISFMb7p1AuJoySVQ&cid=CAASEuRoxvuWZ60XdsBaeNbYVHPQKg&rfl=1%2Chttps%253A%252F%252Fwww.arnolds.com.br%252Fcurso-ead-com-baixo-investimento%252F%253Futm_source%253Dfacebook%2526utm_medium%253Dsocial%2526utm_campaign%253Dfanpages%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 15:44:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16470
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 May 2022 15:44:21 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 687D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Wed, 12 May 2021 15:44:21 GMT
expires
Thu, 12 May 2022 15:44:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
16470
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dvbs_src_internal85.js
cdn.doubleverify.com/ Frame BE91 		59 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal85.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115845&plc=4228872&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0juqUfubKM1mA1yE8YccmvL&DVP_DBM_1=3060631&DVP_DBM_2=11817077&DVP_DBM_3=32228421&DVP_DBM_4=322161041&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=58742128459&turl=https://www.arnolds.com.br/curso-ead-com-baixo-investimento/&DVP_PP_BUNDLE_ID=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
6465809b86cc160bfa318016d2f5fd7fd262f468b3bbe9af742cb58f66a20c94

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 20:18:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 May 2021 09:20:22 GMT
Server
Microsoft-IIS/10.0
ETag
"04f1ea5942d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18792
activeview
pagead2.googlesyndication.com/pcs/ Frame 418D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstVd6AjKyfkF0ukFX5fe1h7cxIOUxGzn8-2z3Nn-UmreXjni-UUxfa9J2rRE7ZMddqiMnGzQZEYwa6sou4sItAZZndZnMnCAAyspXT9XuIzLHbfoit6BF2GZLHEUQ&sai=AMfl-YTmNZo89mKwF4O_RGzrvYQdjHIsuH0IWtJs0ZOpkl8YyoVW0X8TQrF_C7xT3L2lvNdo5BOXjEGScCzK9_-jnvLo6zsg5O08r6woMsPxNsna6IG757NgboJaXAhZaeQ&sig=Cg0ArKJSzC3GYPnGD0VCEAE&cid=CAASPeRoUmfVP8j1-TtYx-QMzbGkaRNzNjsvy2NkfzJHMjJQ4mvLmsGoOcabtsf71SJDSVLHOPs9-giDwgJCjJY&id=lidar2&mcvt=1018&p=279,992,529,1292&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&v=20210510&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=785115145&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1620850730193&dlt=38&rpt=449&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bst2tv3.html
cdn3.doubleverify.com/ Frame 9E55 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn3.doubleverify.com/bst2tv3.html
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal85.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Host
cdn3.doubleverify.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges
bytes
ETag
"01818ecfc6cf1:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Content-Length
806
Cache-Control
max-age=79540
Date
Wed, 12 May 2021 20:18:51 GMT
Connection
keep-alive
verify.js
rtb0.doubleverify.com/ Frame BE91 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_939222400018&jsTagObjCallback=__tagObject_callback_939222400018&num=6&ctx=1828362&cmp=115845&plc=4228872&sid=18330&advid=&adsrv=&unit=300x250&isdvvid=&uid=939222400018&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&brid=0&brver=&bridua=3&dup=null&turl=https://www.arnolds.com.br/curso-ead-com-baixo-investimento/&srcurlD=0&ssl=1&refD=1&htmlmsging=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0juqUfubKM1mA1yE8YccmvL&DVP_DBM_1=3060631&DVP_DBM_2=11817077&DVP_DBM_3=32228421&DVP_DBM_4=322161041&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=58742128459&DVP_PP_BUNDLE_ID=&prr=1&m1=13&noc=16&fcifrms=9&brh=6&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=134&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D2C%3F%40%3D5D%5D4%40%3E%5D3CTau4FCD%40%5C625%5C4%40%3E%5C32%3AI%40%5C%3A%3FG6DE%3A%3E6%3FE%40TauTbuFE%3E0D%40FC46Tbs72463%40%40%3CTaeFE%3E0%3E65%3AF%3ETbsD%404%3A2%3DTaeFE%3E042%3EA2%3A8%3FTbs72%3FA286DU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D2C%3F%40%3D5D%5D4%40%3E%5D3CTar9EEADTbpTauTaue473df57b63ae__bg5353%60547b7aaa7_%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=13.59
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal85.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.26 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c558784feeae13ef18d527c907e1d502da83b4862fdfd57c52bf9f33c3419e45

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
X-DV-Response
1
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Date
Wed, 12 May 2021 20:18:51 GMT
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
5/11/2021 8:18:51 PM
dv-match6.js
cdn.doubleverify.com/ Frame 53B8 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-match6.js
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 20:18:51 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Mar 2018 04:45:12 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"03c84bdf3b8d31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=31337
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1935
VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
pagead2.googlesyndication.com/bg/ Frame 687D 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5546f9e074ab70995f0edefafb361236f1d83da768a83e72b23587d9a4c63f3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 10:37:47 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 09:28:00 GMT
server
sffe
age
34864
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5687
x-xss-protection
0
expires
Thu, 12 May 2022 10:37:47 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame BE91 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal85.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9dbfd7b38b51c4ab599d18a1b1638306cf58dd6f9b226474bbaf3a05cd78aa2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:02:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 26 Apr 2021 20:55:31 GMT
server
sffe
age
1005
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3742
x-xss-protection
0
expires
Wed, 12 May 2021 21:02:06 GMT
bsevent.gif
tps20516.doubleverify.com/ Frame BE91 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tps20516.doubleverify.com/bsevent.gif?impid=e2a443ecd9004eddb172aca82e49718a&dvp_or2=1&cbust=1620850731827756
Requested by
Host: 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
URL: https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.26 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:51 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
max-age=0
Content-Length
860
Expires
5/11/2021 8:18:51 PM
impl_v71.js
www.googletagservices.com/dcm/ Frame BE91 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v71.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93da23ad716e68c9eff8fcfcf2ccf7056467e6d6e34ae308ec9ef571b64dff3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:33:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Apr 2021 20:14:08 GMT
server
sffe
age
204331
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
expires
Tue, 10 May 2022 11:33:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 71EA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BmLPbKzicYJboApGz3gPEp5mQBwAAAAA4AeAEAg&bg=!dHeldzPNAAY59bwoOfU7ACkAdvg8WlA2c-CVek4zJwWkIWh0ZRXyLdRxRRCn_qII54c72tZyRRXZvAIAAAEiUgAAAC5oAQeZApd-mVm4HUzCcHSmAHsx7fZWuMFhqbBJgP0QnWrZ-s3w2zISsl1u5RdaZ6qDzG8mzzAyxU_G0X4yt0zCaFUCny4XA8w2IAYQDKJDPd6nuJY0P5pTwXVqt-VcccczOe8t3dZXQf-m4ussKhu-hP8SzYZZTO8MotG8z0zFAhIkLAkPTu52hCfKCaBYlljsoMV6Ue7Z8Adm0Dfjw05zPPOpntPBpByw-ws1xCZ8m-VifvxrU-FurSyqJn-rH9-LJVTyn8gMtGpuPD2pM0eDPeieoUb1lnq38IJ3KS4T74tmB4PPKiQQx-DgdQx_tYRFBPmDSxAt6isrEsUGWQiersL10VQIc8eh3h25WAFIQWM378Zfq2ROzYgPHGk3leG6R1mZKkJPTZ6rhNmXBC-AeMo7En25CyPJZUdWNkAauQtrw-tXKyfHyvMODeG8_HsHceNc2WzknSEeyRenxwUdjNRIl7HXG3n4lGT4slq4nP3OWgqjAycnNJHYESRgZ2sBZ4ZilYDlU7bVvyJZxyWZs7wFHs_jXrEOHcwlOP9eI1ALaRS5YQ6uDyyYSYkSEEhvTucyb8P_dhipSSvmf09kJBXLMi-atmLj7a2X98I1aVgSsJ2b-HsvektbF4gpIwTsg0hjgYQuPYivg5bcRaet77n8nQbChcUh0a1aF0SH0ANxUV8sCotcC08b6g60TZ-iMww-e7N1DoLIN3MW90iau_Ww_YyFS6lIug6JB02cHbHDw3TISmXgwjtU6WqWvRVCz7xOYWjRgIs926BkuqNIIFYm2gVvNbHqt3BSziHVzwEelU4KA2TeJoLeLUBehBeb3ItuEG5HotoC9Y8MvsCNDzYx3yJZpTs1ZsbJaeD2Qs09g0p7KtZtRbqPvQI
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B10224936.280232945;dc_ver=71.205;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3595875767;ord=8y2zo8;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fwww.arnolds.co...
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame BE91 		34 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B10224936.280232945;dc_ver=71.205;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3595875767;ord=8y2zo8;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fwww.arnolds.com.br%2Fcurso-ead-com-baixo-investimento%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages$0;xdt=1;crlt=jLCYHRpZSF;osda=2;sttr=42;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v71.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f6.1e100.net
Software
cafe /
Resource Hash
c2f32bec9ec8fa028c8a5f17a6dc54aeb81e18189a1d977eedb0482ab49230a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17223
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210510/r20110914/elements/html/ Frame BE91 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210510/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B10224936.280232945;dc_ver=71.205;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3595875767;ord=8y2zo8;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fwww.arnolds.com.br%2Fcurso-ead-com-baixo-investimento%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages$0;xdt=1;crlt=jLCYHRpZSF;osda=2;sttr=42;prcl=s
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:17:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 May 2021 20:17:19 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame BE91 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss8W4g2-uakxG3Bc8u5I24bi200mhE95yo1kvNOZnxt0Rb4Rsam0UMMkwthC8W_SeJFItD1Vk7tF5IrYCgoG7vuBX_bUE9AmJnresQFlsBRbtEgjYDPKg6DPhAI6amlAoOr_QOhuMIfEXbOpQYr&sig=Cg0ArKJSzIc5e81QsNLaEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210510.48315&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B10224936.280232945;dc_ver=71.205;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3595875767;ord=8y2zo8;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fwww.arnolds.com.br%2Fcurso-ead-com-baixo-investimento%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages$0;xdt=1;crlt=jLCYHRpZSF;osda=2;sttr=42;prcl=s
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 12 May 2021 20:18:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dvtp_src.js
cdn.doubleverify.com/ Frame BE91 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=13311291&cmp=10224936&sid=2641434&plc=280232945&num=&adid=&advid=2276943&adsrv=1&btreg=315303753&btadsrv=doubleclick&crt=117630481&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B10224936.280232945;dc_ver=71.205;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3595875767;ord=8y2zo8;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fwww.arnolds.com.br%2Fcurso-ead-com-baixo-investimento%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages$0;xdt=1;crlt=jLCYHRpZSF;osda=2;sttr=42;prcl=s
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7c3e4f7379ab36145201000303ce7b35f6862e261d7a362b0491454278d81354

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 20:18:52 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 May 2021 17:26:02 GMT
Server
Microsoft-IIS/10.0
ETag
"031fab68a46d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3005
adc_HUN_EndHungerStory_300x250_static_Evergreen.jpg
s0.2mdn.net/2276943/ Frame BE91 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/2276943/adc_HUN_EndHungerStory_300x250_static_Evergreen.jpg
Requested by
Host: 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
URL: https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5277325d5b271b5c4e2386adf6a74b7a9671a58c6c271053247ba01579776cac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 15:16:57 GMT
x-content-type-options
nosniff
last-modified
Wed, 12 Jun 2019 18:22:57 GMT
server
sffe
age
18115
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61905
x-xss-protection
0
expires
Thu, 13 May 2021 15:16:57 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3E05 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Wed, 12 May 2021 15:44:21 GMT
expires
Thu, 12 May 2022 15:44:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
16471
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 687D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B70lCKzicYP7wIK7K7_UP_dC9kAcAAAAAOAHgBAI&bg=!lZalltLNAAY59bwoOfU7ACkAdvg8Wr4XjrqXfmIxK3RipQIyLWeWc9O6nrYXt83LwNE65fyXQtsd9wIAAADBUgAAACpoAQcKAP3ZuHtqYK7T4K5WeHg5XYzVFTQ5zIgYE1ZekVFtXxq7Wh30Jhzm9_tgYh5QR5dZUAnMoV4YGMBwswmVUThPWYKalrRy46Anb5ipnrXcDcEdR8IMBLac9lgslcsfZeUQa9driLxcBz-rRA40JyGAP9s1zr7ogQ-ZWhkbk_M1ABZAvhOn_BNQx5r0UvarE8sRYo2hG3xbwdta7wR4o6py9zw1cC-mOvmuaxXDbLD5jP0K6ZVpoPbeAATejWsGOLWMW_0dXDHSEa0UAZWO2428E-ZZXdUPALHthpUjrzMl5tvhtL39RhgcxMWnNaGCXyLuR7V8C4biuZX0OSkAMq_vmQKW8Pccs8xxQMphjpbmF6j0KbZnllW7FPQrUVLQxA3xZoEAxS0U5inrjDORG3U5MqlJFpCDCaSbGVzV8kq3v7v23_PgI4c3seHans7PzFkXW8aRecrZEjOxKG7snWE0qjw73VIxQAprc2Sb5QINoAo4SBkXH6GBG-PZ5-y4wgJaJIXezUgnvm7ME480HlTzEpmK3t3AMdKHjH5z15kr7a_6Hle3QI04YqAgfr1LFRZ5Xgz8jm24MPOPeQRH1AZl29zJHhhavKHinZFRDYV5Qu7RpihMHraxgjR1odGj8AiZmUEEs5ut56f2yE8iNqWvTLD3Mg1M7xxzuqaElz-K9D1QR52RT5EQ-teYsf_kXN-ROxBwN3X4d4e7y8pRlii9QPRF-qNaFE5mZbdLUJXdZ8aZzAgkHVfkGj_Kt7JMU7ywcW7prAcNcaQBT4y804f_gMnTi-lm2Wu9eHqpEKd5eMUk6kf-wJyhg2iSNcydl9thvrs1xjbPAubUNPsvZjbn41VSD1sij8PuItvTObz64aYg57p1OJC-XRRzZ-VIlcY9d9sg5PiZYseHStQbVXaURfd0txPwYPIG5pOCPXrP565HSOqXziysldSlTGkoeoZUZik5fFLW5k7r3UL9gesVqgEcjVzKeDGhrvPywT6qbOSMmMyrm39HVpCuU-55fYGQ8SYSlmzQJRNa1X8mvk8ZSzCwV0DsofMf--XIn6xL9YEybV41F-h-SH6U32Y6T7WAwX875CtnxpofDIc0jqxA5wstHQ_t8eo7h70tvxengC9JU4Y-5MhdXm1adyTYhEUNYKnQv6TOhQgcizDhjxgYUQiBsEudeXYBkd5i79-W4rsb_FELSBqiwF9T10LQGes6oJ78f2mtOWg
Requested by
Host: 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
URL: https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv-measurements1344.js
cdn.doubleverify.com/ Frame 2CC6 		489 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements1344.js
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5afbad15c6ce4cf38fd292734e6ccbd24e9e873359ce346a02ca7a517ef76c0c

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 20:18:52 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 May 2021 11:37:55 GMT
Server
Microsoft-IIS/10.0
ETag
"802bf1ea9045d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
89955
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C6CA 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
URL: https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 12 May 2021 06:38:34 GMT
expires
Thu, 13 May 2021 06:38:34 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
49218
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame BE91 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0b10aae457249a22d193fe8d492065eb4d8098467db097826b4445e9217a751e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame BE91 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss8W4g2-uakxG3Bc8u5I24bi200mhE95yo1kvNOZnxt0Rb4Rsam0UMMkwthC8W_SeJFItD1Vk7tF5IrYCgoG7vuBX_bUE9AmJnresQFlsBRbtEgjYDPKg6DPhAI6amlAoOr_QOhuMIfEXbOpQYr&sig=Cg0ArKJSzIc5e81QsNLaEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=99&vt=11&dtpt=98&dett=2&cstd=0&cisv=r20210510.48315&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B10224936.280232945;dc_ver=71.205;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3595875767;ord=8y2zo8;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fwww.arnolds.com.br%2Fcurso-ead-com-baixo-investimento%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages$0;xdt=1;crlt=jLCYHRpZSF;osda=2;sttr=42;prcl=s
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 12 May 2021 20:18:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dv-measurements1344.js
cdn.doubleverify.com/ Frame 5E3D 		489 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements1344.js
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5afbad15c6ce4cf38fd292734e6ccbd24e9e873359ce346a02ca7a517ef76c0c

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 20:18:52 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 May 2021 11:37:55 GMT
Server
Microsoft-IIS/10.0
ETag
"802bf1ea9045d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
89955
t2tv7.html
cdn.doubleverify.com/ Frame CE0E 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/t2tv7.html
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1344.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
29f21aea7fc613d2618b70a483e0b4bf50ba3f4ce4109fa429ce580ec57ef991

Request headers

Host
cdn.doubleverify.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/

Response headers

Cache-Control
max-age=946080000
Content-Type
text/html
Last-Modified
Thu, 11 Sep 2014 19:15:16 GMT
Accept-Ranges
bytes
ETag
"0ba3b8f4cdcf1:0"
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
3877
Date
Wed, 12 May 2021 20:18:52 GMT
Connection
keep-alive
visit.js
tps.doubleverify.com/ Frame 2CC6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&brid=97&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D2C%3F%40%3D5D%5D4%40%3E%5D3CTau4FCD%40%5C625%5C4%40%3E%5C32%3AI%40%5C%3A%3FG6DE%3A%3E6%3FE%40TauTbuFE%3E0D%40FC46Tbs72463%40%40%3CTaeFE%3E0%3E65%3AF%3ETbsD%404%3A2%3DTaeFE%3E042%3EA2%3A8%3FTbs72%3FA286DU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D2C%3F%40%3D5D%5D4%40%3E%5D3CTar9EEADTbpTauTaue473df57b63ae__bg5353%60547b7aaa7_%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=772&ddur=8&uid=1620850732213421&jsCallback=dvCallback_1620850732213891&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=0&hist=6&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1344&tgjsver=1344&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=9&brh=6&dvp_epl=406&noc=16&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://www.arnolds.com.br/curso-ead-com-baixo-investimento/&errorURL=https://tps.doubleverify.com/visit.jpg&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0juqUfubKM1mA1yE8YccmvL&DVP_DBM_1=3060631&DVP_DBM_2=11817077&DVP_DBM_3=32228421&DVP_DBM_4=322161041&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=58742128459&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=19998180793.231503&dvp_tukv=93935361775.20721&dvp_uuid=28112941620.607162&dvp_tuid=788583302838&dvp_vcms=42&dvp_slmsd=79&dvp_vcmsd=121
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1344.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.26 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
6063a0619e410a67e0655a6fc6ba4b5b2b13be1c7ea79ce851a2820f4892d5a4

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:52 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
5/11/2021 8:18:52 PM
/
google2waycm.netmng.com/cm/ Frame C6CA 		0
0
pixel
cm.g.doubleclick.net/ Frame C6CA
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEL3vJ59TyjkWlwiEfbNsAtQ&google_cver=1&google_push=AQvitUIJd88Dwj0zmrj2NVHdRGcuP_2wY8hC3QhLd0j9zTF_p6Bq1aEbyQNiu6_wYNfE5ztwfDGLIMV7U2b...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUIJd88Dwj0zmrj2NVHdRGcuP_2wY8hC3QhLd0j9zTF_p6Bq1aEbyQNiu6_wYNfE5ztwfDGLIMV7U2bwshZimYSHH-npSt4&google_hm=VbacfcBPT_qj7QAzhNHCv1c
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUIJd88Dwj0zmrj2NVHdRGcuP_2wY8hC3QhLd0j9zTF_p6Bq1aEbyQNiu6_wYNfE5ztwfDGLIMV7U2bwshZimYSHH-npSt4&google_hm=VbacfcBPT_qj7QAzhNHCv1c
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:52 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUIJd88Dwj0zmrj2NVHdRGcuP_2wY8hC3QhLd0j9zTF_p6Bq1aEbyQNiu6_wYNfE5ztwfDGLIMV7U2bwshZimYSHH-npSt4&google_hm=VbacfcBPT_qj7QAzhNHCv1c
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
clear
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C6CA
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEVy-bl0S7ePnbpBxknaClM&google_cver=1&google_push=AQvitUIj-mThOOxu4_jMnOUD3dwC5LGAota2EtWgD9kpuoP1iiYJIZt72Azeh7I229VQpBTwfQ247OVwSKxgcrHwJA7ar0P...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUIj-mThOOxu4_jMnOUD3dwC5LGAota2EtWgD9kpuoP1iiYJIZt72Azeh7I229VQpBTwfQ247OVwSKxgcrHwJA7ar0PzlCM&google_hm=NjIwMzQ4MTA3MzczNzcwODY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUIj-mThOOxu4_jMnOUD3dwC5LGAota2EtWgD9kpuoP1iiYJIZt72Azeh7I229VQpBTwfQ247OVwSKxgcrHwJA7ar0PzlCM&google_hm=NjIwMzQ4MTA3MzczNzcwODYyNw%3D%3D
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 12 May 2021 20:18:52 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUIj-mThOOxu4_jMnOUD3dwC5LGAota2EtWgD9kpuoP1iiYJIZt72Azeh7I229VQpBTwfQ247OVwSKxgcrHwJA7ar0PzlCM&google_hm=NjIwMzQ4MTA3MzczNzcwODYyNw%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C6CA
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESELRb5DNYTg5wuIi5G1pi_OQ&google_cver=1&google_push=AQvitUJbElYQdx1qiIzT3niblLa8gaePmxCPoE7C5oZI6rgvjZ5YXv0gc12PPM4Z9P2zfRxEo7ioQYXZhiePQ...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESELRb5DNYTg5wuIi5G1pi_OQ&google_push=AQvitUJbElYQdx1qiIzT3niblLa8gaePmxCPoE7C5oZI6rgvjZ5YXv0gc12PPM4Z9P2zfRxEo7ioQYXZhiePQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AQvitUJbElYQdx1qiIzT3niblLa8gaePmxCPoE7C5oZI6rgvjZ5YXv0gc12PPM4Z9P2zfRxEo7ioQYXZhiePQlcD7bBJ-Usst1w&google_hm=M1BiV3U0N0wwWGtBUXIze...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AQvitUJbElYQdx1qiIzT3niblLa8gaePmxCPoE7C5oZI6rgvjZ5YXv0gc12PPM4Z9P2zfRxEo7ioQYXZhiePQlcD7bBJ-Usst1w&google_hm=M1BiV3U0N0wwWGtBUXIzeTJmT3E=
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:52 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AQvitUJbElYQdx1qiIzT3niblLa8gaePmxCPoE7C5oZI6rgvjZ5YXv0gc12PPM4Z9P2zfRxEo7ioQYXZhiePQlcD7bBJ-Usst1w&google_hm=M1BiV3U0N0wwWGtBUXIzeTJmT3E=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
235
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C6CA
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEP...
  • https://sync.targeting.unrulymedia.com/csync/RX-f837402a-6524-46ed-9ded-317ec23abf9f-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAQvitUKMcPw9VMdtp_yGkmPOZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitUKMcPw9VMdtp_yGkmPOZaAFhn7MewNqQ6HwxGUMwHcYAMVwsaKE4B__1_sMP6mswJbIX4VdipfYp6WkjpptX4piS97mHTA&google_hm=A_g3QCplJEbtne0xfsI6v58
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitUKMcPw9VMdtp_yGkmPOZaAFhn7MewNqQ6HwxGUMwHcYAMVwsaKE4B__1_sMP6mswJbIX4VdipfYp6WkjpptX4piS97mHTA&google_hm=A_g3QCplJEbtne0xfsI6v58
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitUKMcPw9VMdtp_yGkmPOZaAFhn7MewNqQ6HwxGUMwHcYAMVwsaKE4B__1_sMP6mswJbIX4VdipfYp6WkjpptX4piS97mHTA&google_hm=A_g3QCplJEbtne0xfsI6v58
date
Wed, 12 May 2021 20:18:52 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXf837402a652446ed9ded317ec23abf9f003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame C6CA
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEJ2WncFsgnzgNB-b_ugUD_8&google_cver=1&google_push=AQvitUIecZIROoXp0p4V-4eNHOBvJ522qrmI6W6vfpmw_bcDVWEyHrF5ssm2ertTArLENTwPt7kVzc68EhLipP0au2sERoUibro
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjYzODUyMzMyNjA5MTk2MzAwMFYxMA%3d%3d&mn_hm=MjYzODUyMzMyNjA5MTk2MzAwMFYxMA%3d%3d&google_sc=1&google_push=AQvitUIecZIROoXp0p4V-4eNHOBvJ52...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjYzODUyMzMyNjA5MTk2MzAwMFYxMA%3d%3d&mn_hm=MjYzODUyMzMyNjA5MTk2MzAwMFYxMA%3d%3d&google_sc=1&google_push=AQvitUIecZIROoXp0p4V-4eNHOBvJ522qrmI6W6vfpmw_bcDVWEyHrF5ssm2ertTArLENTwPt7kVzc68EhLipP0au2sERoUibro
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:52 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjYzODUyMzMyNjA5MTk2MzAwMFYxMA%3d%3d&mn_hm=MjYzODUyMzMyNjA5MTk2MzAwMFYxMA%3d%3d&google_sc=1&google_push=AQvitUIecZIROoXp0p4V-4eNHOBvJ522qrmI6W6vfpmw_bcDVWEyHrF5ssm2ertTArLENTwPt7kVzc68EhLipP0au2sERoUibro
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html
Content-Length
154
X-MNET-HL2
E
Expires
Wed, 12 May 2021 20:18:52 GMT
/
cc.adingo.jp/adx/push/ Frame C6CA 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEFK4ZucUv5bN8_1RuUyxgKY&google_cver=1&google_push=AQvitUIPpZ1skZTW5QSLLakEc7cfLcpVbL-nCQa_Clh43Y31yb9MvP3JSlKEKnt_G3IAT5MaseB7xToNtmJTih9vJhVmAq3Dfw
Requested by
Host: 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
URL: https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.69.69.122 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-69-69-122.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:52 GMT
server
awselb/2.0
attr
cm.g.doubleclick.net/pixel/ Frame C6CA 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KmYMDG6jksp1F0jcEG236Z3sRqqbnilGDt63ZOGuDry2SJIuknfqvMgCxKnCj3WbG6rvLj
Requested by
Host: 6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
URL: https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:52 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
eO7zG6GhPbnIN9dahbnWn5817R3A2AWEjlpR17NmnVM.js
pagead2.googlesyndication.com/bg/ Frame 3E05 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/eO7zG6GhPbnIN9dahbnWn5817R3A2AWEjlpR17NmnVM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78eef31ba1a13db9c837d75a85b9d69f9f35ed1dc0d805848e5a51d7b3669d53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 15:10:15 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 09:28:00 GMT
server
sffe
age
18517
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5642
x-xss-protection
0
expires
Thu, 12 May 2022 15:10:15 GMT
t2tv7.html
cdn.doubleverify.com/ Frame A036 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/t2tv7.html
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1344.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
29f21aea7fc613d2618b70a483e0b4bf50ba3f4ce4109fa429ce580ec57ef991

Request headers

Host
cdn.doubleverify.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/

Response headers

Cache-Control
max-age=946080000
Content-Type
text/html
Last-Modified
Thu, 11 Sep 2014 19:15:16 GMT
Accept-Ranges
bytes
ETag
"0ba3b8f4cdcf1:0"
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
3877
Date
Wed, 12 May 2021 20:18:52 GMT
Connection
keep-alive
visit.js
tps.doubleverify.com/ Frame 5E3D 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&brid=97&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D2C%3F%40%3D5D%5D4%40%3E%5D3CTau4FCD%40%5C625%5C4%40%3E%5C32%3AI%40%5C%3A%3FG6DE%3A%3E6%3FE%40TauTbuFE%3E0D%40FC46Tbs72463%40%40%3CTaeFE%3E0%3E65%3AF%3ETbsD%404%3A2%3DTaeFE%3E042%3EA2%3A8%3FTbs72%3FA286DU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D2C%3F%40%3D5D%5D4%40%3E%5D3CTar9EEADTbpTauTaue473df57b63ae__bg5353%60547b7aaa7_%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=772&ddur=8&uid=1620850732277785&jsCallback=dvCallback_1620850732277591&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=0&hist=6&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=1344&tgjsver=1344&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=9&brh=6&dvp_epl=406&noc=16&ctx=13311291&cmp=10224936&sid=2641434&plc=280232945&crt=117630481&btreg=315303753&btadsrv=doubleclick&adsrv=1&advid=2276943&errorURL=https://tps.doubleverify.com/visit.jpg&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=19998180793.231503&dvp_tukv=224038889177.6093&dvp_uuid=975511597458.7322&dvp_tuid=511906850600&dvp_vcms=7&dvp_slmsd=97&dvp_vcmsd=104
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1344.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.26 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f97b785e2507e11a5bf6c1e5df26294847eae035bf7803d2c760b57d2ef9b5ed

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:52 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
5/11/2021 8:18:52 PM
bootstrap.min.css
cmsstorage.rationalcdn.com/assets/ps/assets/common/bootstrap/css/ Frame BECE 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/bootstrap/css/bootstrap.min.css
Requested by
Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8878fe76a9d5f812136977a768b0292a70190104050ce601f84fd75c92c2f35d

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:52 GMT
content-encoding
gzip
last-modified
Thu, 12 Nov 2015 11:26:08 GMT
server
Apache
etag
"54f2-5245635907400"
ntcoent-length
21746
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
private, max-age=1036464
accept-ranges
bytes
content-length
4529
lib.js
cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/ Frame BECE 		117 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/lib.js?v=2
Requested by
Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
70bf070ead0b1c4728fa295b5e98b14cf9b228c8ede128e726d4311654fcc585

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:52 GMT
content-encoding
gzip
last-modified
Mon, 15 Feb 2021 15:15:47 GMT
server
Apache
etag
"1d377-5bb6175da0ec0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
42733
config.js
cmsstorage.rationalcdn.com/assets/ps/assets/data/ps_fr/fr-fr/ Frame BECE 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/data/ps_fr/fr-fr/config.js
Requested by
Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
17f6fa3cc46268f4a92b14ed0fea88e2bacd267e45a9e2fee03b1d23f6d4c3c0

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:52 GMT
content-encoding
gzip
last-modified
Fri, 26 Feb 2021 11:05:01 GMT
server
Apache
etag
"4d9b-5bc3b3d4b7140"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
7686
casino.assetwrapper.js
cmsstorage.rationalcdn.com/assets/psc/assets/common/scripts/cross-ux/ Frame BECE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmsstorage.rationalcdn.com/assets/psc/assets/common/scripts/cross-ux/casino.assetwrapper.js
Requested by
Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
64796d852c2396b0cf83789e9047c36eb71ce0226ac63214f453b4548f42e021

Request headers

Origin
https://www.pokerstars.fr
Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:52 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 09:30:51 GMT
server
Apache
etag
"83e-5b62cf2bf68c0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
865
cvl-active.js
cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/cross-ux/ Frame BECE 		2 KB
878 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/cross-ux/cvl-active.js
Requested by
Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
37406e702700804191263694d80f23af99441f8f2add8d30d9c176265c9daa0e

Request headers

Origin
https://www.pokerstars.fr
Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:52 GMT
content-encoding
gzip
last-modified
Mon, 22 May 2017 08:28:36 GMT
server
Apache
etag
"8e8-55018a843b500"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
696
ps_fr_fr-fr.js
cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/disclaimers/ Frame BECE 		877 B
623 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/disclaimers/ps_fr_fr-fr.js
Requested by
Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e4c3b59466d13fef50931da0ed0e2c1bd056e8f039e56518c2a2a9345e25903e

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:52 GMT
content-encoding
gzip
last-modified
Fri, 17 Jul 2020 09:23:11 GMT
server
Apache
etag
"36d-5aa9fb4a83dc0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
441
PstrkIdManager.js
cmsstorage.rationalcdn.com/assets/ps/assets/tracking/ Frame BECE 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/tracking/PstrkIdManager.js
Requested by
Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7860b542cd2448a7ff2601a39d8817bf569fe078d2518e40236030abce5310da

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:52 GMT
content-encoding
gzip
last-modified
Mon, 08 Feb 2021 15:55:57 GMT
server
Apache
etag
"3a45-5bad5349c1d40"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
4985
homepage.css
cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/ Frame BECE 		150 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Requested by
Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c386b69e4c54964f15246a1cb3d4efb96ac0ab0f59470d5065eaa27a342fd4b1

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cteonnt-length
153920
date
Wed, 12 May 2021 20:18:52 GMT
content-encoding
gzip
last-modified
Mon, 19 Apr 2021 15:23:45 GMT
server
Apache
etag
"25940-5c054ea586240"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
private, max-age=455256
accept-ranges
bytes
content-length
16620
css
fonts.googleapis.com/ Frame BECE 		8 KB
713 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,greek,vietnamese
Requested by
Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 12 May 2021 18:55:48 GMT
server
ESF
date
Wed, 12 May 2021 20:18:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 12 May 2021 20:18:52 GMT
ps_fr_fr-fr.css
cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/overrides/ Frame BECE 		431 B
445 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/overrides/ps_fr_fr-fr.css
Requested by
Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b5165a914ca774a589ce760277f4ca8349ce32695d3aef8b17626e57db6d46b2

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cteonnt-length
431
date
Wed, 12 May 2021 20:18:52 GMT
content-encoding
gzip
last-modified
Mon, 18 Mar 2019 09:23:46 GMT
server
Apache
etag
"1af-5845af206ac80"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
private, max-age=515563
accept-ranges
bytes
content-length
256
neymar-jr-x-pokerstars-im-in-loading-frame.jpg
cmsstorage.rationalcdn.com/assets/ps/assets/common/videos/ Frame BECE 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/videos/neymar-jr-x-pokerstars-im-in-loading-frame.jpg
Requested by
Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
833bb31eaced083c33e1b530071651282ff53c264685496720726515aea5f1c4

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:52 GMT
last-modified
Wed, 14 Apr 2021 15:52:28 GMT
server
Apache
etag
"a6ed-5bff0bbd66700"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
42733
community-twitch.jpg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/global-one-col/ Frame BECE 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/global-one-col/community-twitch.jpg
Requested by
Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d8453c0d4be5e4379a0620dc5c8a7a1d3a410a5f78ba0c379c5b840f7d9ae19c

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:52 GMT
last-modified
Tue, 20 Oct 2020 07:12:00 GMT
server
Apache
etag
"a044-5b214f26ef000"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
41028
community-ambassadors.jpg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/global-one-col/ Frame BECE 		156 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/global-one-col/community-ambassadors.jpg
Requested by
Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8461d16dc5f56ee0d99897735abac9c47be6d3808e47a967ba546f69b89a2215

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:52 GMT
last-modified
Mon, 25 Jan 2021 15:08:45 GMT
server
Apache
etag
"26f32-5b9baea07f940"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
159538
facebook.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/ Frame BECE 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/facebook.svg
Requested by
Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6aa11e842888cd75c787ba6e59d03d8139f93af3da4876c39b7d1600124a126c

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:52 GMT
content-encoding
gzip
last-modified
Tue, 27 Nov 2018 11:38:33 GMT
server
Apache
etag
"774-57ba3e3a9e040"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
913
twitter.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/ Frame BECE 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/twitter.svg
Requested by
Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5ff86f271c2c50f1074477420ba9679ed243b281f5cfb7f66129bdf5eea43c24

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:52 GMT
content-encoding
gzip
last-modified
Tue, 27 Nov 2018 11:38:34 GMT
server
Apache
etag
"a1a-57ba3e3b92280"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
1080
youtube.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/ Frame BECE 		1 KB
895 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/youtube.svg
Requested by
Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3bca67455c27a03bbaa0a91d29cbf8d2080c9c46e81f914d380528dd2e8c23cb

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:52 GMT
content-encoding
gzip
last-modified
Tue, 27 Nov 2018 12:48:01 GMT
server
Apache
etag
"573-57ba4dc188240"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
718
twitch.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/ Frame BECE 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/twitch.svg
Requested by
Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4bfcd81b1c8cb16dbef3943b9e226283221681bd87a4ebd2ffd169bcd9586597

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:52 GMT
content-encoding
gzip
last-modified
Tue, 27 Nov 2018 11:38:34 GMT
server
Apache
etag
"8cb-57ba3e3b92280"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
993
instagram.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/ Frame BECE 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/instagram.svg
Requested by
Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
de2d174b8956ce02c80601c3f05b3033fd83b4607df0b2700b919d9d12653365

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:52 GMT
content-encoding
gzip
last-modified
Tue, 27 Nov 2018 11:38:33 GMT
server
Apache
etag
"6b7-57ba3e3a9e040"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
899
starscrm.config.json
starscrm.com/ Frame BECE 		77 B
428 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://starscrm.com/starscrm.config.json?bust=1620850732473
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/psc/assets/common/scripts/cross-ux/casino.assetwrapper.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.87.179.68 Douglas, Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
Apache /
Resource Hash
0977875c5974eb789be0e9ffe818ec53a6c9a67cb9a22390b618b8316e9a5c5a

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 20:18:52 GMT
Last-Modified
Tue, 19 Jan 2021 15:53:51 GMT
Server
Apache
MyHeader
member143
ETag
"4d-5b942d84601c0"
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With
Content-Length
77
Keep-Alive
timeout=15, max=84
tag.js
s.btstatic.com/ Frame BECE 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.btstatic.com/tag.js
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/tracking/PstrkIdManager.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.248.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-248-191.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5c2b76989e49a2bd8c651a35634fd43081b13bde1a6385fb8e36dccc1d0d42d8

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
M1.rBdFPkYUZAqbwA8PPsZwez29wDB5e
Content-Encoding
gzip
Last-Modified
Wed, 31 Mar 2021 18:58:47 GMT
Server
nginx
ETag
"00faca760dbffa8181ab5101a52189e7"
Vary
Accept-Encoding
P3P
CP=NOI DSP COR NID
Cache-Control
max-age=14400
Date
Wed, 12 May 2021 20:18:52 GMT
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
12525
js
pixel.mathtag.com/sync/ Frame BECE 		252 B
722 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/sync/js?cs_jsonp=pstrkIdManager.mmUuidSync&mt_nsync=1
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/tracking/PstrkIdManager.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 3709 11aaa92 master cdg-pixel-x26 /
Resource Hash
2e3c5fd0bbb406ec3f90bbf6f1b24eae2daa26c63e2540e87e3d2174d6fe69f2

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 20:18:52 GMT
Server
MT3 3709 11aaa92 master cdg-pixel-x26
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
252
Expires
Wed, 12 May 2021 20:18:19 GMT
require.min.js
cashier.rationalcdn.com/common/libs-2.1.20/ Frame BECE 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cashier.rationalcdn.com/common/libs-2.1.20/require.min.js
Requested by
Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
14a4c5164ea7f47bccc702e8e5744681e8aa0a21d513a820e231f3d921e14c0b

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:52 GMT
content-encoding
gzip
last-modified
Sun, 04 Sep 2016 11:39:34 GMT
server
Apache
etag
"3cc8-53bad04796980"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With
content-length
6356
languages.xml
cmsstorage.rationalcdn.com/assets/ps/assets/data/ps_fr/ Frame BECE 		202 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/data/ps_fr/languages.xml?&sid=0.3460941613480757
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f6180ec8dad060e65f3bb68c012b470991995f085d7b5f88db7144ce3a8d6315

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:52 GMT
last-modified
Thu, 30 Jan 2020 09:42:27 GMT
server
Apache
etag
"ca-59d58466106c0"
content-type
application/xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
202
poker.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/vertical-logos/fr/light/ Frame BECE 		1 KB
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/vertical-logos/fr/light/poker.svg
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
753762eeff1ec98559aa23c079a432371c4372febd6e1a793697e7433b10089d

Request headers

Referer
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:52 GMT
content-encoding
gzip
last-modified
Tue, 30 Mar 2021 12:04:20 GMT
server
Apache
etag
"5df-5bebfcc597900"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
666
sports.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/vertical-logos/fr/light/ Frame BECE 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/vertical-logos/fr/light/sports.svg
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
49ff25377c9095e869fdab343f47198c2b8d5be7b3fb8b818b650985c152c24b

Request headers

Referer
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:52 GMT
content-encoding
gzip
last-modified
Tue, 30 Mar 2021 12:04:21 GMT
server
Apache
etag
"97a-5bebfcc68bb40"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
1086
bars.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/ Frame BECE 		1 KB
642 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/bars.svg
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c714ebb416fa0b15b725220bca8fbe1cbe2899605b8ef833f1de1f4f66169122

Request headers

Referer
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:52 GMT
content-encoding
gzip
last-modified
Fri, 27 Jul 2018 08:53:19 GMT
server
Apache
etag
"501-571f73e431dc0"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
465
poker-m.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/ Frame BECE 		2 KB
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/poker-m.svg
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dbad85147b47c3c3e23ec704c9e572676c3b4481eff7e77b6765fea11f252b9d

Request headers

Referer
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:52 GMT
content-encoding
gzip
last-modified
Fri, 27 Jul 2018 09:08:36 GMT
server
Apache
etag
"69c-571f774eb6d00"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
763
close-black.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/ Frame BECE 		1 KB
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/close-black.svg
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c65c4b1dcc3c11c6915571a25e4fe32162717f669d2cfa28517285b17bf2cdc6

Request headers

Referer
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:52 GMT
content-encoding
gzip
last-modified
Fri, 27 Jul 2018 08:53:19 GMT
server
Apache
etag
"54b-571f73e431dc0"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
597
close.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/ Frame BECE 		1 KB
775 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/close.svg
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
37dd1e25d8ce3db5ce2d3a76064ee6063058bbd5f1555ea55ad002d083402dc7

Request headers

Referer
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:52 GMT
content-encoding
gzip
last-modified
Wed, 25 Apr 2018 14:08:23 GMT
server
Apache
etag
"54b-56aaccdc963c0"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
598
poker.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/360/ Frame BECE 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/logos/360/poker.svg
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
137e4d3d675eaf33f19407ccb1b72948d5669883329c020103f551c7a463fc4f

Request headers

Referer
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:52 GMT
content-encoding
gzip
last-modified
Tue, 21 Jan 2020 09:18:30 GMT
server
Apache
etag
"c82-59ca2e427c580"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
1380
questionmark.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/ Frame BECE 		1 KB
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/questionmark.svg
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9758131604411364017f6f7e517a004fd46c54ff8dc605d4c2af7ee42e2a8400

Request headers

Referer
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:52 GMT
content-encoding
gzip
last-modified
Fri, 27 Jul 2018 08:53:19 GMT
server
Apache
etag
"594-571f73e431dc0"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
755
right-arrow.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/ Frame BECE 		1 KB
813 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/right-arrow.svg
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
781f29dcc6e03cbf0c62e3a9b0956dd06447878e5e0ed38ed349fabcd9c4b2d4

Request headers

Referer
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:52 GMT
content-encoding
gzip
last-modified
Fri, 27 Jul 2018 08:53:19 GMT
server
Apache
etag
"537-571f73e431dc0"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
636
down-arrow.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/ Frame BECE 		1 KB
814 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/menu/down-arrow.svg
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bd205ffe59aa5dbad8d578251c5f0a3af93f88dafaa33628f00d99ffc3eca7c4

Request headers

Referer
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:52 GMT
content-encoding
gzip
last-modified
Fri, 27 Jul 2018 08:53:19 GMT
server
Apache
etag
"533-571f73e431dc0"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
637
footer-small.png
s4.rationalcdn.com/img/bg/estate/ Frame BECE 		109 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s4.rationalcdn.com/img/bg/estate/footer-small.png
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/homepage.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
84aa17f8bd026a331b01dd69bd992c95ce09df60557637f4e5fbad466338b86c

Request headers

Referer
https://cmsstorage.rationalcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:52 GMT
last-modified
Fri, 09 Apr 2021 14:58:50 GMT
server
AkamaiNetStorage
etag
"9aadd769e4bbf2669df3e4de51d9d751:1617980330.571575"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
112066
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame BECE 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,greek,vietnamese
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.pokerstars.fr
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 May 2021 04:23:23 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
age
316529
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
expires
Mon, 09 May 2022 04:23:23 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame BECE 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,greek,vietnamese
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.pokerstars.fr
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 01:43:32 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
585320
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Fri, 06 May 2022 01:43:32 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame BECE 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,greek,vietnamese
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.pokerstars.fr
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 15:35:29 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
535403
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Fri, 06 May 2022 15:35:29 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame BECE 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,greek,vietnamese
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.pokerstars.fr
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 00:12:11 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
age
158801
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
expires
Wed, 11 May 2022 00:12:11 GMT
resolveurls
ram.pokerstars.fr/ram/info/ Frame BECE 		143 B
964 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ram.pokerstars.fr/ram/info/resolveurls?tag=starsrewards_widgetservice
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/cross-ux/cvl-active.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.87.177.43 Isle of Man, Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
app server /
Resource Hash
33fced4e196b8568ac416675e55f9fdbd36cc9c69ade70f52a527c4d28ce2f75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 20:18:52 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
122
X-XSS-Protection
1; mode=block
Pragma
no-cache, no-store
Access-Control-Allow-Headers
Content-Type
Server
app server
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://www.pokerstars.fr
Cache-Control
private, no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=15, max=200
Expires
-86400
message.gif
www.pokerstars.fr/assets/ps/assets/images/disclaimers/ps_fr_fr-fr/ Frame BECE 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pokerstars.fr/assets/ps/assets/images/disclaimers/ps_fr_fr-fr/message.gif
Requested by
Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.211.98.226 Isle of Man, Isle Of Man, ASN48536 (FILCO-AS, IM),
Reverse DNS
98-226.colo.sta.blacknight.ie
Software
Apache /
Resource Hash
c599798790711ad487b577ecd4d6e6855040b17df7a10da56a2b432002f583f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 20:18:52 GMT
Last-Modified
Fri, 05 Apr 2019 13:13:28 GMT
Server
Apache
ETag
"f791-585c840a40e00"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=120
Content-Length
63377
neymar-jr-x-pokerstars-im-in.mp4
cmsstorage.rationalcdn.com/assets/ps/assets/common/videos/ Frame BECE 		4 MB
4 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/common/videos/neymar-jr-x-pokerstars-im-in.mp4
Requested by
Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4c982dbd0f03686fdfc032071b10af5df1570978367f0cac80334137f8dc8686

Request headers

Referer
https://www.pokerstars.fr/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 12 May 2021 20:18:52 GMT
last-modified
Wed, 14 Apr 2021 15:52:34 GMT
server
Apache
access-control-allow-origin
*
etag
"4760fe-5bff0bc31f480"
content-type
video/mp4
Content-Range
bytes 0-4677885/4677886
cache-control
public, max-age=84600
accept-ranges
bytes
Content-Length
4677886
tag
s.thebrighttag.com/ Frame BECE 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.thebrighttag.com/tag?site=G58M8eX&referrer=https%3A%2F%2Fwww.pokerstars.fr%2F&docReferrer=https%3A%2F%2Flp.clevernetwork.pt%2F&H=-35nia2i
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.228.243.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-243-159.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5a1ba43aaa7c8823c05f3ca908146bb2c550bf031c5bfc2a4aaf098a224dc190

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:53 GMT
content-encoding
gzip
Server
nginx
ETag
8507796c79cc44968bcae82926c672ba
P3P
CP=NOI DSP COR NID
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Type
text/javascript
Content-Length
5704
X-BT-RequestId
4540ed01-b35f-11eb-8ffc-0000ac150979
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3E05 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqTjhKzicYPD5O9vG7_UPnu2X8AEAAAAAOAHgBAI&bg=!4OOl46fNAAY59bwoOfU7ACkAdvg8WvPLEmQ252pRoXHx0OAlOHmEP-h0n3L1TbKBb1fZ4tOjIPjmcwIAAAC-UgAAAEVoAQcKAMh3MXGI0Ac3C2OhNq4zuUnMKc_F6WIdNQ6BFrk1WniYQHzL5knAl2eLHTAkhN97-d1KnpRvoQ3GSFQUo90gwz7ELh0ZzMglMZ4APM_eLd3vxAPAJL7REnmxCDD4EUAKhgTJm4FooP1z6yhqzWLEh4SS6RZuQIed8sfgJZ_rgKWZAGbYbEdb0h9MQ8QmCEJZBtBMrFIUmZJiKyWafzQwuyAiy33urzkaPdJBjELaboI4zRp1N87gZ7f89GR5-8p_-OPUNZeWatH25ZkClmih04TYxq7IBWJnnQ3rcFmTEh-Ydg8JfUckyZiGkBSdnaIMdg0NKlIO3tFLIU6anVlGiQhWARBOrmBBuXdIJrPHeBYYK-Sa2iXBJ1owb5MUak6baquRoWE3iA4kAFg4GMouGFJV88WHBi7kYAim1bUHXJchu7pyaRBU_teqRibfgfNd1jMFt8hCV5z-hfNrN0jB4JlerP3r6YhFsGAAKGWhon6w7QmQtfzU-1z9L8YlzeCRuwIdebRICfIDMRq4wLi1DGONFp7q0ZHKOgMRge0Xt5yVnyTxn0OWW-pQVSriabXJbrlw1ByMS8EYQYC0I2-BrVznH1HP2H6ZFHtLmaLC2vbrCUOHMwfFT3G33L6hhRG4xLRG8K5YtyC8Ez8Nct-uZ37FIYCOXRltFuyJuLj2rXdRqJ66e3pOm6M66me79Y8C8XeRkCdUZdcC2ai2g87PX3g5C2GjfoHlmriyw1QAVvAv8pDYQwxKFRVPwtyYBJCFqQk_N2MXtl2osLtJ3rfZGTYChpy6ksizgnYHUQVhiWCKW0-angeV9Cnht6sRA1LerwJscQSOox7PpIita5oy0byrXMCSOYtopMsv2azpClevX-tf-FrEzAXFhMnaYVnpbzcnSOBHpaZzzmgWoqdJBovV_Se0ZRbt-SHP30oyh0LwCqBNMzzkHwqdTaLBKM0N-P2r33u4-YVGc5FAa_gdKwrSCe2lq6nisOx-rZQCO1SEDrSzHSyv_oOcMNQOVghwCToRyNbscGSjCeod2wzfnvjbXb8jz_QknQLA-vHQDYw0H38VZy_dKNsjlIYyZKlhuZSw3RQ3Tw8K-zk0hrNAR8HAgzjcVhy2bJ36PaQj_alpGlXvMzgcZHuXRdVLjeX-e5p4
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ram-config.js
ram.pokerstars.fr/ Frame BECE 		1 KB
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ram.pokerstars.fr/ram-config.js
Requested by
Host: cashier.rationalcdn.com
URL: https://cashier.rationalcdn.com/common/libs-2.1.20/require.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.87.177.43 Isle of Man, Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
Apache /
Resource Hash
c6a6969faa6758280de3def1e560ce3e6363efa22c1e2215bba6626cf02187fd

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 20:18:53 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 May 2021 17:19:01 GMT
Server
Apache
ETag
"4a6-5c21117146b40"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=200
Content-Length
533
resolveurls
ram.pokerstars.fr/ram/info/ Frame BECE 		131 B
963 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ram.pokerstars.fr/ram/info/resolveurls?tag=starsrewards_widget
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/cross-ux/cvl-active.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.87.177.43 Isle of Man, Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
app server /
Resource Hash
327d787d84d02c84f75a9b130f7e778bb25ab8994fdd3b6ed2665667fdbe27fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 20:18:52 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
121
X-XSS-Protection
1; mode=block
Pragma
no-cache, no-store
Access-Control-Allow-Headers
Content-Type
Server
app server
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://www.pokerstars.fr
Cache-Control
private, no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=15, max=199
Expires
-86400
bundle-prod.min.js
cashier.rationalcdn.com/starscrm/2.1.37/ Frame BECE 		189 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cashier.rationalcdn.com/starscrm/2.1.37/bundle-prod.min.js
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/psc/assets/common/scripts/cross-ux/casino.assetwrapper.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
edb0e4cf9be90dfbe2da6e6415afb682a484cfeba0869c89a94345e2ba0ae3a0

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:53 GMT
content-encoding
gzip
last-modified
Tue, 19 Jan 2021 15:53:51 GMT
server
Apache
etag
"2f447-5b942d84601c0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With
content-length
63286
a0e0a2ff7ef8bd1133b01d9a743feb46beda5723.js
s.btstatic.com/lib/ Frame BECE 		40 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.btstatic.com/lib/a0e0a2ff7ef8bd1133b01d9a743feb46beda5723.js?v=2
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.248.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-248-191.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
62d354ffc611b04d6f424a170012a988fefe4618084f17c78a529c4408f46285

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
Date
Wed, 12 May 2021 20:18:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Jan 2021 15:48:35 GMT
Server
nginx
ETag
"d3c668fbc6a8b84cc3cdf91b0af1b3b3"
Vary
Accept-Encoding
P3P
CP=NOI DSP COR NID
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
3617
srwrds-path.js
rewards.starsaccount.com/widget/ Frame BECE 		74 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rewards.starsaccount.com/widget/srwrds-path.js
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/cross-ux/cvl-active.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.87.178.197 Isle of Man, Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
Apache /
Resource Hash
bb5d1db6d78b21c1385f6a441190a9d740dcf041b33b03de9f94f3b12670f479

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 20:18:53 GMT
Last-Modified
Wed, 31 Mar 2021 16:18:01 GMT
Server
Apache
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
MyHeader
member143
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=198
Content-Length
74
analytics.js
www.google-analytics.com/ Frame BECE 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/lib/a0e0a2ff7ef8bd1133b01d9a743feb46beda5723.js?v=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
6721
date
Wed, 12 May 2021 18:26:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Wed, 12 May 2021 20:26:52 GMT
trk.core.idm.js
www.psimg.com/ga/ Frame BECE 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.psimg.com/ga/trk.core.idm.js
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/lib/a0e0a2ff7ef8bd1133b01d9a743feb46beda5723.js?v=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.87.180.198 Isle of Man, Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
Apache /
Resource Hash
cace0a2687006def3765aa8443ffc58d003a1897b6d69abcff0d4a3112c45ec3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 20:18:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Aug 2020 13:38:58 GMT
Server
Apache
ETag
"4090-5ac8613a6e94f-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=232
Content-Length
6009
local.fr.js
www.psimg.com/ga/assets/ Frame BECE 		718 B
1016 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.psimg.com/ga/assets/local.fr.js
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/lib/a0e0a2ff7ef8bd1133b01d9a743feb46beda5723.js?v=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.87.180.198 Isle of Man, Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
Apache /
Resource Hash
0f6e4971e9abc1b9dc2c07443fad139572e6508ace2706acef037b348a3d968c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 20:18:53 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Fri, 26 Jun 2015 09:09:58 GMT
Server
Apache
ETag
"2ce-519681aa70580-gzip"
Strict-Transport-Security
max-age=31536000
Content-Language
fr
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Keep-Alive
timeout=5, max=230
Content-Length
428
83539b7e8cea2296f498f1910b4810156f08e280.js
s.btstatic.com/lib/ Frame BECE 		1 KB
654 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.btstatic.com/lib/83539b7e8cea2296f498f1910b4810156f08e280.js?v=2
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.248.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-248-191.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
71d5e02da18d269fd345e5741358606a56af9c4709a53185242d5989b78abc1c

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 20:18:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Mar 2019 17:13:53 GMT
Server
nginx
ETag
"3d9b2a273f38ae9a6f683c41a0590a20"
Vary
Accept-Encoding
P3P
CP=NOI DSP COR NID
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
292
vendor.js
cashier.rationalcdn.com/ram/2.2.103/ Frame BECE 		208 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cashier.rationalcdn.com/ram/2.2.103/vendor.js
Requested by
Host: cashier.rationalcdn.com
URL: https://cashier.rationalcdn.com/common/libs-2.1.20/require.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7836cf85eaa098ab43a96109a682e08f077eba5ee7451866040d47417724d6bb

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:53 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 16:22:32 GMT
server
Apache
etag
"33f84-5c1bfd5bf01bc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With
content-length
72739
b2e63ccb7863279b58e183884d5de07935db8fc9.js
s.btstatic.com/lib/ Frame BECE 		165 B
507 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.btstatic.com/lib/b2e63ccb7863279b58e183884d5de07935db8fc9.js?v=2
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.248.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-248-191.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c452dbda60c56a8e6583f9d582b02c1a7bd39e437bf137bf076cd41bd9725533

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 20:18:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Mar 2019 17:15:21 GMT
Server
nginx
ETag
"26753accd559a9a1bc40c1444e8a299f"
Vary
Accept-Encoding
P3P
CP=NOI DSP COR NID
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
145
ram.js
cashier.rationalcdn.com/ram/2.2.103/ Frame BECE 		2 MB
419 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cashier.rationalcdn.com/ram/2.2.103/ram.js
Requested by
Host: cashier.rationalcdn.com
URL: https://cashier.rationalcdn.com/common/libs-2.1.20/require.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c7709f9611aaf18e144390095b8d93d82cfb60f704fe277ebb96bdfaa9d05718

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:53 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 16:22:32 GMT
server
Apache
etag
"1c2b02-5c1bfd5bef9ec"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With
content-length
428264
activeview
pagead2.googlesyndication.com/pcs/ Frame BE91 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssFuzuome9UGtoknQsQBKb_XryWUk4BktLf-H6xvh1Sbjs0LhOUfP3rbUfM4SUGa5-T8ST_MnBg6DldzxknsDMot4Onr3q-9rB2pdrp5967aLaev_iaZBNj5fFbEQ&sai=AMfl-YTzEP_vM6gJEF179SKLrJW-cKGBRbQD_Mr1tij2RVYcTlNBDJsM3bRlb-9X-IFwdCS-O8LazrCZKaKiTGx2c_jh27kfwct7VaPQ-8RR_1X03WI1Qkrf7YjcdNo&sig=Cg0ArKJSzLl2CLi2BYLPEAE&cid=CAASEuRoxvuWZ60XdsBaeNbYVHPQKg&id=lidar2&mcvt=1001&p=340,410,594,710&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20210510&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=1722908959&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1620850731284&dlt=37&rpt=1&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BE91 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsufcn4CBmyUB42_O69cTNPmNWVOpOZd5TWMO2DzfQdP3igpAMiz5QEYuBe9fiiJH11po-DcCF_J1bJhOung18w&sig=Cg0ArKJSzLhKl8sINU4dEAE&id=lidar2&mcvt=1003&p=0,0,250,300&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20210510&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=32&adk=3595875767&rs=6&la=0&cr=0&vs=4&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a9f6f2226caa736f24989b8d804c241eb722c9e5.js
s.btstatic.com/lib/ Frame BECE 		159 B
507 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.btstatic.com/lib/a9f6f2226caa736f24989b8d804c241eb722c9e5.js?v=2
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.248.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-248-191.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2d2602ee72623f30e96034575c2ee454a48f24338bf5bd40c6e09d877be41696

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 20:18:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Mar 2019 17:15:04 GMT
Server
nginx
ETag
"153af72ab81781c27284642861df8d85"
Vary
Accept-Encoding
P3P
CP=NOI DSP COR NID
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
145
rewards-widget.min.js
cashier.rationalcdn.com/widget/2.1.26/ Frame BECE 		253 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cashier.rationalcdn.com/widget/2.1.26/rewards-widget.min.js
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/cross-ux/cvl-active.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
28a746539ac339594f4ab3cdf0ca4820549bb045c9eae7c3dd250705f1e22428

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:53 GMT
content-encoding
gzip
last-modified
Wed, 14 Apr 2021 18:01:26 GMT
server
Apache
etag
"3f4a7-5bff2891503eb"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With
content-length
70194
bat.js
bat.bing.com/ Frame BECE 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3183481f09352eade87e53d32ac3c1f6ab5b853e2b5bde4035834680b53d9299

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:53 GMT
content-encoding
gzip
last-modified
Tue, 13 Apr 2021 17:21:02 GMT
x-msedge-ref
Ref A: 6DE3463C9CA349A4A7245E1B7F858866 Ref B: FRAEDGE1220 Ref C: 2021-05-12T20:18:53Z
etag
"0d398608930d71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
8910
css
fonts.googleapis.com/ Frame BECE 		7 KB
694 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700&subset=cyrillic,greek
Requested by
Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a89fc8b93ffad843dd466830b83527543c50d90dad2a2a10bd53dd34dc3711e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 12 May 2021 18:55:17 GMT
server
ESF
date
Wed, 12 May 2021 20:18:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 12 May 2021 20:18:53 GMT
css
fonts.googleapis.com/ Frame BECE 		8 KB
713 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Requested by
Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 12 May 2021 19:30:58 GMT
server
ESF
date
Wed, 12 May 2021 20:18:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 12 May 2021 20:18:53 GMT
en.js
cashier.rationalcdn.com/ram/2.2.103/i18n/locales/ Frame BECE 		314 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cashier.rationalcdn.com/ram/2.2.103/i18n/locales/en.js
Requested by
Host: cashier.rationalcdn.com
URL: https://cashier.rationalcdn.com/ram/2.2.103/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9753c3557392c09e515c7af7e174e9de4d170c30625c1fc6548868120d9c3816

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:53 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 16:22:32 GMT
server
Apache
etag
"4e6fa-5c1bfd5bf3484"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With
content-length
88011
resolvesite
ram.pokerstars.fr/ram/info/ Frame BECE 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ram.pokerstars.fr/ram/info/resolvesite
Requested by
Host: cashier.rationalcdn.com
URL: https://cashier.rationalcdn.com/ram/2.2.103/vendor.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.87.177.43 Isle of Man, Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
app server /
Resource Hash
6115a2042786ca075e4e9bb2f387a53fbf461206cd075587692b9397edccd36c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 20:18:53 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
346
X-XSS-Protection
1; mode=block
Pragma
no-cache, no-store
Access-Control-Allow-Headers
Content-Type
Server
app server
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://www.pokerstars.fr
Cache-Control
private, no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=15, max=199
Expires
-86400
hmx000000000114.js
u360.d-bi.fr/ Frame BECE 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://u360.d-bi.fr/hmx000000000114.js
Requested by
Host: www.psimg.com
URL: https://www.psimg.com/ga/assets/local.fr.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.226.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
hmxps /
Resource Hash
f8faa0b1858738ee68f55941a12407b2e62f9e73c1cd95d90a18a8df92f5332a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:53 GMT
cache-control
public, max-age=60
x-myname
0e3c1b6c2f72989ab
server
hmxps
content-encoding
gzip
strict-transport-security
max-age=63072000
content-type
application/javascript
BrightTag.jquery-1.5.1.js
s.btstatic.com/ Frame BECE 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.btstatic.com/BrightTag.jquery-1.5.1.js
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.248.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-248-191.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1d878d54b9a998f52c94a6956310423cba9996302c42f60d9b7fe81da51992c7

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 20:18:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 May 2021 16:29:53 GMT
Server
nginx
Vary
Accept-Encoding
P3P
CP=NOI DSP COR NID
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
29695
ram.css
cashier.rationalcdn.com/ram/2.2.103/styles/ Frame BECE 		425 KB
154 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cashier.rationalcdn.com/ram/2.2.103/styles/ram.css
Requested by
Host: cashier.rationalcdn.com
URL: https://cashier.rationalcdn.com/ram/2.2.103/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.44.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
254e3887e82783b5dc78edcc8fc9aae3053f444726a4459e25b85a5f3d70eef1

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cteonnt-length
435061
date
Wed, 12 May 2021 20:18:53 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 14:57:09 GMT
server
Apache
etag
"6a375-5c1bea45c1b40"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
private, max-age=1003934
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With
content-length
157141
linkid.js
www.google-analytics.com/plugins/ua/ Frame BECE 		2 KB
882 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 19:24:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
3280
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
expires
Wed, 12 May 2021 20:24:13 GMT
sessionid
ram.pokerstars.fr/ram/login/ Frame BECE 		663 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ram.pokerstars.fr/ram/login/sessionid
Requested by
Host: cashier.rationalcdn.com
URL: https://cashier.rationalcdn.com/ram/2.2.103/vendor.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.87.177.43 Isle of Man, Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
app server /
Resource Hash
dbb2e75194d85f8acd316924e0b416352010ab4f8ec25d694c39aa671f2d89c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 20:18:53 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
553
X-XSS-Protection
1; mode=block
Pragma
no-cache, no-store
Access-Control-Allow-Headers
Content-Type
Server
app server
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://www.pokerstars.fr
Cache-Control
private, no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=15, max=198
Expires
-86400
bsevent.gif
tps20516.doubleverify.com/ Frame BE91 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tps20516.doubleverify.com/bsevent.gif?impid=e2a443ecd9004eddb172aca82e49718a&pltfrm=Linux%20x86_64&cbust=1620850733828517
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.26 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:53 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
max-age=0
Content-Length
860
Expires
5/11/2021 8:18:53 PM
e000000000114.js
u360.d-bi.fr/ Frame BECE 		115 B
342 B 		Script
General
Check archive.org
Download Go to
Full URL
https://u360.d-bi.fr/e000000000114.js
Requested by
Host: u360.d-bi.fr
URL: https://u360.d-bi.fr/hmx000000000114.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.226.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
hmxps /
Resource Hash
86782de8895669bbc7f2ba06fb1146b26d923915824c921e4dce02510f981406
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:53 GMT
cache-control
private, must-revalidate, proxy-revalidate
x-myname
02462634889559ee6
server
hmxps
etag
85833705802612693300000006253b1d07d14ec074b7e97d4020e4b8c43e
strict-transport-security
max-age=63072000
content-type
application/javascript
000000000114.gif
u360.d-bi.fr/ Frame BECE 		43 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u360.d-bi.fr/000000000114.gif?c=6CCBF75B082775383240481EA0B0240F-9d9722904a60&cgen=1&step=b3RoZXI=&hmxtagid=4.3.0&u=aHR0cHM6Ly93d3cucG9rZXJzdGFycy5mci8=&hmxts=1620850733841&hmxtzoffset=LTEyMA==&hmxtzname=RXVyb3BlL0Jlcmxpbg==&navlang=ZW4tVVM=&hmxdnt=MA==&r=aHR0cHM6Ly9scC5jbGV2ZXJuZXR3b3JrLnB0Lw==&hmx_send_ts=1620850733842&hmx_new_session=1
Requested by
Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.226.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
hmxps /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 12 May 2021 20:18:53 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, must-revalidate, proxy-revalidate
server
hmxps
content-type
image/gif
x-myname
0ca44190a60401517
expires
Mon, 21 Jan 1980 12:00:00 GMT
e000000000114.gif
u360.d-bi.fr/ Frame BECE 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u360.d-bi.fr/e000000000114.gif?aid=000000000114&c=6CCBF75B082775383240481EA0B0240F&e=85833705802612693300000006253b1d07d14ec074b7e97d4020e4b8c43e&d=d3d3LnBva2Vyc3RhcnMuZnI=
Requested by
Host: www.pokerstars.fr
URL: https://www.pokerstars.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.226.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
hmxps /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:53 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, must-revalidate, proxy-revalidate
x-myname
02462634889559ee6
server
hmxps
content-type
image/gif
strict-transport-security
max-age=63072000
expires
Mon, 21 Jan 1980 12:00:00 GMT
js
pixel.mathtag.com/event/ Frame BECE 		597 B
921 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/event/js?mt_id=1452156&mt_adid=122865&
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 3709 11aaa92 master cdg-pixel-x24 /
Resource Hash
a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 20:18:54 GMT
Server
MT3 3709 11aaa92 master cdg-pixel-x24
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
597
Expires
Wed, 12 May 2021 20:18:20 GMT
6859decf69.js
cdn.tradelab.fr/tag/ Frame BECE 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tradelab.fr/tag/6859decf69.js
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frd/E289) /
Resource Hash
7c273e4e1b4393df21008b09034bd0cc7fd89f718d817405ca5ee5802cbab2f8

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:54 GMT
content-encoding
gzip
last-modified
Mon, 19 Apr 2021 09:12:55 GMT
server
ECAcc (frd/E289)
age
308
etag
"3fdf-5c04fbc2b6e30-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length
5385
expires
Wed, 12 May 2021 20:48:54 GMT
fbevents.js
connect.facebook.net/en_US/ Frame BECE 		92 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23959
x-fb-rlafr
0
pragma
public
x-fb-debug
BrdbrWudsvmxgzUl5wC+/rHwrQFn4rw+MdkSdqh8z2Q2nF0t3XalSmmSdTqax3p6GaDQc17QuVppfea1qgQF+g==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Wed, 12 May 2021 20:18:53 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
activityi;dc_pre=COrtgML7xPACFasEBgAdu3cFKw;src=8954552;type=rmcom0;cat=sg_we0;u27=677594753278846;ord=6943845432804.954;~oref=https%3A%2F%2Fwww.pokerstars.fr%2F
8954552.fls.doubleclick.net/ Frame E80E
Redirect Chain
  • https://8954552.fls.doubleclick.net/activityi;src=8954552;type=rmcom0;cat=sg_we0;u27=677594753278846;ord=6943845432804.954;~oref=https%3A%2F%2Fwww.pokerstars.fr%2F
  • https://8954552.fls.doubleclick.net/activityi;dc_pre=COrtgML7xPACFasEBgAdu3cFKw;src=8954552;type=rmcom0;cat=sg_we0;u27=677594753278846;ord=6943845432804.954;~oref=https%3A%2F%2Fwww.pokerstars.fr%2F
2 KB
713 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8954552.fls.doubleclick.net/activityi;dc_pre=COrtgML7xPACFasEBgAdu3cFKw;src=8954552;type=rmcom0;cat=sg_we0;u27=677594753278846;ord=6943845432804.954;~oref=https%3A%2F%2Fwww.pokerstars.fr%2F
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f6.1e100.net
Software
cafe /
Resource Hash
0f26e4ec0c4d904774c909a586baf8c2350c193883e4d7f51658d91c91ce1c6e
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8954552.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=COrtgML7xPACFasEBgAdu3cFKw;src=8954552;type=rmcom0;cat=sg_we0;u27=677594753278846;ord=6943845432804.954;~oref=https%3A%2F%2Fwww.pokerstars.fr%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.pokerstars.fr/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnJsAThB2TT5ONYTq6rEtyMP5a9G2_HThpiKMOMcPgfmIoKqNXkKpJ14QOXEeY; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.pokerstars.fr/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 12 May 2021 20:18:54 GMT
expires
Wed, 12 May 2021 20:18:54 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
690
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 12 May 2021 20:18:54 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8954552.fls.doubleclick.net/activityi;dc_pre=COrtgML7xPACFasEBgAdu3cFKw;src=8954552;type=rmcom0;cat=sg_we0;u27=677594753278846;ord=6943845432804.954;~oref=https%3A%2F%2Fwww.pokerstars.fr%2F
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
scevent.min.js
sc-static.net/ Frame BECE 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.6.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-6-52.vie50.r.cloudfront.net
Software
CloudFront /
Resource Hash
023e64b862c4d75dd3390eda64f830ce73e3d8c689d30fff89dec507ccabb780

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:54 GMT
content-encoding
gzip
server
CloudFront
x-amz-cf-pop
VIE50-C2
x-cache
LambdaGeneratedResponse from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
5720
via
1.1 1a276be771f01064831eea4851319c28.cloudfront.net (CloudFront)
x-amz-cf-id
D9ESBtPjF6f2Rsbe1GZeMDtcTZbg1EOEQx6UIKGr87TZIMGcNtdZTw==
pixie.js
acdn.adnxs.com/dmp/up/ Frame BECE 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3883ff2a5b46193da5464f5ae5fb94169d1361cfecedbd187439d459dc669f31

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 20:18:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 May 2020 21:04:36 GMT
Server
nginx/1.13.10
ETag
"5ebdb264-1cfb"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Length
2601
Expires
Thu, 13 May 2021 20:18:56 GMT
cs
s.thebrighttag.com/ Frame BECE
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.thebrighttag.com%2Fcs?btt=0&tp=an&uid=$UID
  • https://s.thebrighttag.com/cs?btt=0&tp=an&uid=7253254579684264538
35 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=an&uid=7253254579684264538
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.228.243.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-243-159.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:54 GMT
Server
nginx
P3P
CP=NOI DSP COR NID
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
X-BT-RequestId
45e67bd0-b35f-11eb-811c-0000ac150979

Redirect headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:54 GMT
X-Proxy-Origin
185.246.211.87; 185.246.211.87; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.59:80
AN-X-Request-Uuid
285e2ad7-19be-480b-9340-9f82681648d1
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.thebrighttag.com/cs?btt=0&tp=an&uid=7253254579684264538
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
s.thebrighttag.com/ Frame BECE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/epROgTTp/?redir=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3D0WCbX0j%26uid%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/epROgTTp/?redir=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3D0WCbX0j%26uid%3D%24%7BTM_USER_ID%7D&_test=YJw4LgAA1AW4RQBg
  • https://s.thebrighttag.com/cs?btt=0&tp=0WCbX0j&uid=YJw4LgAA1AW4RQBg&_test=YJw4LgAA1AW4RQBg
35 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=0WCbX0j&uid=YJw4LgAA1AW4RQBg&_test=YJw4LgAA1AW4RQBg
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.228.243.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-243-159.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:54 GMT
Server
nginx
P3P
CP=NOI DSP COR NID
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
X-BT-RequestId
45f96790-b35f-11eb-99ca-0000ac150994

Redirect headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:54 GMT
via
1.1 varnish
server
Varnish
x-timer
S1620850734.180532,VS0,VE0
x-served-by
cache-hhn4070-HHN
x-cache
HIT
location
https://s.thebrighttag.com/cs?btt=0&tp=0WCbX0j&uid=YJw4LgAA1AW4RQBg&_test=YJw4LgAA1AW4RQBg
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
cs
s.thebrighttag.com/ Frame BECE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=signal_dmp&google_cm&btt=0
  • https://s.thebrighttag.com/cs?tp=gcms&btt=0&google_gid=CAESEMnvh1zUqizUbzWHyKiZpUQ&google_cver=1
35 B
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.thebrighttag.com/cs?tp=gcms&btt=0&google_gid=CAESEMnvh1zUqizUbzWHyKiZpUQ&google_cver=1
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.228.243.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-243-159.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:54 GMT
Server
nginx
P3P
CP=NOI DSP COR NID
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
X-BT-RequestId
45e2d251-b35f-11eb-a9ff-0000ac1509e4

Redirect headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.thebrighttag.com/cs?tp=gcms&btt=0&google_gid=CAESEMnvh1zUqizUbzWHyKiZpUQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
305
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
s.thebrighttag.com/ Frame BECE
Redirect Chain
  • https://sync.mathtag.com/sync/js?redir=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Ftp%3Dmm%26uid%3D%5BMM_UUID%5D%26btt%3D0
  • https://s.thebrighttag.com/cs?tp=mm&uid=4068609c-382c-4e00-9693-fc1a9ce2e5cc&btt=0
35 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.thebrighttag.com/cs?tp=mm&uid=4068609c-382c-4e00-9693-fc1a9ce2e5cc&btt=0
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.228.243.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-243-159.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:54 GMT
Server
nginx
P3P
CP=NOI DSP COR NID
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
X-BT-RequestId
460bde20-b35f-11eb-8e23-0000ac150bda

Redirect headers

Date
Wed, 12 May 2021 20:20:44 GMT
Server
MT3 3709 11aaa92 master cdg-pixel-x25
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://s.thebrighttag.com/cs?tp=mm&uid=4068609c-382c-4e00-9693-fc1a9ce2e5cc&btt=0
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 12 May 2021 20:20:43 GMT
cs
s.thebrighttag.com/ Frame BECE
Redirect Chain
  • https://servedby.flashtalking.com/map/?key=s3lJXta567k8G63uyekk63hUj6k11&url=https://s.thebrighttag.com/cs?btt=0&tp=dJNjEOZ&uid=[%FT_GUID%]
  • https://s.thebrighttag.com/cs?btt=0&tp=dJNjEOZ&uid=4880AD2CE12971
35 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=dJNjEOZ&uid=4880AD2CE12971
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.228.243.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-243-159.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:54 GMT
Server
nginx
P3P
CP=NOI DSP COR NID
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
X-BT-RequestId
46126dd1-b35f-11eb-a698-0000ac150901

Redirect headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:54 GMT
Server
prod-xre-app8.frk11
X-HW
1620850734.dop207.pa1.t,1620850734.cds007.pa1.shn,1620850734.dop207.pa1.t,1620850734.cds204.pa1.sc,1620850734.cds204.pa1.p
P3P
policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location
https://s.thebrighttag.com/cs?btt=0&tp=dJNjEOZ&uid=4880AD2CE12971
Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Length
0
tag
s.thebrighttag.com/ Frame BECE 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.thebrighttag.com/tag
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/BrightTag.jquery-1.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.228.243.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-243-159.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
eddee6cb55f1e3215a14618b75a7c39841595e96583394101defeb4eb8929273

Request headers

Accept
*/*
Referer
https://www.pokerstars.fr/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:54 GMT
content-encoding
gzip
Server
nginx
ETag
56ab3e39ee7faf6773284bbdb6fc218c
P3P
CP=NOI DSP COR NID
Access-Control-Allow-Origin
https://www.pokerstars.fr
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript
Content-Length
1597
X-BT-RequestId
460aa5a1-b35f-11eb-a05e-0000ac150b6c
5562480
bat.bing.com/p/action/ Frame BECE 		0
141 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5562480
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 12 May 2021 20:18:54 GMT
cache-control
private,max-age=86400
x-msedge-ref
Ref A: D9ADFDC995B54A55BB268D8603714312 Ref B: FRAEDGE1220 Ref C: 2021-05-12T20:18:54Z
x-powered-by
ARR/3.0
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ Frame BECE 		0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5562480&Ver=2&mid=a961c283-ab79-403b-a0a7-97c52c73ca98&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Poker%20en%20ligne%20-%20Jouez%20des%20parties%20de%20poker%20sur%20PokerStars&p=https%3A%2F%2Flp.clevernetwork.pt%2F&r=&lt=2778&evt=pageLoad&ifm=1&msclkid=N&sv=1&rn=341345
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 12 May 2021 20:18:54 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 6FA1380D953643229D3D04642E3D72AE Ref B: FRAEDGE1220 Ref C: 2021-05-12T20:18:54Z
x-cache
CONFIG_NOCACHE
expires
Fri, 01 Jan 1990 00:00:00 GMT
tag
s.thebrighttag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://s.thebrighttag.com/tag
Protocol
HTTP/1.1
Server
54.228.243.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-243-159.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-requested-with
Origin
https://www.pokerstars.fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Wed, 12 May 2021 20:18:54 GMT
Content-Length
0
Connection
keep-alive
ETag
d41d8cd98f00b204e9800998ecf8427e
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, must-revalidate
X-BT-RequestId
46043d00-b35f-11eb-aaf2-0000ac150994
Access-Control-Max-Age
86400
Access-Control-Allow-Origin
https://www.pokerstars.fr
Access-Control-Allow-Headers
X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Credentials
true
P3P
CP=NOI DSP COR NID
img
pixel.mathtag.com/misc/ Frame BECE 		43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 3709 11aaa92 master cdg-pixel-x27 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 20:18:54 GMT
Server
MT3 3709 11aaa92 master cdg-pixel-x27
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 12 May 2021 20:18:21 GMT
identity.js
connect.facebook.net/signals/plugins/ Frame BECE 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.39
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
4673
x-fb-rlafr
0
pragma
public
x-fb-debug
NEXrgGcSkm8NZ6kduBvmdi05o2nSxKeZuclSW2+0W6FXv8bqBVDrqe4gQ+gyVuPQscofNvCbfRi5CHnWtwjmCA==
x-frame-options
DENY
date
Wed, 12 May 2021 20:18:54 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
1152875091428286
connect.facebook.net/signals/config/ Frame BECE 		255 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1152875091428286?v=2.9.39&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7d20eb98a26bf8699040ddf5243e7ff6903ffd209dce126ad9b5575f5f872173
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
74435
x-fb-rlafr
0
pragma
public
x-fb-debug
kcwBSexRSG2bwyejtfqZgB6v0yF5gXbRKv/3+iQ5V5roi3UH84ov0fek+gXGRPU3BCTwnyBMIZRXyanY25Df/A==
x-frame-options
DENY
date
Wed, 12 May 2021 20:18:54 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
825.js
cdn.tradelab.fr/fseg/ Frame BECE 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tradelab.fr/fseg/825.js?add=4232218
Requested by
Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/tag/6859decf69.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frd/E2B7) /
Resource Hash
a77b03ac59bedd835e6261c2e0243a81824107314f736763c991f74f6c9528c4

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:54 GMT
content-encoding
gzip
last-modified
Thu, 26 Mar 2020 14:24:44 GMT
server
ECAcc (frd/E2B7)
age
768
etag
"20b1-5a1c2bf055fd2-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length
2723
expires
Wed, 12 May 2021 20:48:54 GMT
activityi;dc_pre=CJCVi8L7xPACFYHe3godNNcAPg;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4818106735651.446
8526803.fls.doubleclick.net/ Frame 12F6
Redirect Chain
  • https://8526803.fls.doubleclick.net/activityi;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4818106735651.446?
  • https://8526803.fls.doubleclick.net/activityi;dc_pre=CJCVi8L7xPACFYHe3godNNcAPg;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4818106735651....
400 B
351 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8526803.fls.doubleclick.net/activityi;dc_pre=CJCVi8L7xPACFYHe3godNNcAPg;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4818106735651.446?
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.134 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f6.1e100.net
Software
cafe /
Resource Hash
59c6dc2a43fd6ecef05d58a6bf36b837a4eff4c783ee4fd903e98cda7bdf5a22
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8526803.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CJCVi8L7xPACFYHe3godNNcAPg;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4818106735651.446?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.pokerstars.fr/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnJsAThB2TT5ONYTq6rEtyMP5a9G2_HThpiKMOMcPgfmIoKqNXkKpJ14QOXEeY; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.pokerstars.fr/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 12 May 2021 20:18:54 GMT
expires
Wed, 12 May 2021 20:18:54 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
328
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 12 May 2021 20:18:54 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8526803.fls.doubleclick.net/activityi;dc_pre=CJCVi8L7xPACFYHe3godNNcAPg;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4818106735651.446?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
seg.js
cdn.tradelab.fr/ Frame BECE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tradelab.fr/seg.js?add=25072242
Requested by
Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/tag/6859decf69.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frd/E2B6) /
Resource Hash
4bcdad591e993084f420f4d2e05541355f3ef0a185dbe15b2cd1e8fd614039b7

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:54 GMT
content-encoding
gzip
last-modified
Wed, 06 Sep 2017 13:08:13 GMT
server
ECAcc (frd/E2B6)
age
215
etag
"a7c-558850954180e-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length
1107
expires
Wed, 12 May 2021 20:48:54 GMT
/
its.tradelab.fr/ Frame BECE
Redirect Chain
  • https://ib.adnxs.com/getuid?//its.tradelab.fr/?type=tlsync&uuid2=$UID&callback=tl_sync
  • https://its.tradelab.fr/?type=tlsync&uuid2=7253254579684264538&callback=tl_sync
53 B
686 B 		Script
General
Check archive.org
Download Go to
Full URL
https://its.tradelab.fr/?type=tlsync&uuid2=7253254579684264538&callback=tl_sync
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.192.105 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
tradelab.fr
Software
nginx/1.17.6 /
Resource Hash
fa79ca06324b5d9c5ae654fe417e9adcb1a67f8eea25924e7217a32b533f5fb7

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:54 GMT
Server
nginx/1.17.6
Transfer-Encoding
chunked
P3p
CP="CAO PSA OUR"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0,post-check=0,pre-check=0
Connection
keep-alive
Content-Type
application/javascript

Redirect headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:54 GMT
X-Proxy-Origin
185.246.211.87; 185.246.211.87; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.154:80
AN-X-Request-Uuid
1bfbfc4a-75a1-4287-9f4c-78791c48f411
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
//its.tradelab.fr/?type=tlsync&uuid2=7253254579684264538&callback=tl_sync
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
its.tradelab.fr/ Frame BECE
Redirect Chain
  • https://its.tradelab.fr/?type=tp&advid=727265&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1620850734%2C%22page_url%22%3A%22lp.clevernetwork.pt%2F%22%2C%22dm%22%3A%22pokerstars.fr%...
  • https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm
  • https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEKXnB8FpDuTgrE5W1X5n4z8&google_cver=1
43 B
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEKXnB8FpDuTgrE5W1X5n4z8&google_cver=1
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.192.105 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
tradelab.fr
Software
nginx/1.17.6 / Tradelab ITS / node5.tradelab.fr
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:54 GMT
Server
nginx/1.17.6
X-Powered-By
Tradelab ITS / node5.tradelab.fr
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*

Redirect headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEKXnB8FpDuTgrE5W1X5n4z8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c292f111f4.js
cdn.tradelab.fr/tag/ Frame BECE 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tradelab.fr/tag/c292f111f4.js
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frd/E2A0) /
Resource Hash
71720a43cacaa4498ed1f98d749e2da9a2df6264c855aebb90512ef087332dbf

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:54 GMT
content-encoding
gzip
last-modified
Thu, 22 Apr 2021 10:16:02 GMT
server
ECAcc (frd/E2A0)
age
353
etag
"2c2b-5c08cf76d6407-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length
4011
expires
Wed, 12 May 2021 20:48:54 GMT
/
www.facebook.com/tr/ Frame BECE 		44 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1152875091428286&ev=PageView&dl=https%3A%2F%2Fwww.pokerstars.fr%2F&rl=https%3A%2F%2Flp.clevernetwork.pt%2F&if=true&ts=1620850734372&sw=1600&sh=1200&ud[external_id]=822bd79a88a6598c48ec2f2989cbe53460085d9bebc866de623e3e8ee0565f27&v=2.9.39&r=stable&ec=0&o=30&it=1620850734281&coo=false&exp=l0&rqm=GET
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:54 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 12 May 2021 20:18:54 GMT
pixie
ib.adnxs.com/ Frame BECE 		42 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/pixie?e=PageView&pi=aa03559c-a641-483f-831c-5e9093c127eb&it=1620850734375&v=0.0.15&u=https%3A%2F%2Fwww.pokerstars.fr%2F&r=https%3A%2F%2Flp.clevernetwork.pt%2F&st=1620850734375&et=1620850734375&if=1
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 20:18:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx/1.17.9
Connection
keep-alive
X-Proxy-Origin
185.246.211.87; 185.246.211.87; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 10.2.80.88:80
Content-Length
42
Content-Type
image/gif
event.png
tps20230.doubleverify.com/ Frame 2CC6 		67 B
492 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20230.doubleverify.com/event.png?impid=c2ce23459c0d463ca9916e44d28155d4&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=69&vdur=86&eoid=5&msrjs=1344&pltfrm=Linux%20x86_64&isvelg=1&vit=2&engms=1&engisel=1&cbust=1620850734392651
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1344.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.11 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:54 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
5/11/2021 8:18:54 PM
/
its.tradelab.fr/ Frame BECE 		2 B
503 B 		Script
General
Check archive.org
Download Go to
Full URL
https://its.tradelab.fr/?type=token&p=tlab&gtw=%2F%2Fs.thebrighttag.com%2Fapi%3Fsite%3DG58M8eX%26referrer%3Dtlabset%26signalid%3D677594753278846
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.192.105 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
tradelab.fr
Software
nginx/1.17.6 / Tradelab ITS / node4.tradelab.fr
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:54 GMT
Server
nginx/1.17.6
X-Powered-By
Tradelab ITS / node4.tradelab.fr
P3p
CP="CAO PSA OUR"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0,post-check=0,pre-check=0
Connection
keep-alive
Content-Type
text/html
Content-Length
2
uwt.js
static.ads-twitter.com/ Frame BECE 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:54 GMT
via
1.1 varnish
last-modified
Fri, 04 Dec 2020 00:21:46 GMT
age
70036
etag
"cbc512946c8abb461c6215ed5b454e5f+gzip"
vary
Accept-Encoding,Host
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding
gzip
cache-control
no-cache
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
1957
x-timer
S1620850734.479602,VS0,VE0
x-served-by
cache-hhn11560-HHN
js
pixel.mathtag.com/event/ Frame BECE 		597 B
920 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/event/js?mt_id=1452156&mt_adid=122865&
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 3709 11aaa92 master cdg-pixel-x9 /
Resource Hash
a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 20:18:54 GMT
Server
MT3 3709 11aaa92 master cdg-pixel-x9
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
597
Expires
Wed, 12 May 2021 20:18:21 GMT
event.png
tps20245.doubleverify.com/ Frame 5E3D 		67 B
492 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20245.doubleverify.com/event.png?impid=2be2d91a045444d8a8f87e794a138f68&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=28&vdur=70&eoid=5&msrjs=1344&pltfrm=Linux%20x86_64&isvelg=1&vit=2&engms=1&engisel=1&cbust=1620850734418446
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1344.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.11 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:54 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
5/11/2021 8:18:54 PM
645001.js
cdn.tradelab.fr/conv/ Frame BECE 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tradelab.fr/conv/645001.js
Requested by
Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/fseg/825.js?add=4232218
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frd/E2F2) /
Resource Hash
c93591cccd94f2254d20f66f7f091497f30c9f249714e6fa1b5c9d81c8cedcfe

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:54 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 07:08:57 GMT
server
ECAcc (frd/E2F2)
age
381
etag
"4a1c-5bd15395b19f9-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length
7028
expires
Wed, 12 May 2021 20:48:54 GMT
seg
secure.adnxs.com/ Frame BECE 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/seg?add=25072242&t=2
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:54 GMT
X-Proxy-Origin
185.246.211.87; 185.246.211.87; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.250:80
AN-X-Request-Uuid
4d546282-21f4-4826-89f8-562f5cf42fdb
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
its.tradelab.fr/ Frame BECE
Redirect Chain
  • https://ib.adnxs.com/getuid?//its.tradelab.fr/?type=seg&uuid2=$UID&sid=25072242&val=null&fp=0&advid=727265&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%252...
  • https://its.tradelab.fr/?type=seg&uuid2=7253254579684264538&sid=25072242&val=null&fp=0&advid=727265&isregen=0&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(...
  • https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm
  • https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEKXnB8FpDuTgrE5W1X5n4z8&google_cver=1
43 B
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEKXnB8FpDuTgrE5W1X5n4z8&google_cver=1
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.192.105 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
tradelab.fr
Software
nginx/1.17.6 / Tradelab ITS / node3.tradelab.fr
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:54 GMT
Server
nginx/1.17.6
X-Powered-By
Tradelab ITS / node3.tradelab.fr
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*

Redirect headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEKXnB8FpDuTgrE5W1X5n4z8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
tr.snapchat.com/cm/ Frame 03C4 		0
203 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=1666b7b9-c3bf-47cf-8574-42bbbc074d5a
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
tr.snapchat.com
:scheme
https
:path
/cm/i?pid=1666b7b9-c3bf-47cf-8574-42bbbc074d5a
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.pokerstars.fr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.pokerstars.fr/

Response headers

server
nginx/1.17.3
date
Wed, 12 May 2021 20:18:54 GMT
content-type
text/html
content-length
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
js-sha256-v1.min.js
sc-static.net/ Frame BECE 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/js-sha256-v1.min.js
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.6.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-6-52.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253

Request headers

Origin
https://www.pokerstars.fr
Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 20:41:48 GMT
content-encoding
gzip
age
85026
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Fri, 05 Apr 2019 00:32:08 GMT
server
AmazonS3
etag
W/"68f2467c84878293c9ee497dbc99a17f"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 0b727ed0f0558ba8e12453bfc7ff4907.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Type
cache-control
public, s-maxage=86400, max-age=600
x-amz-cf-pop
VIE50-C2
x-amz-cf-id
Wk1Mvok1W0mpPT7I8Aj1xVnG7MVhvlnyJcxRJmuSmcEvsFiHOqgLuA==
conversion.js
www.googleadservices.com/pagead/ Frame E80E 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: 8954552.fls.doubleclick.net
URL: https://8954552.fls.doubleclick.net/activityi;dc_pre=COrtgML7xPACFasEBgAdu3cFKw;src=8954552;type=rmcom0;cat=sg_we0;u27=677594753278846;ord=6943845432804.954;~oref=https%3A%2F%2Fwww.pokerstars.fr%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
63df23aa8bd4d44c5696ef1e1efd1db5ea25d377f224ac63d76a4962d30ebff3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8954552.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16679
x-xss-protection
0
server
cafe
etag
15134314911112061051
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 12 May 2021 20:18:54 GMT
dc_pre=COrtgML7xPACFasEBgAdu3cFKw;src=8954552;type=rmcom0;cat=sg_we0;u27=677594753278846;ord=6943845432804.954;~oref=https%3A%2F%2Fwww.pokerstars.fr%2F
adservice.google.com/ddm/fls/z/ Frame E80E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=COrtgML7xPACFasEBgAdu3cFKw;src=8954552;type=rmcom0;cat=sg_we0;u27=677594753278846;ord=6943845432804.954;~oref=https%3A%2F%2Fwww.pokerstars.fr%2F
Requested by
Host: 8954552.fls.doubleclick.net
URL: https://8954552.fls.doubleclick.net/activityi;dc_pre=COrtgML7xPACFasEBgAdu3cFKw;src=8954552;type=rmcom0;cat=sg_we0;u27=677594753278846;ord=6943845432804.954;~oref=https%3A%2F%2Fwww.pokerstars.fr%2F
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8954552.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
seg
secure.adnxs.com/ Frame BECE 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/seg?add=2491894:38&t=2
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:54 GMT
X-Proxy-Origin
185.246.211.87; 185.246.211.87; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.242:80
AN-X-Request-Uuid
282fa683-7bca-461c-8e9b-85482a09570b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
its.tradelab.fr/ Frame BECE 		43 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://its.tradelab.fr/?type=convr&x=1&cdata=%7B%22a%22%3A645001%2C%22l%22%3A%5B2911043%2C3374860%2C3374870%2C3374871%2C3375631%2C3375634%2C3375636%2C3375869%2C3485777%2C3610728%2C4139570%2C4139577%2C5229563%2C5512754%2C5523904%2C5527627%2C5577407%2C5577415%2C5683612%2C5707327%2C5707518%2C5729834%2C5751995%2C5752074%2C5772094%2C5772112%2C5772126%2C5772157%2C5772186%2C5772205%2C5772383%2C5772421%2C5807843%2C5812186%2C5894602%2C5907913%2C5933676%2C5969498%2C5969642%2C5969671%2C5969675%2C5971810%2C5971880%2C5992671%2C5992999%2C5993021%2C6000363%2C6001937%2C6002209%2C6002253%2C6002382%2C6002507%2C6140505%2C6154762%2C6154871%2C6159236%2C6159578%2C6162984%2C6162989%2C6163852%2C6164009%2C6164071%2C6164072%2C6164436%2C6164437%2C6193482%2C6195004%2C6195041%2C6195042%2C6195043%2C6195531%2C6195532%2C6195533%2C6195609%2C6214062%2C6214063%2C6214064%2C6214094%2C6214097%2C6214101%2C6214202%2C6214204%2C6214208%2C6221015%2C6221229%2C6222282%2C6226174%2C6226212%2C6226218%2C6226221%2C6226226%2C6226446%2C6226454%2C6226458%2C6226476%2C6226484%2C6226643%2C6226796%2C6226877%2C6226880%2C6227027%2C6227558%2C6234208%2C6234214%2C6234248%2C6234255%2C6234287%2C6234366%2C6234427%2C6234545%2C6235523%2C6235651%2C6237797%2C6237800%2C6237832%2C6237857%2C6291044%2C6291049%2C6291104%2C6291106%2C6291111%2C6291118%2C6291124%2C6291138%2C6291946%2C6291953%2C6291969%2C6311673%2C6318389%2C6330471%2C6330749%2C6331140%2C6331216%2C6331277%2C6331301%2C6357110%2C6357745%2C6357758%2C6357771%2C6364697%2C6364707%2C6386022%2C6386029%2C6422150%2C6422153%2C6455878%2C6455884%2C6471290%2C6471292%2C6479718%2C6479764%2C6526614%2C6563367%2C6563414%2C6590178%2C6776590%2C6778340%2C6779076%2C6779365%2C6806511%2C6807202%2C6816216%2C6816242%2C6816247%2C6816326%2C6816335%2C6816341%2C6842289%2C6842296%2C6842320%2C6842381%2C6842396%2C6842507%2C6851735%2C6860538%2C6875822%2C6876078%2C6878676%2C6886610%2C6889819%2C6889820%2C6889829%2C6895218%2C6895221%2C6895281%2C6895289%2C6902404%2C6902406%2C6914830%2C6914832%2C6914833%2C6917298%2C6917319%2C6917321%2C6917325%2C6917329%2C6917415%2C7018738%2C7037742%2C7037747%2C7037879%2C7043219%2C7043221%2C7043222%2C7043223%2C7043356%2C7043359%2C7043387%2C7050757%2C7050810%2C7054802%2C7054821%2C7054845%2C7055172%2C7055180%2C7055199%2C7055243%2C7055269%2C7055280%2C7055313%2C7055360%2C7055754%2C7057671%2C7057780%2C7059421%2C7073089%2C7081770%2C7081774%2C7081869%2C7081871%2C7082029%2C7082088%2C7082091%2C7082175%2C7082177%2C7089154%2C7089369%2C7089726%2C7089791%2C7089907%2C7090617%2C7090621%2C7090626%2C7090631%2C7098648%2C7098649%2C7098654%2C7098664%2C7098673%2C7125571%2C7209540%2C7209542%2C7209543%2C7209544%2C7209546%2C7209548%2C7209549%2C7209550%2C7209995%2C7209997%2C7209999%2C7210001%2C7210195%2C7210198%2C7210208%2C7215834%2C7226638%2C7226689%2C7226691%2C7226766%2C7226777%2C7226784%2C7226796%2C7226942%2C7227046%2C7227047%2C7228256%2C7228261%2C7228262%2C7228265%2C7228268%2C7228270%2C7228272%2C7228273%2C7228277%2C7228284%2C7228285%2C7228289%2C7228298%2C7228299%2C7228300%2C7228302%2C7228320%2C7228331%2C7291167%2C7292156%2C7307100%2C7307264%2C7359086%2C7361643%2C7365559%2C7462205%2C7481343%2C7525396%2C7525559%2C7525623%2C7525690%2C7525745%2C7525847%2C7526713%2C7536183%2C7536493%2C7537492%2C7537579%2C7538501%2C7538532%2C7538638%2C7538719%2C7538977%2C7539323%2C7539357%2C7539424%2C7539466%2C7539475%2C7539506%2C7542691%2C7542814%2C7542908%2C7542924%2C7544348%2C7544399%2C7544474%2C7544514%2C7544544%2C7549646%2C7549719%2C7549749%2C7550152%2C7550161%2C7550213%2C7572162%2C7716684%2C7717144%2C7717791%2C7717812%2C7717827%2C7717839%2C7717845%2C7717929%2C7717945%2C7791362%2C7791430%2C7791447%2C7831211%2C7831225%2C7831261%2C7831271%2C7831809%2C7831811%2C7831815%2C7831831%2C7945977%2C7954109%2C8016142%2C8016159%2C8016171%2C8016175%2C8016181%2C8016206%2C8016306%2C8016315%2C8016332%2C8016350%2C8016357%2C8016364%2C8018483%2C8018490%2C8018538%2C8018546%2C8018559%2C8018567%2C8019394%2C8019396%2C8025229%2C8025244%2C8025246%2C8025250%2C8032818%2C8032824%2C8032827%2C8035172%2C8035174%2C8035175%2C8035176%2C8035180%2C8035184%2C8035188%2C8035190%2C8049459%2C8049473%2C8049493%2C8049509%2C8081387%2C8081422%2C8081425%2C8083336%2C8097798%2C8097803%2C8097831%2C8097833%2C8110565%2C8110587%2C8110595%2C8110599%2C8124939%2C8124944%2C8124953%2C8124960%2C8178320%2C8178327%2C8178331%2C8178333%2C8211948%2C8359406%2C8359412%2C8359420%2C8359431%2C8359441%2C8359637%2C8365506%2C8392744%2C8399097%2C8399099%2C8399111%2C8399112%2C8399130%2C8399132%2C8399133%2C8399134%2C8407979%2C8408076%2C8408078%2C8408084%2C8408087%2C8408090%2C8408092%2C8410453%2C8505019%2C8511659%2C8511660%2C8511661%2C8511662%2C8643514%2C8643560%2C8643589%2C8643686%2C8643748%2C8643808%2C8643881%2C8643903%2C8643943%2C8643973%2C8644038%2C8648496%2C8648497%2C8648502%2C8761737%2C8771359%2C8813308%2C8813343%2C8813346%2C8813349%2C8896437%2C8896445%2C8896457%2C8897484%2C8897495%2C8897500%2C8897529%2C8897530%2C8897532%2C8897533%2C8897534%2C8897535%2C8897869%2C8903049%2C8903064%2C8903076%2C8903099%2C8903103%2C8903105%2C8903122%2C8903123%2C8903125%2C8903128%2C8903132%2C8903531%2C8903539%2C8903563%2C8903568%2C8903594%2C8903599%2C8904004%2C8904014%2C8904020%2C8904031%2C8904037%2C8904056%2C8904059%2C8904063%2C9104939%2C9130903%2C9131544%2C9139541%2C9203023%2C9203067%2C9203116%2C9278395%2C9351038%2C9387947%2C9397722%2C9409325%2C9514351%2C9514357%2C9612423%2C9612517%2C9612648%2C9629921%2C9696006%2C9696064%2C9696100%2C9703331%2C9703486%2C9703627%2C9719551%2C9720613%2C9721538%2C9721695%2C9721702%2C9721705%2C9721709%2C9721710%2C9755110%2C9755385%2C9854757%2C9906851%2C9906874%2C9910363%2C9990666%2C9990685%2C9990686%2C10095363%2C10095797%2C10096001%2C10193236%2C10193384%2C10193807%2C10310290%2C10359145%2C10359204%2C10476365%2C10476464%2C10476611%2C10477525%2C10502301%2C10503758%2C10503885%2C10522118%2C10535412%2C10588065%2C10588071%2C10588162%2C10635997%2C10651842%2C10666631%2C10685105%2C10686491%2C10686495%2C10697806%2C10697843%2C10769787%2C10919956%2C10953320%2C10997851%2C10997980%2C10998089%2C10998386%2C10998397%2C10998435%2C10998569%2C10998579%2C11057024%2C11152558%2C11154187%2C11194193%2C11245943%2C11332680%2C11346958%2C11350004%2C11350005%2C11387804%2C11395097%2C11395212%2C11396897%2C11396924%2C11396962%2C11397033%2C11397135%2C11397140%2C11397143%2C11397144%2C11397147%2C11397214%2C11397215%2C11397216%2C11397217%2C11397218%2C11397960%2C11400745%2C11401196%2C11401197%2C11401392%2C11401427%2C11401493%2C11401640%2C11401724%2C11401976%2C11402069%2C11402079%2C11402096%2C11403979%2C11404377%2C11404384%2C11408351%2C11414595%2C11415196%2C11415197%2C11416031%2C11416034%2C11416120%2C11416161%2C11416324%2C11416553%2C11416714%2C11416754%2C11416984%2C11417111%2C11417621%2C11417683%2C11417716%2C11417751%2C11418099%2C11418103%2C11421607%2C11421608%2C11421620%2C11428320%2C11428379%2C11428382%2C11455715%2C11460659%2C11460890%2C11460892%2C11460901%2C11461357%2C11461368%2C11461404%2C11461722%2C11468652%2C11468653%2C11468655%2C11468676%2C11468681%2C11468684%2C11475669%2C11475694%2C11476530%2C11481965%2C11487671%2C11488866%2C11490520%2C11490827%2C11490868%2C11496300%2C11496628%2C11496649%2C11497244%2C11497486%2C11497968%2C11515690%2C11517479%2C11517532%2C11543793%2C11543906%2C11549890%2C11550201%2C11550202%2C11550203%2C11577232%2C11584353%2C11584887%2C11585480%2C11589019%2C11589113%2C11589120%2C11597342%2C11597367%2C11597472%2C11609630%2C11610899%2C11611100%2C11611338%2C11614059%2C11615411%2C11615420%2C11615446%2C11615498%2C11615501%2C11615504%2C11621887%2C11623768%2C11629337%2C11629339%2C11629401%2C11629580%2C11635203%2C11635277%2C11639299%2C11644447%2C11645614%2C11645616%2C11645617%2C11645658%2C11645659%2C11645660%2C11646244%2C11646540%2C11646635%2C11646660%2C11646737%2C11646758%2C11646798%2C11646818%2C11646842%2C11662987%2C11666805%2C11666880%2C11666886%2C11666910%2C11666918%2C11666976%2C11666994%2C11676263%2C11676270%2C11676293%2C11676312%2C11676368%2C11676415%2C11676451%2C11676455%2C11683311%2C11684178%2C11689123%2C11697904%2C11708513%2C11723817%2C11723818%2C11723861%2C11734201%2C11735165%2C11735305%2C11762514%2C11762691%2C11783343%2C11784015%2C11784931%2C11784993%2C11785011%2C11798208%2C11800129%2C11815343%2C11815391%2C11830759%2C11830841%2C11830975%2C11831346%2C11831372%2C11831539%2C11831549%2C11844423%2C11844425%2C11850207%2C11850209%2C11868176%2C11877510%2C11878882%2C11903230%2C11923402%2C11923553%2C11923569%2C11923571%2C11923657%2C11923673%2C11923736%2C11923737%2C11923739%2C11933607%2C11950397%2C11959998%2C11960028%2C11965353%2C11965440%2C11966901%2C11969715%2C11969801%2C11969866%2C11998069%2C11998156%2C12018471%2C12018822%2C12019250%2C12040619%2C12040854%2C12051550%2C12085845%2C12085852%2C12085930%2C12086375%2C12086624%2C12086628%2C12089273%2C12089504%2C12097231%2C12097501%2C12097542%2C12112378%2C12123555%2C12147846%2C12148109%2C12148144%2C12149117%2C12152120%2C12153186%2C12167992%2C12192400%2C12259785%2C12260127%2C12265565%2C12281316%2C12295255%2C12313833%2C12313922%2C12339057%2C12341877%2C12352272%2C12352686%2C12354121%2C12354122%2C12360312%2C12360381%2C12360409%2C12360462%2C12361864%2C12363145%2C12386789%2C12398074%2C12398113%2C12398378%2C12398381%2C12398504%2C12398509%2C12420753%2C12422577%2C12422611%2C12431515%2C12431517%2C12431978%2C12431992%2C12439905%2C12439907%2C12439909%2C12439912%2C12441386%2C12441481%2C12441510%2C12441534%2C12449202%2C12475965%2C12476042%2C12478711%2C12485943%2C12486269%2C12491060%2C12491062%2C12491069%2C12496885%2C12496889%2C12496896%2C12496903%2C12509636%2C12509663%2C12509666%2C12511664%2C12511728%2C12512481%2C12512497%2C12514254%2C12514258%2C12514259%2C12523410%2C12524165%2C12524190%2C12531093%2C12531215%2C12532951%2C12537147%2C12540453%2C12540458%2C12540504%2C12540622%2C12540637%2C12540684%2C12540821%2C12540930%2C12540932%2C12540934%2C12540935%2C12540941%2C12540942%2C12540944%2C12541090%2C12541116%2C12547910%2C12548079%2C12563220%2C12563442%2C12569091%2C12569109%2C12569915%2C12569976%2C12577340%2C12581719%2C12582312%2C12582313%2C12582329%2C12582452%2C12582536%2C12602522%2C12602557%2C12605925%2C12605958%2C12606093%2C12606151%2C12606168%2C12606214%2C12606227%2C12615985%2C12619760%2C12619773%2C12619803%2C12619812%2C12640901%2C12641206%2C12641243%2C12641682%2C12641809%2C12664238%2C12664319%2C12664996%2C12665004%2C12665396%2C12665413%2C12665421%2C12665439%2C12665455%2C12665461%2C12665475%2C12665487%2C12665495%2C12665500%2C12665503%2C12665525%2C12665546%2C12665547%2C12665597%2C12665601%2C12665607%2C12673380%2C12673381%2C12673382%2C12673464%2C12673465%2C12673466%2C12678055%2C12678172%2C12678221%2C12678226%2C12678237%2C12678299%2C12678359%2C12678463%2C12678488%2C12679930%2C12679980%2C12680219%2C12680220%2C12680222%2C12680286%2C12680287%2C12680288%2C12680289%2C12680415%2C12680416%2C12680421%2C12680422%2C12680547%2C12680555%2C12680601%2C12680602%2C12680650%2C12680663%2C12680669%2C12680670%2C12680738%2C12680769%2C12680771%2C12683429%2C12683434%2C12683503%2C12683505%2C12684229%2C12711824%2C12711834%2C12711888%2C12711901%2C12711998%2C12712007%2C12756221%2C12756544%2C12758212%2C12758217%2C12758706%2C12758709%2C12759543%2C12772370%2C12789220%2C12819638%2C12819641%2C12819731%2C12819732%2C12821228%2C12821232%2C12832058%2C12832408%2C12832429%2C12833471%2C12833555%2C12833582%2C12844715%2C12850910%2C12850918%2C12850920%2C12850967%2C12850982%2C12851052%2C12851887%2C12853335%2C12853406%2C12855587%2C12855588%2C12855593%2C12856316%2C12856317%2C12856352%2C12856353%2C12865755%2C12866030%2C12866078%2C12866196%2C12881237%2C12881625%2C12882278%2C12882663%2C12882964%2C12883397%2C12885363%2C12885422%2C12885453%2C12885505%2C12885592%2C12885613%2C12885663%2C12885862%2C12885905%2C12885918%2C12885923%2C12885927%2C12885985%2C12885990%2C12886005%2C12886680%2C12907847%2C12909272%2C12909273%2C12912682%2C12921648%2C12921769%2C12921826%2C12921855%2C12922024%2C12922087%2C12923143%2C12923684%2C12923704%2C12923773%2C12923936%2C12923939%2C12923998%2C12924001%2C12924874%2C12924902%2C12924912%2C12924956%2C12924975%2C12924990%2C12925005%2C12925090%2C12925181%2C12925195%2C12925241%2C12925261%2C12925400%2C12925442%2C12925508%2C12925517%2C12925633%2C12925873%2C12926824%2C12926843%2C12926883%2C12926944%2C12926953%2C12926973%2C12926981%2C12927175%2C12927269%2C12927332%2C12927414%2C12927418%2C12927744%2C12927838%2C12927922%2C12928066%2C12928149%2C12928164%2C12928182%2C12929571%2C12929597%2C12929716%2C12929815%2C12929978%2C12929989%2C12930024%2C12930043%2C12930100%2C12930131%2C12930164%2C12934254%2C12934305%2C12934411%2C12934440%2C12934450%2C12934452%2C12934495%2C12934513%2C12934588%2C12934594%2C12934611%2C12934639%2C12934673%2C12934687%2C12934696%2C12934700%2C12934710%2C12934763%2C12934815%2C12934845%2C12935224%2C12935234%2C12935279%2C12935281%2C12935317%2C12935345%2C12935397%2C12935507%2C12935534%2C12935633%2C12935860%2C12935899%2C12935934%2C12935954%2C12935966%2C12936000%2C12936069%2C12936101%2C12936983%2C12937233%2C12937283%2C12937313%2C12937393%2C12937404%2C12937424%2C12937904%2C12937962%2C12938122%2C12938523%2C12938579%2C12938617%2C12938638%2C12938691%2C12939517%2C12940043%2C12940181%2C12940372%2C12940871%2C12947134%2C12947167%2C12947207%2C12947216%2C12948248%2C12948375%2C12948428%2C12948498%2C12948741%2C12948794%2C12950687%2C12953811%2C12953815%2C12953843%2C12954030%2C12969597%2C12969640%2C12971115%2C12971765%2C12971885%2C12983798%2C12983859%2C12986083%2C12986160%2C12986291%2C12986844%2C12987733%2C12996965%2C12997777%2C12997845%2C12997849%2C13008703%2C13008708%2C13009209%2C13011063%2C13011066%2C13012364%2C13020630%2C13021375%2C13022053%2C13022072%2C13037641%2C13037645%2C13037884%2C13046784%2C13056244%2C13059704%2C13059741%2C13115728%2C13135619%2C13136828%2C13158557%2C13158567%2C13158580%2C13158584%2C13173610%2C13175848%2C13175893%2C13175937%2C13175972%2C13176001%2C13176069%2C13176161%2C13176365%2C13176390%2C13176420%2C13176558%2C13180060%2C13201287%2C13201333%2C13201431%2C13227834%2C13227878%2C13227899%2C13228461%2C13228467%2C13228472%2C13229742%2C13229964%2C13230150%2C13230158%2C13247905%2C13379501%2C13379527%2C13404253%2C13404255%2C13404256%2C13426762%2C13426768%2C13442957%2C13444808%2C13445193%2C13499528%2C13499558%2C13499559%2C13509560%2C13519091%2C13521499%2C13562887%2C13576597%2C13581270%2C13585037%2C13585042%2C13586704%2C13586711%2C13586718%2C13586720%2C13590402%2C13590478%2C13590485%2C13590826%2C13590912%2C13591338%2C13591340%2C13591456%2C13593057%2C13593120%2C13593124%2C13593413%2C13593470%2C13593489%2C13593491%2C13593492%2C13593952%2C13593953%2C13593955%2C13595060%2C13595186%2C13595202%2C13595232%2C13595280%2C13604577%2C13604579%2C13611236%2C13611921%2C13611926%2C13611928%2C13611930%2C13611932%2C13611935%2C13611950%2C13611955%2C13611957%2C13611959%2C13611960%2C13611961%2C13611962%2C13611980%2C13611981%2C13611990%2C13612010%2C13612013%2C13612026%2C13612030%2C13612056%2C13612507%2C13612510%2C13612514%2C13612515%2C13615293%2C13615363%2C13624271%2C13624335%2C13624366%2C13627530%2C13637445%2C13637541%2C13639429%2C13639559%2C13639822%2C13639829%2C13643700%2C13643723%2C13643732%2C13643747%2C13643753%2C13643758%2C13643773%2C13646588%2C13646593%2C13648302%2C13648333%2C13648334%2C13648335%2C13648336%2C13648337%2C13648338%2C13648396%2C13648398%2C13648400%2C13648401%2C13651559%2C13651660%2C13651676%2C13651682%2C13651716%2C13651764%2C13651797%2C13651823%2C13651854%2C13651874%2C13651905%2C13652073%2C13652074%2C13652082%2C13652086%2C13652091%2C13652092%2C13652097%2C13652098%2C13652406%2C13652414%2C13652431%2C13652432%2C13652441%2C13652458%2C13652463%2C13652502%2C13652504%2C13652553%2C13652554%2C13652652%2C13652667%2C13652685%2C13652686%2C13652691%2C13652693%2C13652706%2C13652707%2C13652888%2C13655571%2C13655675%2C13655677%2C13655748%2C13655759%2C13655772%2C13655774%2C13655815%2C13655816%2C13655928%2C13655929%2C13656062%2C13656068%2C13656075%2C13656076%2C13656137%2C13656139%2C13656166%2C13656167%2C13656224%2C13656403%2C13656413%2C13656414%2C13656698%2C13656703%2C13656715%2C13656731%2C13657593%2C13657599%2C13657611%2C13657612%2C13657646%2C13657863%2C13657864%2C13657881%2C13657883%2C13657884%2C13657887%2C13657908%2C13657921%2C13660900%2C13660902%2C13660918%2C13660927%2C13660928%2C13660964%2C13660965%2C13661137%2C13661139%2C13661201%2C13661204%2C13661205%2C13661212%2C13661213%2C13661995%2C13662002%2C13662009%2C13662012%2C13662013%2C13662086%2C13662102%2C13662113%2C13662132%2C13662133%2C13662145%2C13662146%2C13662230%2C13662241%2C13662276%2C13662293%2C13662295%2C13663428%2C13663432%2C13663437%2C13663450%2C13684419%2C13684437%2C13703524%2C13703900%2C13703963%2C13704004%2C13726085%2C13726630%2C13728187%2C13728188%2C13728189%2C13729253%2C13737386%2C13746660%2C13754902%2C13755175%2C13755177%2C13755793%2C13756319%2C13759146%2C13759454%2C13759508%2C13759747%2C13783001%2C13783005%2C13783013%2C13783058%2C13788357%2C13789606%2C13790210%2C13790356%2C13790443%2C13790445%2C13790446%2C13822025%2C13827326%2C13827616%2C13828767%2C13828768%2C13828769%2C13828942%2C13828948%2C13828950%2C13832725%2C13832749%2C13849058%2C13849117%2C13850343%2C13850357%2C13850393%2C13850549%2C13850802%2C13850854%2C13850880%2C13850899%2C13850948%2C13851106%2C13854071%2C13886580%2C13889445%2C13889455%2C13889486%2C13889961%2C13889975%2C13889994%2C13890227%2C13890239%2C13890240%2C13890241%2C13890463%2C13895571%2C13895572%2C13897024%2C13905793%2C13906529%2C13906564%2C13906592%2C13917417%2C13918132%2C13918133%2C13919181%2C13919183%2C13930356%2C13931368%2C13933484%2C13944490%2C13944551%2C13944643%2C13951734%2C13951831%2C13955623%2C13955624%2C13962873%2C13962978%2C13964343%2C13964344%2C13970253%2C13970255%2C14004524%2C14006771%2C14011339%2C14012185%2C14012197%2C14012277%2C14012280%2C14020547%2C14023284%2C14045762%2C14045763%2C14045764%2C14077128%2C14077134%2C14184460%5D%2C%22i%22%3A7%2C%22c%22%3A7%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=5189423&xur=lp.clevernetwork.pt%2F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A0%2C%22page_url%22%3A%22%22%2C%22dm%22%3A%22%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A0%2C%22frst_vis_ts%22%3A1620850734%2C%22prev_vis_ts%22%3A0%2C%22curr_vis_ts%22%3A1620850734%2C%22total_page_cnt%22%3A0%2C%22prev_page_cnt%22%3A0%2C%22curr_page_cnt%22%3A1%7D%7D
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.192.105 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
tradelab.fr
Software
nginx/1.17.6 / Tradelab ITS / node4.tradelab.fr
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:54 GMT
Server
nginx/1.17.6
X-Powered-By
Tradelab ITS / node4.tradelab.fr
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
px
secure.adnxs.com/ Frame BECE 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=645001&t=2
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:54 GMT
X-Proxy-Origin
185.246.211.87; 185.246.211.87; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.233:80
AN-X-Request-Uuid
02c3b964-abc6-4d7d-9df5-06c6efb9fb5b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
seg
secure.adnxs.com/ Frame BECE 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/seg?add=4232218&t=2
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:54 GMT
X-Proxy-Origin
185.246.211.87; 185.246.211.87; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.134:80
AN-X-Request-Uuid
c8a97a61-f72b-4b02-b9a9-6936bea29cc3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
its.tradelab.fr/ Frame BECE 		43 B
889 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://its.tradelab.fr/?type=fseg&uuid2=7253254579684264538&sid=4232218&val=undefined&fun=825&step=1&siev=4232212&fp=0&advid=5189423&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F89.0.4389.72%2520Safari%252F537.36&ur=https%253A%252F%252Flp.clevernetwork.pt%252F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A0%2C%22page_url%22%3A%22%22%2C%22dm%22%3A%22%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A0%2C%22frst_vis_ts%22%3A1620850734%2C%22prev_vis_ts%22%3A0%2C%22curr_vis_ts%22%3A1620850734%2C%22total_page_cnt%22%3A0%2C%22prev_page_cnt%22%3A0%2C%22curr_page_cnt%22%3A1%7D%7D
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.192.105 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
tradelab.fr
Software
nginx/1.17.6 / Tradelab ITS / node3.tradelab.fr
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:54 GMT
Server
nginx/1.17.6
X-Powered-By
Tradelab ITS / node3.tradelab.fr
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
img
pixel.mathtag.com/misc/ Frame BECE 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1452156&mt_adid=122865&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 3709 11aaa92 master cdg-pixel-x9 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 20:18:54 GMT
Server
MT3 3709 11aaa92 master cdg-pixel-x9
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 12 May 2021 20:18:21 GMT
adsct
analytics.twitter.com/i/ Frame BECE 		31 B
651 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nz6yk&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Flp.clevernetwork.pt%2F&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.pokerstars.fr%2F
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
x-response-time
113
pragma
no-cache
last-modified
Wed, 12 May 2021 20:18:54 GMT
server
tsa_f
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
27ba53f235e4fd08105f6147beb6bcf1
x-transaction
0096dc2a00cbb06b
expires
Tue, 31 Mar 1981 05:00:00 GMT
adsct
t.co/i/ Frame BECE 		43 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nz6yk&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Flp.clevernetwork.pt%2F&tw_document_href=https%3A%2F%2Fwww.pokerstars.fr%2F
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
118
pragma
no-cache
last-modified
Wed, 12 May 2021 20:18:54 GMT
server
tsa_f
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
a97095183408ea642cf4a8225f50bf48
x-transaction
003ffa4100cfed0c
expires
Tue, 31 Mar 1981 05:00:00 GMT
4824.js
cdn.tradelab.fr/fseg/ Frame BECE 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tradelab.fr/fseg/4824.js?add=25237860
Requested by
Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/tag/c292f111f4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frd/E2AB) /
Resource Hash
e70dd2b13f3165a85a871f1863b5f17c7a68e961e2a2788a0921a630edf01bcc

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:54 GMT
content-encoding
gzip
last-modified
Mon, 25 Jan 2021 13:20:52 GMT
server
ECAcc (frd/E2AB)
age
1791
etag
"1bc0-5b9b9683b9159-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length
2596
expires
Wed, 12 May 2021 20:48:54 GMT
seg.js
cdn.tradelab.fr/ Frame BECE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tradelab.fr/seg.js?add=25695650
Requested by
Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/tag/c292f111f4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frd/E2B6) /
Resource Hash
4bcdad591e993084f420f4d2e05541355f3ef0a185dbe15b2cd1e8fd614039b7

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:54 GMT
content-encoding
gzip
last-modified
Wed, 06 Sep 2017 13:08:13 GMT
server
ECAcc (frd/E2B6)
age
215
etag
"a7c-558850954180e-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length
1107
expires
Wed, 12 May 2021 20:48:54 GMT
/
its.tradelab.fr/ Frame BECE 		43 B
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://its.tradelab.fr/?type=tp&advid=5189423&uuid=0&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1620850735%2C%22page_url%22%3A%22lp.clevernetwork.pt%2F%22%2C%22dm%22%3A%22pokerstars.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1620850734%2C%22prev_vis_ts%22%3A1620850734%2C%22curr_vis_ts%22%3A1620850735%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.192.105 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
tradelab.fr
Software
nginx/1.17.6 / Tradelab ITS / node5.tradelab.fr
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:54 GMT
Server
nginx/1.17.6
X-Powered-By
Tradelab ITS / node5.tradelab.fr
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
tag
s.thebrighttag.com/ Frame BECE 		130 B
718 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.thebrighttag.com/tag?site=G58M8eX&H=-35nia2i&referrer=https%3A%2F%2Fwww.pokerstars.fr%2F&docReferrer=https%3A%2F%2Flp.clevernetwork.pt%2F&mode=v2&cf=6854607%2C7470537%2C7177087&_cb_bt_data(%27pstrkidmanager%20mediamath%20uid%27)=4068609c-382c-4e00-9693-fc1a9ce2e5cc&_cb_bt_data(%27signal%20id%27)=677594753278846&_cb_bt_data(%27pstrkidmanager%20wid%27)=&_cb_bt_data(%27siteid%27)=FR&_cb_bt_data(%27currentdomain%27)=pokerstars.fr&btpdb.G58M8eX.dGZjLjc0Mzg0OTM=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjUzMTk1MDY=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjM2NjE5ODM=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjc0ODczNTg=U0VTU0lPTg
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.228.243.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-243-159.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3ade6f88c99df617285826ba7add5d4b141a09917b8da3a87eac2cf410aa7d83

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:54 GMT
content-encoding
gzip
Server
nginx
ETag
8ced92c5f928077079911a2a4904b5e5
P3P
CP=NOI DSP COR NID
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Type
text/javascript
Content-Length
149
X-BT-RequestId
46458bc1-b35f-11eb-b437-0000ac150901
tag
s.thebrighttag.com/ Frame BECE 		0
543 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.thebrighttag.com/tag?site=G58M8eX&H=-35nia2i&referrer=https%3A%2F%2Fwww.pokerstars.fr%2F&docReferrer=https%3A%2F%2Flp.clevernetwork.pt%2F&mode=v2&cf=7470537%2C7487903%2C7487904&_cb_bt_data(%27pstrkidmanager%20wid%27)=&_cb_bt_data(%27signal%20id%27)=677594753278846&_cb_bt_data(%27pstrkidmanager%20mediamath%20uid%27)=4068609c-382c-4e00-9693-fc1a9ce2e5cc&_cb_bt_data(%27pstrkidmanager%20fbpid%27)=&_cb_bt_data(%27pstrkidmanager%20fbclid%27)=&btpdb.G58M8eX.dGZjLjc0Mzg0OTM=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjUzMTk1MDY=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjM2NjE5ODM=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjc0ODczNTg=U0VTU0lPTg
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.228.243.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-243-159.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:54 GMT
Server
nginx
ETag
d41d8cd98f00b204e9800998ecf8427e
P3P
CP=NOI DSP COR NID
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Type
text/javascript
Content-Length
0
X-BT-RequestId
46484ae0-b35f-11eb-b4ae-0000ac1509da
tag
s.thebrighttag.com/ Frame BECE 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.thebrighttag.com/tag?site=G58M8eX&H=-35nia2i&referrer=https%3A%2F%2Fwww.pokerstars.fr%2F&docReferrer=https%3A%2F%2Flp.clevernetwork.pt%2F&mode=v2&cf=7486898&btpdb.G58M8eX.dGZjLjc0Mzg0OTM=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjUzMTk1MDY=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjM2NjE5ODM=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjc0ODczNTg=U0VTU0lPTg
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.228.243.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-243-159.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
888e7eb7b0549fa28bc345c180cc32a47c39a9e3883913379f1f6b9f84c96f0e

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:54 GMT
content-encoding
gzip
Server
nginx
ETag
b8113ac071d91b5329b0579d7e276176
P3P
CP=NOI DSP COR NID
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Type
text/javascript
Content-Length
1138
X-BT-RequestId
4648c010-b35f-11eb-aeac-0000ac1508e4
tag
s.thebrighttag.com/ Frame BECE 		0
543 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.thebrighttag.com/tag?site=G58M8eX&H=-35nia2i&referrer=https%3A%2F%2Fwww.pokerstars.fr%2F&docReferrer=https%3A%2F%2Flp.clevernetwork.pt%2F&mode=v2&cf=7486915&_cb_bt_data(%27signal%20id%27)=677594753278846&_cb_bt_data(%27ga%20uid%20mixed%27)=1583663651-1620850732&_cb_bt_data(%27ps_ga_property-(bi)%27)=UA-56166869-5&btpdb.G58M8eX.dGZjLjc0Mzg0OTM=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjUzMTk1MDY=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjM2NjE5ODM=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjc0ODczNTg=U0VTU0lPTg
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.228.243.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-243-159.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:54 GMT
Server
nginx
ETag
d41d8cd98f00b204e9800998ecf8427e
P3P
CP=NOI DSP COR NID
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Type
text/javascript
Content-Length
0
X-BT-RequestId
464cdec0-b35f-11eb-b4ae-0000ac1509da
dc_pre=CJCVi8L7xPACFYHe3godNNcAPg;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4818106735651.446
adservice.google.com/ddm/fls/z/ Frame 12F6 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CJCVi8L7xPACFYHe3godNNcAPg;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4818106735651.446
Requested by
Host: 8526803.fls.doubleclick.net
URL: https://8526803.fls.doubleclick.net/activityi;dc_pre=CJCVi8L7xPACFYHe3godNNcAPg;src=8526803;type=invmedia;cat=ps-ar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4818106735651.446?
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8526803.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
secure.adnxs.com/ Frame BECE
Redirect Chain
  • https://secure.adnxs.com/seg?add=25695650&t=2
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D25695650%26t%3D2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D25695650%26t%3D2
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:54 GMT
X-Proxy-Origin
185.246.211.87; 185.246.211.87; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.150:80
AN-X-Request-Uuid
99d22a48-31d4-4858-abb3-39ca8f03fa50
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:54 GMT
X-Proxy-Origin
185.246.211.87; 185.246.211.87; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.48:80
AN-X-Request-Uuid
dec68e9b-355d-45e0-9761-7f62a88a1e94
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D25695650%26t%3D2
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
its.tradelab.fr/ Frame BECE
Redirect Chain
  • https://its.tradelab.fr/?type=seg&uuid2=7253254579684264538&sid=25695650&val=null&fp=0&advid=5189423&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520Apple...
  • https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm=&google_tc=
  • https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEOkzLcYuVancmKMn4x65hu0&google_cver=1
43 B
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEOkzLcYuVancmKMn4x65hu0&google_cver=1
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.192.105 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
tradelab.fr
Software
nginx/1.17.6 / Tradelab ITS / node5.tradelab.fr
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:54 GMT
Server
nginx/1.17.6
X-Powered-By
Tradelab ITS / node5.tradelab.fr
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*

Redirect headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEOkzLcYuVancmKMn4x65hu0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1432216.js
cdn.tradelab.fr/conv/ Frame BECE 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tradelab.fr/conv/1432216.js
Requested by
Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/fseg/4824.js?add=25237860
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frd/E2B1) /
Resource Hash
92aa65c555cd5f5758a32d4d52968fa4f171164a4c1eea6469ba953f2d56ecf2

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:54 GMT
content-encoding
gzip
last-modified
Wed, 12 May 2021 13:52:47 GMT
server
ECAcc (frd/E2B1)
age
1756
etag
"1ba7-5c222535fc70c-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length
2441
expires
Wed, 12 May 2021 20:48:54 GMT
/
www.googleadservices.com/pagead/conversion/752674712/ Frame E80E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/752674712/?random=1620850734776&cv=9&fst=1620850734776&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOrtgML7xPACFasEBgAdu3cFKw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D677594753278846%3Bord%3D6943845432804.954%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.fr%252F&ref=https%3A%2F%2Fwww.pokerstars.fr%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
1055c7a3d9d36a5759ac4e8aead89f1766ea7577624ed6675cdd3c3b38642622
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8954552.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1223
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/702974000/ Frame E80E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/702974000/?random=1620850734795&cv=9&fst=1620850734776&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOrtgML7xPACFasEBgAdu3cFKw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D677594753278846%3Bord%3D6943845432804.954%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.fr%252F&ref=https%3A%2F%2Fwww.pokerstars.fr%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
569c3d203e2a5656899b04922f412a4d61802e630befe9a68530bc6546e3a869
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8954552.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1225
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
tr.snapchat.com/ Frame 233F 		0
207 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
POST
:authority
tr.snapchat.com
:scheme
https
:path
/p
content-length
339
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://www.pokerstars.fr
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.pokerstars.fr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
Origin
https://www.pokerstars.fr
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.pokerstars.fr/

Response headers

server
nginx/1.17.3
date
Wed, 12 May 2021 20:18:54 GMT
content-type
text/html
content-length
0
access-control-allow-origin
*
cache-control
no-cache, no-transform
set-cookie
sc_at=v2|H4sIAAAAAAAAAAXBiQkAMAgEsImEU+s3jpQ6hcM30U7urEvPS+kIB3UBNBizpxLss8suSEPoWXysTT/wMgAAAA==;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
servedby.flashtalking.com/container/18308;120606;12865;iframe/ Frame 1031 		24 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=677594753278846&ft_partnerid=677594753278846&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=141497.5237771934
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
prod-xre-app31.frk11 /
Resource Hash
d310e660e142a90fdf8f74867dd05d8718f0ec711efb3607bdcab29bc1a37fce

Request headers

Host
servedby.flashtalking.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.pokerstars.fr/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.pokerstars.fr/

Response headers

Date
Wed, 12 May 2021 20:18:54 GMT
Connection
close
Cache-Control
no-cache, no-store
Content-Type
text/html
Server
prod-xre-app31.frk11
Pragma
no-cache
X-HW
1620850734.dop207.pa1.t,1620850734.cds007.pa1.shn,1620850734.dop207.pa1.t,1620850734.cds204.pa1.sc,1620850734.cds204.pa1.p
/
servedby.flashtalking.com/container/18308;120606;12865;iframe/ Frame E18A 		24 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=677594753278846&ft_partnerid=677594753278846&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=880102.4930626706
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
prod-xre-app33.frk11 /
Resource Hash
b9dbfb8c9f19dbab42326fdc607b21dab0d63e2530f1780abfa4d15e4ff6ef3e

Request headers

Host
servedby.flashtalking.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.pokerstars.fr/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.pokerstars.fr/

Response headers

Date
Wed, 12 May 2021 20:18:54 GMT
Connection
close
Cache-Control
no-cache, no-store
Content-Type
text/html
Server
prod-xre-app33.frk11
Pragma
no-cache
X-HW
1620850734.dop023.pa1.shc,1620850734.dop023.pa1.t,1620850734.cds033.pa1.sc,1620850734.cds033.pa1.p
/
its.tradelab.fr/ Frame BECE 		43 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://its.tradelab.fr/?type=convr&x=1&cdata=%7B%22a%22%3A1432216%2C%22l%22%3A%5B14084295%2C14084296%2C14084297%2C14084298%2C14084299%2C14084300%2C14084301%2C14084302%2C14084303%2C14084304%2C14087289%2C14087695%2C14087696%2C14087698%2C14087699%2C14087700%2C14087701%2C14087702%2C14087703%2C14087704%2C14087705%2C14087707%2C14087758%2C14088588%2C14088589%2C14088590%2C14088591%2C14088592%2C14088614%2C14088615%2C14088616%2C14088617%2C14088618%2C14088619%2C14088620%2C14088621%2C14088833%2C14088834%2C14088835%2C14088836%2C14088837%2C14088838%2C14088839%2C14088840%2C14088841%2C14088842%2C14088843%2C14088844%2C14088845%2C14088846%2C14088928%2C14088929%2C14088930%2C14088931%2C14088932%2C14088933%2C14088934%2C14088935%2C14088956%2C14088967%2C14089013%2C14089014%2C14089015%2C14089016%2C14089018%2C14089019%2C14089020%2C14089021%2C14089022%2C14089023%2C14089024%2C14089025%2C14089026%2C14106411%2C14106423%2C14106427%2C14106492%2C14106500%2C14106573%2C14106589%2C14106618%2C14106626%2C14106699%2C14106700%2C14106701%2C14106702%2C14106703%2C14106704%2C14106705%2C14106706%2C14106707%2C14106708%2C14106715%2C14106716%2C14106717%2C14108528%2C14108530%2C14108531%2C14108532%2C14108535%2C14108536%2C14108537%2C14108538%2C14108539%2C14108560%2C14108561%2C14108562%2C14108563%2C14108564%2C14108565%2C14108566%2C14108567%2C14108568%2C14108569%2C14108570%2C14108571%2C14108572%2C14108573%2C14108574%2C14108575%2C14108577%2C14108578%2C14108579%2C14108580%2C14108581%2C14108582%2C14108583%2C14108584%2C14108592%2C14108593%2C14108594%2C14108595%2C14108596%2C14108597%2C14108598%2C14108599%2C14108600%2C14108601%2C14109150%2C14109155%2C14109156%2C14109160%2C14109222%2C14109223%2C14109224%2C14109237%2C14109530%2C14112294%2C14112295%2C14112546%2C14112938%2C14112963%2C14113045%2C14130627%2C14137247%2C14137698%2C14137742%2C14137930%2C14138477%2C14138483%2C14138729%2C14138767%2C14138806%2C14139071%2C14139135%2C14140278%2C14143076%2C14151598%2C14151682%2C14151686%2C14163673%2C14163674%2C14177818%2C14177819%2C14177820%2C14177821%2C14177822%2C14177823%2C14177824%2C14177825%2C14177826%2C14177827%2C14180354%2C14180355%2C14180356%2C14180357%2C14186170%2C14186245%2C14199460%2C14199680%2C14199691%2C14208337%2C14225699%2C14260323%2C14260327%2C14263815%2C14263816%2C14263817%2C14263818%2C14263973%2C14264546%2C14264547%2C14274625%2C14274635%2C14285493%2C14319395%2C14358513%2C14358555%2C14358628%2C14358757%2C14358953%2C14359298%2C14361355%2C14386876%2C14388190%2C14388987%2C14392380%2C14392523%2C14483881%2C14501253%2C14530345%2C14530359%2C14530595%2C14530598%2C14530870%2C14530871%2C14531719%2C14531776%2C14531793%2C14531813%2C14531955%2C14533388%2C14533887%2C14534343%2C14534345%2C14534439%2C14534441%2C14558115%2C14568311%2C14568331%2C14568340%2C14568368%2C14589641%2C14589647%2C14620041%2C14620075%2C14620104%2C14620815%2C14621814%2C14626108%2C14626109%2C14718163%2C14734054%2C14735105%2C14749676%2C14749762%2C14756484%2C14770471%5D%2C%22i%22%3A7%2C%22c%22%3A30%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=5189423&xur=lp.clevernetwork.pt%2F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1620850735%2C%22page_url%22%3A%22lp.clevernetwork.pt%2F%22%2C%22dm%22%3A%22pokerstars.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1620850734%2C%22prev_vis_ts%22%3A1620850734%2C%22curr_vis_ts%22%3A1620850735%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.192.105 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
tradelab.fr
Software
nginx/1.17.6 / Tradelab ITS / node1.tradelab.fr
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:54 GMT
Server
nginx/1.17.6
X-Powered-By
Tradelab ITS / node1.tradelab.fr
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
px
secure.adnxs.com/ Frame BECE 		43 B
970 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=1432216&t=2
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:54 GMT
X-Proxy-Origin
185.246.211.87; 185.246.211.87; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.133:80
AN-X-Request-Uuid
5daf8591-6035-4d81-83d8-9a1c46ad683a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
seg
secure.adnxs.com/ Frame BECE 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/seg?add=25237860&t=2
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:54 GMT
X-Proxy-Origin
185.246.211.87; 185.246.211.87; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.242:80
AN-X-Request-Uuid
acc27fb3-05dd-48f9-89c3-87e98732125c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
its.tradelab.fr/ Frame BECE 		43 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://its.tradelab.fr/?type=fseg&uuid2=7253254579684264538&sid=25237860&val=undefined&fun=4824&step=1&siev=25237855&fp=0&advid=5189423&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F89.0.4389.72%2520Safari%252F537.36&ur=https%253A%252F%252Flp.clevernetwork.pt%252F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1620850735%2C%22page_url%22%3A%22lp.clevernetwork.pt%2F%22%2C%22dm%22%3A%22pokerstars.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1620850734%2C%22prev_vis_ts%22%3A1620850734%2C%22curr_vis_ts%22%3A1620850735%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.192.105 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
tradelab.fr
Software
nginx/1.17.6 / Tradelab ITS / node4.tradelab.fr
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:54 GMT
Server
nginx/1.17.6
X-Powered-By
Tradelab ITS / node4.tradelab.fr
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
/
www.google.de/pagead/1p-conversion/752674712/ Frame E80E
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/752674712/?random=1778755866&cv=9&fst=1620850734776&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059...
  • https://www.google.com/pagead/1p-conversion/752674712/?random=1778755866&cv=9&fst=1620850734776&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600...
  • https://www.google.de/pagead/1p-conversion/752674712/?random=1778755866&cv=9&fst=1620850734776&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/752674712/?random=1778755866&cv=9&fst=1620850734776&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOrtgML7xPACFasEBgAdu3cFKw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D677594753278846%3Bord%3D6943845432804.954%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.fr%252F&ref=https%3A%2F%2Fwww.pokerstars.fr%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=LjicYI3hMdr4gAfu4pa4AQ&random=565660545&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: 8954552.fls.doubleclick.net
URL: https://8954552.fls.doubleclick.net/activityi;dc_pre=COrtgML7xPACFasEBgAdu3cFKw;src=8954552;type=rmcom0;cat=sg_we0;u27=677594753278846;ord=6943845432804.954;~oref=https%3A%2F%2Fwww.pokerstars.fr%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8954552.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:54 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/752674712/?random=1778755866&cv=9&fst=1620850734776&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOrtgML7xPACFasEBgAdu3cFKw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D677594753278846%3Bord%3D6943845432804.954%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.fr%252F&ref=https%3A%2F%2Fwww.pokerstars.fr%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=LjicYI3hMdr4gAfu4pa4AQ&random=565660545&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/702974000/ Frame E80E
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/702974000/?random=807339764&cv=9&fst=1620850734776&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&eid=25050596...
  • https://www.google.com/pagead/1p-conversion/702974000/?random=807339764&cv=9&fst=1620850734776&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&...
  • https://www.google.de/pagead/1p-conversion/702974000/?random=807339764&cv=9&fst=1620850734776&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/702974000/?random=807339764&cv=9&fst=1620850734776&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOrtgML7xPACFasEBgAdu3cFKw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D677594753278846%3Bord%3D6943845432804.954%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.fr%252F&ref=https%3A%2F%2Fwww.pokerstars.fr%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=LjicYLCpMqGtx_APsdul6AY&cid=CAQSKQCNIrLMMpqdGJzRcI4fuzElaH4C4kVtYAr_FKuUEUV2pE4WKJxkyFyb&random=2481125610&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: 8954552.fls.doubleclick.net
URL: https://8954552.fls.doubleclick.net/activityi;dc_pre=COrtgML7xPACFasEBgAdu3cFKw;src=8954552;type=rmcom0;cat=sg_we0;u27=677594753278846;ord=6943845432804.954;~oref=https%3A%2F%2Fwww.pokerstars.fr%2F
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8954552.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:54 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/702974000/?random=807339764&cv=9&fst=1620850734776&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOrtgML7xPACFasEBgAdu3cFKw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D677594753278846%3Bord%3D6943845432804.954%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.fr%252F&ref=https%3A%2F%2Fwww.pokerstars.fr%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=LjicYLCpMqGtx_APsdul6AY&cid=CAQSKQCNIrLMMpqdGJzRcI4fuzElaH4C4kVtYAr_FKuUEUV2pE4WKJxkyFyb&random=2481125610&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
servedby.flashtalking.com/container/29;71832;7464;iframe/ Frame 2111
Redirect Chain
  • https://servedby.flashtalking.com/map/?key=a7rAgh52909gAgrTaAporDg928888&url=https://servedby.flashtalking.com/container/29;71832;7464;iframe/?g=[%FT_GUID%]
  • https://servedby.flashtalking.com/container/29;71832;7464;iframe/?g=4880B36C810ADE
262 B
551 B 		Document
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/container/29;71832;7464;iframe/?g=4880B36C810ADE
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=677594753278846&ft_partnerid=677594753278846&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=141497.5237771934
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
prod-xre-app32.frk11 /
Resource Hash
fcfe8718632767474e43758fad2a1f98cdd3665a66e34a81c9d65140109d56f2

Request headers

Host
servedby.flashtalking.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=677594753278846&ft_partnerid=677594753278846&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=141497.5237771934
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
flashtalkingad1="GUID=4880B36C810ADE"
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=677594753278846&ft_partnerid=677594753278846&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=141497.5237771934

Response headers

Date
Wed, 12 May 2021 20:18:54 GMT
Connection
close
Cache-Control
no-cache, no-store
Content-Type
text/html
Server
prod-xre-app32.frk11
Pragma
no-cache
X-HW
1620850734.dop214.pa1.shc,1620850734.dop214.pa1.t,1620850734.cds227.pa1.sc,1620850734.cds227.pa1.p

Redirect headers

Date
Wed, 12 May 2021 20:18:54 GMT
Connection
Keep-Alive
Cache-Control
no-cache, no-store
Content-Length
0
Server
prod-xre-app14.frk11
Set-Cookie
flashtalkingad1="GUID=4880B36C810ADE";Path=/;Domain=flashtalking.com;Expires=Fri, 12-May-23 20:18:54 GMT;SameSite=None;Secure
Pragma
no-cache
P3P
policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location
https://servedby.flashtalking.com/container/29;71832;7464;iframe/?g=4880B36C810ADE
X-HW
1620850734.dop206.pa1.shc,1620850734.dop206.pa1.t,1620850734.cds219.pa1.sc,1620850734.cds219.pa1.p
d9core
d9.flashtalking.com/ Frame 1031 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d9.flashtalking.com/d9core
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=677594753278846&ft_partnerid=677594753278846&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=141497.5237771934
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.98.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
c374fe04896c6f28be274196e73fd7bb3cc5562110239cabfe3b4af7e349d457

Request headers

Referer
https://servedby.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 20:18:55 GMT
Content-Encoding
gzip
Server
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
ETag
5081bddacaee651b68e0a4f07183080d
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
d9.flashtalking.com
Cache-Control
private, must-revalidate, proxy-revalidate, max-age=172800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript;charset=utf-8
Content-Length
3594
/
servedby.flashtalking.com/container/29;71832;7464;iframe/ Frame D774
Redirect Chain
  • https://servedby.flashtalking.com/map/?key=a7rAgh52909gAgrTaAporDg928888&url=https://servedby.flashtalking.com/container/29;71832;7464;iframe/?g=[%FT_GUID%]
  • https://servedby.flashtalking.com/container/29;71832;7464;iframe/?g=4880D2691BC07A
262 B
551 B 		Document
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/container/29;71832;7464;iframe/?g=4880D2691BC07A
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=677594753278846&ft_partnerid=677594753278846&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=880102.4930626706
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
prod-xre-app30.frk11 /
Resource Hash
fcfe8718632767474e43758fad2a1f98cdd3665a66e34a81c9d65140109d56f2

Request headers

Host
servedby.flashtalking.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=677594753278846&ft_partnerid=677594753278846&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=880102.4930626706
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
flashtalkingad1="GUID=4880D2691BC07A"
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=677594753278846&ft_partnerid=677594753278846&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=880102.4930626706

Response headers

Date
Wed, 12 May 2021 20:18:55 GMT
Connection
close
Cache-Control
no-cache, no-store
Content-Type
text/html
Server
prod-xre-app30.frk11
Pragma
no-cache
X-HW
1620850734.dop206.pa1.shc,1620850734.dop206.pa1.t,1620850735.cds219.pa1.sc,1620850735.cds219.pa1.p

Redirect headers

Date
Wed, 12 May 2021 20:18:54 GMT
Connection
Keep-Alive
Cache-Control
no-cache, no-store
Content-Length
0
Server
prod-xre-app39.frk11
Set-Cookie
flashtalkingad1="GUID=4880D2691BC07A";Path=/;Domain=flashtalking.com;Expires=Fri, 12-May-23 20:18:54 GMT;SameSite=None;Secure
Pragma
no-cache
P3P
policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location
https://servedby.flashtalking.com/container/29;71832;7464;iframe/?g=4880D2691BC07A
X-HW
1620850734.dop206.pa1.shc,1620850734.dop206.pa1.t,1620850734.cds219.pa1.sc,1620850734.cds219.pa1.p
d9core
d9.flashtalking.com/ Frame E18A 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d9.flashtalking.com/d9core
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=677594753278846&ft_partnerid=677594753278846&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=880102.4930626706
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.98.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
c2ec3a5431f6735374262d4bfc53422457a120a905ddb5d9f534724e83f1c223

Request headers

Referer
https://servedby.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 20:18:54 GMT
Content-Encoding
gzip
Server
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
ETag
5081bddacaee651b68e0a4f07183080d
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
d9.flashtalking.com
Cache-Control
private, must-revalidate, proxy-revalidate, max-age=172800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript;charset=utf-8
Content-Length
3595
/
servedby.flashtalking.com/spot/1/18308;120607;12865/ Frame 1031 		42 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servedby.flashtalking.com/spot/1/18308;120607;12865/?U7=677594753278846&ft_partnerid=677594753278846&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=141497.5237771934&ft_guid=4880B36C810ADE&ft_log=1&ft_trackID=16208507-3484-264C-074B-0597523684B7&ft_guidCreated=1
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=677594753278846&ft_partnerid=677594753278846&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=141497.5237771934
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
prod-xre-app25.frk11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=677594753278846&ft_partnerid=677594753278846&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=141497.5237771934
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:55 GMT
Server
prod-xre-app25.frk11
X-HW
1620850735.dop031.pa1.shc,1620850735.dop031.pa1.t,1620850735.cds045.pa1.sc,1620850735.cds045.pa1.p
Content-Type
image/gif
Cache-Control
no-cache,no-store
Connection
Keep-Alive
Content-Length
42
1
tapestry.tapad.com/tapestry/ Frame 1031 		95 B
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tapestry.tapad.com/tapestry/1?ta_partner_id=2035&ta_partner_did=4880B36C810ADE&ta_format=png
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=677594753278846&ft_partnerid=677594753278846&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=141497.5237771934
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Jetty(9.4.36.v20210114) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://servedby.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:55 GMT
via
1.1 google
server
Jetty(9.4.36.v20210114)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/png
alt-svc
clear
content-length
95
/
servedby.flashtalking.com/spot/1/18308;120607;12865/ Frame E18A 		42 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servedby.flashtalking.com/spot/1/18308;120607;12865/?U7=677594753278846&ft_partnerid=677594753278846&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=880102.4930626706&ft_guid=4880D2691BC07A&ft_log=1&ft_trackID=16208507-3488-47CD-0DBC-808B3C43355C&ft_guidCreated=1
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=677594753278846&ft_partnerid=677594753278846&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=880102.4930626706
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
prod-xre-app6.frk11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=677594753278846&ft_partnerid=677594753278846&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=880102.4930626706
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:55 GMT
Server
prod-xre-app6.frk11
X-HW
1620850735.dop031.pa1.shc,1620850735.dop031.pa1.t,1620850735.cds045.pa1.sc,1620850735.cds045.pa1.p
Content-Type
image/gif
Cache-Control
no-cache,no-store
Connection
Keep-Alive
Content-Length
42
1
tapestry.tapad.com/tapestry/ Frame E18A 		95 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tapestry.tapad.com/tapestry/1?ta_partner_id=2035&ta_partner_did=4880D2691BC07A&ta_format=png
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=677594753278846&ft_partnerid=677594753278846&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=880102.4930626706
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Jetty(9.4.36.v20210114) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://servedby.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:55 GMT
via
1.1 google
server
Jetty(9.4.36.v20210114)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/png
alt-svc
clear
content-length
95
lgc
d9.flashtalking.com/ Frame 1031 		64 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d9.flashtalking.com/lgc
Requested by
Host: d9.flashtalking.com
URL: https://d9.flashtalking.com/d9core
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.98.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
a5f87b4acca9961d06878a8610c262d7f83ca7b366befe7cea0ae69987d6de45

Request headers

Referer
https://servedby.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Wed, 12 May 2021 20:18:54 GMT
Server
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
https://servedby.flashtalking.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=ISO-8859-1
Content-Length
64
lgc
d9.flashtalking.com/ Frame E18A 		49 B
671 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d9.flashtalking.com/lgc
Requested by
Host: d9.flashtalking.com
URL: https://d9.flashtalking.com/d9core
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.98.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
e88ff0da27ebfca1b40736a4888f8b1a21c02306684327bddafce4b3dc8b1cef

Request headers

Referer
https://servedby.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Wed, 12 May 2021 20:18:54 GMT
Server
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
https://servedby.flashtalking.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=ISO-8859-1
Content-Length
49
img.png
d9.flashtalking.com/img/ Frame 1031 		70 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9.flashtalking.com/img/img.png?cnx=2ccd6b5700a189ee23e8c7cd4f43ce98
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=677594753278846&ft_partnerid=677594753278846&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=141497.5237771934
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.98.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer
https://servedby.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 20:18:55 GMT
Access-Control-Allow-Credentials
true
Server
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
Connection
keep-alive
Content-Length
70
Access-Control-Allow-Methods
GET,POST,SERVER
Content-Type
image/png
api
s.thebrighttag.com/ Frame 1031 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.thebrighttag.com/api?site=G58M8eX&referrer=flashtalking&ftrackid=d9:9a273e32f87e484a9751e190d381b290&uid=677594753278846&cachebuster=930191.2331120925
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=677594753278846&ft_partnerid=677594753278846&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=141497.5237771934
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.228.243.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-243-159.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://servedby.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
servedby.flashtalking.com/segment/modify/agc5_18308;;pixel/ Frame 1031 		42 B
635 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servedby.flashtalking.com/segment/modify/agc5_18308;;pixel/?name=tsg&cb=685666.4218522701
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=677594753278846&ft_partnerid=677594753278846&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=141497.5237771934
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
prod-xre-app18.frk11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=677594753278846&ft_partnerid=677594753278846&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=141497.5237771934
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:55 GMT
Server
prod-xre-app18.frk11
X-HW
1620850735.dop031.pa1.shc,1620850735.dop031.pa1.t,1620850735.cds045.pa1.sc,1620850735.cds045.pa1.p
P3P
policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Type
image/gif
Content-Length
42
/
servedby.flashtalking.com/track/120607;12865;403;16208507-3484-264C-074B-0597523684B7/ Frame 1031 		42 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servedby.flashtalking.com/track/120607;12865;403;16208507-3484-264C-074B-0597523684B7/?ft_data=d9:9a273e32f87e484a9751e190d381b290&cachebuster=675754.7768515173
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=677594753278846&ft_partnerid=677594753278846&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=141497.5237771934
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
prod-xre-app16.frk11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=677594753278846&ft_partnerid=677594753278846&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=141497.5237771934
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:55 GMT
Server
prod-xre-app16.frk11
X-HW
1620850735.dop031.pa1.shc,1620850735.dop031.pa1.t,1620850735.cds045.pa1.sc,1620850735.cds045.pa1.p
P3P
policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Type
image/gif
Content-Length
42
Expires
Fri, 01 Jan 1990 00:00:00 GMT
1
tapestry.tapad.com/tapestry/ Frame 1031 		95 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tapestry.tapad.com/tapestry/1?ta_partner_id=2176&ta_partner_did=9a273e32f87e484a9751e190d381b290&ta_format=png
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=677594753278846&ft_partnerid=677594753278846&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=141497.5237771934
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Jetty(9.4.36.v20210114) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://servedby.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:55 GMT
via
1.1 google
server
Jetty(9.4.36.v20210114)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/png
alt-svc
clear
content-length
95
1
tapestry.tapad.com/tapestry/ Frame E18A 		95 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tapestry.tapad.com/tapestry/1?ta_partner_id=2176&ta_partner_did=9a273e32f87e484a9751e190d381b290&ta_format=png
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=677594753278846&ft_partnerid=677594753278846&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=880102.4930626706
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Jetty(9.4.36.v20210114) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://servedby.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:55 GMT
via
1.1 google
server
Jetty(9.4.36.v20210114)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/png
alt-svc
clear
content-length
95
api
s.thebrighttag.com/ Frame E18A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.thebrighttag.com/api?site=G58M8eX&referrer=flashtalking&ftrackid=d9:9a273e32f87e484a9751e190d381b290&uid=677594753278846&cachebuster=678085.8323844223
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=677594753278846&ft_partnerid=677594753278846&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=880102.4930626706
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.228.243.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-243-159.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://servedby.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
servedby.flashtalking.com/segment/modify/agc5_18308;;pixel/ Frame E18A 		42 B
635 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servedby.flashtalking.com/segment/modify/agc5_18308;;pixel/?name=tsg&cb=870132.3910201597
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=677594753278846&ft_partnerid=677594753278846&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=880102.4930626706
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
prod-xre-app11.frk11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=677594753278846&ft_partnerid=677594753278846&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=880102.4930626706
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:55 GMT
Server
prod-xre-app11.frk11
X-HW
1620850735.dop035.pa1.shc,1620850735.dop035.pa1.t,1620850735.cds219.pa1.sc,1620850735.cds219.pa1.p
P3P
policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Type
image/gif
Content-Length
42
/
servedby.flashtalking.com/track/120607;12865;403;16208507-3488-47CD-0DBC-808B3C43355C/ Frame E18A 		42 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servedby.flashtalking.com/track/120607;12865;403;16208507-3488-47CD-0DBC-808B3C43355C/?ft_data=d9:9a273e32f87e484a9751e190d381b290&cachebuster=383378.87145974615
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=677594753278846&ft_partnerid=677594753278846&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=880102.4930626706
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
prod-xre-app12.frk11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=677594753278846&ft_partnerid=677594753278846&ft_referrer=https%3A//www.pokerstars.fr/&ns=https%3A//lp.clevernetwork.pt/&cb=880102.4930626706
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:55 GMT
Server
prod-xre-app12.frk11
X-HW
1620850735.dop031.pa1.shc,1620850735.dop031.pa1.t,1620850735.cds045.pa1.sc,1620850735.cds045.pa1.p
P3P
policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Type
image/gif
Content-Length
42
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021050601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aefc19922fb002cb1ef4ae9eb33b8a0abb628f504b1bd4a945b4d92131a793e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 12 May 2021 20:18:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7624
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 12 May 2021 20:18:55 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame A15B 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Wed, 12 May 2021 20:16:44 GMT
expires
Thu, 12 May 2022 20:16:44 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
131
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
pagead2.googlesyndication.com/bg/ Frame A15B 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5546f9e074ab70995f0edefafb361236f1d83da768a83e72b23587d9a4c63f3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 10:37:47 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 09:28:00 GMT
server
sffe
age
34868
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5687
x-xss-protection
0
expires
Thu, 12 May 2022 10:37:47 GMT
event.png
tps20230.doubleverify.com/ Frame 2CC6 		67 B
492 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20230.doubleverify.com/event.png?impid=c2ce23459c0d463ca9916e44d28155d4&gdpr=&gdpr_consent=&msrcanlm=392&msrcannum=3&eoid=7&ismms=55&isumms=54&isvelg=1&nvr=6&isgmmims=55&isgmv4mims=55&elmtp=6&isbxdms=2229&b0=100&b11=2313&adhgt=250&adwdth=300&norwdth=300&norhgt=250&engisel=1&vsos=4&dvp_vsosnmr=16&lftb=2413&sftb=2413&msrdp=4&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1059&isuiabvms=1059&isgmpims=162&isgmv4dpims=1059&ispmxpms=1059&engalms=52&dvp_dpr=1&cbust=1620850735342543
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1344.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.11 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:55 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
5/11/2021 8:18:55 PM
event.png
tps20245.doubleverify.com/ Frame 5E3D 		67 B
492 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20245.doubleverify.com/event.png?impid=2be2d91a045444d8a8f87e794a138f68&gdpr=&gdpr_consent=&msrcanlm=394&msrcannum=4&eoid=7&ismms=15&isumms=14&isvelg=1&nvr=6&elmtp=3&isbxdms=2150&b0=100&b11=2413&adhgt=250&adwdth=300&norwdth=300&norhgt=250&engisel=1&vsos=4&dvp_vsosnmr=16&lftb=2513&sftb=2513&msrdp=7&naral=2&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=916&isuiabvms=916&ispmxpms=916&engalms=14&dvp_dpr=1&cbust=1620850735354502
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1344.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.11 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:55 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
5/11/2021 8:18:55 PM
gen_204
pagead2.googlesyndication.com/pagead/ 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021050601&jk=2294199495335901&bg=!t7SltPDNAAY59bwoOfU7ACkAdvg8WseqkYhTkDdxakpltsqC3b8odCa_zJbzG21E5Tk4BLcKtPEBSwIAAAB6UgAAAA5oAQcKAVKcNZ-e3wJ3YpIweShyWQaG9fruA5Gh213waP38SRHTXuYILb8yOOwsbkcjD83NbY7z-o8CUNnz8rVBm6adQ78XjfigbgXygmdaNkCkUOdWIvab9zdQgzh-ACqWnLrS8KkUAaLKVtd8evb0crfgW1EN4_LzjvCaNI7os3fseOFl6_huKW1-jwhHg2wpAeYVNKqzkLIVzS1cLaTZhpwl25jdQG3W4VA6MhqRoZnbTV74XwV1xpMobr7mnVkQDLZHw25DZnVJ7EhuF5TEyJAt1pb9ksaeuK0taFoe8zEYGqLdpUttnKMRpSPq5ZUgqM_0PiG4i-MUC08EAtsOCjOkabLcFo5k6F0--vk3qiM_j3CS3HEDl3xJu8y_4kh9Ta8nNr-YTo_BEVZxRz41HPpTFqd7VO9J1XsImXxjvZXoXvEafe70cQuUBuJfTW8sGzk5tPAFwZkCRU-ruVW9kBAIm_78MC6HfguIj-2dOHaf2IF2q9tJ0-lxgzwxAU5r4uoQLekT9uV7Hmv3I1Zqj3ELa7O_F9h4ha903R2-H4yQnzzYi62LWwC9BAH2fppO23b_RkCtNNa6gaLP4Y9aAwS-3XRDiPZwUoKNF9r0ebEl6PF7Ev29svN1DlordkXfQSqoFMk_Nl2rt-wvfZkvZRAWqX5JAlV1IHgFgGjqWikisZK-qDqPJ9KIic4G_uzHQhMMwbnJGpzoOyP7syALNVw-gkqOivzMdSsmDfiE2O1KBU3WbVT2gFjr1awMwYyW-tEDRBUFIFchYK2si6HOpHVyl0uoDIWuNzCs5iPynZcOyyatQjYsnxd3ii9JQkudlrv_WrcIj0hgSmkiPcgUFQoXUBpiebCFrmj-9-roA_hJgnhiUk_p8C7hPZb1sHW9foS9ITMvnSKBY6LjdICsZ_enGWQz3bHb3NTNflJdoW3e-JuSGExxjN0gtPAic_OHrUi8C9wIH9C9MMtG6twSMjc5VdSkm6Y-gJisBlEuewnQ0AxAuizxXsqt_K0OcxZvmwr_1Av9rVZD-5oBPWgbeUEZBxOLldgZl0QYWKTeYy8J9AoPCYxzEIVD7mG7HVNjZnOXijyzqCodC03h3I4-pKQqbB3fjn6pDz4i_YWsuiBwBLiIm9Rgs9ZZkICasoKqgjYPgVEHsxWMMyiZHyM1Fk86G3-44BCzhLERcI_P6dLb0YchZT_7CZ08YgfDnYw9YRrSl4GUc3lh7uOjNrJU
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 20:18:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame BECE 		44 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1152875091428286&ev=Microdata&dl=https%3A%2F%2Fwww.pokerstars.fr%2F&rl=https%3A%2F%2Flp.clevernetwork.pt%2F&if=true&ts=1620850735877&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Poker%20en%20ligne%20-%20Jouez%20des%20parties%20de%20poker%20sur%20PokerStars%22%2C%22meta%3Adescription%22%3A%22Rejoignez%20PokerStars%20d%C3%A8s%20aujourd%E2%80%99hui%20-%20la%20meilleure%20salle%20de%20poker%20en%20ligne%20avec%20les%20meilleurs%20tournois%20du%20web.%20De%20superbes%20offres%20pour%20les%20nouveaux%20joueurs%2C%20ne%20passez%20pas%20%C3%A0%20c%C3%B4t%C3%A9%C2%A0!%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&ud[external_id]=822bd79a88a6598c48ec2f2989cbe53460085d9bebc866de623e3e8ee0565f27&v=2.9.39&r=stable&ec=1&o=30&it=1620850734281&coo=false&es=automatic&tm=3&exp=l0&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:55 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 12 May 2021 20:18:55 GMT
bsevent.gif
tps20516.doubleverify.com/ Frame BE91 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tps20516.doubleverify.com/bsevent.gif?impid=e2a443ecd9004eddb172aca82e49718a&mascid=kolwoctpq47f1fl35m5pjtt7djriy3cy&dvp_masver=6&dvp_tisf=2&dvp_t1stMsgB=492&cbust=1620850736758286
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.26 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:56 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
max-age=0
Content-Length
860
Expires
5/11/2021 8:18:56 PM
event.png
tps20230.doubleverify.com/ Frame 2CC6 		67 B
492 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20230.doubleverify.com/event.png?impid=c2ce23459c0d463ca9916e44d28155d4&gdpr=&gdpr_consent=&mascid=kolwoctpq47f1fl35m5pjtt7djriy3cy&dvp_masver=1344&eoid=8&cbust=1620850737494239
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1344.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.11 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:57 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
5/11/2021 8:18:57 PM
event.png
tps20245.doubleverify.com/ Frame 5E3D 		67 B
492 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20245.doubleverify.com/event.png?impid=2be2d91a045444d8a8f87e794a138f68&gdpr=&gdpr_consent=&mascid=kolwod84guntu94ghra5d2u2jxsiaupv&dvp_masver=1344&eoid=8&cbust=1620850737497969
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1344.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.11 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:57 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
5/11/2021 8:18:57 PM
825.js
cdn.tradelab.fr/fseg/ Frame BECE 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tradelab.fr/fseg/825.js?add=4232220
Requested by
Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/tag/c292f111f4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frd/E2B7) /
Resource Hash
a77b03ac59bedd835e6261c2e0243a81824107314f736763c991f74f6c9528c4

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:59 GMT
content-encoding
gzip
last-modified
Thu, 26 Mar 2020 14:24:44 GMT
server
ECAcc (frd/E2B7)
age
773
etag
"20b1-5a1c2bf055fd2-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length
2723
expires
Wed, 12 May 2021 20:48:59 GMT
645002.js
cdn.tradelab.fr/conv/ Frame BECE 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tradelab.fr/conv/645002.js
Requested by
Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/fseg/825.js?add=4232220
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frd/E322) /
Resource Hash
45b71a7a36718d83840240c4b86fc9dd385f797bea63b3ee3b625e25163e8458

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:59 GMT
content-encoding
gzip
last-modified
Wed, 24 Feb 2021 16:09:24 GMT
server
ECAcc (frd/E322)
age
872
etag
"459e-5bc1742308e32-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length
6609
expires
Wed, 12 May 2021 20:48:59 GMT
/
its.tradelab.fr/ Frame BECE 		43 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://its.tradelab.fr/?type=convr&x=1&cdata=%7B%22a%22%3A645002%2C%22l%22%3A%5B2911043%2C3374860%2C3374870%2C3374871%2C3375631%2C3375634%2C3375636%2C3375869%2C3485777%2C3610728%2C4139570%2C4139577%2C5229563%2C5512754%2C5523904%2C5527627%2C5577407%2C5577415%2C5683612%2C5707327%2C5707518%2C5729834%2C5751995%2C5752074%2C5772094%2C5772112%2C5772126%2C5772157%2C5772186%2C5772205%2C5772383%2C5772421%2C5807843%2C5812186%2C5894602%2C5907913%2C5933676%2C5969498%2C5969642%2C5969671%2C5969675%2C5971810%2C5971880%2C5992671%2C5992999%2C5993021%2C6000363%2C6001937%2C6002209%2C6002253%2C6002382%2C6002507%2C6140505%2C6154762%2C6154871%2C6159236%2C6159578%2C6162984%2C6162989%2C6163852%2C6164009%2C6164071%2C6164072%2C6164436%2C6164437%2C6193482%2C6195004%2C6195041%2C6195042%2C6195043%2C6195531%2C6195532%2C6195533%2C6195609%2C6214062%2C6214063%2C6214064%2C6214094%2C6214097%2C6214101%2C6214202%2C6214204%2C6214208%2C6221015%2C6221229%2C6222282%2C6226174%2C6226212%2C6226218%2C6226221%2C6226226%2C6226446%2C6226454%2C6226458%2C6226476%2C6226484%2C6226643%2C6226796%2C6226877%2C6226880%2C6227027%2C6227558%2C6234208%2C6234214%2C6234248%2C6234255%2C6234287%2C6234366%2C6234427%2C6234545%2C6235523%2C6235651%2C6237797%2C6237800%2C6237832%2C6237857%2C6291044%2C6291049%2C6291104%2C6291106%2C6291111%2C6291118%2C6291124%2C6291138%2C6291946%2C6291953%2C6291969%2C6311673%2C6318389%2C6330471%2C6330749%2C6331140%2C6331216%2C6331277%2C6331301%2C6357110%2C6357745%2C6357758%2C6357771%2C6364697%2C6364707%2C6386022%2C6386029%2C6422150%2C6422153%2C6455878%2C6455884%2C6471290%2C6471292%2C6479718%2C6479764%2C6526614%2C6563367%2C6563414%2C6590178%2C6776590%2C6778340%2C6779076%2C6779365%2C6806511%2C6807202%2C6816216%2C6816242%2C6816247%2C6816326%2C6816335%2C6816341%2C6842289%2C6842296%2C6842320%2C6842381%2C6842396%2C6842507%2C6851735%2C6860538%2C6875822%2C6876078%2C6878676%2C6886610%2C6889819%2C6889820%2C6889829%2C6895218%2C6895221%2C6895281%2C6895289%2C6902404%2C6902406%2C6906372%2C6914830%2C6914832%2C6914833%2C6917298%2C6917319%2C6917321%2C6917325%2C6917329%2C6917415%2C7018738%2C7037742%2C7037747%2C7037879%2C7043219%2C7043221%2C7043222%2C7043223%2C7043356%2C7043359%2C7043387%2C7050757%2C7050810%2C7054802%2C7054821%2C7054845%2C7055172%2C7055180%2C7055199%2C7055243%2C7055269%2C7055280%2C7055313%2C7055360%2C7055754%2C7057671%2C7057780%2C7059421%2C7073089%2C7081770%2C7081774%2C7081869%2C7081871%2C7082029%2C7082088%2C7082091%2C7082175%2C7082177%2C7089154%2C7089369%2C7089726%2C7089791%2C7089907%2C7090617%2C7090621%2C7090626%2C7090631%2C7098648%2C7098649%2C7098654%2C7098664%2C7098673%2C7125571%2C7209540%2C7209542%2C7209543%2C7209544%2C7209546%2C7209548%2C7209549%2C7209550%2C7209995%2C7209997%2C7209999%2C7210001%2C7210195%2C7210198%2C7210208%2C7215834%2C7226638%2C7226689%2C7226691%2C7226766%2C7226777%2C7226784%2C7226796%2C7226942%2C7227046%2C7227047%2C7228256%2C7228261%2C7228262%2C7228265%2C7228268%2C7228270%2C7228272%2C7228273%2C7228277%2C7228284%2C7228285%2C7228289%2C7228298%2C7228299%2C7228300%2C7228302%2C7228320%2C7228331%2C7291167%2C7292156%2C7307100%2C7307264%2C7359086%2C7361643%2C7365559%2C7462205%2C7481343%2C7525396%2C7525559%2C7525623%2C7525690%2C7525745%2C7525847%2C7526713%2C7536183%2C7536493%2C7537492%2C7537579%2C7538501%2C7538532%2C7538638%2C7538719%2C7538977%2C7539323%2C7539357%2C7539424%2C7539466%2C7539475%2C7539506%2C7542691%2C7542814%2C7542908%2C7542924%2C7544348%2C7544399%2C7544474%2C7544514%2C7544544%2C7549646%2C7549719%2C7549749%2C7550152%2C7550161%2C7550213%2C7572162%2C7716684%2C7717144%2C7717791%2C7717812%2C7717827%2C7717839%2C7717845%2C7717929%2C7717945%2C7791362%2C7791430%2C7791447%2C7831211%2C7831225%2C7831261%2C7831271%2C7831809%2C7831811%2C7831815%2C7831831%2C7945977%2C7954109%2C8016142%2C8016159%2C8016171%2C8016175%2C8016181%2C8016206%2C8016306%2C8016315%2C8016332%2C8016350%2C8016357%2C8016364%2C8018483%2C8018490%2C8018538%2C8018546%2C8018559%2C8018567%2C8019394%2C8019396%2C8025229%2C8025244%2C8025246%2C8025250%2C8032818%2C8032824%2C8032827%2C8035172%2C8035174%2C8035175%2C8035176%2C8035180%2C8035184%2C8035188%2C8035190%2C8049459%2C8049473%2C8049493%2C8049509%2C8081387%2C8081422%2C8081425%2C8083336%2C8097798%2C8097803%2C8097831%2C8097833%2C8110565%2C8110587%2C8110595%2C8110599%2C8124939%2C8124944%2C8124953%2C8124960%2C8178320%2C8178327%2C8178331%2C8178333%2C8211948%2C8359406%2C8359412%2C8359420%2C8359431%2C8359441%2C8359637%2C8365506%2C8392744%2C8505019%2C8643514%2C8643560%2C8643589%2C8643686%2C8643748%2C8643808%2C8643881%2C8643903%2C8643943%2C8643973%2C8644038%2C8648496%2C8648497%2C8648502%2C8761737%2C8771359%2C8813308%2C8813343%2C8813346%2C8813349%2C8896437%2C8896445%2C8896457%2C8897484%2C8897495%2C8897500%2C8897529%2C8897530%2C8897532%2C8897533%2C8897534%2C8897535%2C8897869%2C8903049%2C8903064%2C8903076%2C8903099%2C8903103%2C8903105%2C8903122%2C8903123%2C8903125%2C8903128%2C8903132%2C8903531%2C8903539%2C8903563%2C8903568%2C8903594%2C8903599%2C8904004%2C8904014%2C8904020%2C8904031%2C8904037%2C8904056%2C8904059%2C8904063%2C9104939%2C9130903%2C9131544%2C9139541%2C9203023%2C9203067%2C9203116%2C9278395%2C9351038%2C9387947%2C9397722%2C9409325%2C9514351%2C9514357%2C9612423%2C9612517%2C9612648%2C9629921%2C9696006%2C9696064%2C9696100%2C9703331%2C9703486%2C9703627%2C9719551%2C9720613%2C9721538%2C9721695%2C9721702%2C9721705%2C9721709%2C9721710%2C9755110%2C9755385%2C9854757%2C9906851%2C9910363%2C9990666%2C9990685%2C9990686%2C10095057%2C10095363%2C10095797%2C10096001%2C10193236%2C10193384%2C10193807%2C10310290%2C10476464%2C10476611%2C10477525%2C10502301%2C10503758%2C10503885%2C10522118%2C10535412%2C10588065%2C10588071%2C10588162%2C10635997%2C10651842%2C10685105%2C10686491%2C10686495%2C10697806%2C10697843%2C10769787%2C10919956%2C10953320%2C10997851%2C10997980%2C10998089%2C10998386%2C10998397%2C10998435%2C10998569%2C10998579%2C11057024%2C11152558%2C11154187%2C11194193%2C11245943%2C11332680%2C11346958%2C11350004%2C11350005%2C11387804%2C11395097%2C11395212%2C11396897%2C11396924%2C11396962%2C11397033%2C11397135%2C11397140%2C11397143%2C11397144%2C11397147%2C11397214%2C11397215%2C11397216%2C11397217%2C11397218%2C11397960%2C11400745%2C11401196%2C11401197%2C11401392%2C11401427%2C11401493%2C11401640%2C11401724%2C11401976%2C11402069%2C11402079%2C11402096%2C11403979%2C11404377%2C11404384%2C11408351%2C11414595%2C11415196%2C11415197%2C11416031%2C11416034%2C11416120%2C11416161%2C11416324%2C11416553%2C11416714%2C11416754%2C11416984%2C11417111%2C11417621%2C11417683%2C11417716%2C11417751%2C11418099%2C11418103%2C11421607%2C11421608%2C11421620%2C11428320%2C11428379%2C11428382%2C11455715%2C11460659%2C11460890%2C11460892%2C11460901%2C11461357%2C11461368%2C11461404%2C11461722%2C11468652%2C11468653%2C11468655%2C11468676%2C11468681%2C11468684%2C11475669%2C11475694%2C11476530%2C11481965%2C11487671%2C11488866%2C11490520%2C11490827%2C11490868%2C11496300%2C11496628%2C11496649%2C11497244%2C11497486%2C11497968%2C11515690%2C11517479%2C11517532%2C11543793%2C11543906%2C11549890%2C11550201%2C11550202%2C11550203%2C11577232%2C11584353%2C11584887%2C11585480%2C11589019%2C11589113%2C11589120%2C11597342%2C11597367%2C11597472%2C11609630%2C11610899%2C11611100%2C11611338%2C11614059%2C11615411%2C11615420%2C11615446%2C11615498%2C11615501%2C11615504%2C11621887%2C11623768%2C11629337%2C11629339%2C11629401%2C11629580%2C11635203%2C11635277%2C11639299%2C11644447%2C11645614%2C11645616%2C11645617%2C11645658%2C11645659%2C11645660%2C11646244%2C11646540%2C11646635%2C11646660%2C11646737%2C11646758%2C11646798%2C11646818%2C11646842%2C11662987%2C11666805%2C11666880%2C11666886%2C11666910%2C11666918%2C11666976%2C11666994%2C11676263%2C11676270%2C11676293%2C11676312%2C11676368%2C11676415%2C11676451%2C11676455%2C11683311%2C11684178%2C11689123%2C11697904%2C11708513%2C11723817%2C11723818%2C11723861%2C11734201%2C11735165%2C11735305%2C11762514%2C11762691%2C11783343%2C11784015%2C11784931%2C11784993%2C11785011%2C11798208%2C11800129%2C11815343%2C11815391%2C11830759%2C11830841%2C11830975%2C11831346%2C11831372%2C11831539%2C11831549%2C11844423%2C11844425%2C11850207%2C11850209%2C11868176%2C11877510%2C11878882%2C11903230%2C11923402%2C11923553%2C11923569%2C11923571%2C11923657%2C11923673%2C11923736%2C11923737%2C11923739%2C11933607%2C11950397%2C11959998%2C11960028%2C11965353%2C11965440%2C11966901%2C11969715%2C11969801%2C11969866%2C11998069%2C11998156%2C12018471%2C12018822%2C12019250%2C12040619%2C12040854%2C12051550%2C12085845%2C12085852%2C12085930%2C12086375%2C12086624%2C12086628%2C12089273%2C12089504%2C12097231%2C12097501%2C12097542%2C12112378%2C12123555%2C12147846%2C12148109%2C12148144%2C12149117%2C12152120%2C12153186%2C12167992%2C12192400%2C12259785%2C12260127%2C12265565%2C12281316%2C12295255%2C12313833%2C12313922%2C12339057%2C12341877%2C12352272%2C12352686%2C12354121%2C12354122%2C12360312%2C12360381%2C12360409%2C12360462%2C12361864%2C12363145%2C12386789%2C12398074%2C12398113%2C12398378%2C12398381%2C12398504%2C12398509%2C12420753%2C12422577%2C12422611%2C12431515%2C12431517%2C12431978%2C12431992%2C12439905%2C12439907%2C12439909%2C12439912%2C12441386%2C12441481%2C12441510%2C12441534%2C12449202%2C12475965%2C12476042%2C12478711%2C12485943%2C12486269%2C12491060%2C12491062%2C12491069%2C12496885%2C12496889%2C12496896%2C12496903%2C12509636%2C12509663%2C12509666%2C12511664%2C12511728%2C12512481%2C12512497%2C12514254%2C12514258%2C12514259%2C12523410%2C12524165%2C12524190%2C12531093%2C12531215%2C12532951%2C12537147%2C12540453%2C12540458%2C12540504%2C12540622%2C12540637%2C12540684%2C12540821%2C12540930%2C12540932%2C12540934%2C12540935%2C12540941%2C12540942%2C12540944%2C12541090%2C12541116%2C12547910%2C12548079%2C12563220%2C12563442%2C12569091%2C12569109%2C12569915%2C12569976%2C12577340%2C12582312%2C12582536%2C12602522%2C12602557%2C12605925%2C12605958%2C12606093%2C12606151%2C12606168%2C12606214%2C12606227%2C12615985%2C12619760%2C12619773%2C12619803%2C12619812%2C12640901%2C12641206%2C12641243%2C12641682%2C12641809%2C12664238%2C12664319%2C12664996%2C12665004%2C12665396%2C12665413%2C12665421%2C12665439%2C12665455%2C12665461%2C12665475%2C12665487%2C12665495%2C12665500%2C12665503%2C12665525%2C12665546%2C12665547%2C12665597%2C12665601%2C12665607%2C12673380%2C12673381%2C12673382%2C12673464%2C12673465%2C12673466%2C12678055%2C12678172%2C12678221%2C12678226%2C12678237%2C12678299%2C12678359%2C12678463%2C12678488%2C12679930%2C12679980%2C12680219%2C12680220%2C12680222%2C12680286%2C12680287%2C12680288%2C12680289%2C12680415%2C12680416%2C12680421%2C12680422%2C12680547%2C12680555%2C12680601%2C12680602%2C12680650%2C12680663%2C12680669%2C12680670%2C12680738%2C12680769%2C12680771%2C12684229%2C12711824%2C12711834%2C12711888%2C12711901%2C12711998%2C12712007%2C12756221%2C12756544%2C12759543%2C12772370%2C12789220%2C12819638%2C12819641%2C12819731%2C12819732%2C12821228%2C12821232%2C12832058%2C12832408%2C12832429%2C12833471%2C12833555%2C12833582%2C12850910%2C12850918%2C12850920%2C12851887%2C12855587%2C12855588%2C12855593%2C12856316%2C12856317%2C12856352%2C12856353%2C12865755%2C12866030%2C12866078%2C12866196%2C12881237%2C12881625%2C12882278%2C12882663%2C12882964%2C12883397%2C12885363%2C12885422%2C12885453%2C12885505%2C12885592%2C12885613%2C12885663%2C12885862%2C12885905%2C12885918%2C12885923%2C12885927%2C12885985%2C12885990%2C12886005%2C12886680%2C12907847%2C12909272%2C12909273%2C12912682%2C12921648%2C12921769%2C12921826%2C12921855%2C12922024%2C12922087%2C12923143%2C12923684%2C12923704%2C12923773%2C12923936%2C12923939%2C12923998%2C12924001%2C12924874%2C12924902%2C12924912%2C12924956%2C12924975%2C12924990%2C12925005%2C12925090%2C12925181%2C12925195%2C12925241%2C12925261%2C12925400%2C12925442%2C12925508%2C12925517%2C12925633%2C12925873%2C12926843%2C12926883%2C12926944%2C12926953%2C12926973%2C12926981%2C12927175%2C12927332%2C12927414%2C12927418%2C12927744%2C12927838%2C12927922%2C12928066%2C12928095%2C12928107%2C12928149%2C12928164%2C12928182%2C12929571%2C12929597%2C12929716%2C12929815%2C12929978%2C12929989%2C12930024%2C12930043%2C12930100%2C12930131%2C12930164%2C12934254%2C12934305%2C12934411%2C12934440%2C12934450%2C12934452%2C12934495%2C12934513%2C12934588%2C12934594%2C12934611%2C12934639%2C12934673%2C12934687%2C12934696%2C12934700%2C12934710%2C12934763%2C12934815%2C12934845%2C12935224%2C12935234%2C12935279%2C12935281%2C12935317%2C12935345%2C12935397%2C12935507%2C12935534%2C12935633%2C12935860%2C12935899%2C12935934%2C12935954%2C12935966%2C12936000%2C12936069%2C12936101%2C12936983%2C12937233%2C12937283%2C12937313%2C12937393%2C12937404%2C12937424%2C12937904%2C12937962%2C12938523%2C12938579%2C12938617%2C12938638%2C12938691%2C12939517%2C12940043%2C12940181%2C12940372%2C12940871%2C12947134%2C12947167%2C12947207%2C12947216%2C12948248%2C12948375%2C12948428%2C12948498%2C12948741%2C12948794%2C12950687%2C12953811%2C12953815%2C12953843%2C12954030%2C12969597%2C12969640%2C12971115%2C12971765%2C12971885%2C12983798%2C12983859%2C12986083%2C12986160%2C12986291%2C12986844%2C12987733%2C12996965%2C12997777%2C12997845%2C12997849%2C13008703%2C13008708%2C13009209%2C13011063%2C13011066%2C13012364%2C13020630%2C13021375%2C13022053%2C13022072%2C13037641%2C13037645%2C13037884%2C13046784%2C13056244%2C13059704%2C13059733%2C13059741%2C13115728%2C13135619%2C13136828%2C13158557%2C13158567%2C13158580%2C13158584%2C13173610%2C13175848%2C13175893%2C13175937%2C13175972%2C13176001%2C13176069%2C13176161%2C13176365%2C13176390%2C13176420%2C13176558%2C13180060%2C13228461%2C13228467%2C13228472%2C13229742%2C13229964%2C13230150%2C13230158%2C13379501%2C13379527%2C13404253%2C13404255%2C13404256%2C13426762%2C13426768%2C13442957%2C13444808%2C13445193%2C13499528%2C13499558%2C13499559%2C13509560%2C13519091%2C13521499%2C13562887%2C13576597%2C13581270%2C13585037%2C13585042%2C13586704%2C13586711%2C13586718%2C13586720%2C13590402%2C13590478%2C13590485%2C13590826%2C13590912%2C13591338%2C13591340%2C13591456%2C13593057%2C13593413%2C13593470%2C13593489%2C13593491%2C13593492%2C13593952%2C13593953%2C13593955%2C13604577%2C13604579%2C13611921%2C13611926%2C13611928%2C13611930%2C13611932%2C13611935%2C13611950%2C13611955%2C13611957%2C13611959%2C13611960%2C13611961%2C13611962%2C13611980%2C13611981%2C13611990%2C13612010%2C13612013%2C13612026%2C13612030%2C13612056%2C13612507%2C13612510%2C13612514%2C13612515%2C13615293%2C13615363%2C13624271%2C13624335%2C13624366%2C13627530%2C13637445%2C13639429%2C13639559%2C13639822%2C13639829%2C13651559%2C13651660%2C13651676%2C13651682%2C13651716%2C13651764%2C13651797%2C13651823%2C13651854%2C13651874%2C13651905%2C13652073%2C13652074%2C13652082%2C13652086%2C13652091%2C13652092%2C13652097%2C13652098%2C13652406%2C13652414%2C13652431%2C13652432%2C13652441%2C13652458%2C13652463%2C13652502%2C13652504%2C13652553%2C13652554%2C13652652%2C13652667%2C13652685%2C13652686%2C13652691%2C13652693%2C13652706%2C13652707%2C13652888%2C13655571%2C13655675%2C13655677%2C13655748%2C13655759%2C13655772%2C13655774%2C13655815%2C13655816%2C13655928%2C13655929%2C13656062%2C13656068%2C13656075%2C13656076%2C13656137%2C13656139%2C13656166%2C13656167%2C13656224%2C13656403%2C13656413%2C13656414%2C13656703%2C13656715%2C13656731%2C13657593%2C13657599%2C13657611%2C13657612%2C13657646%2C13657863%2C13657864%2C13657881%2C13657883%2C13657887%2C13657908%2C13657921%2C13660900%2C13660902%2C13660918%2C13660927%2C13660928%2C13661137%2C13661139%2C13661201%2C13661204%2C13661205%2C13661212%2C13661213%2C13661995%2C13662002%2C13662009%2C13662012%2C13662013%2C13662086%2C13662102%2C13662113%2C13662132%2C13662133%2C13662145%2C13662146%2C13662230%2C13662241%2C13662276%2C13662293%2C13662295%2C13663428%2C13663432%2C13663437%2C13663450%2C13703524%2C13703900%2C13703963%2C13704004%2C13728187%2C13728188%2C13728189%2C13729253%2C13746660%2C13754902%2C13755175%2C13755177%2C13755793%2C13756319%2C13759454%2C13759508%2C13759747%2C13788357%2C13789606%2C13790210%2C13790356%2C13790443%2C13790445%2C13790446%2C13827326%2C13827616%2C13828942%2C13828948%2C13854071%2C13889445%2C13889455%2C13889486%2C13889961%2C13889975%2C13889994%2C13890227%2C13890239%2C13890240%2C13890241%2C13897024%2C13906529%2C13906564%2C13906592%2C13917417%2C13918132%2C13918133%2C13919181%2C13919183%2C13931368%2C13944643%2C13951734%2C13951831%2C13955623%2C13955624%2C13970253%2C13970255%2C14012185%2C14012197%2C14020547%2C14045762%2C14045763%2C14045764%2C14077128%2C14077134%5D%2C%22i%22%3A7%2C%22c%22%3A7%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=5189423&xur=lp.clevernetwork.pt%2F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1620850735%2C%22page_url%22%3A%22lp.clevernetwork.pt%2F%22%2C%22dm%22%3A%22pokerstars.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1620850734%2C%22prev_vis_ts%22%3A1620850734%2C%22curr_vis_ts%22%3A1620850735%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.192.105 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
tradelab.fr
Software
nginx/1.17.6 / Tradelab ITS / node5.tradelab.fr
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:59 GMT
Server
nginx/1.17.6
X-Powered-By
Tradelab ITS / node5.tradelab.fr
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
px
secure.adnxs.com/ Frame BECE 		43 B
970 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=645002&t=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:59 GMT
X-Proxy-Origin
185.246.211.87; 185.246.211.87; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.134:80
AN-X-Request-Uuid
636995c3-cf42-4fcd-82a5-99b4bd8a4829
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
seg
secure.adnxs.com/ Frame BECE 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/seg?add=4232220&t=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:59 GMT
X-Proxy-Origin
185.246.211.87; 185.246.211.87; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.37:80
AN-X-Request-Uuid
786ef396-1844-4a69-9b03-3205f7ac78ec
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
its.tradelab.fr/ Frame BECE 		43 B
893 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://its.tradelab.fr/?type=fseg&uuid2=7253254579684264538&sid=4232220&val=undefined&fun=825&step=2&siev=4232213&fp=0&advid=5189423&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F89.0.4389.72%2520Safari%252F537.36&ur=https%253A%252F%252Flp.clevernetwork.pt%252F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1620850735%2C%22page_url%22%3A%22lp.clevernetwork.pt%2F%22%2C%22dm%22%3A%22pokerstars.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1620850734%2C%22prev_vis_ts%22%3A1620850734%2C%22curr_vis_ts%22%3A1620850735%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.192.105 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
tradelab.fr
Software
nginx/1.17.6 / Tradelab ITS / node4.tradelab.fr
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:59 GMT
Server
nginx/1.17.6
X-Powered-By
Tradelab ITS / node4.tradelab.fr
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
4824.js
cdn.tradelab.fr/fseg/ Frame BECE 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tradelab.fr/fseg/4824.js?add=25237863
Requested by
Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/tag/c292f111f4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frd/E2AB) /
Resource Hash
e70dd2b13f3165a85a871f1863b5f17c7a68e961e2a2788a0921a630edf01bcc

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:59 GMT
content-encoding
gzip
last-modified
Mon, 25 Jan 2021 13:20:52 GMT
server
ECAcc (frd/E2AB)
age
1796
etag
"1bc0-5b9b9683b9159-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length
2596
expires
Wed, 12 May 2021 20:48:59 GMT
1432217.js
cdn.tradelab.fr/conv/ Frame BECE 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tradelab.fr/conv/1432217.js
Requested by
Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/fseg/4824.js?add=25237863
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.20.219 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frd/E290) /
Resource Hash
7cc8bf8180fcc74c66cf27d9a7f77a2fb02e922dc957b342209067ba513dc196

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 20:18:59 GMT
content-encoding
gzip
last-modified
Wed, 12 May 2021 13:52:47 GMT
server
ECAcc (frd/E290)
age
1123
etag
"1a75-5c222536c0bb8-gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length
2353
expires
Wed, 12 May 2021 20:48:59 GMT
/
its.tradelab.fr/ Frame BECE 		43 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://its.tradelab.fr/?type=convr&x=1&cdata=%7B%22a%22%3A1432217%2C%22l%22%3A%5B14084295%2C14084296%2C14084297%2C14084298%2C14084299%2C14084300%2C14084301%2C14084302%2C14084303%2C14084304%2C14087289%2C14087695%2C14087696%2C14087698%2C14087699%2C14087700%2C14087701%2C14087702%2C14087703%2C14087704%2C14087705%2C14087707%2C14087758%2C14088588%2C14088589%2C14088590%2C14088591%2C14088592%2C14088614%2C14088615%2C14088616%2C14088617%2C14088618%2C14088619%2C14088620%2C14088621%2C14088833%2C14088834%2C14088835%2C14088836%2C14088837%2C14088838%2C14088839%2C14088840%2C14088841%2C14088842%2C14088843%2C14088844%2C14088845%2C14088846%2C14088928%2C14088929%2C14088930%2C14088931%2C14088932%2C14088933%2C14088934%2C14088935%2C14088956%2C14088967%2C14089013%2C14089014%2C14089015%2C14089016%2C14089018%2C14089019%2C14089020%2C14089021%2C14089022%2C14089023%2C14089024%2C14089025%2C14089026%2C14106411%2C14106423%2C14106427%2C14106492%2C14106500%2C14106573%2C14106589%2C14106618%2C14106626%2C14106699%2C14106700%2C14106701%2C14106702%2C14106703%2C14106704%2C14106705%2C14106706%2C14106707%2C14106708%2C14106715%2C14106716%2C14106717%2C14108528%2C14108530%2C14108531%2C14108532%2C14108535%2C14108536%2C14108537%2C14108538%2C14108539%2C14108581%2C14108583%2C14108598%2C14109150%2C14109155%2C14109156%2C14109160%2C14109222%2C14109223%2C14109224%2C14109237%2C14112294%2C14112295%2C14112546%2C14112938%2C14112963%2C14130627%2C14137247%2C14137698%2C14137742%2C14137930%2C14138477%2C14138483%2C14138729%2C14138767%2C14138806%2C14139071%2C14139135%2C14140278%2C14143076%2C14151598%2C14151682%2C14151686%2C14163673%2C14163674%2C14177818%2C14177819%2C14177820%2C14177821%2C14177822%2C14177823%2C14177824%2C14177825%2C14177826%2C14177827%2C14180354%2C14180355%2C14180356%2C14180357%2C14186170%2C14186245%2C14199460%2C14199680%2C14199691%2C14208337%2C14225699%2C14260323%2C14260327%2C14263815%2C14263816%2C14263817%2C14263818%2C14263973%2C14264546%2C14264547%2C14274625%2C14274635%2C14285493%2C14319395%2C14358513%2C14358555%2C14358628%2C14358757%2C14358953%2C14359298%2C14361355%2C14386876%2C14388190%2C14388987%2C14392380%2C14392523%2C14483881%2C14501253%2C14530345%2C14530359%2C14530595%2C14530598%2C14530870%2C14531719%2C14531776%2C14531793%2C14531813%2C14531955%2C14533388%2C14533887%2C14534343%2C14534345%2C14534439%2C14534441%2C14558115%2C14568311%2C14568331%2C14568340%2C14568368%2C14589641%2C14589647%2C14620041%2C14620075%2C14620104%2C14620815%2C14621814%2C14626108%2C14626109%2C14718163%2C14734054%2C14735105%2C14749676%2C14749762%2C14756484%2C14770471%5D%2C%22i%22%3A7%2C%22c%22%3A30%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=5189423&xur=lp.clevernetwork.pt%2F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1620850735%2C%22page_url%22%3A%22lp.clevernetwork.pt%2F%22%2C%22dm%22%3A%22pokerstars.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1620850734%2C%22prev_vis_ts%22%3A1620850734%2C%22curr_vis_ts%22%3A1620850735%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.192.105 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
tradelab.fr
Software
nginx/1.17.6 / Tradelab ITS / node5.tradelab.fr
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:59 GMT
Server
nginx/1.17.6
X-Powered-By
Tradelab ITS / node5.tradelab.fr
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
px
secure.adnxs.com/ Frame BECE 		43 B
969 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=1432217&t=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:59 GMT
X-Proxy-Origin
185.246.211.87; 185.246.211.87; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.74:80
AN-X-Request-Uuid
76e7a399-b9b5-4291-8039-17239676a370
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
seg
secure.adnxs.com/ Frame BECE 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/seg?add=25237863&t=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:59 GMT
X-Proxy-Origin
185.246.211.87; 185.246.211.87; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.106:80
AN-X-Request-Uuid
f54836e6-8af8-4a60-b0d5-439a312c9700
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
its.tradelab.fr/ Frame BECE 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://its.tradelab.fr/?type=fseg&uuid2=7253254579684264538&sid=25237863&val=undefined&fun=4824&step=2&siev=25237856&fp=0&advid=5189423&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F89.0.4389.72%2520Safari%252F537.36&ur=https%253A%252F%252Flp.clevernetwork.pt%252F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1620850735%2C%22page_url%22%3A%22lp.clevernetwork.pt%2F%22%2C%22dm%22%3A%22pokerstars.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1620850734%2C%22prev_vis_ts%22%3A1620850734%2C%22curr_vis_ts%22%3A1620850735%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.192.105 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
tradelab.fr
Software
nginx/1.17.6 / Tradelab ITS / node4.tradelab.fr
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 20:18:59 GMT
Server
nginx/1.17.6
X-Powered-By
Tradelab ITS / node4.tradelab.fr
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
dc_oe=ChMIoo-MwPvE8AIVW-O7CB2e9gUeEAAYACCNpIpHQhMIluLhv_vE8AIVkK13Ch2CKQ4D;met=1;&timestamp=1620850741518;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 418D 		42 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIoo-MwPvE8AIVW-O7CB2e9gUeEAAYACCNpIpHQhMIluLhv_vE8AIVkK13Ch2CKQ4D;met=1;&timestamp=1620850741518;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 20:19:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
pixel.mathtag.com/misc/ Frame BECE 		43 B
635 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 3709 11aaa92 master cdg-pixel-x25 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 20:19:04 GMT
Server
MT3 3709 11aaa92 master cdg-pixel-x25
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 12 May 2021 20:18:31 GMT
img
pixel.mathtag.com/misc/ Frame BECE 		43 B
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1452156&mt_adid=122865&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 3709 11aaa92 master cdg-pixel-x12 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 20:19:04 GMT
Server
MT3 3709 11aaa92 master cdg-pixel-x12
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 12 May 2021 20:18:31 GMT
collect
stats.g.doubleclick.net/j/ Frame BECE 		1 B
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-18510791-1&cid=1583663651-1620850732&jid=1090839220&gjid=1619148116&_gid=245535497.1620850734&_u=aLBAgEIhEAAAAE~&z=1732187533
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 12 May 2021 20:19:08 GMT
content-type
text/plain
access-control-allow-origin
https://www.pokerstars.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ Frame BECE 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-56166869-5&cid=1583663651-1620850732&jid=980498578&gjid=1265117270&_gid=1609514627.1620850734&_u=aLBAgEIhEAAAAE~&z=1578798429
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 12 May 2021 20:19:08 GMT
content-type
text/plain
access-control-allow-origin
https://www.pokerstars.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ Frame BECE 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-57072753-4&cid=1583663651-1620850732&jid=1169899848&gjid=1183603577&_gid=1046576354.1620850734&_u=aLBAgEIhEAAAAE~&z=2107581948
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 12 May 2021 20:19:08 GMT
content-type
text/plain
access-control-allow-origin
https://www.pokerstars.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame BECE 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1160721967&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.pokerstars.fr%2F&dr=https%3A%2F%2Flp.clevernetwork.pt%2F&ul=en-us&de=UTF-8&dt=Poker%20en%20ligne%20-%20Jouez%20des%20parties%20de%20poker%20sur%20PokerStars&sd=24-bit&sr=1600x1200&vp=&je=0&ec=unbounce&ea=15_sec&_u=aLBAgEIhE~&jid=1090839220&gjid=1619148116&cid=1583663651-1620850732&tid=UA-18510791-1&_gid=245535497.1620850734&cd60=4068609c-382c-4e00-9693-fc1a9ce2e5cc&cd1=(none)&cd2=A&cd5=fr&cg1=fr&cd12=1583663651-1620850732&cd26=1583663651-1620850732&cd18=677594753278846&cd6=yes&z=1638995177
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 10:23:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
35733
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame BECE 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1160721967&t=event&ni=1&ds=web&_s=1&dl=https%3A%2F%2Fwww.pokerstars.fr%2F&dr=https%3A%2F%2Flp.clevernetwork.pt%2F&dh=www.pokerstars.fr&ul=en-us&de=UTF-8&dt=Poker%20en%20ligne%20-%20Jouez%20des%20parties%20de%20poker%20sur%20PokerStars&sd=24-bit&sr=1600x1200&vp=&je=0&ec=unbounce&ea=15_sec&_u=aLBAgEIhEAAAAE~&jid=980498578&gjid=1265117270&cid=1583663651-1620850732&tid=UA-56166869-5&_gid=1609514627.1620850734&cd60=4068609c-382c-4e00-9693-fc1a9ce2e5cc&cd1=(none)&cd2=A&cd5=fr&cg1=fr&cd12=1583663651-1620850732&cd26=1583663651-1620850732&cd18=677594753278846&cd32=RAM&cd33=app&cd66=Not%20provided&cd67=&cd3=FR&cd64=PS&cd65=.FR&cd30=Poker&cd36=2.2.103.7a7ef9d&cd6=yes&z=1246323093
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 10:23:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
35733
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame BECE 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1160721967&t=event&ni=1&ds=web&_s=1&dl=https%3A%2F%2Fwww.pokerstars.fr%2F&dr=https%3A%2F%2Flp.clevernetwork.pt%2F&dh=www.pokerstars.fr&ul=en-us&de=UTF-8&dt=Poker%20en%20ligne%20-%20Jouez%20des%20parties%20de%20poker%20sur%20PokerStars&sd=24-bit&sr=1600x1200&vp=&je=0&ec=unbounce&ea=15_sec&_u=aLBAgEIhEAAAAE~&jid=1169899848&gjid=1183603577&cid=1583663651-1620850732&tid=UA-57072753-4&_gid=1046576354.1620850734&cd60=4068609c-382c-4e00-9693-fc1a9ce2e5cc&cd1=(none)&cd2=A&cd5=fr&cg1=fr&cd12=1583663651-1620850732&cd26=1583663651-1620850732&cd18=677594753278846&cd32=RAM&cd33=app&cd66=Not%20provided&cd67=&cd3=FR&cd64=PS&cd65=.FR&cd30=Poker&cd36=2.2.103.7a7ef9d&cd6=yes&z=1102807651
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pokerstars.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 10:23:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
35733
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
statistcdn.com
URL
https://statistcdn.com/analyze.js?typeId=f
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEKpS3XcGb28ku_aRYjh4AVY&google_cver=1&google_push=AQvitULJBqr_q2vvRkHciugXnPx7wFc-f3x3bAf2KMJSVxuMh8Jx-rJG5TbFfeyQm4sYHGWbzNJxXenlm2toN1p85qe0vq098Zs

Verdicts & Comments Add Verdict or Comment

131 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated undefined| $ function| jQuery function| GerarCookie function| LerCookie function| ExcluirCookie function| passou function| $a function| gtag object| dataLayer number| g_iCount function| relogio string| mensagem function| clickIE function| clickNS object| googletag string| ProadsSpaceObject function| pa object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga boolean| pa_script_initialized object| gaplugins object| gaGlobal object| gaData object| regeneratorRuntime object| AdSlotCollection object| pbjs325474 function| setCookie function| getCookie function| createGeoRestrictionCookie object| ggeac object| google_js_reporting_queue object| proads_space_requests boolean| __isGoogleAllowed object| __isFromEUPromise function| pbjs325474Chunk object| _pbjsGlobals function| JSEncrypt object| ADAGIO function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| _0x5a85 function| _0x2be9 boolean| _0x46710f object| _0x57fb67 object| _0x34a299 function| _0x23e444 function| _0x34d35b object| _0xd8e076 function| _0x5cb477 function| _0x2543f0 undefined| _0x20a999 object| _0x58719b object| _0x262962 boolean| mutexNetwork string| redirecionador function| md5 function| mygtag object| meuscript object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| iframe object| _wau string| k object| _6o5dl32cdw4 object| dbku9ipd4eq object| zfgformats function| setImmediate function| clearImmediate function| _sxvhiu function| _wxfdtpn string| wau_w_col string| wau_w_siz object| WAU_ren function| WAU_dynamic function| WAU_dynamic_request function| WAU_r_d function| WAU_insert function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_lrs function| WAU_cps function| docReady function| onYouTubeIframeAPIReady object| hstpnetwork number| HstpnetworkRegistryLoaded function| onClickTrigger function| kkp4a5x5tv boolean| zfgloadedpopup object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager boolean| hstpchecker object| x string| x1 string| x2 object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
.flashtalking.com/ Name: _D9J
Value: 8b86c871c12149868bad83e4ca1f10b7
.flashtalking.com/ Name: flashtalkingad1
Value: "GUID=4880D2691BC07A|segment=(agc5_18308)"
www.pokerstars.fr/ Name: btpdb.G58M8eX.dGZjLjcxNzcwODc
Value: VVNFUg
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAAXBiQkAMAgEsImEU+s3jpQ6hcM30U7urEvPS+kIB3UBNBizpxLss8suSEPoWXysTT/wMgAAAA==
.doubleclick.net/ Name: IDE
Value: AHWqTUkjL7Elf0uZbjraC_HdtN8SquUvS3_TzOXyx3-wjP4H_VQ6ObPgNr4Yeu2zcmQ

19 Console Messages

Source Level URL
Text
console-api info URL: https://cdn.ampproject.org/rtv/032104130153000/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2104130153000 https://www.arnolds.com.br/curso-ead-com-baixo-investimento/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
console-api debug URL: https://static.adsafeprotected.com/sca.17.5.5.js(Line 32)
Message:
a: 0.0009765625 ms
console-api log URL: https://s.btstatic.com/lib/a0e0a2ff7ef8bd1133b01d9a743feb46beda5723.js?v=2(Line 984)
Message:
on non-fb sites, tracking as usual
console-api warning URL: https://cashier.rationalcdn.com/ram/2.2.103/vendor.js(Line 1)
Message:
This browser does not support Web Storage!
console-api log URL: https://www.psimg.com/ga/trk.core.idm.js(Line 1)
Message:
trk.core - requestIdReadyEvent(pstrkIdmMediamathReady_TrkCore)
console-api log URL: https://www.psimg.com/ga/trk.core.idm.js(Line 1)
Message:
trk.core - set mediamath_id dim
console-api log URL: https://www.psimg.com/ga/trk.core.idm.js(Line 1)
Message:
trk.core - bPVPushed = false
console-api log (Line 2)
Message:
ok a jour global 2
console-api log (Line 39)
Message:
in custom tag: position 1
console-api log (Line 59)
Message:
in custom tag: position 2
console-api log (Line 44)
Message:
sigGetIds: pstrkIdManager is present.....requesting IdReadyEvent....
console-api log (Line 14)
Message:
SmartCustom Event Listener: pstrkIdManagerMediamathReady event captured in smart tag
console-api log (Line 15)
Message:
SmartCustom Event Listener: Mediamath ID:4068609c-382c-4e00-9693-fc1a9ce2e5cc
console-api log (Line 30)
Message:
SmartCustom Event Listener: PstrkIdManagerSignalIDReady event captured in smart tag
console-api log (Line 31)
Message:
SmartCustom Event Listener: signal_id:677594753278846
console-api log (Line 30)
Message:
SmartCustom Event Listener: PstrkIdManagerSignalIDReady event captured in smart tag
console-api log (Line 31)
Message:
SmartCustom Event Listener: signal_id:677594753278846
console-api log (Line 35)
Message:
SmartCustom Event Listener: pstrkIdManagergauidReady event captured in smart tag
console-api log (Line 36)
Message:
SmartCustom Event Listener: pstrk.gid:

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6cfb57df3eb260038dbdb1dcf3f222f0.safeframe.googlesyndication.com
8526803.fls.doubleclick.net
8954552.fls.doubleclick.net
acdn.adnxs.com
ad.atdmt.com
ad.doubleclick.net
ad.lomadee.com
ad.lomadee.fun
ade.googlesyndication.com
adplus.proadscdn.com
adservice.google.com
adservice.google.fr
adssuper.com
ajax.cloudflare.com
analytics.twitter.com
b1sync.zemanta.com
bat.bing.com
cashier.rationalcdn.com
cc.adingo.jp
cdn.ampproject.org
cdn.doubleverify.com
cdn.jsdelivr.net
cdn.proadscdn.com
cdn.tradelab.fr
cdn3.doubleverify.com
clevernt.com
cm.g.doubleclick.net
cmp.optad360.io
cmsstorage.rationalcdn.com
code.createjs.com
connect.facebook.net
cs.media.net
d9.flashtalking.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcm.ctnsnet.com
get.optad360.io
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
its.tradelab.fr
lp.clevernetwork.pt
my.rtmark.net
onmarshtompor.com
pagead2.googlesyndication.com
pixel.mathtag.com
pr-bh.ybp.yahoo.com
ram.pokerstars.fr
rewards.starsaccount.com
rotumal.com
rtb0.doubleverify.com
s.btstatic.com
s.thebrighttag.com
s0.2mdn.net
s4.rationalcdn.com
sc-static.net
secure.adnxs.com
secure.starsaffiliateclub.com
securepubads.g.doubleclick.net
sender.clevernt.com
servedby.flashtalking.com
starscrm.com
stat.optad360.mgr.consensu.org
static.ads-twitter.com
static.adsafeprotected.com
statistcdn.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.co
tapestry.tapad.com
tpc.googlesyndication.com
tps.doubleverify.com
tps20230.doubleverify.com
tps20245.doubleverify.com
tps20516.doubleverify.com
tr.snapchat.com
u360.d-bi.fr
ui.clevernt.com
us-u.openx.net
waust.at
whos.amung.us
www.adssuper.com
www.arnolds.com.br
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.pokerstars.com
www.pokerstars.fr
www.psimg.com
google2waycm.netmng.com
statistcdn.com
104.111.242.245
104.111.248.191
104.244.42.3
104.244.42.5
13.224.95.69
13.32.6.52
139.45.195.8
139.45.197.243
142.250.181.226
142.250.185.98
142.250.186.162
142.250.74.194
148.69.64.109
148.69.64.76
151.101.114.49
152.199.20.219
172.217.16.134
18.196.233.38
185.29.135.233
185.33.221.13
185.33.221.14
199.232.136.157
2.18.232.130
2.18.233.201
2.18.234.21
2.18.235.93
209.197.3.19
213.19.147.45
213.254.244.11
213.254.244.26
216.58.212.130
216.58.212.134
23.37.44.205
2600:9000:206f:f400:11:a4de:2580:93a1
2600:9000:211a:4800:6:b871:4f00:93a1
2606:4700:20::681a:637
2606:4700:20::681a:737
2606:4700:20::681a:a75
2606:4700:20::ac43:447b
2606:4700:20::ac43:4739
2606:4700:3031::ac43:a4a4
2606:4700::6810:a723
2620:1ec:c11::200
2a00:1288:110:c305::8000
2a00:1450:4001:801::2002
2a00:1450:4001:802::2003
2a00:1450:4001:803::2001
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:808::2004
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:811::2008
2a00:1450:4001:812::2001
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2004
2a00:1450:400c:c04::9c
2a02:26f0:6c00:286::4469
2a02:26f0:6c00::210:ba2a
2a03:2880:f01c:8004:face:b00c:0:8c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::621
35.186.193.173
35.186.226.184
35.227.248.159
35.244.159.8
52.17.98.114
52.215.226.154
52.69.69.122
54.175.18.14
54.228.243.159
54.229.187.52
54.36.217.27
54.76.195.29
64.202.112.191
67.202.94.93
77.87.177.43
77.87.178.197
77.87.179.68
77.87.180.198
77.87.181.63
81.171.10.216
85.17.192.105
91.211.98.226
91.92.196.187
01676e44806bdf3284f93ed7206ead53e94b5cdd219c5d348f0a4862318e68a3
016b91219c6ed7712bdfed0dfa714b53c5df005847771cddf79e2a3a5d5679ac
023e64b862c4d75dd3390eda64f830ce73e3d8c689d30fff89dec507ccabb780
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
0977875c5974eb789be0e9ffe818ec53a6c9a67cb9a22390b618b8316e9a5c5a
0b10aae457249a22d193fe8d492065eb4d8098467db097826b4445e9217a751e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e3de2e14d9c8708fe42cbb220f1c4d52b720493b1503aa266fac9361b64ac31
0e4a398567f8915bebbd42c52dc60248d43b56c4bd9b1f222ed9d692b7b60fcc
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f26e4ec0c4d904774c909a586baf8c2350c193883e4d7f51658d91c91ce1c6e
0f6e4971e9abc1b9dc2c07443fad139572e6508ace2706acef037b348a3d968c
1055c7a3d9d36a5759ac4e8aead89f1766ea7577624ed6675cdd3c3b38642622
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12b5e547573e37ca710f225d67e34941274d764cdff2f29d69cf53629bd89962
137e4d3d675eaf33f19407ccb1b72948d5669883329c020103f551c7a463fc4f
14a4c5164ea7f47bccc702e8e5744681e8aa0a21d513a820e231f3d921e14c0b
14f4489ec259bfb8f5b8a6bcf18ac634adf813f6614f387eb1e7ab3ff9b0f00c
17f6fa3cc46268f4a92b14ed0fea88e2bacd267e45a9e2fee03b1d23f6d4c3c0
180d5b3fbc42bacbe3420e8c9b4ec256000c916e64a791bda91554cf71e8a5d2
1d878d54b9a998f52c94a6956310423cba9996302c42f60d9b7fe81da51992c7
237b757471e0eda4c69dd3b31f44fc91f1b5ce56054617260250ec763ad89cd6
243de7f4a3d480f95c288c8ce9c8e6f81845d5f9b5cdf2b02810730932432448
254e3887e82783b5dc78edcc8fc9aae3053f444726a4459e25b85a5f3d70eef1
28a746539ac339594f4ab3cdf0ca4820549bb045c9eae7c3dd250705f1e22428
29e100136022f3eeaf2ff8e0fd1bd9d800224e9d5fa5567845919b97ddb5828f
29f21aea7fc613d2618b70a483e0b4bf50ba3f4ce4109fa429ce580ec57ef991
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d2602ee72623f30e96034575c2ee454a48f24338bf5bd40c6e09d877be41696
2df96438ee666a81b5a8d436b66fde66960b0cdace0f645a00b0241be1b3a10f
2e3c5fd0bbb406ec3f90bbf6f1b24eae2daa26c63e2540e87e3d2174d6fe69f2
305a811617892666b0f351b46bb698657897c89ff1a4760e854165f40dc075c9
3183481f09352eade87e53d32ac3c1f6ab5b853e2b5bde4035834680b53d9299
31d8631496cacac8ccd260ac5fb41e3e217506304f90750fd96609d91ae8720f
327d787d84d02c84f75a9b130f7e778bb25ab8994fdd3b6ed2665667fdbe27fe
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
33fced4e196b8568ac416675e55f9fdbd36cc9c69ade70f52a527c4d28ce2f75
37406e702700804191263694d80f23af99441f8f2add8d30d9c176265c9daa0e
37dd1e25d8ce3db5ce2d3a76064ee6063058bbd5f1555ea55ad002d083402dc7
3883ff2a5b46193da5464f5ae5fb94169d1361cfecedbd187439d459dc669f31
398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede
3ade6f88c99df617285826ba7add5d4b141a09917b8da3a87eac2cf410aa7d83
3baee6b91d41cdf1f6876a21a763e66bd5ef64b156af02da2a1b2291f9a2b584
3bca67455c27a03bbaa0a91d29cbf8d2080c9c46e81f914d380528dd2e8c23cb
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
439389f6ba864c11375960009d2fd64e9ae2d275175c79cef8b4252b22168789
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4569be54f704200df9d23c677762c02d55e6237a173e7acd7f66420a4ddf0009
45b71a7a36718d83840240c4b86fc9dd385f797bea63b3ee3b625e25163e8458
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
4894d61da9b9fd6a88da43d6f2e7e2fb73838b994186d7ace65ff5d12ec7c53a
49ff25377c9095e869fdab343f47198c2b8d5be7b3fb8b818b650985c152c24b
4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bcdad591e993084f420f4d2e05541355f3ef0a185dbe15b2cd1e8fd614039b7
4bfcd81b1c8cb16dbef3943b9e226283221681bd87a4ebd2ffd169bcd9586597
4c982dbd0f03686fdfc032071b10af5df1570978367f0cac80334137f8dc8686
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4e04d218a6508b807b096c5be070b2b119829f3a88a8b9e7a6bb36732730f635
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ef9a18aef9847638b3b4344a0b2ebed14e84fb0aeb8ce29292af06826a2580a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5277325d5b271b5c4e2386adf6a74b7a9671a58c6c271053247ba01579776cac
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5546f9e074ab70995f0edefafb361236f1d83da768a83e72b23587d9a4c63f3f
569c3d203e2a5656899b04922f412a4d61802e630befe9a68530bc6546e3a869
59c6dc2a43fd6ecef05d58a6bf36b837a4eff4c783ee4fd903e98cda7bdf5a22
5a1ba43aaa7c8823c05f3ca908146bb2c550bf031c5bfc2a4aaf098a224dc190
5afbad15c6ce4cf38fd292734e6ccbd24e9e873359ce346a02ca7a517ef76c0c
5c2b76989e49a2bd8c651a35634fd43081b13bde1a6385fb8e36dccc1d0d42d8
5ff86f271c2c50f1074477420ba9679ed243b281f5cfb7f66129bdf5eea43c24
6063a0619e410a67e0655a6fc6ba4b5b2b13be1c7ea79ce851a2820f4892d5a4
6115a2042786ca075e4e9bb2f387a53fbf461206cd075587692b9397edccd36c
623f59671d940d2d977b2cdcc0ebd3974de6d3559741e0b9b511571294168358
62d354ffc611b04d6f424a170012a988fefe4618084f17c78a529c4408f46285
63df23aa8bd4d44c5696ef1e1efd1db5ea25d377f224ac63d76a4962d30ebff3
6465809b86cc160bfa318016d2f5fd7fd262f468b3bbe9af742cb58f66a20c94
64796d852c2396b0cf83789e9047c36eb71ce0226ac63214f453b4548f42e021
66b779f1a812456121212d654083ace762335313971a4bc32fd98627dae1dd1e
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
68af7d95d32570af49c8988fa9285f76add19e574354b0d7136b65b205d2f5da
6aa11e842888cd75c787ba6e59d03d8139f93af3da4876c39b7d1600124a126c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
70bf070ead0b1c4728fa295b5e98b14cf9b228c8ede128e726d4311654fcc585
71720a43cacaa4498ed1f98d749e2da9a2df6264c855aebb90512ef087332dbf
71d5e02da18d269fd345e5741358606a56af9c4709a53185242d5989b78abc1c
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
744f85a7207ab76af9bea325844f5c39d6b3ae642acfbb4076e1e29d5cc10d57
74a6ac0a920a9fe4044ad605834ecab50a9fa75195fd9e6a75339e6bfb35736e
753762eeff1ec98559aa23c079a432371c4372febd6e1a793697e7433b10089d
76dd32e8e2bc5b6f0aa87cf306fd626d195fa2a3b1fcca155b88fc8bf4dd492a
76ebd7a6319e6234be1e3f4c3f6b665db78bf2b6316fdc9e1705cfa07ff47436
781f29dcc6e03cbf0c62e3a9b0956dd06447878e5e0ed38ed349fabcd9c4b2d4
7836cf85eaa098ab43a96109a682e08f077eba5ee7451866040d47417724d6bb
7860b542cd2448a7ff2601a39d8817bf569fe078d2518e40236030abce5310da
78eef31ba1a13db9c837d75a85b9d69f9f35ed1dc0d805848e5a51d7b3669d53
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416
7bc29500273c93c58829591b68df2cd5b8885409f82654d852b5b9b65d18f7be
7c273e4e1b4393df21008b09034bd0cc7fd89f718d817405ca5ee5802cbab2f8
7c3e4f7379ab36145201000303ce7b35f6862e261d7a362b0491454278d81354
7cc8bf8180fcc74c66cf27d9a7f77a2fb02e922dc957b342209067ba513dc196
7d20eb98a26bf8699040ddf5243e7ff6903ffd209dce126ad9b5575f5f872173
7d9412299bc7aef4f743926337a8910fb725e536e2c28cd31e0d715b738b28b5
815fd8cd1ff4fb8f036b23e556f20ad5f7bf54f8cfee11c9c609de72765d3441
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833bb31eaced083c33e1b530071651282ff53c264685496720726515aea5f1c4
83860ee17d1e1cdbf26eeb3d0fd3a99f253fc29e6ef7db46eefe7c1694f361ed
8461d16dc5f56ee0d99897735abac9c47be6d3808e47a967ba546f69b89a2215
84aa17f8bd026a331b01dd69bd992c95ce09df60557637f4e5fbad466338b86c
858361d285ad5b0369469afc26ff28e975019a3b3a25ad4748e95178eae88192
86782de8895669bbc7f2ba06fb1146b26d923915824c921e4dce02510f981406
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558
8802c3d889014dc6bd5e16f5b5048e9e11d486f2218342f4ff70230cadb2e767
8878fe76a9d5f812136977a768b0292a70190104050ce601f84fd75c92c2f35d
888e7eb7b0549fa28bc345c180cc32a47c39a9e3883913379f1f6b9f84c96f0e
8aefc19922fb002cb1ef4ae9eb33b8a0abb628f504b1bd4a945b4d92131a793e
8e721fdaed85657fea7e22eff33717764bbdd7249181ed3184a6eb3215f14d15
8f5c6fdf5d7849e58c5799dcd141da8865e799ca59d44664a62cb16b38a02902
8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd
92aa65c555cd5f5758a32d4d52968fa4f171164a4c1eea6469ba953f2d56ecf2
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9393142e9906317e9ca4546b6f2e723494b8c0972b0b736a6ff73e46da5fa3e2
93da23ad716e68c9eff8fcfcf2ccf7056467e6d6e34ae308ec9ef571b64dff3b
94ba74a7e850ea14bcf38199674a5fc6e68fa2d1f8d742c50d400ba2f3827d49
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
9753c3557392c09e515c7af7e174e9de4d170c30625c1fc6548868120d9c3816
9758131604411364017f6f7e517a004fd46c54ff8dc605d4c2af7ee42e2a8400
998b1aede45061d85650a1a217b4499f3ca5233a4c47aa246e2c27352fd2cec8
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9dbfd7b38b51c4ab599d18a1b1638306cf58dd6f9b226474bbaf3a05cd78aa2f
9eb83620a305b5cfbd47a770dd1f649d9ae99d34becf19308f9cc75106d1b5b4
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a2cddb9ef5cc85041e45df8eff10a57311cc3a69a27b0aa000d83d9105dc509b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
a5f87b4acca9961d06878a8610c262d7f83ca7b366befe7cea0ae69987d6de45
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a77b03ac59bedd835e6261c2e0243a81824107314f736763c991f74f6c9528c4
a837f051ac8249ce2e1c0215298ef878bc3b3017bc2b8e5bdea1cd88e8e1e54c
a89fc8b93ffad843dd466830b83527543c50d90dad2a2a10bd53dd34dc3711e4
a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2
aa80ecd5a87d2bc7c3ae95347c3e0c79c9b9f2f74ec25a3c8972c08e1492e6f0
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad9f9715cc466d6b47c51f9bf3f3a86fd2796fff2e553f9cb67d7a6f4058f743
b09c8f21fb8b53a6e355b9c415e1faef94f5dcab16f138261b0b76f6fb816432
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5165a914ca774a589ce760277f4ca8349ce32695d3aef8b17626e57db6d46b2
b5633cefe7c581879292959bcb7039b1a41dad5d474103f166aa10669d54e0fe
b5863569adccd9310d734e628e4fde2d790394c102d05b57127c4d54427b8478
b94449e66891f575789ca399243807ab9c649ac44c42cf3b411c1ee6508c3687
b961bb522a21c8710fa523ee1b97d3ae8880606088e221a08525621d54b014ca
b9dbfb8c9f19dbab42326fdc607b21dab0d63e2530f1780abfa4d15e4ff6ef3e
ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb5d1db6d78b21c1385f6a441190a9d740dcf041b33b03de9f94f3b12670f479
bb759faf67697ba0b5359e9574f85b1fe60574b6d96fce3df6eaf102501b107c
bd205ffe59aa5dbad8d578251c5f0a3af93f88dafaa33628f00d99ffc3eca7c4
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bec35833fdefd9f00dea8ea4453556d725b2c2368792502677410c6f72699636
c2ec3a5431f6735374262d4bfc53422457a120a905ddb5d9f534724e83f1c223
c2f32bec9ec8fa028c8a5f17a6dc54aeb81e18189a1d977eedb0482ab49230a1
c355fe365be99f2bf92b2e7d5aa6941e8007267aec534035af846eff6389f3a7
c374fe04896c6f28be274196e73fd7bb3cc5562110239cabfe3b4af7e349d457
c386b69e4c54964f15246a1cb3d4efb96ac0ab0f59470d5065eaa27a342fd4b1
c3bf9a688b9ca3ba16c7e43c5ee8af2ad0f619c3a098c7ba12a14ed8975333bd
c3d84be67c0c5be9cfca5550b4bcc0947d40d62806652b81f7c296bfbc427357
c452dbda60c56a8e6583f9d582b02c1a7bd39e437bf137bf076cd41bd9725533
c558784feeae13ef18d527c907e1d502da83b4862fdfd57c52bf9f33c3419e45
c599798790711ad487b577ecd4d6e6855040b17df7a10da56a2b432002f583f5
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c65c4b1dcc3c11c6915571a25e4fe32162717f669d2cfa28517285b17bf2cdc6
c6a6969faa6758280de3def1e560ce3e6363efa22c1e2215bba6626cf02187fd
c714ebb416fa0b15b725220bca8fbe1cbe2899605b8ef833f1de1f4f66169122
c7709f9611aaf18e144390095b8d93d82cfb60f704fe277ebb96bdfaa9d05718
c93591cccd94f2254d20f66f7f091497f30c9f249714e6fa1b5c9d81c8cedcfe
cace0a2687006def3765aa8443ffc58d003a1897b6d69abcff0d4a3112c45ec3
cbf396f6e3fdd00039ce9d2c3097e9b17aa25cf85c318378a212af7e292cbc04
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5
d038fa339d83dce7445291e079f08b36efac879b8a4f907522a4b3df6e972c3c
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d14d5e991169fcd7c3ee447f005ad0f20ae7edb83bfbe9e7af6d61a06f32ea21
d310e660e142a90fdf8f74867dd05d8718f0ec711efb3607bdcab29bc1a37fce
d397777357de433a425552ffe852f0659e6cb9f64ddfe1929d4a947c3ef55a18
d51ca1693ea8a78ac2f2cd2a8c8db8ad29fe14a52bb7cefd2fba327f37c7717b
d7139c86828ab90555f59fbccbf0209ed8da1f5498ba5d78f80c3b189f38e705
d8453c0d4be5e4379a0620dc5c8a7a1d3a410a5f78ba0c379c5b840f7d9ae19c
d8ae8b5c39fdedab8588c4409bf477ac195cb6655fb94d0c6e5f058f88b21e85
da2514a6d4328a60e934058ee412a091d36cb0ccec89121ce7f64512b7f2dcfa
dafe399acf3df107ee334a1a617a2aea5c49af4932172239b16f0c6515de0fb3
db1f2f4de4a134a2c6da8be0bf4f997c02d446699f4ae7e12821b90fbd583b84
dbad85147b47c3c3e23ec704c9e572676c3b4481eff7e77b6765fea11f252b9d
dbb2e75194d85f8acd316924e0b416352010ab4f8ec25d694c39aa671f2d89c4
dcc90ac3f108449d60341a38188cf65fa419690cf9114c724c31e14d4b7f64a5
de2d174b8956ce02c80601c3f05b3033fd83b4607df0b2700b919d9d12653365
df0df39146c8995f0d40836e1e0839ad95f81ad1c9d24ba85169e3c2f0560ac1
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e4c3b59466d13fef50931da0ed0e2c1bd056e8f039e56518c2a2a9345e25903e
e69abd7e0cc82f336e61fea889e406ecbbeb7ece1df960231b7a9ba0d1dd1676
e70dd2b13f3165a85a871f1863b5f17c7a68e961e2a2788a0921a630edf01bcc
e88ff0da27ebfca1b40736a4888f8b1a21c02306684327bddafce4b3dc8b1cef
ea0f9681ea5b41b25a32628729af94a57e65aeeda9350a56a9bfc906518ca791
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
edb0e4cf9be90dfbe2da6e6415afb682a484cfeba0869c89a94345e2ba0ae3a0
eddee6cb55f1e3215a14618b75a7c39841595e96583394101defeb4eb8929273
edfad80a96eb737099e0317c5472159a5a200b12d766fe52f8c74b5da5d090b2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347
f3e6e25d787a95a0d90f41dc93958920a16c6498130914ee14e3bf72b09d34ec
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f5001e6b9c28ae7973218e1c52a9ddf5030a814f9771a84ac4c671b043b172a0
f6180ec8dad060e65f3bb68c012b470991995f085d7b5f88db7144ce3a8d6315
f73567df489326a1d05a527fdb773ac8904b0dca6228f2d0239ae5a45ac1750d
f8faa0b1858738ee68f55941a12407b2e62f9e73c1cd95d90a18a8df92f5332a
f97b785e2507e11a5bf6c1e5df26294847eae035bf7803d2c760b57d2ef9b5ed
f9c90ee30ec66127adfefd1e68106fc94643e091337d637692d036977b89fa87
f9dabf8280f5805816486cde705c4646816561c5cccdd3aebb2920157b6360a3
fa79ca06324b5d9c5ae654fe417e9adcb1a67f8eea25924e7217a32b533f5fb7
fcfe8718632767474e43758fad2a1f98cdd3665a66e34a81c9d65140109d56f2