urlscan.io logo urlscan.io
SecurityTrails logo

abrirumaconta.com Open in urlscan Pro
108.167.183.96  Public Scan

Go To Rescan Add Verdict Report
URL: https://abrirumaconta.com/
Submission: On September 14 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 59 HTTP transactions. The main IP is 108.167.183.96, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is abrirumaconta.com.
TLS certificate: Issued by R3 on September 14th 2021. Valid for: 3 months.
This is the only time abrirumaconta.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
29 108.167.183.96 46606 (UNIFIEDLA...)
1 216.58.213.10 15169 (GOOGLE)
1 1 104.17.175.181 13335 (CLOUDFLAR...)
1 104.18.23.129 13335 (CLOUDFLAR...)
2 142.250.180.3 15169 (GOOGLE)
1 52.174.133.36 8075 (MICROSOFT...)
17 104.16.173.188 13335 (CLOUDFLAR...)
2 13.69.68.15 8075 (MICROSOFT...)
6 94.31.29.128 33438 (HIGHWINDS2)
59 8
29    108.167.183.96 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: nubica.com
abrirumaconta.com
1    216.58.213.10 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s25-in-f10.1e100.net
fonts.googleapis.com
1    104.17.175.181 (None, )

ASN13335 (CLOUDFLARENET, US)
mediaserver.gvcaffiliates.com
1    104.18.23.129 (None, )

ASN13335 (CLOUDFLARENET, US)
mediaserver.entainpartners.com
2    142.250.180.3 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s32-in-f3.1e100.net
fonts.gstatic.com
1    52.174.133.36 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ads.leovegas.com
17    104.16.173.188 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.bannerflow.com
video.bannerflow.com
2    13.69.68.15 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
55634380f50b9613805936af.tracker.bannerflow.com
575e53c686585416146c4c3c.tracker.bannerflow.com
6    94.31.29.128 (United Kingdom)

ASN33438 (HIGHWINDS2, US)
PTR: 94.31.29.128.IPYX-077437-ZYO.above.net
leovegas-leovegas.bannerflow.com
Domain Requested by
29 abrirumaconta.com abrirumaconta.com
14 cdn.bannerflow.com ads.leovegas.com
cdn.bannerflow.com
mediaserver.entainpartners.com
6 leovegas-leovegas.bannerflow.com cdn.bannerflow.com
3 video.bannerflow.com
2 fonts.gstatic.com fonts.googleapis.com
1 575e53c686585416146c4c3c.tracker.bannerflow.com cdn.bannerflow.com
1 55634380f50b9613805936af.tracker.bannerflow.com cdn.bannerflow.com
1 ads.leovegas.com abrirumaconta.com
1 mediaserver.entainpartners.com abrirumaconta.com
1 mediaserver.gvcaffiliates.com 1 redirects
1 fonts.googleapis.com abrirumaconta.com
59 11
Subject Issuer Validity Valid
*.abrirumaconta.com
R3		 2021-09-14 -
2021-12-13		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-23 -
2021-11-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-12-10 -
2021-12-09		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
affiliate.leovegas.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-29 -
2022-03-11		 10 months crt.sh
*.tracker.bannerflow.com
R3		 2021-08-26 -
2021-11-24		 3 months crt.sh
*.bannerflow.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-10 -
2022-03-13		 a year crt.sh

This page contains 8 frames:

Primary Page: https://abrirumaconta.com/
Frame ID: 5F584F99CA985C798B502B017C0221FB
Requests: 32 HTTP requests in this frame

Frame: https://mediaserver.entainpartners.com/renderBanner.do?zoneId=1908386&t=f&v=1&securedDomain=y
Frame ID: 96200EF2F5F542176CA09EDB42B89EAE
Requests: 4 HTTP requests in this frame

Frame: https://ads.leovegas.com/ad.aspx?bid=16088&pid=3655377
Frame ID: 8D0A3C168015E3FFE3CC80EC3C630A8A
Requests: 4 HTTP requests in this frame

Frame: https://cdn.bannerflow.com/bf-banners/5e21cdb5c4d2672c089e196f.5vmfWffrqKeC.html?cb=637292693134966765&clickpixel=%2F%2F55634380f50b9613805936af.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522leovegas%2522%252C%2522brand%2522%253A%252255634380f50b9613805936af%2522%252C%2522placement%2522%253A%25225e256959c4d2672c089f7f46%2522%252C%2522ad%2522%253A%25225e21cdb5c4d2672c089e1970%2522%252C%2522bannerset%2522%253A%25225d7796a55cad9d2de8a6e5cc%2522%252C%2522banner%2522%253A%25225e21cdb5c4d2672c089e196f%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225e21cdb5c4d2672c089e196f%2522%257D&targeturl=http%3A%2F%2Fads.leovegas.com%2Fredirect.aspx%3Fbid%3D16088%26pid%3D3655377%26redirectUrl%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fabrirumaconta.com
Frame ID: B60B7BA0CE345B255722F0DC95C22EB4
Requests: 2 HTTP requests in this frame

Frame: https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c935.51WzzLuzuSn5.html?cb=637076020670576631&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06d%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c936%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c935%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c935%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908386&trackerId=4905609&wm=4905609&zoneid=1908386&ref=https%3A%2F%2Fabrirumaconta.com%2F
Frame ID: 1D47673DCB55A8112F40B148476E828A
Requests: 2 HTTP requests in this frame

Frame: https://cdn.bannerflow.com/bf-banners/5e21cdb5c4d2672c089e196f.html?cb=637292693130232776&clickpixel=%2F%2F55634380f50b9613805936af.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522leovegas%2522%252C%2522brand%2522%253A%252255634380f50b9613805936af%2522%252C%2522placement%2522%253A%25225e256959c4d2672c089f7f46%2522%252C%2522ad%2522%253A%25225e21cdb5c4d2672c089e1970%2522%252C%2522bannerset%2522%253A%25225d7796a55cad9d2de8a6e5cc%2522%252C%2522banner%2522%253A%25225e21cdb5c4d2672c089e196f%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225e21cdb5c4d2672c089e196f%2522%257D&targeturl=http%3A%2F%2Fads.leovegas.com%2Fredirect.aspx%3Fbid%3D16088%26pid%3D3655377%26redirectUrl%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fabrirumaconta.com
Frame ID: 5B3E3B36371189CA105790A1C7073A05
Requests: 6 HTTP requests in this frame

Frame: https://leovegas-leovegas.bannerflow.com/resources/custom-resource-108b0930-4fc5-4b9d-95f1-7c90f9c953eb?cb=637188148031149834
Frame ID: FF7CDAF8FDFD0B1476B44D210A0860CF
Requests: 4 HTTP requests in this frame

Frame: https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c935.html?cb=637076020655361220&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06d%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c936%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c935%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c935%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908386&trackerId=4905609&wm=4905609&zoneid=1908386&ref=https%3A%2F%2Fabrirumaconta.com%2F
Frame ID: 32E597F0E19EC70ADB397B6C7D1B9E9F
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Como criar uma conta de Apostas online no Brasil | Setembro 2021

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

59
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

11
Subdomains

8
IPs

4
Countries

713 kB
Transfer

1621 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://mediaserver.gvcaffiliates.com/renderBanner.do?zoneId=1908386&t=f&v=1&securedDomain=y HTTP 301
  • https://mediaserver.entainpartners.com/renderBanner.do?zoneId=1908386&t=f&v=1&securedDomain=y

59 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
abrirumaconta.com/ 		56 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
061a2bcc22ec6b1b8f1e547588e050f1fcf19a7754e8b77fb14e74e5e4f8378d

Request headers

:method
GET
:authority
abrirumaconta.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 14 Sep 2021 17:10:12 GMT
server
Apache
link
<https://abrirumaconta.com/wp-json/>; rel="https://api.w.org/", <https://abrirumaconta.com/wp-json/wp/v2/pages/24>; rel="alternate"; type="application/json", <https://abrirumaconta.com/>; rel=shortlink
vary
Accept-Encoding,User-Agent
content-encoding
gzip
content-type
text/html; charset=UTF-8
itempropwp.css
abrirumaconta.com/wp-content/plugins/itempropwp/assets/css/ 		180 B
212 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-content/plugins/itempropwp/assets/css/itempropwp.css
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
104af3afbda2c371c33726c6a020b8d871de67fc85908ece74eb7b8c6b749146

Request headers

:path
/wp-content/plugins/itempropwp/assets/css/itempropwp.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 17:10:13 GMT
content-encoding
gzip
last-modified
Sat, 29 Jun 2019 15:12:27 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
157
style.min.css
abrirumaconta.com/wp-includes/css/dist/block-library/ 		79 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 17:10:13 GMT
content-encoding
gzip
last-modified
Sun, 22 Aug 2021 01:05:13 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
14560
screen.min.css
abrirumaconta.com/wp-content/plugins/table-of-contents-plus/ 		1 KB
513 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-content/plugins/table-of-contents-plus/screen.min.css
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b

Request headers

:path
/wp-content/plugins/table-of-contents-plus/screen.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 17:10:13 GMT
content-encoding
gzip
last-modified
Sun, 22 Aug 2021 01:03:35 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
458
postratings-css.css
abrirumaconta.com/wp-content/plugins/wp-postratings/css/ 		1 KB
464 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-content/plugins/wp-postratings/css/postratings-css.css
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
c56b566e17c62870ce139b3a57bfb94a9d785792bd6ac2220d52426b8590d87f

Request headers

:path
/wp-content/plugins/wp-postratings/css/postratings-css.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 17:10:13 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 02:49:29 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
410
style.css
abrirumaconta.com/wp-content/themes//mts_schema// 		49 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-content/themes//mts_schema//style.css
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
067d38e4887aeaede469aedb2eb0396f21c0457f541a01664bbf75132a2b4339

Request headers

:path
/wp-content/themes//mts_schema//style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 17:10:13 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 22:06:02 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
15990
wp-review.css
abrirumaconta.com/wp-content/plugins/wp-review/public/css/ 		37 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-content/plugins/wp-review/public/css/wp-review.css
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
438ff3af395513310c69d935eb8c6e521312075673d2fdf0e82a7ad2d3037152

Request headers

:path
/wp-content/plugins/wp-review/public/css/wp-review.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 17:10:13 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 02:49:24 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
9345
style.css
abrirumaconta.com/wp-content/themes/child-schema/ 		376 B
336 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-content/themes/child-schema/style.css
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
38e8b806cb1e93fd1b2f8d8424de067184b07efa3e49409055ac2648e10de1fd

Request headers

:path
/wp-content/themes/child-schema/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 17:10:13 GMT
content-encoding
gzip
last-modified
Thu, 16 Jan 2020 01:26:53 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
246
responsive.css
abrirumaconta.com/wp-content/themes//mts_schema//css/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-content/themes//mts_schema//css/responsive.css
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
d2d8bf22de7affd3775516f2da81a6c45b20720698b9ab99b2883ae5761c2f8f

Request headers

:path
/wp-content/themes//mts_schema//css/responsive.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 17:10:13 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 22:06:02 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
4009
font-awesome.min.css
abrirumaconta.com/wp-content/themes//mts_schema//css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-content/themes//mts_schema//css/font-awesome.min.css
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
bb4f2176a2375283b5a4eb0f0a8c3b9fe06ed51f6e8ba012a54c5a408d0c0b38

Request headers

:path
/wp-content/themes//mts_schema//css/font-awesome.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 17:10:13 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 22:06:02 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
7093
jquery.min.js
abrirumaconta.com/wp-includes/js/jquery/ 		87 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-includes/js/jquery/jquery.min.js
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

:path
/wp-includes/js/jquery/jquery.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 17:10:13 GMT
content-encoding
gzip
last-modified
Sun, 22 Aug 2021 01:05:13 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-type
application/javascript
jquery-migrate.min.js
abrirumaconta.com/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 17:10:13 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 02:53:50 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
4618
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Slab:normal|Raleway:500|Raleway:700|Roboto+Slab:300&subset=latin&display=swap
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.213.10 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s25-in-f10.1e100.net
Software
ESF /
Resource Hash
198facaccbd3ce2ef8c735c87b478de10e8ed822912522ded7d42be30e9cab55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 17:10:13 GMT
server
ESF
date
Tue, 14 Sep 2021 17:10:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Sep 2021 17:10:13 GMT
/
abrirumaconta.com/aposta/como-funcionam-as-apostas-on-line/ 		0
18 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/aposta/como-funcionam-as-apostas-on-line/
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/aposta/como-funcionam-as-apostas-on-line/
pragma
no-cache
purpose
prefetch
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
empty
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-pingback
https://abrirumaconta.com/xmlrpc.php
date
Tue, 14 Sep 2021 17:10:13 GMT
content-encoding
gzip
server
Apache
link
<https://abrirumaconta.com/wp-json/>; rel="https://api.w.org/", <https://abrirumaconta.com/wp-json/wp/v2/posts/37>; rel="alternate"; type="application/json", <https://abrirumaconta.com/?p=37>; rel=shortlink
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
wp-emoji-release.min.js
abrirumaconta.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 17:10:13 GMT
content-encoding
gzip
last-modified
Sun, 22 Aug 2021 01:05:13 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
5243
mais18small.jpg
abrirumaconta.com/wp-content/uploads/2020/01/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abrirumaconta.com/wp-content/uploads/2020/01/mais18small.jpg
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
8ed46e74610f6f05636249806fb91cf967f22496213feeda435fd6fdfbaa5b7c

Request headers

:path
/wp-content/uploads/2020/01/mais18small.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 17:10:13 GMT
last-modified
Thu, 16 Jan 2020 02:53:04 GMT
server
Apache
accept-ranges
bytes
content-length
9285
content-type
image/jpeg
icons.css
abrirumaconta.com/wp-content/plugins/shortcodes-ultimate/includes/css/ 		33 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
a8478eb35ceb97b9c5adbbd3cc588b4dbf9c87977f4100f501314cba4eb39d03

Request headers

:path
/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 17:10:13 GMT
content-encoding
gzip
last-modified
Sun, 22 Aug 2021 01:03:33 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
8083
shortcodes.css
abrirumaconta.com/wp-content/plugins/shortcodes-ultimate/includes/css/ 		46 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
b40c1986e7356eb9b3a24bb2bc93a20e4dfdaa430392d597fc06c0165b9af502

Request headers

:path
/wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 17:10:13 GMT
content-encoding
gzip
last-modified
Sun, 22 Aug 2021 01:03:33 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
12178
front.min.js
abrirumaconta.com/wp-content/plugins/table-of-contents-plus/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-content/plugins/table-of-contents-plus/front.min.js
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19

Request headers

:path
/wp-content/plugins/table-of-contents-plus/front.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 17:10:13 GMT
content-encoding
gzip
last-modified
Sun, 22 Aug 2021 01:03:35 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
2574
postratings-js.js
abrirumaconta.com/wp-content/plugins/wp-postratings/js/ 		3 KB
819 B 		Script
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-content/plugins/wp-postratings/js/postratings-js.js
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
c42425f18923921089911e70f39c6dd462794df2e42ac0596abc3884da6471fc

Request headers

:path
/wp-content/plugins/wp-postratings/js/postratings-js.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 17:10:13 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 02:49:29 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
787
customscript.js
abrirumaconta.com/wp-content/themes//mts_schema//js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-content/themes//mts_schema//js/customscript.js
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
4df14421c4f66a508fd6f45c56e3e1bd92747519362d343fe586ca20557a1ec0

Request headers

:path
/wp-content/themes//mts_schema//js/customscript.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 17:10:13 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 22:06:02 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
3028
layzr.min.js
abrirumaconta.com/wp-content/themes//mts_schema//js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-content/themes//mts_schema//js/layzr.min.js
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
830d83e7db0b07cb6ee90a4d62c1c7db0559abd2ce8ecfb95f66d569b3a60029

Request headers

:path
/wp-content/themes//mts_schema//js/layzr.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 17:10:13 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 22:06:02 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
1889
js.cookie.min.js
abrirumaconta.com/wp-content/plugins/wp-review/public/js/ 		2 KB
910 B 		Script
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-content/plugins/wp-review/public/js/js.cookie.min.js
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
d5b071fda01315f271998e251812dcf8465dcf34bb9e436bb502235700c40eac

Request headers

:path
/wp-content/plugins/wp-review/public/js/js.cookie.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 17:10:13 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 02:49:24 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
878
underscore.min.js
abrirumaconta.com/wp-includes/js/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-includes/js/underscore.min.js
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32

Request headers

:path
/wp-includes/js/underscore.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 17:10:13 GMT
content-encoding
gzip
last-modified
Sun, 22 Aug 2021 01:05:13 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
8329
wp-util.min.js
abrirumaconta.com/wp-includes/js/ 		1 KB
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-includes/js/wp-util.min.js
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35

Request headers

:path
/wp-includes/js/wp-util.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 17:10:13 GMT
content-encoding
gzip
last-modified
Sun, 22 Aug 2021 01:05:13 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
709
main.js
abrirumaconta.com/wp-content/plugins/wp-review/public/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-content/plugins/wp-review/public/js/main.js
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
b471033f1864708331e5945f9003e0eed1d563d673d2666aca296198b9cc6ca7

Request headers

:path
/wp-content/plugins/wp-review/public/js/main.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 17:10:13 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 02:49:24 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
1170
wp-embed.min.js
abrirumaconta.com/wp-includes/js/ 		1 KB
809 B 		Script
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-includes/js/wp-embed.min.js
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path
/wp-includes/js/wp-embed.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 17:10:13 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 02:53:50 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
777
renderBanner.do
mediaserver.entainpartners.com/ Frame 9620
Redirect Chain
  • https://mediaserver.gvcaffiliates.com/renderBanner.do?zoneId=1908386&t=f&v=1&securedDomain=y
  • https://mediaserver.entainpartners.com/renderBanner.do?zoneId=1908386&t=f&v=1&securedDomain=y
329 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mediaserver.entainpartners.com/renderBanner.do?zoneId=1908386&t=f&v=1&securedDomain=y
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.129 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
460e61f79f72a11f2f7a8e0c9df0118e7ece7145ca436576907479680215e38f

Request headers

:method
GET
:authority
mediaserver.entainpartners.com
:scheme
https
:path
/renderBanner.do?zoneId=1908386&t=f&v=1&securedDomain=y
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://abrirumaconta.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://abrirumaconta.com/

Response headers

date
Tue, 14 Sep 2021 17:10:14 GMT
content-type
text/html;charset=UTF-8
content-language
de-DE
set-cookie
ADRUM_BTa="R:26|g:3e3200de-7cae-44e8-9ad3-b19e3dae750a"; Version=1; Max-Age=30; Expires=Tue, 14-Sep-2021 17:10:44 GMT; Path=/ ADRUM_BTa="R:26|g:3e3200de-7cae-44e8-9ad3-b19e3dae750a|n:customer1_3ad3683b-4f2b-49aa-91cf-d6bdadcc6baf"; Version=1; Max-Age=30; Expires=Tue, 14-Sep-2021 17:10:44 GMT; Path=/ SameSite=None; Expires=Tue, 14-Sep-2021 17:10:44 GMT; Path=/; Secure JSESSIONID=621EF14F9C7D9CAD5ED84A8A26A3FAFF; Path=/; HttpOnly __cf_bm=bZXuIgPdeexeWQGCSOVSjwVO.WGZx3p0yLjLBZsIpQA-1631639414-0-AXZa0D+wlaks5/YkgNWAU35fT7l8b9xBGngRx1rY6YUxJ5MMbSPmTu94FzTgBuSp4ii/vXQX5PI38w3FbbQsA8Y=; path=/; expires=Tue, 14-Sep-21 17:40:14 GMT; domain=.entainpartners.com; HttpOnly; Secure; SameSite=None
vary
Accept-Encoding
x-ua-compatible
IE=EmulateIE7
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
68eb3a410a434107-PRG
content-encoding
gzip

Redirect headers

date
Tue, 14 Sep 2021 17:10:13 GMT
content-type
text/html; charset=iso-8859-1
content-length
313
location
https://mediaserver.entainpartners.com/renderBanner.do?zoneId=1908386&t=f&v=1&securedDomain=y
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
set-cookie
__cf_bm=f3.kGoQ6qHvcAzFxbJ59alicefw7j.7VM7OsgZ1Ut0s-1631639413-0-Ac8szEZVhzE7+RPTm6d6FlRuJ2eeviEViNiFvWpVth2rdL3jyyfz61Ct8uwKJIWQ5FDvVXyrvgIuUJrBpuX6eNc=; path=/; expires=Tue, 14-Sep-21 17:40:13 GMT; domain=.gvcaffiliates.com; HttpOnly; Secure; SameSite=None
server
cloudflare
cf-ray
68eb3a3efc7f4107-PRG
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v22/ 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:normal|Raleway:500|Raleway:700|Roboto+Slab:300&subset=latin&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f3.1e100.net
Software
sffe /
Resource Hash
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://abrirumaconta.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 03:01:09 GMT
x-content-type-options
nosniff
age
396544
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47312
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 19:40:30 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Sep 2022 03:01:09 GMT
BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v13/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v13/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:normal|Raleway:500|Raleway:700|Roboto+Slab:300&subset=latin&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f3.1e100.net
Software
sffe /
Resource Hash
8c79f09d1e74eadaf897561f5d70265ed2884663d34ad9c4d7f2aebff3b85a6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://abrirumaconta.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 20:27:38 GMT
x-content-type-options
nosniff
age
247355
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39440
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 22:03:59 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Sep 2022 20:27:38 GMT
Cookie set ad.aspx
ads.leovegas.com/ Frame 8D0A 		238 B
1021 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.leovegas.com/ad.aspx?bid=16088&pid=3655377
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.174.133.36 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
0f66e8fdd00f89936fe75ee0aefa429c2d67211a17db5a6e3c9ba0139fe660c8

Request headers

Host
ads.leovegas.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://abrirumaconta.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://abrirumaconta.com/

Response headers

Server
nginx
Date
Tue, 14 Sep 2021 17:10:49 GMT
Content-Type
text/html; charset=utf-8
Content-Length
238
Connection
keep-alive
Cache-Control
private,no-cache, no-store
Pragma
no-cache
P3P
CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
X-AspNet-Version
4.0.30319
Set-Cookie
NetRefer_CookieUniTrack_V=%5b%7b%22PID%22%3a3655377%2c%22BID%22%3a16088%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1631639413712)%5c%2f%22%2c%22CookieTag%22%3a%221608836553774112101C20219141710%22%7d%5d; SameSite=None;; domain=.leovegas.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
Request-Context
appId=cid-v1:7b1bd175-669c-4817-96f4-9fd37be5aa50
Access-Control-Expose-Headers
Request-Context
X-Powered-By
ASP.NET
rating_over.gif
abrirumaconta.com/wp-content/plugins/wp-postratings/images/stars/ 		523 B
561 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abrirumaconta.com/wp-content/plugins/wp-postratings/images/stars/rating_over.gif
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
71348f4f38512af6e6ba8062fe5545a783f91d1a07bcb300c246f1bad9b0d4b6

Request headers

:path
/wp-content/plugins/wp-postratings/images/stars/rating_over.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://abrirumaconta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 17:10:13 GMT
last-modified
Wed, 21 Apr 2021 02:49:29 GMT
server
Apache
accept-ranges
bytes
content-length
523
content-type
image/gif
forkawesome-webfont.woff2
abrirumaconta.com/wp-content/plugins/shortcodes-ultimate/includes/fonts/fork-awesome/ 		88 KB
89 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-content/plugins/shortcodes-ultimate/includes/fonts/fork-awesome/forkawesome-webfont.woff2?v=1.0.11
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
ec8604d4eade6552031ca2e8d3af9b3a1393bdc11b39dcb8176c41f4e5fb678c

Request headers

:path
/wp-content/plugins/shortcodes-ultimate/includes/fonts/fork-awesome/forkawesome-webfont.woff2?v=1.0.11
pragma
no-cache
origin
https://abrirumaconta.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://abrirumaconta.com/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css
Origin
https://abrirumaconta.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 17:10:13 GMT
content-encoding
gzip
last-modified
Sun, 22 Aug 2021 01:03:33 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-type
font/woff2
fontawesome-webfont.woff2
abrirumaconta.com/wp-content/themes//mts_schema//fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://abrirumaconta.com/wp-content/themes//mts_schema//fonts/fontawesome-webfont.woff2
Requested by
Host: abrirumaconta.com
URL: https://abrirumaconta.com/wp-content/themes//mts_schema//css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.183.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
nubica.com
Software
Apache /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

:path
/wp-content/themes//mts_schema//fonts/fontawesome-webfont.woff2
pragma
no-cache
origin
https://abrirumaconta.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
abrirumaconta.com
referer
https://abrirumaconta.com/wp-content/themes//mts_schema//css/font-awesome.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://abrirumaconta.com/wp-content/themes//mts_schema//css/font-awesome.min.css
Origin
https://abrirumaconta.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 17:10:13 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 22:06:02 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-type
font/woff2
5e256959c4d2672c089f7f46
cdn.bannerflow.com/bf-placements/ Frame 8D0A 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bannerflow.com/bf-placements/5e256959c4d2672c089f7f46?targeturl=http%3A%2F%2Fads.leovegas.com%2Fredirect.aspx%3Fbid%3D16088%26pid%3D3655377%26redirectUrl%3D
Requested by
Host: ads.leovegas.com
URL: https://ads.leovegas.com/ad.aspx?bid=16088&pid=3655377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.173.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11627155969a1b818dd7dbe6885ef058a711095745698bf7a16903fed9b20251

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.leovegas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 14 Sep 2021 17:10:14 GMT
content-encoding
br
cf-cache-status
MISS
content-md5
O6hEloK32iVghT7xZuyoQw==
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 02 Jul 2020 06:48:34 GMT
server
cloudflare
etag
W/"0x8D81E53F09A2CFE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
904fb9b0-701e-00d5-468b-a9896e000000
cache-control
public,max-age=900
x-ms-version
2014-02-14
cf-ray
68eb3a40799b2790-PRG
render.min.js
cdn.bannerflow.com/scripts/1.5.17/ Frame 8D0A 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bannerflow.com/scripts/1.5.17/render.min.js
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/bf-placements/5e256959c4d2672c089f7f46?targeturl=http%3A%2F%2Fads.leovegas.com%2Fredirect.aspx%3Fbid%3D16088%26pid%3D3655377%26redirectUrl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.173.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46ab19458f30ef96463fbabfff680bcf0f5f582ca7190652c15476eef60654e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.leovegas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 14 Sep 2021 17:10:14 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
HDirVHlqpy/3JGeewr9WFw==
age
281
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Mon, 13 Jan 2020 13:59:49 GMT
server
cloudflare
etag
W/"0x8D79830DAEE6783"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
642203bc-301e-003c-113e-a57568000000
cache-control
public, max-age=31530000
x-ms-version
2014-02-14
cf-ray
68eb3a41ece72790-PRG
5e21cdb5c4d2672c089e196f.5vmfWffrqKeC.html
cdn.bannerflow.com/bf-banners/ Frame B60B 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.bannerflow.com/bf-banners/5e21cdb5c4d2672c089e196f.5vmfWffrqKeC.html?cb=637292693134966765&clickpixel=%2F%2F55634380f50b9613805936af.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522leovegas%2522%252C%2522brand%2522%253A%252255634380f50b9613805936af%2522%252C%2522placement%2522%253A%25225e256959c4d2672c089f7f46%2522%252C%2522ad%2522%253A%25225e21cdb5c4d2672c089e1970%2522%252C%2522bannerset%2522%253A%25225d7796a55cad9d2de8a6e5cc%2522%252C%2522banner%2522%253A%25225e21cdb5c4d2672c089e196f%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225e21cdb5c4d2672c089e196f%2522%257D&targeturl=http%3A%2F%2Fads.leovegas.com%2Fredirect.aspx%3Fbid%3D16088%26pid%3D3655377%26redirectUrl%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fabrirumaconta.com
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/scripts/1.5.17/render.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.173.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91399161639c7b4f866a7a88b218811ec69a93b1fe606a61e559911111e69c2c

Request headers

:method
GET
:authority
cdn.bannerflow.com
:scheme
https
:path
/bf-banners/5e21cdb5c4d2672c089e196f.5vmfWffrqKeC.html?cb=637292693134966765&clickpixel=%2F%2F55634380f50b9613805936af.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522leovegas%2522%252C%2522brand%2522%253A%252255634380f50b9613805936af%2522%252C%2522placement%2522%253A%25225e256959c4d2672c089f7f46%2522%252C%2522ad%2522%253A%25225e21cdb5c4d2672c089e1970%2522%252C%2522bannerset%2522%253A%25225d7796a55cad9d2de8a6e5cc%2522%252C%2522banner%2522%253A%25225e21cdb5c4d2672c089e196f%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225e21cdb5c4d2672c089e196f%2522%257D&targeturl=http%3A%2F%2Fads.leovegas.com%2Fredirect.aspx%3Fbid%3D16088%26pid%3D3655377%26redirectUrl%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fabrirumaconta.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.leovegas.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.leovegas.com/

Response headers

date
Tue, 14 Sep 2021 17:10:14 GMT
content-type
text/html
cache-control
public, max-age=900
content-md5
wTAQdM6wA+/ILh/IXGrKEA==
last-modified
Thu, 03 Sep 2020 19:27:36 GMT
x-ms-request-id
9764d8be-201e-000a-128b-a9d83a000000
x-ms-version
2014-02-14
x-ms-lease-status
unlocked
x-ms-lease-state
available
x-ms-blob-type
BlockBlob
access-control-allow-origin
*
cf-cache-status
MISS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
68eb3a421d832790-PRG
content-encoding
br
pixel
55634380f50b9613805936af.tracker.bannerflow.com/api/tr/v1/ Frame 8D0A 		32 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://55634380f50b9613805936af.tracker.bannerflow.com/api/tr/v1/pixel?data=%7B%22u%22%3A%7B%22sr%22%3A%5B1600%2C1200%5D%2C%22tz%22%3A%22%2B0000%22%2C%22r%22%3A%22https%3A%2F%2Fabrirumaconta.com%22%2C%22s%22%3A%221631639414085_21568%22%7D%2C%22a%22%3A%7B%22vs%22%3A%22v1.5.17%22%2C%22a%22%3A%22leovegas%22%2C%22br%22%3A%2255634380f50b9613805936af%22%2C%22c%22%3A%225d7796a55cad9d2de8a6e5cc%22%2C%22ad%22%3A%225e21cdb5c4d2672c089e1970%22%2C%22p%22%3A%225e256959c4d2672c089f7f46%22%2C%22b%22%3A%225e21cdb5c4d2672c089e196f%22%2C%22pl%22%3A1%2C%22r%22%3A0%2C%22an%22%3A1%2C%22s%22%3A%225a84042be6383d1e0c53d3da%22%2C%22t%22%3A%225d7796a55cad9d2de8a6e5d0%22%2C%22l%22%3A%225d3846f4a929cf1f4ce1bde2%22%2C%22bf%22%3A%225e21cdb5c4d2672c089e196d%22%7D%2C%22e%22%3A%5B%7B%22d%22%3A1631639414085%2C%22t%22%3A1%2C%22v%22%3A%7B%22vw%22%3A1%2C%22s%22%3A0%7D%7D%5D%7D
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/scripts/1.5.17/render.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.68.15 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.leovegas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
https://ads.leovegas.com
date
Tue, 14 Sep 2021 17:10:14 GMT
cache-control
no-store, must-revalidate, no-cache
access-control-allow-credentials
true
server
Kestrel
content-type
image/gif
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
5dc30a1c509e6d169063b06d
cdn.bannerflow.com/bf-placements/ Frame 9620 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bannerflow.com/bf-placements/5dc30a1c509e6d169063b06d?targetwindow=_blank&&clickservice=https%3A%2F%2Fmediaserver.entainpartners.com%2FtrackAffiliateClick.do%3FzoneId%3D1908386%26trackerId%3D4905609&wm=4905609&zoneid=1908386
Requested by
Host: mediaserver.entainpartners.com
URL: https://mediaserver.entainpartners.com/renderBanner.do?zoneId=1908386&t=f&v=1&securedDomain=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.173.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c585fa68444254e8ebc0e409903af7aebdd9e2b42d8eb8381453534595a8f89d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mediaserver.entainpartners.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 14 Sep 2021 17:10:14 GMT
content-encoding
br
cf-cache-status
MISS
content-md5
AFFUNnjD8iDJ0gZB7yN/dA==
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 06 Nov 2019 17:59:56 GMT
server
cloudflare
etag
W/"0x8D762E3223766F9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
2ccf7d4f-201e-006c-278b-a96a60000000
cache-control
public,max-age=900
x-ms-version
2014-02-14
cf-ray
68eb3a428e882790-PRG
5e21cdb5c4d2672c089e196f.5vmfWffrqKeC.jpg
leovegas-leovegas.bannerflow.com/bf-images/ Frame B60B 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leovegas-leovegas.bannerflow.com/bf-images/5e21cdb5c4d2672c089e196f.5vmfWffrqKeC.jpg?cb=637292693134295451
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/bf-banners/5e21cdb5c4d2672c089e196f.5vmfWffrqKeC.html?cb=637292693134966765&clickpixel=%2F%2F55634380f50b9613805936af.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522leovegas%2522%252C%2522brand%2522%253A%252255634380f50b9613805936af%2522%252C%2522placement%2522%253A%25225e256959c4d2672c089f7f46%2522%252C%2522ad%2522%253A%25225e21cdb5c4d2672c089e1970%2522%252C%2522bannerset%2522%253A%25225d7796a55cad9d2de8a6e5cc%2522%252C%2522banner%2522%253A%25225e21cdb5c4d2672c089e196f%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225e21cdb5c4d2672c089e196f%2522%257D&targeturl=http%3A%2F%2Fads.leovegas.com%2Fredirect.aspx%3Fbid%3D16088%26pid%3D3655377%26redirectUrl%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fabrirumaconta.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
6f4b209119c019a947bdf343b4149c6aac704686970f5562863baf2a8fe2e7fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.bannerflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 14 Sep 2021 17:10:14 GMT
content-md5
zavZ+OkarTwdiKji+e6eIQ==
x-cache
MISS
content-length
60655
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 02 Jul 2020 06:48:37 GMT
server
NetDNA-cache/2.2
etag
"0x8D81E53F2F02349"
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
70cc0861-601e-00e8-298b-a93c48000000
cache-control
public, max-age=900
x-ms-version
2014-02-14
accept-ranges
bytes
render.min.js
cdn.bannerflow.com/scripts/1.5.8/ Frame 9620 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bannerflow.com/scripts/1.5.8/render.min.js
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/bf-placements/5dc30a1c509e6d169063b06d?targetwindow=_blank&&clickservice=https%3A%2F%2Fmediaserver.entainpartners.com%2FtrackAffiliateClick.do%3FzoneId%3D1908386%26trackerId%3D4905609&wm=4905609&zoneid=1908386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.173.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c17e2e405e202306a1593ccb35d514da7af18f411e9d7a31e0556e16bc4f43df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mediaserver.entainpartners.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 14 Sep 2021 17:10:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
content-md5
b6UAGszaXaX21rwCOKLyNg==
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 09 Oct 2019 06:50:49 GMT
server
cloudflare
etag
W/"0x8D74C8504DB248F"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
48f1f496-e01e-00bd-69c4-a7d73f000000
cache-control
public, max-age=31530000
x-ms-version
2014-02-14
cf-ray
68eb3a43ea702790-PRG
59561c98bd8d3e173850c935.51WzzLuzuSn5.html
cdn.bannerflow.com/bf-banners/ Frame 1D47 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c935.51WzzLuzuSn5.html?cb=637076020670576631&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06d%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c936%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c935%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c935%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908386&trackerId=4905609&wm=4905609&zoneid=1908386&ref=https%3A%2F%2Fabrirumaconta.com%2F
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/scripts/1.5.8/render.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.173.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10f1b742ff325753c7c2630d67a0bcd3be9c0a72b236ffa5178b54abacc378de

Request headers

:method
GET
:authority
cdn.bannerflow.com
:scheme
https
:path
/bf-banners/59561c98bd8d3e173850c935.51WzzLuzuSn5.html?cb=637076020670576631&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06d%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c936%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c935%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c935%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908386&trackerId=4905609&wm=4905609&zoneid=1908386&ref=https%3A%2F%2Fabrirumaconta.com%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mediaserver.entainpartners.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediaserver.entainpartners.com/

Response headers

date
Tue, 14 Sep 2021 17:10:14 GMT
content-type
text/html
cache-control
public, max-age=900
content-md5
M2DlMYMgSGAew/FDy/VH0Q==
last-modified
Tue, 01 Sep 2020 22:03:04 GMT
x-ms-request-id
144c04a6-601e-00e3-3b8b-a9243c000000
x-ms-version
2014-02-14
x-ms-lease-status
unlocked
x-ms-lease-state
available
x-ms-blob-type
BlockBlob
access-control-allow-origin
*
cf-cache-status
MISS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
68eb3a451d5e2790-PRG
content-encoding
br
pixel
575e53c686585416146c4c3c.tracker.bannerflow.com/api/tr/v1/ Frame 9620 		32 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://575e53c686585416146c4c3c.tracker.bannerflow.com/api/tr/v1/pixel?data=%7B%22u%22%3A%7B%22sr%22%3A%5B1600%2C1200%5D%2C%22tz%22%3A%22%2B0000%22%2C%22r%22%3A%22https%3A%2F%2Fabrirumaconta.com%2F%22%2C%22s%22%3A%221631639414570_44527%22%7D%2C%22a%22%3A%7B%22vs%22%3A%22v1.5.8%22%2C%22a%22%3A%22pgsm%22%2C%22br%22%3A%22575e53c686585416146c4c3c%22%2C%22c%22%3A%2258d91bcf9db2143fe8a27676%22%2C%22ad%22%3A%2259561c98bd8d3e173850c936%22%2C%22p%22%3A%225dc30a1c509e6d169063b06d%22%2C%22b%22%3A%2259561c98bd8d3e173850c935%22%2C%22pl%22%3A1%2C%22r%22%3A0%2C%22an%22%3A1%2C%22s%22%3A%22575e53c686585416146c4c4d%22%2C%22t%22%3A%2259561c96bd8d3e173850c911%22%2C%22l%22%3A%2258da145b9db213171c1507f0%22%2C%22bf%22%3A%2258d91bda9db2143fe8a27699%22%7D%2C%22e%22%3A%5B%7B%22d%22%3A1631639414570%2C%22t%22%3A1%2C%22v%22%3A%7B%22vw%22%3A1%2C%22s%22%3A0%7D%7D%5D%7D
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/scripts/1.5.8/render.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.68.15 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mediaserver.entainpartners.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
https://mediaserver.entainpartners.com
date
Tue, 14 Sep 2021 17:10:14 GMT
cache-control
no-store, must-revalidate, no-cache
access-control-allow-credentials
true
server
Kestrel
content-type
image/gif
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
59561c98bd8d3e173850c935.51WzzLuzuSn5.gif
cdn.bannerflow.com/bf-images/ Frame 1D47 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bannerflow.com/bf-images/59561c98bd8d3e173850c935.51WzzLuzuSn5.gif?cb=637076020668857631
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c935.51WzzLuzuSn5.html?cb=637076020670576631&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06d%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c936%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c935%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c935%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908386&trackerId=4905609&wm=4905609&zoneid=1908386&ref=https%3A%2F%2Fabrirumaconta.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.173.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b0d50fb6f497c6e283bc598c5843ffd418ab4cda3b5c4d28d481a40a993fcbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c935.51WzzLuzuSn5.html?cb=637076020670576631&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06d%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c936%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c935%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c935%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908386&trackerId=4905609&wm=4905609&zoneid=1908386&ref=https%3A%2F%2Fabrirumaconta.com%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 14 Sep 2021 17:10:15 GMT
cf-cache-status
MISS
content-md5
b+wCcsvssCvUZGlxmRWalg==
content-length
65799
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 25 Oct 2019 12:07:49 GMT
server
cloudflare
etag
"0x8D75943F46203D8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
818716a9-b01e-0122-2c8b-a9e9d0000000
cache-control
public, max-age=900
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
68eb3a4698f62790-PRG
5e21cdb5c4d2672c089e196f.html
cdn.bannerflow.com/bf-banners/ Frame 5B3E 		45 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.bannerflow.com/bf-banners/5e21cdb5c4d2672c089e196f.html?cb=637292693130232776&clickpixel=%2F%2F55634380f50b9613805936af.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522leovegas%2522%252C%2522brand%2522%253A%252255634380f50b9613805936af%2522%252C%2522placement%2522%253A%25225e256959c4d2672c089f7f46%2522%252C%2522ad%2522%253A%25225e21cdb5c4d2672c089e1970%2522%252C%2522bannerset%2522%253A%25225d7796a55cad9d2de8a6e5cc%2522%252C%2522banner%2522%253A%25225e21cdb5c4d2672c089e196f%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225e21cdb5c4d2672c089e196f%2522%257D&targeturl=http%3A%2F%2Fads.leovegas.com%2Fredirect.aspx%3Fbid%3D16088%26pid%3D3655377%26redirectUrl%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fabrirumaconta.com
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/scripts/1.5.17/render.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.173.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0d834e4d1a463a8186e45563b2823cab2a4fa5d375ffcc5b8416019fce9949b

Request headers

:method
GET
:authority
cdn.bannerflow.com
:scheme
https
:path
/bf-banners/5e21cdb5c4d2672c089e196f.html?cb=637292693130232776&clickpixel=%2F%2F55634380f50b9613805936af.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522leovegas%2522%252C%2522brand%2522%253A%252255634380f50b9613805936af%2522%252C%2522placement%2522%253A%25225e256959c4d2672c089f7f46%2522%252C%2522ad%2522%253A%25225e21cdb5c4d2672c089e1970%2522%252C%2522bannerset%2522%253A%25225d7796a55cad9d2de8a6e5cc%2522%252C%2522banner%2522%253A%25225e21cdb5c4d2672c089e196f%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225e21cdb5c4d2672c089e196f%2522%257D&targeturl=http%3A%2F%2Fads.leovegas.com%2Fredirect.aspx%3Fbid%3D16088%26pid%3D3655377%26redirectUrl%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fabrirumaconta.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.leovegas.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.leovegas.com/

Response headers

date
Tue, 14 Sep 2021 17:10:15 GMT
content-type
text/html
cache-control
public,max-age=900
content-md5
Tpp/prCdCtISj/kdP+yA8w==
last-modified
Thu, 02 Jul 2020 06:48:33 GMT
x-ms-request-id
08f760e7-701e-0116-018b-a94678000000
x-ms-version
2014-02-14
x-ms-lease-status
unlocked
x-ms-lease-state
available
x-ms-blob-type
BlockBlob
access-control-allow-origin
*
cf-cache-status
MISS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
68eb3a485db12790-PRG
content-encoding
br
bf.min.js
cdn.bannerflow.com/scripts/1.5.18/ Frame 5B3E 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bannerflow.com/scripts/1.5.18/bf.min.js
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/bf-banners/5e21cdb5c4d2672c089e196f.html?cb=637292693130232776&clickpixel=%2F%2F55634380f50b9613805936af.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522leovegas%2522%252C%2522brand%2522%253A%252255634380f50b9613805936af%2522%252C%2522placement%2522%253A%25225e256959c4d2672c089f7f46%2522%252C%2522ad%2522%253A%25225e21cdb5c4d2672c089e1970%2522%252C%2522bannerset%2522%253A%25225d7796a55cad9d2de8a6e5cc%2522%252C%2522banner%2522%253A%25225e21cdb5c4d2672c089e196f%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225e21cdb5c4d2672c089e196f%2522%257D&targeturl=http%3A%2F%2Fads.leovegas.com%2Fredirect.aspx%3Fbid%3D16088%26pid%3D3655377%26redirectUrl%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fabrirumaconta.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.173.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d0016f5120d31b112f33f3108028739bee87928d65ee5d82760945a4a733def

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.bannerflow.com/bf-banners/5e21cdb5c4d2672c089e196f.html?cb=637292693130232776&clickpixel=%2F%2F55634380f50b9613805936af.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522leovegas%2522%252C%2522brand%2522%253A%252255634380f50b9613805936af%2522%252C%2522placement%2522%253A%25225e256959c4d2672c089f7f46%2522%252C%2522ad%2522%253A%25225e21cdb5c4d2672c089e1970%2522%252C%2522bannerset%2522%253A%25225d7796a55cad9d2de8a6e5cc%2522%252C%2522banner%2522%253A%25225e21cdb5c4d2672c089e196f%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225e21cdb5c4d2672c089e196f%2522%257D&targeturl=http%3A%2F%2Fads.leovegas.com%2Fredirect.aspx%3Fbid%3D16088%26pid%3D3655377%26redirectUrl%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fabrirumaconta.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 14 Sep 2021 17:10:15 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
Z3Mxb7pJkWIHGPYtWiacMw==
age
361
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Tue, 14 Jan 2020 15:07:35 GMT
server
cloudflare
etag
W/"0x8D799037CED9781"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
03905602-901e-00d4-4760-a58893000000
cache-control
public, max-age=31530000
x-ms-version
2014-02-14
cf-ray
68eb3a49c9042790-PRG
custom-resource-108b0930-4fc5-4b9d-95f1-7c90f9c953eb
leovegas-leovegas.bannerflow.com/resources/ Frame FF7C 		61 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://leovegas-leovegas.bannerflow.com/resources/custom-resource-108b0930-4fc5-4b9d-95f1-7c90f9c953eb?cb=637188148031149834
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/bf-banners/5e21cdb5c4d2672c089e196f.html?cb=637292693130232776&clickpixel=%2F%2F55634380f50b9613805936af.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522leovegas%2522%252C%2522brand%2522%253A%252255634380f50b9613805936af%2522%252C%2522placement%2522%253A%25225e256959c4d2672c089f7f46%2522%252C%2522ad%2522%253A%25225e21cdb5c4d2672c089e1970%2522%252C%2522bannerset%2522%253A%25225d7796a55cad9d2de8a6e5cc%2522%252C%2522banner%2522%253A%25225e21cdb5c4d2672c089e196f%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225e21cdb5c4d2672c089e196f%2522%257D&targeturl=http%3A%2F%2Fads.leovegas.com%2Fredirect.aspx%3Fbid%3D16088%26pid%3D3655377%26redirectUrl%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fabrirumaconta.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
6efcbcebb1640d3c6afb66b87b4bbb16a4b4a1a257966e51cf66154f560c882b

Request headers

:method
GET
:authority
leovegas-leovegas.bannerflow.com
:scheme
https
:path
/resources/custom-resource-108b0930-4fc5-4b9d-95f1-7c90f9c953eb?cb=637188148031149834
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cdn.bannerflow.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.bannerflow.com/

Response headers

date
Tue, 14 Sep 2021 17:10:15 GMT
content-type
text/html
cache-control
public,max-age=900
content-md5
StPx9e07aQZyuuledOVMsg==
last-modified
Thu, 14 Jan 2021 13:15:56 GMT
etag
W/"0x8D8B88E870F947A"
x-ms-request-id
bb799f0d-201e-0001-668a-a9c04e000000
x-ms-version
2014-02-14
x-ms-lease-status
unlocked
x-ms-lease-state
available
x-ms-blob-type
BlockBlob
access-control-allow-origin
*
server
NetDNA-cache/2.2
x-cache
HIT
content-encoding
gzip
bf-18-leosafeplay-white-57e8173e-ed1a-40d3-a042-687fc4dd7c3d-C8o1C.png
leovegas-leovegas.bannerflow.com/resources/ Frame 5B3E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leovegas-leovegas.bannerflow.com/resources/bf-18-leosafeplay-white-57e8173e-ed1a-40d3-a042-687fc4dd7c3d-C8o1C.png?v=636797791650000000
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/bf-banners/5e21cdb5c4d2672c089e196f.html?cb=637292693130232776&clickpixel=%2F%2F55634380f50b9613805936af.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522leovegas%2522%252C%2522brand%2522%253A%252255634380f50b9613805936af%2522%252C%2522placement%2522%253A%25225e256959c4d2672c089f7f46%2522%252C%2522ad%2522%253A%25225e21cdb5c4d2672c089e1970%2522%252C%2522bannerset%2522%253A%25225d7796a55cad9d2de8a6e5cc%2522%252C%2522banner%2522%253A%25225e21cdb5c4d2672c089e196f%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225e21cdb5c4d2672c089e196f%2522%257D&targeturl=http%3A%2F%2Fads.leovegas.com%2Fredirect.aspx%3Fbid%3D16088%26pid%3D3655377%26redirectUrl%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fabrirumaconta.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
7a90bcd78ad4a3f087b389c75ff7288a24f3b0fdc350c8fef380bebbf4ac8494

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.bannerflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 14 Sep 2021 17:10:15 GMT
content-md5
C/ZKnsdbYAY+Qfva0+guaQ==
x-cache
HIT
content-length
1721
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 07 Dec 2018 11:32:47 GMT
server
NetDNA-cache/2.2
etag
"0x8D65C37B66141A1"
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
256a55b6-401e-00bb-158d-a82047000000
cache-control
public,max-age=604800
x-ms-version
2014-02-14
accept-ranges
bytes
mga-2-white-short-eb411864-0783-4a48-bba2-5d89ebe0d284-C8o21.png
leovegas-leovegas.bannerflow.com/resources/ Frame 5B3E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leovegas-leovegas.bannerflow.com/resources/mga-2-white-short-eb411864-0783-4a48-bba2-5d89ebe0d284-C8o21.png?v=636961145890000000
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/bf-banners/5e21cdb5c4d2672c089e196f.html?cb=637292693130232776&clickpixel=%2F%2F55634380f50b9613805936af.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522leovegas%2522%252C%2522brand%2522%253A%252255634380f50b9613805936af%2522%252C%2522placement%2522%253A%25225e256959c4d2672c089f7f46%2522%252C%2522ad%2522%253A%25225e21cdb5c4d2672c089e1970%2522%252C%2522bannerset%2522%253A%25225d7796a55cad9d2de8a6e5cc%2522%252C%2522banner%2522%253A%25225e21cdb5c4d2672c089e196f%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225e21cdb5c4d2672c089e196f%2522%257D&targeturl=http%3A%2F%2Fads.leovegas.com%2Fredirect.aspx%3Fbid%3D16088%26pid%3D3655377%26redirectUrl%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fabrirumaconta.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
510164e18330532b5d3d3d84f2248dcb5b6693497891c3314b0d25d25059f6d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.bannerflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 14 Sep 2021 17:10:15 GMT
content-md5
ID/Zm3mvw9B6GnChWxXOdA==
x-cache
HIT
content-length
1636
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 14 Jun 2019 13:09:50 GMT
server
NetDNA-cache/2.2
etag
"0x8D6F0C99583B666"
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
8b6357cf-501e-004a-6b52-a6f1d4000000
cache-control
public,max-age=604800
x-ms-version
2014-02-14
accept-ranges
bytes
gg-leovegas-logo-horizontal-59585942-12fd-477c-95cd-1031ad4991f4-12Co6C.png
leovegas-leovegas.bannerflow.com/resources/ Frame 5B3E 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leovegas-leovegas.bannerflow.com/resources/gg-leovegas-logo-horizontal-59585942-12fd-477c-95cd-1031ad4991f4-12Co6C.png?v=637121037330000000
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/bf-banners/5e21cdb5c4d2672c089e196f.html?cb=637292693130232776&clickpixel=%2F%2F55634380f50b9613805936af.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522leovegas%2522%252C%2522brand%2522%253A%252255634380f50b9613805936af%2522%252C%2522placement%2522%253A%25225e256959c4d2672c089f7f46%2522%252C%2522ad%2522%253A%25225e21cdb5c4d2672c089e1970%2522%252C%2522bannerset%2522%253A%25225d7796a55cad9d2de8a6e5cc%2522%252C%2522banner%2522%253A%25225e21cdb5c4d2672c089e196f%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225e21cdb5c4d2672c089e196f%2522%257D&targeturl=http%3A%2F%2Fads.leovegas.com%2Fredirect.aspx%3Fbid%3D16088%26pid%3D3655377%26redirectUrl%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fabrirumaconta.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
f7975fff08aab32a6ad3a7fafc0e5234d5f00e0eaf5732fdc01f5bf96f69dba5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.bannerflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 14 Sep 2021 17:10:15 GMT
content-md5
qGDejAHkGOVxgxJjJsinUQ==
x-cache
HIT
content-length
7380
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Mon, 16 Dec 2019 14:35:37 GMT
server
NetDNA-cache/2.2
etag
"0x8D7823537C6783D"
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
63505c04-701e-011d-4cf9-a75e0c000000
cache-control
public,max-age=604800
x-ms-version
2014-02-14
accept-ranges
bytes
robotoslab-bold-6e784104-bc51-4cd2-9960-ba80517bf379--2152725917732801812-subset.woff
leovegas-leovegas.bannerflow.com/resources/ Frame 5B3E 		6 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://leovegas-leovegas.bannerflow.com/resources/robotoslab-bold-6e784104-bc51-4cd2-9960-ba80517bf379--2152725917732801812-subset.woff
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/bf-banners/5e21cdb5c4d2672c089e196f.html?cb=637292693130232776&clickpixel=%2F%2F55634380f50b9613805936af.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522leovegas%2522%252C%2522brand%2522%253A%252255634380f50b9613805936af%2522%252C%2522placement%2522%253A%25225e256959c4d2672c089f7f46%2522%252C%2522ad%2522%253A%25225e21cdb5c4d2672c089e1970%2522%252C%2522bannerset%2522%253A%25225d7796a55cad9d2de8a6e5cc%2522%252C%2522banner%2522%253A%25225e21cdb5c4d2672c089e196f%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225e21cdb5c4d2672c089e196f%2522%257D&targeturl=http%3A%2F%2Fads.leovegas.com%2Fredirect.aspx%3Fbid%3D16088%26pid%3D3655377%26redirectUrl%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fabrirumaconta.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
934de2dabef02c1901f5f2fb4ce300350c00ded0a1f70c358f2567ee2453d2c6

Request headers

Referer
https://cdn.bannerflow.com/
Origin
https://cdn.bannerflow.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 14 Sep 2021 17:10:15 GMT
content-md5
GIrw9PXX31WabfiHfaoRxg==
x-cache
HIT
content-length
6572
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 22 Jan 2020 08:29:21 GMT
server
NetDNA-cache/2.2
etag
"0x8D79F152E0E7238"
content-type
application/x-font-woff
access-control-allow-origin
*
x-ms-request-id
c253b0ca-b01e-0122-32a0-a8e9d0000000
cache-control
public,max-age=604800
x-ms-version
2014-02-14
accept-ranges
bytes
comp_1_2-a4420a00-2008-11ea-a76d-a7956d45c0e2.mp4
video.bannerflow.com/leovegas/ Frame FF7C 		89 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://video.bannerflow.com/leovegas/comp_1_2-a4420a00-2008-11ea-a76d-a7956d45c0e2.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.173.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://leovegas-leovegas.bannerflow.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range
bytes=0-

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 14 Sep 2021 17:10:15 GMT
cf-cache-status
MISS
content-md5
33DoZPPAL13pg7tnFeBSow==
x-ms-server-encrypted
true
Content-Range
bytes 0-358041/358042
content-disposition
Content-Length
358042
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-creation-time
Wed, 04 Nov 2020 06:23:29 GMT
last-modified
Wed, 04 Nov 2020 06:23:29 GMT
server
cloudflare
etag
"0x8D8808A255B69E4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
x-ms-request-id
fb985007-f01e-0036-708b-a9cc27000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Content-Language,Cache-Control,Last-Modified,ETag,x-ms-creation-time,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31530000
x-ms-version
2020-06-12
cf-ray
68eb3a4ba86f4131-PRG
comp_1_2-a4420a00-2008-11ea-a76d-a7956d45c0e2.mp4
video.bannerflow.com/leovegas/ Frame FF7C 		30 KB
30 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://video.bannerflow.com/leovegas/comp_1_2-a4420a00-2008-11ea-a76d-a7956d45c0e2.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.173.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f45e277ccec81ad88f4124dc95d126c7ab5ef0e34d6e715ce84e183da701a51f

Request headers

Referer
https://leovegas-leovegas.bannerflow.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range
bytes=327680-

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 14 Sep 2021 17:10:15 GMT
cf-cache-status
HIT
content-md5
33DoZPPAL13pg7tnFeBSow==
age
0
x-ms-server-encrypted
true
Content-Range
bytes 327680-358041/358042
content-disposition
Content-Length
30362
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-creation-time
Wed, 04 Nov 2020 06:23:29 GMT
last-modified
Wed, 04 Nov 2020 06:23:29 GMT
server
cloudflare
etag
"0x8D8808A255B69E4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
x-ms-request-id
fb985007-f01e-0036-708b-a9cc27000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Content-Language,Cache-Control,Last-Modified,ETag,x-ms-creation-time,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31530000
x-ms-version
2020-06-12
cf-ray
68eb3a4dce0c4131-PRG
comp_1_2-a4420a00-2008-11ea-a76d-a7956d45c0e2.mp4
video.bannerflow.com/leovegas/ Frame FF7C 		286 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://video.bannerflow.com/leovegas/comp_1_2-a4420a00-2008-11ea-a76d-a7956d45c0e2.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.173.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://leovegas-leovegas.bannerflow.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range
bytes=65536-

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 14 Sep 2021 17:10:16 GMT
cf-cache-status
HIT
content-md5
33DoZPPAL13pg7tnFeBSow==
age
1
x-ms-server-encrypted
true
Content-Range
bytes 65536-358041/358042
content-disposition
Content-Length
292506
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-creation-time
Wed, 04 Nov 2020 06:23:29 GMT
last-modified
Wed, 04 Nov 2020 06:23:29 GMT
server
cloudflare
etag
"0x8D8808A255B69E4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
x-ms-request-id
fb985007-f01e-0036-708b-a9cc27000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Content-Language,Cache-Control,Last-Modified,ETag,x-ms-creation-time,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31530000
x-ms-version
2020-06-12
cf-ray
68eb3a4e0eb14131-PRG
59561c98bd8d3e173850c935.html
cdn.bannerflow.com/bf-banners/ Frame 32E5 		32 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c935.html?cb=637076020655361220&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06d%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c936%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c935%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c935%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908386&trackerId=4905609&wm=4905609&zoneid=1908386&ref=https%3A%2F%2Fabrirumaconta.com%2F
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/scripts/1.5.8/render.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.173.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d574dcc1e8c54d2517097598dc66f428869f33e596ff8fdabda1f9ef99dc51de

Request headers

:method
GET
:authority
cdn.bannerflow.com
:scheme
https
:path
/bf-banners/59561c98bd8d3e173850c935.html?cb=637076020655361220&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06d%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c936%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c935%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c935%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908386&trackerId=4905609&wm=4905609&zoneid=1908386&ref=https%3A%2F%2Fabrirumaconta.com%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mediaserver.entainpartners.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediaserver.entainpartners.com/

Response headers

date
Tue, 14 Sep 2021 17:10:16 GMT
content-type
text/html
cache-control
public,max-age=900
content-md5
Bn/ZRWMGr/hXe+rAvyJUaQ==
last-modified
Fri, 25 Oct 2019 12:07:45 GMT
x-ms-request-id
bc02cb9f-d01e-00d3-0f8b-a97e16000000
x-ms-version
2014-02-14
x-ms-lease-status
unlocked
x-ms-lease-state
available
x-ms-blob-type
BlockBlob
access-control-allow-origin
*
cf-cache-status
MISS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
68eb3a4e7c3a2790-PRG
content-encoding
br
bf.min.js
cdn.bannerflow.com/scripts/1.5.9/ Frame 32E5 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bannerflow.com/scripts/1.5.9/bf.min.js
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c935.html?cb=637076020655361220&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06d%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c936%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c935%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c935%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908386&trackerId=4905609&wm=4905609&zoneid=1908386&ref=https%3A%2F%2Fabrirumaconta.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.173.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21be47897eda6bc13da8a5746062b66466691ab5ae0d63b038ee0a74de9fe6ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c935.html?cb=637076020655361220&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06d%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c936%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c935%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c935%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908386&trackerId=4905609&wm=4905609&zoneid=1908386&ref=https%3A%2F%2Fabrirumaconta.com%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 14 Sep 2021 17:10:16 GMT
content-encoding
br
cf-cache-status
REVALIDATED
content-md5
7S1P1z/Dxt3LuuUNNRjOTg==
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 24 Oct 2019 08:12:37 GMT
server
cloudflare
etag
W/"0x8D75859EEE2FC64"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ec70b246-a01e-0098-7cb0-a74f8c000000
cache-control
public, max-age=31530000
x-ms-version
2014-02-14
cf-ray
68eb3a4fdff12790-PRG
sbbr-serieb-728x90-599593c2-d550-4572-bd37-128d2856c45b-2D8o5A.jpg
cdn.bannerflow.com/resources/ Frame 32E5 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bannerflow.com/resources/sbbr-serieb-728x90-599593c2-d550-4572-bd37-128d2856c45b-2D8o5A.jpg?v=636209368830000000
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c935.html?cb=637076020655361220&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06d%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c936%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c935%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c935%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908386&trackerId=4905609&wm=4905609&zoneid=1908386&ref=https%3A%2F%2Fabrirumaconta.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.173.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
becfe0ff692ac0e652c21e9952febcf948f189330fc69af496040061fe930fbf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c935.html?cb=637076020655361220&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06d%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c936%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c935%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c935%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908386&trackerId=4905609&wm=4905609&zoneid=1908386&ref=https%3A%2F%2Fabrirumaconta.com%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 14 Sep 2021 17:10:16 GMT
cf-cache-status
MISS
content-md5
ayxhSN8rmbGSZZ5xLiTkYA==
content-length
10480
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 25 Jan 2017 10:28:03 GMT
server
cloudflare
etag
"0x8D4450CD86C8CC2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
3032f533-301e-00d2-208b-a97feb000000
cache-control
public,max-age=604800
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
68eb3a4ff8422790-PRG
logo-en-nolead-99837248-7bd5-4f52-950d-818b557c1f11-200x49.png
cdn.bannerflow.com/resources/ Frame 32E5 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bannerflow.com/resources/logo-en-nolead-99837248-7bd5-4f52-950d-818b557c1f11-200x49.png?v=635779176870000000
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c935.html?cb=637076020655361220&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06d%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c936%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c935%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c935%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908386&trackerId=4905609&wm=4905609&zoneid=1908386&ref=https%3A%2F%2Fabrirumaconta.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.173.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
370e86f95908740f4ca602ae7f90f0f486b87fc1844eefc18fd920dda6d8653b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c935.html?cb=637076020655361220&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06d%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c936%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c935%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c935%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908386&trackerId=4905609&wm=4905609&zoneid=1908386&ref=https%3A%2F%2Fabrirumaconta.com%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 14 Sep 2021 17:10:16 GMT
cf-cache-status
MISS
content-md5
oDx1Wca6lv6fUHLulmtVlQ==
content-length
2302
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 28 Jun 2017 08:52:21 GMT
server
cloudflare
etag
"0x8D4BE02FD617519"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
1429dae7-a01e-0076-378b-a9450f000000
cache-control
public,max-age=604800
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
68eb3a4ff8432790-PRG
FrutigerNeueLTW1G-Heavy-a50ebf27-c4ac-4e24-aa28-a52fcb431e22-3209679913567323106-subset.woff
cdn.bannerflow.com/resources/ Frame 32E5 		4 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.bannerflow.com/resources/FrutigerNeueLTW1G-Heavy-a50ebf27-c4ac-4e24-aa28-a52fcb431e22-3209679913567323106-subset.woff
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c935.html?cb=637076020655361220&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06d%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c936%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c935%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c935%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908386&trackerId=4905609&wm=4905609&zoneid=1908386&ref=https%3A%2F%2Fabrirumaconta.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.173.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b010806e27150d57cc02b5b112946598f444c935fe96a7f4d655aa5e8fd3728b

Request headers

Referer
https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c935.html?cb=637076020655361220&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06d%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c936%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c935%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c935%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908386&trackerId=4905609&wm=4905609&zoneid=1908386&ref=https%3A%2F%2Fabrirumaconta.com%2F
Origin
https://cdn.bannerflow.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 14 Sep 2021 17:10:16 GMT
cf-cache-status
MISS
content-md5
cSeX6JyjZvHLIRAoKuHi3w==
content-length
4560
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 25 Oct 2019 12:02:44 GMT
server
cloudflare
etag
"0x8D759433ECD1ED2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-font-woff
access-control-allow-origin
*
x-ms-request-id
ad27ff53-d01e-00be-2e8b-a9d438000000
cache-control
public,max-age=604800
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
68eb3a4ff8452790-PRG

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect boolean| originAgentCluster object| _wpemojiSettings undefined| $ function| jQuery object| twemoji object| wp object| tocplus object| ratingsL10n object| ratings_mouseover_image number| post_id number| post_rating boolean| is_being_rated function| current_rating function| ratings_off function| set_is_being_rated function| rate_post_success function| rate_post object| mts_customscript function| Cookies function| _ object| _wpUtilSettings object| wpreview function| wp_review_rate object| layzrInstance function| Layzr

5 Cookies

Domain/Path Name / Value
.leovegas.com/ Name: NetRefer_CookieUniTrack_V
Value: %5b%7b%22PID%22%3a3655377%2c%22BID%22%3a16088%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1631639413712)%5c%2f%22%2c%22CookieTag%22%3a%221608836553774112101C20219141710%22%7d%5d
.gvcaffiliates.com/ Name: __cf_bm
Value: f3.kGoQ6qHvcAzFxbJ59alicefw7j.7VM7OsgZ1Ut0s-1631639413-0-Ac8szEZVhzE7+RPTm6d6FlRuJ2eeviEViNiFvWpVth2rdL3jyyfz61Ct8uwKJIWQ5FDvVXyrvgIuUJrBpuX6eNc=
.entainpartners.com/ Name: __cf_bm
Value: bZXuIgPdeexeWQGCSOVSjwVO.WGZx3p0yLjLBZsIpQA-1631639414-0-AXZa0D+wlaks5/YkgNWAU35fT7l8b9xBGngRx1rY6YUxJ5MMbSPmTu94FzTgBuSp4ii/vXQX5PI38w3FbbQsA8Y=
55634380f50b9613805936af.tracker.bannerflow.com/ Name: cc
Value: AVVjQ4D1C5YTgFk2r14laVnE0mcsCJ9_Rl4hzbXE0mcsCJ4ZbwDRfgAAARFhYnJpcnVtYWNvbnRhLmNvbQ--
575e53c686585416146c4c3c.tracker.bannerflow.com/ Name: cc
Value: AVdeU8aGWFQWFGxMPF3DChxQnm0WkGOwbVlWHJi9jT4XOFDJNQDRfgAAARFhYnJpcnVtYWNvbnRhLmNvbQ--

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

55634380f50b9613805936af.tracker.bannerflow.com
575e53c686585416146c4c3c.tracker.bannerflow.com
abrirumaconta.com
ads.leovegas.com
cdn.bannerflow.com
fonts.googleapis.com
fonts.gstatic.com
leovegas-leovegas.bannerflow.com
mediaserver.entainpartners.com
mediaserver.gvcaffiliates.com
video.bannerflow.com
104.16.173.188
104.17.175.181
104.18.23.129
108.167.183.96
13.69.68.15
142.250.180.3
216.58.213.10
52.174.133.36
94.31.29.128
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
061a2bcc22ec6b1b8f1e547588e050f1fcf19a7754e8b77fb14e74e5e4f8378d
067d38e4887aeaede469aedb2eb0396f21c0457f541a01664bbf75132a2b4339
0f66e8fdd00f89936fe75ee0aefa429c2d67211a17db5a6e3c9ba0139fe660c8
104af3afbda2c371c33726c6a020b8d871de67fc85908ece74eb7b8c6b749146
10f1b742ff325753c7c2630d67a0bcd3be9c0a72b236ffa5178b54abacc378de
11627155969a1b818dd7dbe6885ef058a711095745698bf7a16903fed9b20251
198facaccbd3ce2ef8c735c87b478de10e8ed822912522ded7d42be30e9cab55
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
21be47897eda6bc13da8a5746062b66466691ab5ae0d63b038ee0a74de9fe6ac
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b
370e86f95908740f4ca602ae7f90f0f486b87fc1844eefc18fd920dda6d8653b
38e8b806cb1e93fd1b2f8d8424de067184b07efa3e49409055ac2648e10de1fd
438ff3af395513310c69d935eb8c6e521312075673d2fdf0e82a7ad2d3037152
460e61f79f72a11f2f7a8e0c9df0118e7ece7145ca436576907479680215e38f
46ab19458f30ef96463fbabfff680bcf0f5f582ca7190652c15476eef60654e4
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19
4df14421c4f66a508fd6f45c56e3e1bd92747519362d343fe586ca20557a1ec0
510164e18330532b5d3d3d84f2248dcb5b6693497891c3314b0d25d25059f6d7
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
6d0016f5120d31b112f33f3108028739bee87928d65ee5d82760945a4a733def
6efcbcebb1640d3c6afb66b87b4bbb16a4b4a1a257966e51cf66154f560c882b
6f4b209119c019a947bdf343b4149c6aac704686970f5562863baf2a8fe2e7fb
71348f4f38512af6e6ba8062fe5545a783f91d1a07bcb300c246f1bad9b0d4b6
7a90bcd78ad4a3f087b389c75ff7288a24f3b0fdc350c8fef380bebbf4ac8494
7b0d50fb6f497c6e283bc598c5843ffd418ab4cda3b5c4d28d481a40a993fcbe
830d83e7db0b07cb6ee90a4d62c1c7db0559abd2ce8ecfb95f66d569b3a60029
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
8c79f09d1e74eadaf897561f5d70265ed2884663d34ad9c4d7f2aebff3b85a6b
8ed46e74610f6f05636249806fb91cf967f22496213feeda435fd6fdfbaa5b7c
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
91399161639c7b4f866a7a88b218811ec69a93b1fe606a61e559911111e69c2c
934de2dabef02c1901f5f2fb4ce300350c00ded0a1f70c358f2567ee2453d2c6
a8478eb35ceb97b9c5adbbd3cc588b4dbf9c87977f4100f501314cba4eb39d03
b010806e27150d57cc02b5b112946598f444c935fe96a7f4d655aa5e8fd3728b
b40c1986e7356eb9b3a24bb2bc93a20e4dfdaa430392d597fc06c0165b9af502
b471033f1864708331e5945f9003e0eed1d563d673d2666aca296198b9cc6ca7
b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35
bb4f2176a2375283b5a4eb0f0a8c3b9fe06ed51f6e8ba012a54c5a408d0c0b38
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
becfe0ff692ac0e652c21e9952febcf948f189330fc69af496040061fe930fbf
c0d834e4d1a463a8186e45563b2823cab2a4fa5d375ffcc5b8416019fce9949b
c17e2e405e202306a1593ccb35d514da7af18f411e9d7a31e0556e16bc4f43df
c42425f18923921089911e70f39c6dd462794df2e42ac0596abc3884da6471fc
c56b566e17c62870ce139b3a57bfb94a9d785792bd6ac2220d52426b8590d87f
c585fa68444254e8ebc0e409903af7aebdd9e2b42d8eb8381453534595a8f89d
d2d8bf22de7affd3775516f2da81a6c45b20720698b9ab99b2883ae5761c2f8f
d574dcc1e8c54d2517097598dc66f428869f33e596ff8fdabda1f9ef99dc51de
d5b071fda01315f271998e251812dcf8465dcf34bb9e436bb502235700c40eac
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec8604d4eade6552031ca2e8d3af9b3a1393bdc11b39dcb8176c41f4e5fb678c
f45e277ccec81ad88f4124dc95d126c7ab5ef0e34d6e715ce84e183da701a51f
f7975fff08aab32a6ad3a7fafc0e5234d5f00e0eaf5732fdc01f5bf96f69dba5