urlscan.io logo urlscan.io
SecurityTrails logo

www.arnolds.com.br Open in urlscan Pro
54.36.217.27  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5Y...
Effective URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Submission Tags: falconsandbox
Submission: On January 10 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 47 IPs in 11 countries across 45 domains to perform 245 HTTP transactions. The main IP is 54.36.217.27, located in France and belongs to OVH, FR. The main domain is www.arnolds.com.br.
TLS certificate: Issued by R3 on November 18th 2021. Valid for: 3 months.
This is the only time www.arnolds.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13 54.36.217.27 16276 (OVH)
22 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
2 2600:9000:225... 16509 (AMAZON-02)
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
13 142.250.184.226 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 13.32.121.81 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 139.45.197.237 9002 (RETN-AS)
14 2606:4700::68... 13335 (CLOUDFLAR...)
2 158.69.139.229 16276 (OVH)
1 67.202.94.93 32748 (STEADFAST)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 139.45.195.8 9002 (RETN-AS)
1 139.45.197.243 9002 (RETN-AS)
1 1 148.69.64.76 12353 (VODAFONE-...)
1 104.18.29.199 13335 (CLOUDFLAR...)
15 2a00:1450:400... 15169 (GOOGLE)
20 2a00:1450:400... 15169 (GOOGLE)
1 5 2a00:1450:400... 15169 (GOOGLE)
7 67.202.105.33 32748 (STEADFAST)
2 2 40.127.233.95 8075 (MICROSOFT...)
1 2 77.87.181.187 43338 (RATIONAL-AS)
1 67.202.105.32 32748 (STEADFAST)
1 2a00:1450:400... 15169 (GOOGLE)
4 8 142.250.185.162 15169 (GOOGLE)
3 5 2.18.234.21 16625 (AKAMAI-AS)
2 3 37.252.172.250 29990 (ASN-APPNEX)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
7 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2001:df2:a300... 6336 (TURN-US-ASN)
1 2620:112:f006... 6336 (TURN-US-ASN)
1 1 151.101.2.49 54113 (FASTLY)
1 1 139.162.117.143 63949 (LINODE-AP...)
1 2604:9e00:1:1... 27257 (WEBAIR-IN...)
1 47.241.6.33 45102 (CNNIC-ALI...)
8 2606:4700::68... 13335 (CLOUDFLAR...)
16 104.111.238.76 16625 (AKAMAI-AS)
13 77.87.180.198 43338 (RATIONAL-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
245 47
13    54.36.217.27 (France)

ASN16276 (OVH, FR)
PTR: adssuper.com
www.adssuper.com
adssuper.com
www.arnolds.com.br
22    2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)
live.demand.supply
api.demand.supply
3    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:223c:b600:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.optad360.io
2    2600:9000:225e:3a00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
3    2606:4700:3031::ac43:a4a4 (United States)

ASN13335 (CLOUDFLARENET, US)
ad.lomadee.fun
1    2606:4700:20::ac43:4739 (United States)

ASN13335 (CLOUDFLARENET, US)
waust.at
6    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
10    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
13    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
13    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
googleads4.g.doubleclick.net
6    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.fr
3    13.32.121.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-81.fra60.r.cloudfront.net
ad.lomadee.com
1    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)
rotumal.com
14    2606:4700::6812:18f6 (United States)

ASN13335 (CLOUDFLARENET, US)
scripts.cleverwebserver.com
ui.cleverwebserver.com
lp.cleverwebserver.com
2    158.69.139.229 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip229.ip-158-69-139.net
t.dtscout.com
1    67.202.94.93 (United States)

ASN32748 (STEADFAST, US)
PTR: amung.us
whos.amung.us
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.fr
3    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    139.45.197.243 (United Kingdom)

ASN9002 (RETN-AS, GB)
onmarshtompor.com
1    148.69.64.76 (Rio Tinto, Portugal)

ASN12353 (VODAFONE-PT Vodafone Portugal, PT)
PTR: are.clevernt.com
sender.clevernt.com
1    104.18.29.199 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.tynt.com
15    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
20    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
7    67.202.105.33 (United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
ic.tynt.com
2    40.127.233.95 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
secure.starsaffiliateclub.com
2    77.87.181.187 (Douglas, Isle Of Man)

ASN43338 (RATIONAL-AS, IM)
www.pokerstarssports.fr
1    67.202.105.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net
de.tynt.com
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
8    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
5    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
3    37.252.172.250 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2606:4700:3037::6815:1bfe (United States)

ASN13335 (CLOUDFLARENET, US)
adtrue.fun
7    2606:4700:3030::6815:3197 (United States)

ASN13335 (CLOUDFLARENET, US)
megacdn.top
1    2001:df2:a300:bbbb::135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
1    2620:112:f006:bbbb::12 (United States)

ASN6336 (TURN-US-ASN, US)
r.turn.com
1    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    139.162.117.143 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1601-143.members.linode.com
a.c.appier.net
1    2604:9e00:1:129::2:a01 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.torchad.com
1    47.241.6.33 (Singapore, Singapore)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)
ssbsync.smartadserver.com
8    2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
16    104.111.238.76 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-238-76.deploy.static.akamaitechnologies.com
cmsstorage.rationalcdn.com
cms.rationalcdn.com
s4.rationalcdn.com
s1.rationalcdn.com
13    77.87.180.198 (Douglas, Isle Of Man)

ASN43338 (RATIONAL-AS, IM)
www.psimg.com
1    2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
2    2606:4700:3033::6815:31a3 (United States)

ASN13335 (CLOUDFLARENET, US)
awscloudfront.ml
Apex Domain
Subdomains		 Transfer
35 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 94
3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 127
332 KB
25 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 175
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
cm.g.doubleclick.net — Cisco Umbrella Rank: 169
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276
231 KB
22 demand.supply
live.demand.supply — Cisco Umbrella Rank: 29928
api.demand.supply — Cisco Umbrella Rank: 54691
35 KB
16 rationalcdn.com
cmsstorage.rationalcdn.com — Cisco Umbrella Rank: 305844
cms.rationalcdn.com — Cisco Umbrella Rank: 567507
s4.rationalcdn.com — Cisco Umbrella Rank: 489107
s1.rationalcdn.com — Cisco Umbrella Rank: 599284
397 KB
15 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 347
306 KB
14 cleverwebserver.com
scripts.cleverwebserver.com — Cisco Umbrella Rank: 37951
ui.cleverwebserver.com — Cisco Umbrella Rank: 42465
lp.cleverwebserver.com — Cisco Umbrella Rank: 73273
233 KB
13 psimg.com
www.psimg.com — Cisco Umbrella Rank: 449293
214 KB
10 gstatic.com
fonts.gstatic.com
188 KB
10 arnolds.com.br
www.arnolds.com.br
69 KB
9 tynt.com
cdn.tynt.com — Cisco Umbrella Rank: 6692
ic.tynt.com — Cisco Umbrella Rank: 3828
de.tynt.com — Cisco Umbrella Rank: 1127
8 KB
8 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 444
154 KB
8 google.com
adservice.google.com — Cisco Umbrella Rank: 69
www.google.com — Cisco Umbrella Rank: 8
1 KB
7 megacdn.top
megacdn.top — Cisco Umbrella Rank: 199607
501 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
59 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
4 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496
4 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
3 KB
3 google.fr
adservice.google.fr — Cisco Umbrella Rank: 29086
1 KB
3 lomadee.com
ad.lomadee.com
21 KB
3 lomadee.fun
ad.lomadee.fun
55 KB
3 optad360.io
cmp.optad360.io — Cisco Umbrella Rank: 39307
get.optad360.io — Cisco Umbrella Rank: 23154
231 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
107 KB
3 adssuper.com
www.adssuper.com
adssuper.com
3 KB
2 awscloudfront.ml
awscloudfront.ml
5 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 649
r.turn.com — Cisco Umbrella Rank: 2156
878 B
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 245
38 KB
2 pokerstarssports.fr
www.pokerstarssports.fr
11 KB
2 starsaffiliateclub.com
secure.starsaffiliateclub.com — Cisco Umbrella Rank: 317700
2 KB
2 dtscout.com
t.dtscout.com — Cisco Umbrella Rank: 13169
3 KB
2 rotumal.com
rotumal.com — Cisco Umbrella Rank: 880255
25 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 698
373 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1138
38 B
1 torchad.com
rtb2-useast.torchad.com — Cisco Umbrella Rank: 16444
233 B
1 appier.net
a.c.appier.net — Cisco Umbrella Rank: 17883
558 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 491
536 B
1 adtrue.fun
adtrue.fun — Cisco Umbrella Rank: 224926
633 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 151 Failed
37 KB
1 clevernt.com
sender.clevernt.com — Cisco Umbrella Rank: 62876
561 B
1 onmarshtompor.com
onmarshtompor.com — Cisco Umbrella Rank: 42119
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 10218
546 B
1 amung.us
whos.amung.us — Cisco Umbrella Rank: 14480
146 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 398
1 KB
1 waust.at
waust.at — Cisco Umbrella Rank: 40332
7 KB
0 streamix.tv Failed
www.streamix.tv Failed
0 statistcdn.com Failed
statistcdn.com Failed
245 45
Domain Requested by
20 tpc.googlesyndication.com www.arnolds.com.br
securepubads.g.doubleclick.net
cdn.ampproject.org
www.adssuper.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
19 live.demand.supply www.arnolds.com.br
live.demand.supply
15 cdn.ampproject.org securepubads.g.doubleclick.net
13 www.psimg.com www.pokerstarssports.fr
www.psimg.com
cmsstorage.rationalcdn.com
13 pagead2.googlesyndication.com live.demand.supply
www.adssuper.com
googleads.g.doubleclick.net
3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.arnolds.com.br
securepubads.g.doubleclick.net
12 lp.cleverwebserver.com www.adssuper.com
lp.cleverwebserver.com
11 cmsstorage.rationalcdn.com www.pokerstarssports.fr
cmsstorage.rationalcdn.com
11 securepubads.g.doubleclick.net live.demand.supply
securepubads.g.doubleclick.net
www.arnolds.com.br
www.adssuper.com
10 fonts.gstatic.com fonts.googleapis.com
10 www.arnolds.com.br 1 redirects adssuper.com
www.arnolds.com.br
8 cdn.cookielaw.org www.pokerstarssports.fr
cdn.cookielaw.org
8 cm.g.doubleclick.net 4 redirects googleads.g.doubleclick.net
www.arnolds.com.br
3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com
7 megacdn.top ad.lomadee.fun
megacdn.top
www.adssuper.com
7 ic.tynt.com www.arnolds.com.br
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
ad.lomadee.com
6 fonts.googleapis.com www.arnolds.com.br
securepubads.g.doubleclick.net
www.pokerstarssports.fr
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 www.google.com 1 redirects www.arnolds.com.br
tpc.googlesyndication.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
www.arnolds.com.br
www.adssuper.com
3 s1.rationalcdn.com www.psimg.com
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 adservice.google.com securepubads.g.doubleclick.net
3 adservice.google.fr securepubads.g.doubleclick.net
3 ad.lomadee.com ad.lomadee.fun
ad.lomadee.com
3 api.demand.supply live.demand.supply
3 ad.lomadee.fun www.arnolds.com.br
ad.lomadee.fun
3 www.googletagmanager.com www.arnolds.com.br
www.googletagmanager.com
2 awscloudfront.ml www.adssuper.com
awscloudfront.ml
2 s0.2mdn.net 3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com
2 googleads4.g.doubleclick.net googleads.g.doubleclick.net
2 www.pokerstarssports.fr 1 redirects lp.cleverwebserver.com
2 secure.starsaffiliateclub.com 2 redirects
2 3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 t.dtscout.com waust.at
t.dtscout.com
2 rotumal.com www.arnolds.com.br
2 get.optad360.io www.arnolds.com.br
get.optad360.io
2 adssuper.com www.adssuper.com
www.arnolds.com.br
1 s4.rationalcdn.com cmsstorage.rationalcdn.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 cms.rationalcdn.com www.pokerstarssports.fr
1 ssbsync.smartadserver.com 3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com
1 rtb2-useast.torchad.com 3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com
1 a.c.appier.net 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 r.turn.com www.arnolds.com.br
1 ad.turn.com 1 redirects
1 adtrue.fun ad.lomadee.fun
1 de.tynt.com cdn.tynt.com
1 www.googletagservices.com securepubads.g.doubleclick.net
www.adssuper.com
1 cdn.tynt.com waust.at
1 sender.clevernt.com 1 redirects
1 onmarshtompor.com rotumal.com
1 ui.cleverwebserver.com www.adssuper.com
1 my.rtmark.net rotumal.com
1 whos.amung.us waust.at
1 scripts.cleverwebserver.com www.arnolds.com.br
1 cdn.jsdelivr.net get.optad360.io
1 waust.at www.arnolds.com.br
1 cmp.optad360.io www.arnolds.com.br
1 www.adssuper.com
0 www.streamix.tv Failed www.adssuper.com
0 statistcdn.com Failed ad.lomadee.com
245 62

This site contains links to these domains. Also see Links.

Domain
futebolistasonline.club
whos.amung.us
Subject Issuer Validity Valid
adssuper.com
R3		 2022-01-07 -
2022-04-07		 3 months crt.sh
arnolds.com.br
R3		 2021-11-18 -
2022-02-16		 3 months crt.sh
demand.supply
Cloudflare Inc ECC CA-3		 2021-04-21 -
2022-04-20		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.optad360.io
Amazon		 2021-11-17 -
2022-12-15		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-10-01 -
2022-09-30		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.lomadee.com
Amazon		 2021-03-31 -
2022-04-29		 a year crt.sh
rotumal.com
R3		 2022-01-02 -
2022-04-02		 3 months crt.sh
*.dtscout.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-28 -
2022-11-27		 a year crt.sh
whos.amung.us
Sectigo RSA Domain Validation Secure Server CA		 2020-05-21 -
2022-05-21		 2 years crt.sh
*.google.fr
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.rtmark.net
Sectigo RSA Domain Validation Secure Server CA		 2021-11-20 -
2022-11-26		 a year crt.sh
onmarshtompor.com
R3		 2021-12-01 -
2022-03-01		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.pokerstarssports.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-24 -
2022-10-25		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.megacdn.top
R3		 2021-12-17 -
2022-03-17		 3 months crt.sh
*.torchad.com
AlphaSSL CA - SHA256 - G2		 2021-09-20 -
2022-10-22		 a year crt.sh
*.smartadserver.com
DigiCert Global CA G2		 2020-02-03 -
2022-02-03		 2 years crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
rationalcdn.com
GeoTrust RSA CA 2018		 2021-06-14 -
2022-06-22		 a year crt.sh
www.psimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-26 -
2022-02-26		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2021-02-12 -
2022-02-11		 a year crt.sh

This page contains 21 frames:

Primary Page: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Frame ID: F81DC87F0A41BC00E2193DFE02510B3F
Requests: 95 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20190131/zrt_lookup.html
Frame ID: 5CF75ED72EA06A5F679B7795166DC8F3
Requests: 1 HTTP requests in this frame

Frame: https://ad.lomadee.com/banner/view?sourceId=36084693&dimension=17&width=300&height=250&method=0&advertisers=&tags=
Frame ID: 0F6A58A83EA21FAD9AFE280CDB010351
Requests: 4 HTTP requests in this frame

Frame: https://3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8CDA9A624F62E7D0845F37ABE4A5A024
Requests: 1 HTTP requests in this frame

Frame: https://lp.cleverwebserver.com/pokerstars/fr/sports/grp1/?id=548773&group=43452&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfNTcwOWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTU3MDkmYz1ZU0FBSllPTlZSQkFBRlI%3D&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw%3D%3D&r=378201404
Frame ID: 48CC03ABE631DA6BEF8EEC1A8F36124D
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: 813BBF618EEEC57CC381CE912BECD9DC
Requests: 19 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: FCF3A7046638DAE723D27027D49649AC
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvVfNLD5dcl7EigB2aiQ1PafWMvpJkqvNG7_xaIJgsVhmXSL8TpDHV_9GjAs8KhZXdA9yiALzhi8lfyJ9PHIDn5yNnOY83FtOUqk3l8jtkR5f82P225GlH_mbjlMZdt2rVqi5MhxksFVOTa3RMxSQa5pay5YazoP7Fj-s9SOpNedLzFiqeqRlIt7W51w1C8HID7-AzW2wDtww3aQw99_PzV9StBX_TNNQm08Kbn_xL1tZFLYG-3SwiIDiT5I8H6fIqIOn0j0oNvDEqMlCcsmVEG8Rr3nxUIFaCKTas39I6Uj1FHnP4vTZKOMI1STjCDyMStBskmBgN0nQxXErUP_N_Ay4uepiPHPh7GUPzjifGt_P5V1nDa0dPv-c9tYlydinIHVw&sai=AMfl-YRKjkckb6467-IYZvX8ofhrKm5PTRBoeZTSBnw5R-T31uVqjr0FpMGBI-IRplxH6qa7BG0M7ycD1cxBY5zED6TiPqxTh_fIzePw4vTykXWbalRhjSpEj3jTMuHiMFQ&sig=Cg0ArKJSzMWhV47hXJD_EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: BB3B2275A5EF3A10156400B2302191E3
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: ACBD4064DE35F1D17B0B562893132693
Requests: 16 HTTP requests in this frame

Frame: https://www.pokerstarssports.fr/sites/aff/football/cinq-premiers-paris-rembourses/
Frame ID: 191E12889219B2EA076FF84C773C958A
Requests: 45 HTTP requests in this frame

Frame: https://3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8358ADF4FE6660CFC8116874D5C925B7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COOHoAEQpLvFARjXhb--ATAB&v=APEucNWkjMfFie6tJvLZJ2b1wBBEZTqVhuaJxNbk18m3rSth_v90tWJJDqYSOPwOe79uOzAQ8IaIwD47CLK2s77jZlfaEpYhXPihJA0ZoVAbhd5Of9tpPDvcG3hvmMXrIgYoUlE5T_1ogBy5tR7fvTHWf94I6C_6Wjhdvunm3-zyfbdKzHnA4cUy1Qekwebk9W5CfSjj1ZKyEZKPCaZDJW-5nNa6_koC8Q
Frame ID: 1511491E421101392A2BBCFD1570DE40
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-At0moTXetlWdgl8X2ldMw6Goav1jlnAoTEGacVyPccsB4_9CPvSDHNYUC-l220chozrfsuTa4Hy6lRRCCRyQiY2TuINd5RPYPCvAhjzSiukJWoH9g6d5h9Q2hYRwqelBYzkVOBePnr5uzhjLS9V_jT3bzGvQ&dbm_d=AKAmf-D2AN-ifpCdKBryI3qwD-hIxTko9P8VmpLT-CI_Itq8wu1E2koAqbQX-jBPUbG8nzj7bbbKQK6LZOcXozbo_eQe0VpblK_z1j7_ViHSl5ocW2_GRjTVTG7GeestGok4NFyZC75GjV_1FFxoLLsYR1-Fsh0cCVeX46TSsEx8Cca-xvia1nTh40eC4F90N2rJfg1Zgbg6E5iRUYc_IT8a_icSd3iUrDDReVZs1AijksBRR7otc2NKNnOwNiiYCocZU6t6FYqmMXgRZrXETzKIE3d_WTgUK2sdUZw8dGYSZhn3_1mhTBI2uLoDmAIdkCAAErQAx6RLN6Ka0SrC6n_32Sr506hHWdF1JSAI5y7NOiug7K_btaqV5S7X3uljXHLsUSYly0lp1cpqUdZaNaDy0hPZrvve8vxn5PC5u2p8VUQz78jv380Fq5XbpmUlOqOSVMMWGe_aWvOa7tWr3UvFOaoL3EpoUoytGOjrSlis3s0ob83Ti2toPb_Qtf0FxD64egswlG2181dOkJ1CbXLVoKuWhHqtVz0frXzKu6nmXdv76WCqJlvG6LqtS_6T_NCLCfJ2rD_uYbQjV8H3DcDXKWQnepUmswmC7v6HyP5Qig_Emdjzcc7kLF5zV9uowsXgr6rbF1e93LuUR196gDZW_w3Ef7-CiJ3kvrldWVYR1dMKI8Z7_MbYaCKT6z_1rIabJtK0-BgzPa4oXxplqrILDMjWZ6ZukQP2Op0ddOwxStmFjPB65UE5AHQXXEy9HQqIA_OR0Ph4spdxSqnrKXhUpZtq-0--oTuZ-p3Nwa4_2xcs05-d2r4zAtcu3wUKoaRe0gs9qU_amndTWSRCXEBUnhb8za3BcTZF-2WyxR7rpeAVc0faqtBJxj-eEyBORjcw8Jf_2RLZUB0DCr52JKuXGyWAdv_tXaGsz2psHmVLWw9ZpL6FVrsEv5ppbEuhjwYG1rvdUdsMnyF8sIo9Jvh471PSJAI0rxc0Xpg6L04tvZyJaTRh7oEGFfM7qYNYgJm4ALHS74Eo1eRaQjcioegsIA0EAKfYSEou_ieJTgdstht89TNtZFAX2MNYeKXrSx8JwtPbaRYhdWdWci7TMeJgLgqUVERA_uQzWg-Y5yDCWdNReZCYjovcCwTwa3CbMDmFdilQIbhvwcQz7MBG_of2IaJvPpbQWl8P1uGFe3msdv9nUwRjYiqVSGUeGdHDWo2MhKRKDkCt_-v1AgsZxvIzw-wthnYBo8Srfuebi1vQB-pRv4O-6WGvYisoIyzpEe-iDhXvs87tOOrDlC8dqZ4_rchcqsbohBf4qpAzGwrcvTLemBfp-vHYCeOqk5j63VIQ0OM3SbmeDKwWRjfpUrJGE8Vk4VNanenjletqeK4qyRfI--zs2d8to5vNccpXcKcLfWAwC0WLp93-WSaAHK2DX3tHFF95s9dI3kgIQ0-bo471SOvn7mjzsfDWgjvB9YFLxo_fonL-JIeXMqF4u9tRAa4BGbVRolk3Tw5IsWIxyNt1RykLczytZIMllfHRPhxLN7VGyPtDYOgbBx0SiJdDlBv2zETTe3E_P_mbCjiuQ8GaqS4ereI4k4-yTEVXvP73ICBPoKJgn67t-Hv0amADmK48_w2pU-0cEZxhVqiPJkr-culXZ5pxA5V2Hnh_nVDrPAfyYyssQW1N9LiiizsOAwPoyXYU_VSzgt5QNcmrTH2tIMAXZce-wsrF_mCYWlclu7vNUnN4igHS_9TOTSR_QwmHCID2nk0_Wfou7LY7FtobXx3ZSSkqlRU2UHf9rM_2Lg9rgyU-ksNtH7nedWvGU28NLSaKYWBPfO6JiDMp_R43eH1VUrHODTh1bvIN2XJVL23yXTPpxHpyGvchWWLwiF9gnjvVjQMG_ArqDYUdapLNR75Y4MLl2zRFffIu-AobZ6_Y_x5Tscu3NyQ1wPSukakXVFC33NxSTEaUHHD3xH9KYTCtwq5PPb9y48Lk1FZAcUjgIBET7g7SAZdflGOas_aWDHkAo3ryzNNCLCbHO36O9AOAY5V5VudygzmR8UWoy2CHOXvqMLMmOgDSXjmbSiKPFPS5TUga3ancpzmFr355CF-IKO-Y42AFgNM0wP1FZcOKebigLVOl-DcLWezZaQgEIkWDyNMSrPH1DIiMYvJVyPs_FmO4AGb-S_sjqWx7Q_OCs6CagEhFzis0afy8OPlmevf6TVV8P37g36NOVgIywQFxgzLOWwaOQTPbTU1uP640KK8omVAPgj4FtLe_BKVPINI1KbX9FqT1t_xTgR_RbhljblVk06T1DwwQ1r5QQ_SgkvVa_na8Gk_rX-j_VipQkySP7qZ7euyLz3Nn_4FRPS34w8Wc1Mc7EqizjJmStTlBILVOx_E3tL-D7aMff3y0WFy8_pFddFhc4SHFnGsfqJd3BDL1QdkGl5yStGTUf_9ld4eqFtGTA-CuZcX69KAXSTuQXxp34vUSMaS0ytwwN_9le6aPPMFoKyMq8EjtXfbZkeUOrXr3ehUsLeCm7rz0LOZSLUIexR0sXnr8LQHLuO0LwIPcIQ_YzNHvCMvq3eYosq_TSju1BuRFr-cKQbXtfHMphGgkao34BhKZKL5hl2_myPd3VOTJ7A09QCoWgbLVlhV_tyrPjCWnfSz5_J1PLgIlq17O_id_ZxAOlZvCvy2vqsfJOhUMpe3CBhuF8PfxA005tMSMHalXk1s3BccxkPkXmzdRqFlv13fR4_BgVkGsOg9SzxmSkg8_rsG3xAVocCpMqt_u1y4FAIGyCV_5jYMdO2Eudq6biO6PBu3u1TuunITZamvjq5HFVx2t6ci6Mmaz3ERzwZWzEMQ3RRnGXEWH1mCL5RTFsu7LK8_5lTbd-T8QO728AhRNFocNIP01OxY_fXlP25VRTmnOUrjbCD2XREn9qanGOa5ovfqWC30B04zCwUq65zRqtV7eNiSewXTaGSHanMUszY42G-_IIBvLw6JJaArp0dvxHBrQj-IUyNpn1UvC_kCpn4auSidLSthzEjMDBquruagzC6CKXWn23D0ZBDX-SY4DSkrhSt0w_ChS1UPr534HHIBmPdpDfkq12p3vTdt_Waj5AYIeJUzf6-53CCIINFcxCHaYxotXkMwlTwXcQUKeTpkpT5sJ_JLxXCbhL8Byst8yBHONY5E7QY4Lok1XpUpyB-vXAEIN35BUBj9EQSFX6O9Tx_CA7BiAWd589ECmVC_gdewCNPk2kY29uqnLN6nnB185ePFurdok6-k5WYbIoSz5x7WCgedG&cid=CAASEuRoCLiE6updbDstLaV34b2Oqg&rfl=2%2Chttps%253A%252F%252Fwww.arnolds.com.br%252Fcrash-bandicoot-os-5-niveis%252F%253Futm_source%253Dfacebook%2526utm_medium%253Dsocial%2526utm_campaign%253Dfanpages%240
Frame ID: 20137F502BE29D0CE970D41C34C49BEB
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AFB5AC64D50CEB888B55B7B7560906FA
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 897B228D5C81CA15700B5BA5CE1577D7
Requests: 3 HTTP requests in this frame

Frame: https://megacdn.top/
Frame ID: 38AA26D6769F7A467D199D4BE99E6599
Requests: 6 HTTP requests in this frame

Frame: https://awscloudfront.ml/
Frame ID: A3F926250FE5E5DD589A0B089EA30B6A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 844C0C5876669B0BC9BA94448E20F119
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DB49C6BA8B4DEDD61F663FEFC08BF593
Requests: 2 HTTP requests in this frame

Frame: blob://https://www.arnolds.com.br/d433acfd-b1ef-4571-a709-82e0db0f0518
Frame ID: A9C94847AD6F88037E7C56AAD63D9F85
Requests: 1 HTTP requests in this frame

Frame: https://www.streamix.tv/
Frame ID: 66FECB4AF088AA14A3AA997963631839
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Crash Bandicoot: Os 5 níveis mais difíceis de colisão

Page URL History Show full URLs

  1. https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzU... Page URL
  2. https://adssuper.com/facebook/?id===QO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkj... Page URL
  3. https://www.arnolds.com.br/facebook-ads/?id===QO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1W... Page URL
  4. http://adssuper.com/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2Fcrash-bandicoot-os-5-nivei... HTTP 307
    https://adssuper.com/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2Fcrash-bandicoot-os-5-nivei... Page URL
  5. https://www.arnolds.com.br/crash-bandicoot-os-5-niveis//?utm_source=facebook&utm_medium=social&utm_camp... HTTP 301
    https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campa... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

245
Requests

94 %
HTTPS

57 %
IPv6

45
Domains

62
Subdomains

47
IPs

11
Countries

3279 kB
Transfer

7302 kB
Size

51
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk Page URL
  2. https://adssuper.com/facebook/?id===QO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk&ref=downloadmegajogos Page URL
  3. https://www.arnolds.com.br/facebook-ads/?id===QO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&nome=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk&ref=downloadmegajogos Page URL
  4. http://adssuper.com/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2Fcrash-bandicoot-os-5-niveis%2F HTTP 307
    https://adssuper.com/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2Fcrash-bandicoot-os-5-niveis%2F Page URL
  5. https://www.arnolds.com.br/crash-bandicoot-os-5-niveis//?utm_source=facebook&utm_medium=social&utm_campaign=fanpages HTTP 301
    https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • http://adssuper.com/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2Fcrash-bandicoot-os-5-niveis%2F HTTP 307
  • https://adssuper.com/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2Fcrash-bandicoot-os-5-niveis%2F
Request Chain 66
  • https://sender.clevernt.com/transporter/43452.php?ppuc=1&ppu=0&id=548773&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw%3D%3D&ruri=aHR0cHM6Ly9hZHNzdXBlci5jb20vc29jaWFsLnBocD9zcmM9aHR0cHMlM0ElMkYlMkZ3d3cuYXJub2xkcy5jb20uYnIlMkZjcmFzaC1iYW5kaWNvb3Qtb3MtNS1uaXZlaXMlMkY%3D&r=378201404&tok=33419711310201791433&cc=1&iv=-1&ctr=FR&sz=1200&landing=1&hei=360&mode=topscroll HTTP 302
  • https://lp.cleverwebserver.com/pokerstars/fr/sports/grp1/?id=548773&group=43452&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfNTcwOWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTU3MDkmYz1ZU0FBSllPTlZSQkFBRlI%3D&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw%3D%3D&r=378201404
Request Chain 131
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 136
  • https://secure.starsaffiliateclub.com/C.ashx?btag=a_174459b_5709c_&affid=2356410&siteid=174459&adid=5709&c=YSAAJYONVRBAAFR HTTP 302
  • https://secure.starsaffiliateclub.com/C.ashx?btag=a_174459b_5709c_&affid=2356410&siteid=174459&adid=5709&c=YSAAJYONVRBAAFR&AutoR=1 HTTP 302
  • https://www.pokerstarssports.fr/sites/aff/football/cinq-premiers-paris-rembourses/?btag=a_174459b_5709c_YSAAJYONVRBAAFR HTTP 301
  • https://www.pokerstarssports.fr/sites/aff/football/cinq-premiers-paris-rembourses/
Request Chain 161
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJr7LdOfduXLUl4iSssmLnk&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJr7LdOfduXLUl4iSssmLnk&google_cver=1&C=1
Request Chain 162
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YduJIcgllHS4Hd4C1pzOPwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJr7LdOfduXLUl4iSssmLnk&google_cver=1
Request Chain 163
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEK07vNjLu1D60L6eI6Vlgh0&google_cver=1
Request Chain 164
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ1OTcyMzA5MTY4NDY2MjU3MA%3D%3D
Request Chain 176
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAyJ6yCL4zy9QVrWZOBSRMI&google_cver=1&google_push=AYg5qPLX_2RIwuKEW5ct9rfdUiQ6NqLus_weIU6OCeB4mbEERt6P9boFieGhujXyzPHxSqobeKxk4SXhUquru4LxzZ3REFAdBtg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzE2MDQxNzUyNTAyNDA3ODg0NQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAyJ6yCL4zy9QVrWZOBSRMI&google_cver=1
Request Chain 177
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEFB3EokebzeS5mP9ruQIPyg&google_cver=1&google_push=AYg5qPIq8CeSYfCtswxGyrQpIjbhp_oNu0_PEpz-1XKpQ8p0y72wyoICenHAKoro6ZtIcA5wWTnVT2dKlWknJiGFs0oVC9vEsEU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFB3EokebzeS5mP9ruQIPyg&google_push=AYg5qPIq8CeSYfCtswxGyrQpIjbhp_oNu0_PEpz-1XKpQ8p0y72wyoICenHAKoro6ZtIcA5wWTnVT2dKlWknJiGFs0oVC9vEsEU
Request Chain 178
  • https://a.c.appier.net/gcm?google_gid=CAESEPyO-fky7deOgMJ_xCiMm5Y&google_cver=1&google_push=AYg5qPJ6KmVZPvOjUQ32cOTPmp6JNY-QyRRAau1CeBI4coqkTvCJlEyjw11ccrVMkrAPoqX21VlxrXQIfKF7zDo7M3rpZy9alkLY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Q2ZmQndQSGpEOVNHNl91OUlvbmJZUQ%3D%3D&google_push=AYg5qPJ6KmVZPvOjUQ32cOTPmp6JNY-QyRRAau1CeBI4coqkTvCJlEyjw11ccrVMkrAPoqX21VlxrXQIfKF7zDo7M3rpZy9alkLY
Request Chain 179
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEJYDF4MHQh5zw_HZSJQmUZY&google_cver=1&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM

245 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
campanha.php
www.adssuper.com/instagram/ 		872 B
901 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.36.217.27 , France, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9

Response headers

date
Mon, 10 Jan 2022 01:17:18 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
protected
by MS21122301
x-download-options
noopen
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=15768000;
content-encoding
br
/
adssuper.com/facebook/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adssuper.com/facebook/?id===QO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk&ref=downloadmegajogos
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.36.217.27 , France, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
0c83d8686329e6c1a04c31eed0a96c4ab76dc78cf314de9d192d3505fd3c70f5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk

Response headers

date
Mon, 10 Jan 2022 01:17:19 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
link
<https://adssuper.com/wp-json/>; rel="https://api.w.org/", <https://adssuper.com/wp-json/wp/v2/pages/12>; rel="alternate"; type="application/json", <https://adssuper.com/?p=12>; rel=shortlink
protected
by MS21122301
x-download-options
noopen
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=15768000;
content-encoding
br
/
www.arnolds.com.br/facebook-ads/ 		237 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.arnolds.com.br/facebook-ads/?id===QO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&nome=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk&ref=downloadmegajogos
Requested by
Host: adssuper.com
URL: https://adssuper.com/facebook/?id===QO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk&ref=downloadmegajogos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.36.217.27 , France, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://adssuper.com/facebook/?id===QO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk&ref=downloadmegajogos

Response headers

date
Mon, 10 Jan 2022 01:17:19 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
link
<https://www.arnolds.com.br/wp-json/>; rel="https://api.w.org/", <https://www.arnolds.com.br/wp-json/wp/v2/pages/11717>; rel="alternate"; type="application/json", <https://www.arnolds.com.br/?p=11717>; rel=shortlink
protected
by MS21122301
x-download-options
noopen
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=15768000;
content-encoding
br
social.php
adssuper.com/
Redirect Chain
  • http://adssuper.com/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2Fcrash-bandicoot-os-5-niveis%2F
  • https://adssuper.com/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2Fcrash-bandicoot-os-5-niveis%2F
267 B
633 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adssuper.com/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2Fcrash-bandicoot-os-5-niveis%2F
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/facebook-ads/?id===QO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&nome=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk&ref=downloadmegajogos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.36.217.27 , France, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9

Response headers

date
Mon, 10 Jan 2022 01:17:19 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-cache, must-revalidate, max-age=0
link
<https://adssuper.com/wp-json/>; rel="https://api.w.org/"
protected
by MS21122301
x-download-options
noopen
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=15768000;
content-encoding
br

Redirect headers

Location
https://adssuper.com/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2Fcrash-bandicoot-os-5-niveis%2F
Non-Authoritative-Reason
HSTS
Primary Request /
www.arnolds.com.br/crash-bandicoot-os-5-niveis/
Redirect Chain
  • https://www.arnolds.com.br/crash-bandicoot-os-5-niveis//?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
  • https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
66 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Requested by
Host: adssuper.com
URL: https://adssuper.com/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2Fcrash-bandicoot-os-5-niveis%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.36.217.27 , France, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
f45f1605b74f0189aa51adaa9942f86984f3df9c6988bccd1bf792e880b0e97b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://adssuper.com/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2Fcrash-bandicoot-os-5-niveis%2F

Response headers

date
Mon, 10 Jan 2022 01:17:19 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
expires
Thu, 01 Jan 1970 00:00:01 GMT
cache-control
no-cache
x-pingback
https://www.arnolds.com.br/xmlrpc.php
link
<https://www.arnolds.com.br/wp-json/>; rel="https://api.w.org/", <https://www.arnolds.com.br/wp-json/wp/v2/posts/15231>; rel="alternate"; type="application/json", <https://www.arnolds.com.br/?p=15231>; rel=shortlink
protected
by MS21122301
x-download-options
noopen
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=15768000;
content-encoding
br

Redirect headers

date
Mon, 10 Jan 2022 01:17:19 GMT
content-type
text/html; charset=UTF-8
content-length
0
location
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
expires
Thu, 01 Jan 1970 00:00:01 GMT
cache-control
no-cache
x-pingback
https://www.arnolds.com.br/xmlrpc.php
x-redirect-by
WordPress
protected
by MS21122301
x-download-options
noopen
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=15768000;
main.css
www.arnolds.com.br/facebook/css/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.arnolds.com.br/facebook/css/main.css
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.36.217.27 , France, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
db1f2f4de4a134a2c6da8be0bf4f997c02d446699f4ae7e12821b90fbd583b84
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:19 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 30 Nov 2020 05:18:29 GMT
protected
by MS21122301
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-3.4.0.min.js
www.arnolds.com.br/facebook/js/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.arnolds.com.br/facebook/js/jquery-3.4.0.min.js
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.36.217.27 , France, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:19 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 01 Oct 2020 19:10:34 GMT
protected
by MS21122301
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
cookie.js
www.arnolds.com.br/facebook/js/ 		1 KB
703 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.arnolds.com.br/facebook/js/cookie.js
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.36.217.27 , France, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
bec35833fdefd9f00dea8ea4453556d725b2c2368792502677410c6f72699636
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:19 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 01 Oct 2020 19:10:34 GMT
protected
by MS21122301
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache.js
www.arnolds.com.br/facebook/js/ 		2 KB
807 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.arnolds.com.br/facebook/js/cache.js
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.36.217.27 , France, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
b5633cefe7c581879292959bcb7039b1a41dad5d474103f166aa10669d54e0fe
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:19 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 01 Oct 2020 19:10:33 GMT
protected
by MS21122301
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
up.js
live.demand.supply/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/up.js
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d70fde5e3f9ae842eb1bb7265406f1f4a63666bf23cdf4464da7e65077509996

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FR31Y9V7BHSC9M5QVF8KP2JJ
date
Mon, 10 Jan 2022 01:17:20 GMT
content-encoding
br
cf-cache-status
HIT
age
347
cf-polished
origSize=3935
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
cf-bgj
minify
server
cloudflare
etag
W/"59de6717fa079a1bdca61971e7fc88e1-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray
6cb210a7f95e3a69-CDG
link
<https://live.demand.supply/impl.v14.0.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v14-0-0/d3d3LmFybm9sZHMuY29tLmJyL2NyYXNoLWJhbmRpY29vdC1vcy01LW5pdmVpcy8/dXRtX3NvdXJjZT1mYWNlYm9vayZ1dG1fbWVkaXVtPXNvY2lhbCZ1dG1fY2FtcGFpZ249ZmFucGFnZXM=>; rel=preload; as=script
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-108875794-3
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cd086711f75f41459add89ea1ff8d275eee2511a159b357cbb7a9b3f1b6ff965
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:20 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36217
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 10 Jan 2022 01:17:20 GMT
918e1eea-b7af-45da-a987-49a1ce4b265a.min.js
cmp.optad360.io/items/ 		497 B
834 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.optad360.io/items/918e1eea-b7af-45da-a987-49a1ce4b265a.min.js
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:b600:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 17:59:51 GMT
via
1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
last-modified
Mon, 12 Apr 2021 08:54:56 GMT
server
AmazonS3
age
80924
etag
"7acdc116a0830ba0aef5e087010246ba"
x-cache
Error from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
497
x-amz-cf-id
0pj6GhOsRN9LIxBLK3kPODQTiMOo_sRS6HmkQwjO9uh2vw17rGzQDA==
plugin.min.js
get.optad360.io/sf/db271296-3d68-4d58-aebf-31ea11eb6243/ 		367 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/db271296-3d68-4d58-aebf-31ea11eb6243/plugin.min.js
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:3a00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5585dde13c733b5e473618b4c25b75257756643a782abd07804e4eafe6bf533c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 00:29:00 GMT
content-encoding
gzip
last-modified
Mon, 15 Nov 2021 14:22:32 GMT
server
AmazonS3
age
2901
etag
W/"149895b54966baab9a46d5c1d645a4da"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
54W55NGhfnZMuxHLnhupXO9pXuZBrJoV3K7fxM6P-AzqpnHr0hnSWA==
carregando.gif
www.arnolds.com.br/instagram/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.arnolds.com.br/instagram/carregando.gif
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.36.217.27 , France, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
e69abd7e0cc82f336e61fea889e406ecbbeb7ece1df960231b7a9ba0d1dd1676
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:20 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 01 Oct 2020 19:10:40 GMT
protected
by MS21122301
x-download-options
noopen
strict-transport-security
max-age=15768000;
content-type
image/gif
x-xss-protection
1; mode=block
cache-control
max-age=315360000
accept-ranges
bytes
content-length
5886
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
download.gif
www.arnolds.com.br/facebook/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.arnolds.com.br/facebook/img/download.gif
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.36.217.27 , France, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
3baee6b91d41cdf1f6876a21a763e66bd5ef64b156af02da2a1b2291f9a2b584
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:20 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 01 Oct 2020 19:10:24 GMT
protected
by MS21122301
x-download-options
noopen
strict-transport-security
max-age=15768000;
content-type
image/gif
x-xss-protection
1; mode=block
cache-control
max-age=315360000
accept-ranges
bytes
content-length
5407
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
script.js
ad.lomadee.fun/banners/ 		141 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lomadee.fun/banners/script.js?sourceId=36084693&dimension=17&height=250&width=300&method=0
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a4a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3f972ad41e826956495a2a0381723347276c553d300907cf8cc7486c8f069e4

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 01:17:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=okks6B5e2JoRES6JmMbBarANaK9zTmWSB2KSQra1chGFlkgKQJXInmRH5QR4mzKcJYHMTjpjsmftSywH5O51dtuaxPlUxZ%2BpRbKw0dPg0qd84UJWmOkvYgpnswV5CXDXQg51%2B82sH55nIBqz%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
6cb210a918373b61-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
0
d.js
waust.at/ 		13 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://waust.at/d.js
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3122
last-modified
Mon, 03 May 2021 17:48:07 GMT
server
cloudflare
etag
W/"60903757-3444"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W1R%2FBpK3aGW2B64cG%2FipXyZGmEsrQ9FJ70414zw%2FndxDvp2RS35LYNtDBXfqytfn6rzQ9AWnCj%2FYQ1%2B3kuEz5sTyDjpeN58V1lb07EjmpVkw1o%2FGouCmIHWchg1QvQIKFSD3K2V9"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
6cb210a91986edb7-CDG
expires
Tue, 11 Jan 2022 00:25:18 GMT
css
fonts.googleapis.com/ 		6 KB
769 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,400i,700,700i
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/facebook/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0882fe11baf5c777266a9ab3f14aa451432c7099158b2d69b3515ee5c8e66d4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/facebook/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 00:12:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 10 Jan 2022 01:17:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Jan 2022 01:17:20 GMT
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/facebook/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4b31f597e9852f3e8ef045d9f6032a8ecfe9d8e5c6cde3196c6964e193fe6615
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/facebook/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 00:30:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 10 Jan 2022 01:17:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Jan 2022 01:17:20 GMT
bg_1.png
www.arnolds.com.br/instagram/img/ 		262 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.arnolds.com.br/instagram/img/bg_1.png
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/facebook/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.36.217.27 , France, ASN16276 (OVH, FR),
Reverse DNS
adssuper.com
Software
/
Resource Hash
815fd8cd1ff4fb8f036b23e556f20ad5f7bf54f8cfee11c9c609de72765d3441
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/facebook/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:20 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 01 Oct 2020 19:10:53 GMT
protected
by MS21122301
x-download-options
noopen
strict-transport-security
max-age=15768000;
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=315360000
accept-ranges
bytes
content-length
262
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.arnolds.com.br
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 13:52:02 GMT
x-content-type-options
nosniff
age
213918
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 07 Jan 2023 13:52:02 GMT
JTUPjIg1_i6t8kCHKm459WxZcgvz_PZw.woff2
fonts.gstatic.com/s/montserrat/v18/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUPjIg1_i6t8kCHKm459WxZcgvz_PZw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a4722f7c6bfc8ed582a1da7f4e552be5350efe348638b31ec4a1291963c8e8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.arnolds.com.br
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 18:11:55 GMT
x-content-type-options
nosniff
age
371125
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20516
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:21:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 05 Jan 2023 18:11:55 GMT
impl.v14.0.0.js
live.demand.supply/ 		78 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/impl.v14.0.0.js
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47a00c205ac23427984e572961850c21efd9d16502680c3876904f4a9840e61d

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FKEFKNZGD9ZVC0KK5CB35266
date
Mon, 10 Jan 2022 01:17:20 GMT
content-encoding
br
cf-cache-status
HIT
age
798504
cf-polished
origSize=79681
cf-ray
6cb210a8aa023a69-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"ce85a984a9876904f1c4ef475c2ab350-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
dXRtX3NvdXJjZT1mYWNlYm9vayZ1dG1fbWVkaXVtPXNvY2lhbCZ1dG1fY2FtcGFpZ249ZmFucGFnZXM=
live.demand.supply/p4/v14-0-0/d3d3LmFybm9sZHMuY29tLmJyL2NyYXNoLWJhbmRpY29vdC1vcy01LW5pdmVpcy8/ 		156 B
216 B 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/p4/v14-0-0/d3d3LmFybm9sZHMuY29tLmJyL2NyYXNoLWJhbmRpY29vdC1vcy01LW5pdmVpcy8/dXRtX3NvdXJjZT1mYWNlYm9vayZ1dG1fbWVkaXVtPXNvY2lhbCZ1dG1fY2FtcGFpZ249ZmFucGFnZXM=
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb94b462f27f138f78bc2f58584c8e4377ea23828ec4bf2de9a76b624419b6d0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:20 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
6cb210a8aa033a69-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
e.js
live.demand.supply/e/ 		0
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?e=ll&d=169&cs=c&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FNDHS63ZJHQZ13DRM34A2HTF
date
Mon, 10 Jan 2022 01:17:20 GMT
cf-cache-status
HIT
age
1942756
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6cb210a8fb3e3b4f-CDG
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1717cad6a3d1cdabeb6f2f0e1900b1f5ba60bb16aecb91a1b1a23ce1eb1d6bd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51827
x-xss-protection
0
server
cafe
etag
1933199552115079122
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 10 Jan 2022 01:17:20 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
499d0d880b4d33b2711508aec3eddd440b65d39031c410fc64b2c5347f21d399
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27014
x-xss-protection
0
server
sffe
etag
"1097 / 57 of 1000 / last-modified: 1641462274"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 10 Jan 2022 01:17:20 GMT
ds.2.html
live.demand.supply/ 		413 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/ds.2.html
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FNJ8P35YE9QPXE3X66CAXX52
date
Mon, 10 Jan 2022 01:17:20 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
timing-allow-origin
*
age
2486455
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
6cb210a8fb403b4f-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
arnolds.com.br_fluid_sq
api.demand.supply/v14-0-0/a/ 		301 B
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.demand.supply/v14-0-0/a/arnolds.com.br_fluid_sq?&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47ad6011e5af86c7553984269c5b2a0bd5c73f600001486b4675060dd3f2991e

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:20 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
etag
W/"12d-d4C40EhkyDs4dgOSdvflTVKNfMU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
6cb210a9ab0f3a23-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
arnolds.com.br_fluid_sq
api.demand.supply/v14-0-0/a/ 		301 B
607 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.demand.supply/v14-0-0/a/arnolds.com.br_fluid_sq?&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5253670d6147cb5de1350fd9206d311f4811352e3f9f20d4355bba9bc3f188d6

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:20 GMT
content-encoding
br
cf-cache-status
UPDATING
server
cloudflare
age
8072
etag
W/"12d-8Oach81hba4516wt/yt+X7BLlNk"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
6cb210a9ab113a23-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
arnolds.com.br_fluid_sq
api.demand.supply/v14-0-0/a/ 		301 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.demand.supply/v14-0-0/a/arnolds.com.br_fluid_sq?&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5253670d6147cb5de1350fd9206d311f4811352e3f9f20d4355bba9bc3f188d6

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:20 GMT
content-encoding
br
cf-cache-status
UPDATING
server
cloudflare
age
8072
etag
W/"12d-8Oach81hba4516wt/yt+X7BLlNk"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
6cb210a9ab123a23-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-108875794-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
974
date
Mon, 10 Jan 2022 01:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 10 Jan 2022 03:01:06 GMT
pubads_impl_2021120601.js
securepubads.g.doubleclick.net/gpt/ 		348 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119476
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 09:34:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 10 Jan 2022 01:17:20 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		119 B
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.arnolds.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
def3ab8589eb9f8ff02ee25450654bc2cefabde824ee0ec617b10d7bc9da6fda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 01:17:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
96
x-xss-protection
0
expires
Mon, 10 Jan 2022 01:17:20 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220104/r20190131/ Frame 5CF7 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220104/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
73271f83e0d89e09da51434a964dde15ced7b91331f3b96357eb05ee81a85567
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 09 Jan 2022 16:07:57 GMT
expires
Sun, 23 Jan 2022 16:07:57 GMT
content-type
text/html; charset=UTF-8
etag
2196020943555189384
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4873
x-xss-protection
0
age
32963
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
arnolds.com.br_fluid_sq
live.demand.supply/cp/ 		26 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/arnolds.com.br_fluid_sq?mlos=wi&mlbr=ch&mlla=en&mlbs=30&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02c3c7a072a35862fe9819e0606db72ca95cd3a6521058ab5d1cb9ff654a9802

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
6cb210a9fc993b4f-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
26
arnolds.com.br_fluid_sq
live.demand.supply/cp/ 		27 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/arnolds.com.br_fluid_sq?mlos=wi&mlbr=ch&mlla=en&mlbs=30&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2aab1504fa53e70d0e551e6376884b9cb11384d8020b4449a8f3ad00a5010b11

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
6cb210a9fc9e3b4f-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
27
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=988903706&t=pageview&_s=1&dl=https%3A%2F%2Fwww.arnolds.com.br%2Fcrash-bandicoot-os-5-niveis%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&dr=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252Fcrash-bandicoot-os-5-niveis%252F&ul=en-us&de=UTF-8&dt=Crash%20Bandicoot%3A%20Os%205%20n%C3%ADveis%20mais%20dif%C3%ADceis%20de%20colis%C3%A3o&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=111946164&gjid=924028694&cid=1365420389.1641777440&tid=UA-108875794-3&_gid=1721626616.1641777440&_r=1&gtm=2ou150&z=2106889794
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 01:17:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.arnolds.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
arnolds.com.br_fluid_sq
live.demand.supply/cp/ 		26 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/arnolds.com.br_fluid_sq?mlos=wi&mlbr=ch&mlla=en&mlbs=30&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02c3c7a072a35862fe9819e0606db72ca95cd3a6521058ab5d1cb9ff654a9802

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
6cb210aa6dee3b4f-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
26
prebid5.14.0.js
get.optad360.io/sf/ 		460 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/prebid5.14.0.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/db271296-3d68-4d58-aebf-31ea11eb6243/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:3a00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 08:09:18 GMT
content-encoding
gzip
last-modified
Thu, 23 Sep 2021 07:59:54 GMT
server
AmazonS3
age
9392883
etag
W/"6dd0a13bde35d2daa452bba998871016"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
cache-control
public, max-age=360000000
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
heapVMZq11m4X4ljqT4hlLMY_9EjuSXBT1AFWlBuSzhj_VytGM72Zg==
p1ee4c174b3b485049176b5ff8cbbe10e.otf
ad.lomadee.fun/fonts/ 		424 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.lomadee.fun/fonts/p1ee4c174b3b485049176b5ff8cbbe10e.otf
Requested by
Host: ad.lomadee.fun
URL: https://ad.lomadee.fun/banners/script.js?sourceId=36084693&dimension=17&height=250&width=300&method=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a4a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9789e4a25fa23efe97512b4c8d286347f1c0320e319a3b12c14d6b4c3aa116f

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
424
pragma
no-cache
server
cloudflare
etag
0aca38ddc466eb728161828763789138
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r2ZsEOSnH%2FehaMMYHo2RtvTIBiZCVROLTTFJRPVN9Vkcu55zVXFyiT0mevNJDOemuypfyw22DTBedaxSWvAH1rKA71OutZ1hV0UrlqGdy5c0b0P3U8A6N5NyU9UmgYJE%2BH2b78Ak%2Fa5MFKsg%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/opentype
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
6cb210aaeed90828-CDG
expires
0
script.js
ad.lomadee.com/banners/ 		433 B
582 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lomadee.com/banners/script.js?sourceId=36084693&dimension=17&height=250&width=300&method=0
Requested by
Host: ad.lomadee.fun
URL: https://ad.lomadee.fun/banners/script.js?sourceId=36084693&dimension=17&height=250&width=300&method=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-81.fra60.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
ad9f9715cc466d6b47c51f9bf3f3a86fd2796fff2e553f9cb67d7a6f4058f743

Request headers

Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 09 Nov 2021 16:13:24 GMT
via
1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
age
5303036
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-language
en-US
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
content-type
text/html;charset=UTF-8
x-amz-cf-id
mKBQFQwVgw9wCUckl-b0cM4lCR5hyzjyRjXnfN6HeSFJdM3RbSmD0g==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220110
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f54b1696bff73222472b53c7ca9d4355e21ec50d25c51a96c618baeb6f4b197a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 10 Jan 2022 01:17:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
36986
x-jsd-version
1.0.1216
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19174-FRA, cache-cdg20735-CDG
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"69e-MdgeAGbQVhqK8GuIuM4MB4w7DJw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6cb210ab49e508ab-CDG
view
ad.lomadee.com/banner/ Frame 0F6A 		1 KB
988 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lomadee.com/banner/view?sourceId=36084693&dimension=17&width=300&height=250&method=0&advertisers=&tags=
Requested by
Host: ad.lomadee.com
URL: https://ad.lomadee.com/banners/script.js?sourceId=36084693&dimension=17&height=250&width=300&method=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-81.fra60.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
b09c8f21fb8b53a6e355b9c415e1faef94f5dcab16f138261b0b76f6fb816432

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages

Response headers

content-type
text/html;charset=UTF-8
content-length
675
content-encoding
gzip
content-language
en-US
date
Mon, 10 Jan 2022 01:12:30 GMT
server
Apache-Coyote/1.1
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
ebdwW7YzRfGpqf6LdEDAHMBfa7MGyXVTgb7KPjOzF2CZungtU6dMVw==
age
289
/
rotumal.com/5/2748187/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rotumal.com/5/2748187/?oo=1
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
8f7699487d0076cd30bcc2e643ed6eb268d035886a25a1a76ed967f68b5ed5c3

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-trace-id
ba6b460c3d7f4524fff9a30e2decc5f3
pragma
no-cache, no-cache
date
Mon, 10 Jan 2022 01:17:20 GMT
content-encoding
gzip
server
nginx
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.arnolds.com.br
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
tag.min.js
rotumal.com/ 		67 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rotumal.com/tag.min.js
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
9c6ce7b0c6df1f16a194be60fca2ca5cff0726696f21fca2ae30d63009e221de
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:20 GMT
content-encoding
br
x-content-type-options
nosniff
access-control-max-age
86400
content-length
21958
x-trace-id
2236785aadaeac9606acc8be6bafe197
pragma
no-cache
last-modified
Fri, 24 Dec 2021 09:48:24 GMT
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT
5d3f73c8fb54cf51fc0b674c3e2841fc.js
scripts.cleverwebserver.com/ 		139 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.cleverwebserver.com/5d3f73c8fb54cf51fc0b674c3e2841fc.js
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72a30fe1eed2ac6c197ead23800b9ba2260ce8d948f4b0ad6c66e3badc18975a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:20 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 06 Jan 2022 17:01:30 GMT
server
cloudflare
x-amz-request-id
9AYNKC6KKNZABTGS
etag
W/"aa1eeaeb767275d30a4da7865b6b4704"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
93P7TqsDFv8MEbD5cIE88HZ_YsBzAuNC
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
6cb210abcf4e39d5-CDG
x-amz-id-2
/4RJR1RU7bh56TathvuAGUaSfY9BfjxbZXRkGAO+8se0wiPKyGlIJxuIwqtZIxOtsZY3pU9d3qE=
expires
Mon, 10 Jan 2022 01:47:20 GMT
e.js
live.demand.supply/x/ 		0
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=fs&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FKRJXGDTZ3ZTPWY474C08YTW
date
Mon, 10 Jan 2022 01:17:20 GMT
cf-cache-status
HIT
age
2129302
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6cb210ab7fd33b4f-CDG
/
t.dtscout.com/i/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.arnolds.com.br%2Fcrash-bandicoot-os-5-niveis%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&j=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252Fcrash-bandicoot-os-5-niveis%252F
Requested by
Host: waust.at
URL: https://waust.at/d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.139.229 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip229.ip-158-69-139.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
27f3e97f04587e1c7897b1d0ffeccdec3b91173297342ac575ceabf689f65cf3

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 01:17:20 GMT
X-T
0.591
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
X-S
mtl3
Expires
Mon, 10 Jan 2022 01:17:19 GMT
/
whos.amung.us/pingjs/ 		30 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://whos.amung.us/pingjs/?k=0hpugnb9nc&t=Crash%20Bandicoot%3A%20Os%205%20n%C3%ADveis%20mais%20dif%C3%ADceis%20de%20colis%C3%A3o&c=d&x=https%3A%2F%2Fwww.arnolds.com.br%2Fcrash-bandicoot-os-5-niveis%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&y=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252Fcrash-bandicoot-os-5-niveis%252F&a=0&v=27&r=8008
Requested by
Host: waust.at
URL: https://waust.at/d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.202.94.93 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
amung.us
Software
/
Resource Hash
58592287ef223ccfaf4321691662284da44741fefda1fa1abd3c70d70d6101cc

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:20 GMT
content-encoding
gzip
content-type
text/javascript;charset=UTF-8
integrator.js
adservice.google.fr/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=www.arnolds.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 01:17:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.arnolds.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 01:17:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		49 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4215530080586041&correlator=1114163761088332&output=ldjh&impl=fif&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20220110&iu_parts=121764058%3A22650171930%2Carnolds.com.br%2Carnolds.com.br_stat_S1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1641777440&dt=1641777440589&dlt=1641777439923&idt=519&frm=20&biw=1600&bih=1200&oid=2&adxs=410&adys=296&adks=2806002317&ucis=1&ifi=1&u_his=6&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.arnolds.com.br%2Fcrash-bandicoot-os-5-niveis%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&ref=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252Fcrash-bandicoot-os-5-niveis%252F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=300x-1&ga_vid=1365420389.1641777440&ga_sid=1641777441&ga_hid=988903706&ga_fc=true&fws=132&ohw=305&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
f79f2ece8792038c95ab1052120d5d48f8e73c759a7ec551184f5c8f30c6811f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11936
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.arnolds.com.br
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8CDA 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 10 Jan 2022 01:17:20 GMT
expires
Tue, 10 Jan 2023 01:17:20 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
e.js
live.demand.supply/e/ 		0
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=arnolds.com.br_fluid_sq&pdc=-0.0833863914012909&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FNDHS63ZJHQZ13DRM34A2HTF
date
Mon, 10 Jan 2022 01:17:20 GMT
cf-cache-status
HIT
age
1942756
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6cb210abc84d3b4f-CDG
e.js
live.demand.supply/x/ 		0
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=da&r=arnolds.com.br_fluid_sq&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FKRJXGDTZ3ZTPWY474C08YTW
date
Mon, 10 Jan 2022 01:17:20 GMT
cf-cache-status
HIT
age
2129302
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6cb210abc8533b4f-CDG
300x250
ad.lomadee.com/banners/superofertas/ Frame 0F6A 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.lomadee.com/banners/superofertas/300x250
Requested by
Host: ad.lomadee.com
URL: https://ad.lomadee.com/banner/view?sourceId=36084693&dimension=17&width=300&height=250&method=0&advertisers=&tags=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-81.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c3bf9a688b9ca3ba16c7e43c5ee8af2ad0f619c3a098c7ba12a14ed8975333bd

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ad.lomadee.com/banner/view?sourceId=36084693&dimension=17&width=300&height=250&method=0&advertisers=&tags=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 19:39:22 GMT
via
1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
last-modified
Wed, 17 Jul 2019 16:40:03 GMT
server
AmazonS3
age
7105079
etag
"db5956f7a62675d44627e54cfdeeb29d"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
content-length
19203
x-amz-cf-id
WpSlYpumdcWAzw0h5b0SfhyneANMZ0P-NkFJXQCbqUyo4hZlaDMJvg==
analyze.js
statistcdn.com/ Frame 0F6A 		0
0
analytics.js
www.google-analytics.com/ Frame 0F6A 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ad.lomadee.com
URL: https://ad.lomadee.com/banner/view?sourceId=36084693&dimension=17&width=300&height=250&method=0&advertisers=&tags=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ad.lomadee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
974
date
Mon, 10 Jan 2022 01:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 10 Jan 2022 03:01:06 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		41 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4215530080586041&correlator=3649444080807926&output=ldjh&impl=fif&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20220110&iu_parts=44890869%3A22579995370%2Cca-pub-3831894559014614-tag%2Cfcffe6e0-a98b-4f5f-8c84-c371027b44c4&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x280&prev_scp=ti%3D0a3ff35b-9e0b-46e3-b444-82d12c3d9f44%26bid-p%3Dgoogle%26bsc%3D30&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1641777440&dt=1641777440618&dlt=1641777439923&idt=519&frm=20&biw=1600&bih=1200&oid=2&adxs=992&adys=890&adks=2298971294&ucis=2&ifi=2&u_his=6&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.arnolds.com.br%2Fcrash-bandicoot-os-5-niveis%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&ref=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252Fcrash-bandicoot-os-5-niveis%252F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=1365420389.1641777440&ga_sid=1641777441&ga_hid=988903706&ga_fc=true&fws=4&ohw=301&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
79f471eadb0ffd0f4403eb18faa86c1f11465bd01ffc03b537611abff81007b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10759
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.arnolds.com.br
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gid.js
my.rtmark.net/ 		65 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=e9aca72003d24bc896573a9f813dd171
Requested by
Host: rotumal.com
URL: https://rotumal.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
803a3764ff60317a34392383ed24e52fec4327665c0fa9b2c3c904c276d1bb48
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:20 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.arnolds.com.br
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
/
ui.cleverwebserver.com/ 		144 B
186 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ui.cleverwebserver.com/
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e252225ba18824b66f582a958eb7049ce79d55a71df11b82928a0002bf8f7fe

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:20 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6cb210ac8fd139d5-CDG
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
/
onmarshtompor.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onmarshtompor.com/?rb=NOhwCG1bdk-yQwW6A5DhvORs3YZEHV24OkL_dXhwFz3HRR7snIdOJdKlFVElVXN5t6oBkHRwwa_RnJ6dVjRoM3itmqA9ZiD9WLFzgSdz3sFp-PayZOPbkB9PEoY-g3DCTPaJK__mOP672b75TzMb1Q5sDpLZHf9MT4VV_RH8e1O9Wtj2hOvBAn6gRKw54UnMA2qUy9eIbshSUr8K8aoCUAKzyIglr9XjtgMr0PSf2nwvbE7mw66y1FiA2KCoX3HWpxENxXqHcURO6o7wCtHXlBlALxy_Z9IukqAdVPdoOGenZ0HM0zVxtx-8Ps1edOYL0C-QaQyUJgSAwlwzEKMWvvlsB8RIdUPr9-pri1_G1qdGHg8pTana8blKT3kQCTNPJL5dVSZ4un_A9SngpKhoUw%3D%3D&request_ab2=0&zoneid=2748187&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&pl=https%3A%2F%2Fwww.arnolds.com.br%2Fcrash-bandicoot-os-5-niveis%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&drf=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252Fcrash-bandicoot-os-5-niveis%252F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=2&bs=a17cdb86-2ee4-487a-b52f-9d19e5bd454a&userId=e9aca72003d24bc896573a9f813dd171&m=link
Requested by
Host: rotumal.com
URL: https://rotumal.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 01:17:20 GMT
x-content-type-options
nosniff
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.arnolds.com.br
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT
e.js
live.demand.supply/e/ 		0
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=arnolds.com.br_fluid_sq&pdc=0.9718599319458008&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FNDHS63ZJHQZ13DRM34A2HTF
date
Mon, 10 Jan 2022 01:17:20 GMT
cf-cache-status
HIT
age
1942756
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6cb210ad09f83b4f-CDG
e.js
live.demand.supply/x/ 		0
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=da&r=arnolds.com.br_fluid_sq&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FKRJXGDTZ3ZTPWY474C08YTW
date
Mon, 10 Jan 2022 01:17:20 GMT
cf-cache-status
HIT
age
2129302
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6cb210ad09f93b4f-CDG
e.js
live.demand.supply/e/ 		0
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=arnolds.com.br_fluid_sq&pdc=0.9718599319458008&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FNDHS63ZJHQZ13DRM34A2HTF
date
Mon, 10 Jan 2022 01:17:20 GMT
cf-cache-status
HIT
age
1942756
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6cb210ad09fa3b4f-CDG
e.js
live.demand.supply/x/ 		0
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=da&r=arnolds.com.br_fluid_sq&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FKRJXGDTZ3ZTPWY474C08YTW
date
Mon, 10 Jan 2022 01:17:20 GMT
cf-cache-status
HIT
age
2129302
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6cb210ad09fd3b4f-CDG
/
lp.cleverwebserver.com/pokerstars/fr/sports/grp1/ Frame 48CC
Redirect Chain
  • https://sender.clevernt.com/transporter/43452.php?ppuc=1&ppu=0&id=548773&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29j...
  • https://lp.cleverwebserver.com/pokerstars/fr/sports/grp1/?id=548773&group=43452&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfNTcwOWNfJmFmZmlkPTIzNTY0MTA...
2 KB
783 B 		Document
General
Check archive.org
Download Go to
Full URL
https://lp.cleverwebserver.com/pokerstars/fr/sports/grp1/?id=548773&group=43452&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfNTcwOWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTU3MDkmYz1ZU0FBSllPTlZSQkFBRlI%3D&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw%3D%3D&r=378201404
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acb8211d1c3000b4b7d774055e93a623f70cdaf47f655f2e7764dc87541127ea

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
about:blank

Response headers

date
Mon, 10 Jan 2022 01:17:21 GMT
content-type
text/html
x-amz-id-2
YWRa6XVyFSLcccsS7zqyESJeiHhkmmtRtbW95V11+2xPndIVBJh0JLSCSPL+rywjCcvgAfKRErs=
x-amz-request-id
MHGEKGJ5S6CR2YYV
last-modified
Fri, 07 Jan 2022 11:56:25 GMT
cf-cache-status
MISS
expires
Mon, 10 Jan 2022 01:47:21 GMT
cache-control
public, max-age=1800
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6cb210ae398439d5-CDG
content-encoding
br

Redirect headers

server
nginx
date
Mon, 10 Jan 2022 01:17:20 GMT
content-type
text/html; charset=UTF-8
location
https://lp.cleverwebserver.com/pokerstars/fr/sports/grp1/?id=548773&group=43452&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfNTcwOWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTU3MDkmYz1ZU0FBSllPTlZSQkFBRlI%3D&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw%3D%3D&r=378201404
expires
Fri, 27 Jun 1986 23:00:00 GMT
last-modified
Mon, 10 Jan 2022 01:17:20 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
pragma
no-cache
truncated
/ 		655 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f312aead73c7059dc22bbff1a38210eaacd5e2d7beaaec586a32575c54bc35a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.fr/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=www.arnolds.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 01:17:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.arnolds.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 01:17:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4215530080586041&correlator=591789155993020&output=ldjh&impl=fif&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20220110&iu_parts=44890869%3A22579995370%2Cca-pub-3831894559014614-tag%2C05773030-8cf5-4e97-8496-3d56ee138bea&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x280&prev_scp=ti%3D0a3ff35b-9e0b-46e3-b444-82d12c3d9f44%26bid%3D0.5%26bid-p%3Dgoogle%26bsc%3D30&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1641777440&dt=1641777440851&dlt=1641777439923&idt=519&frm=20&biw=1600&bih=1200&oid=2&adxs=410&adys=1250&adks=1588351721&ucis=3&ifi=3&u_his=6&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.arnolds.com.br%2Fcrash-bandicoot-os-5-niveis%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&ref=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252Fcrash-bandicoot-os-5-niveis%252F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=1365420389.1641777440&ga_sid=1641777441&ga_hid=988903706&ga_fc=true&fws=4&ohw=305&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
3576922397316887f88852b48f78b1c12ded2614eeb82db173297333c368b5a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9076
x-xss-protection
0
google-lineitem-id
5562803274
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138332681208
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.arnolds.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		48 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4215530080586041&correlator=1352519126023555&output=ldjh&impl=fif&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20220110&iu_parts=44890869%3A22579995370%2Cca-pub-3831894559014614-tag%2C05773030-8cf5-4e97-8496-3d56ee138bea&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x280&prev_scp=ti%3D0a3ff35b-9e0b-46e3-b444-82d12c3d9f44%26bid%3D0.55%26bid-p%3Dgoogle%26bsc%3D30&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1641777440&dt=1641777440858&dlt=1641777439923&idt=519&frm=20&biw=1600&bih=1200&oid=2&adxs=992&adys=639&adks=1948922598&ucis=4&ifi=4&u_his=6&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.arnolds.com.br%2Fcrash-bandicoot-os-5-niveis%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&ref=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252Fcrash-bandicoot-os-5-niveis%252F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=1365420389.1641777440&ga_sid=1641777441&ga_hid=988903706&ga_fc=true&fws=4&ohw=301&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
46dfc2c1a3c0bf63c930428713f978fddb9af2c67b6e2d37d74019ded895a271
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12173
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.arnolds.com.br
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
t.dtscout.com/pv/ 		50 B
318 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/pv/?_a=v&_h=arnolds.com.br&_ss=40wr14iif2&_pv=1&_ls=0&_u1=1&_u3=1&_cc=fr&_pl=d&_cbid=70ix&_cb=_dtspv.c
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.arnolds.com.br%2Fcrash-bandicoot-os-5-niveis%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&j=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252Fcrash-bandicoot-os-5-niveis%252F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.139.229 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip229.ip-158-69-139.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
46195d7053583e21dc5abad45d28bd05f3ed6990374941625035053acfd6573e

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 01:17:21 GMT
X-T
0.232
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
X-C
0
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
Expires
Mon, 10 Jan 2022 01:17:20 GMT
tc.js
cdn.tynt.com/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tynt.com/tc.js
Requested by
Host: waust.at
URL: https://waust.at/d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.29.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 27 Aug 2021 20:58:45 GMT
server
cloudflare
age
15376
etag
W/"61295205-431d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6cb210ae2a89edef-CDG
expires
Thu, 13 Jan 2022 01:17:21 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012111011823000/ Frame 813B 		189 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
563388
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55592
x-xss-protection
0
server
sffe
date
Mon, 03 Jan 2022 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"11dee2040f5fc1d7"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 03 Jan 2023 12:47:33 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 813B 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
563388
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4992
x-xss-protection
0
server
sffe
date
Mon, 03 Jan 2022 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"858600ba27ef7413"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 03 Jan 2023 12:47:33 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 813B 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
563388
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28555
x-xss-protection
0
server
sffe
date
Mon, 03 Jan 2022 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a64e482645fd262b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 03 Jan 2023 12:47:33 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 813B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
563388
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1731
x-xss-protection
0
server
sffe
date
Mon, 03 Jan 2022 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cb4f0e89d7d37d9b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 03 Jan 2023 12:47:33 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 813B 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
563388
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12826
x-xss-protection
0
server
sffe
date
Mon, 03 Jan 2022 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"0f988502fa2967b0"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 03 Jan 2023 12:47:33 GMT
css
fonts.googleapis.com/ Frame 813B 		6 KB
670 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 00:04:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 10 Jan 2022 01:17:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Jan 2022 01:17:21 GMT
pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 813B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/pt.png
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 09 Jan 2022 11:09:27 GMT
x-content-type-options
nosniff
server
cafe
age
50874
etag
7735524722462771930
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2886
x-xss-protection
0
expires
Mon, 10 Jan 2022 11:09:27 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 813B 		344 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 09 Jan 2022 06:46:14 GMT
x-content-type-options
nosniff
server
cafe
age
66667
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Mon, 10 Jan 2022 06:46:14 GMT
l
www.google.com/ads/measurement/ Frame 813B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTaZIgClVkeTWx4iS5tW6mEAndoVVQ9q6p17IUwK60wH1qvzY8lf9zaqvJH425_brbq5BGbUo80uJulCRoVyNsyTgSisQ
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 813B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CwhdxIInbYfO1J4msgQeflojwB6-2t8dnk9Hk3v0JrgIQASCqgMMiYPvRgIOMCqAB0Maj4QPIAQmpAh5tGA_Bpn0-4AIAqAMByAMKqgSJAk_QMaIbsQSWojXFNYT1RXswnnjm-8jj9p-e4I5mTmF3wzhOtj7ax_jd-feh2UFeQzG6mlFYC9H1ZUo7u6vCTqA0qgE938vwY8o95ab1rLbmkGPT2V8yis-M1V9x7t_WujTaNOSLuCofCpe6tmWYZtBiTlkDsLp667Q14cnNtRNLCJI1H-nyeUGp5YxNqUHQ5f9PFboUIQSsEceUTwA8WSK1NxJKicpqjevo3tcMh2BGgrPrVcpMlGQivWW2bzVk8vMX6jJ-ETW8nOIXenIp5S43AsPJqXNr9yfpjDV79D1HYlBhie8rkXq6zx5Y9z2D6ioDD_QoybcmVZSKFXihHjD1XW98kCs8gIzABO-V4NCZAuAEAZIFBAgEGAGSBQQIBRgEoAYugAeYudweqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ2odP0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi00NzgyNTU0MjY1NzEwODI1gAoDyAsB2BMKiBQB0BUBmBYBgBcBshceChwIABIUcHViLTU1MTIzOTA3MDUxMzc1MDcYku8h&sigh=AFVoR4PMc-8&uach_m=[UACH]&template_id=484&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012111011823000/ Frame FCF3 		189 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
563388
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55592
x-xss-protection
0
server
sffe
date
Mon, 03 Jan 2022 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"11dee2040f5fc1d7"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 03 Jan 2023 12:47:33 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame FCF3 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
563388
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4992
x-xss-protection
0
server
sffe
date
Mon, 03 Jan 2022 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"858600ba27ef7413"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 03 Jan 2023 12:47:33 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame FCF3 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
563388
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28555
x-xss-protection
0
server
sffe
date
Mon, 03 Jan 2022 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a64e482645fd262b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 03 Jan 2023 12:47:33 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame FCF3 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
563388
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1731
x-xss-protection
0
server
sffe
date
Mon, 03 Jan 2022 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cb4f0e89d7d37d9b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 03 Jan 2023 12:47:33 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame FCF3 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
563388
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12826
x-xss-protection
0
server
sffe
date
Mon, 03 Jan 2022 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"0f988502fa2967b0"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 03 Jan 2023 12:47:33 GMT
pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FCF3 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/pt.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 09 Jan 2022 11:09:27 GMT
x-content-type-options
nosniff
server
cafe
age
50874
etag
7735524722462771930
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2886
x-xss-protection
0
expires
Mon, 10 Jan 2022 11:09:27 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FCF3 		344 B
807 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 09 Jan 2022 06:46:14 GMT
x-content-type-options
nosniff
server
cafe
age
66667
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Mon, 10 Jan 2022 06:46:14 GMT
truncated
/ Frame FCF3 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
acdd6ff842180fbd42a4de729e21e798cc309f09d41cae5a2992eb7dd2e4fdb1

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
3372090312980201593
tpc.googlesyndication.com/daca_images/simgad/ Frame FCF3 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/3372090312980201593
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1dfb319d079364884218d161458302dcf520a66892765d656888716fa61f90d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 17:53:31 GMT
x-content-type-options
nosniff
age
372230
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47450
x-xss-protection
0
last-modified
Sat, 13 Feb 2021 02:14:01 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 05 Jan 2023 17:53:31 GMT
l
www.google.com/ads/measurement/ Frame FCF3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRyOA5_zny98_AeCrzmARQI6PyXU2A0zgxg96Uy2TpZ7hmP1yUieqx3pLVVR29E0npGZ7muRHwK-NtRGCK2-N0rOWREGA
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame FCF3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CwaGJIInbYY-ZKam7gAf76LzoB6-2t8dnp4i-q4INrgIQASCVm8ohYPvRgIOMCqAB0Maj4QPIAQKpAh5tGA_Bpn0-4AIAqAMByAMIqgSGAk_Qm-41OE9RVfTetPutODL475qNg8OV0tJ5NMnFakMCu_iB3GVaPFwwsLUv8l5yZrOECbxXDatD4QbXofjoFPFNWOxTptUTya9mcbxuW3uxANH7o6pIqcY1-BlMLcXbtWkkMLGWzb3-SmjwQJT0xq1Edz_HPT4tcwwReR4H33XYffxsOAHCTWmBQw0O3iDq1CYRgbijjGKO5cYj2sIJmkkvXVdtA4jDqovcFE_MIc6gGGZX0z_GTVpvAIrZtK2yC02UFNxXMZUuptsbvgBbq6EPqdxG8I6WUri5tqUj8rrqPd-_q2XE42Y3wYBMRZTUjkZDitSwtFg1PskgoBUkkejw8RpmaD_ABO-V4NCZAuAEAZIFBAgEGAGSBQQIBRgEoAYCgAeYudweqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQu5QZ0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi03NTk3OTgzODY4ODg0MzYwgAoDyAsB2BMK0BUBmBYBgBcBshceChwIABIUcHViLTM4MzE4OTQ1NTkwMTQ2MTQY_fkT&sigh=FyR-rDAOXi8&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
e.js
live.demand.supply/e/ 		0
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0&b=3&r=arnolds.com.br_fluid_sq&sy=8fc78901-c18b-4d97-9b80-31a6499ff4d4&ts=30&cd=2&pud=169&pus=c&pue=352&pid=51&pis=c&pie=403&ppd=116&pps=a&ppe=469&pad=173&pas=c&pae=528&pcl=805&ttc=557&tti=1254&ttif=0&lca=469&lcak=ppe&lct=528&lctk=pae&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.arnolds.com.br&mlre=adssuper.com&mlin=0&mlsi=300x280&mlbw=4g&mlcs=NaN&mltp=0a3ff35b-9e0b-46e3-b444-82d12c3d9f44&e=lm&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FNDHS63ZJHQZ13DRM34A2HTF
date
Mon, 10 Jan 2022 01:17:21 GMT
cf-cache-status
HIT
age
1942757
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6cb210ae5c6a3b4f-CDG
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=w!0hpugnb9nc&lm=0&ts=1641777441014&dn=TC&iso=0&r=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252Fcrash-bandicoot-os-5-niveis%252F&t=Crash%20Bandicoot%3A%20Os%205%20n%C3%ADveis%20mais%20dif%C3%ADceis%20de%20colis%C3%A3o
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:21 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
2076313506083323656
tpc.googlesyndication.com/simgad/5579190597508138932/ Frame 813B 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5579190597508138932/2076313506083323656
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6408cb70afe8d80dab6967d0bfdb1858f05a90a7be3467f7e220d026788c3700
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 22:15:58 GMT
x-content-type-options
nosniff
age
442883
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45122
x-xss-protection
0
last-modified
Tue, 31 Mar 2020 11:37:49 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 04 Jan 2023 22:15:58 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/13995805206294085624/ Frame 813B 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13995805206294085624/downsize_200k_v1?w=100&h=100
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ae32bfb576572d24258baa827124bc49e0f5a14b47e729a747ba49091801b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 20:17:30 GMT
x-content-type-options
nosniff
age
363591
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10242
x-xss-protection
0
last-modified
Thu, 11 Jul 2019 10:13:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 05 Jan 2023 20:17:30 GMT
truncated
/ Frame 813B 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 813B 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
21a633d767147427bb95ee7559c8a90934723f9b788953f11a96aab8927c8bcf

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 813B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.arnolds.com.br
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 17:56:19 GMT
x-content-type-options
nosniff
age
372062
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 05 Jan 2023 17:56:19 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 813B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.arnolds.com.br
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 17:58:32 GMT
x-content-type-options
nosniff
age
371929
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 05 Jan 2023 17:58:32 GMT
style.css
lp.cleverwebserver.com/pokerstars/fr/sports/grp1/ Frame 48CC 		13 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lp.cleverwebserver.com/pokerstars/fr/sports/grp1/style.css?v=2
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/pokerstars/fr/sports/grp1/?id=548773&group=43452&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfNTcwOWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTU3MDkmYz1ZU0FBSllPTlZSQkFBRlI%3D&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw%3D%3D&r=378201404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4f19a030fd4294a9f24e41012f744ac5d7ad92a811a66155635e14d139e19d9

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://lp.cleverwebserver.com/pokerstars/fr/sports/grp1/?id=548773&group=43452&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfNTcwOWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTU3MDkmYz1ZU0FBSllPTlZSQkFBRlI%3D&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw%3D%3D&r=378201404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:21 GMT
content-encoding
br
cf-cache-status
HIT
age
345
cf-polished
origSize=13883
last-modified
Mon, 20 Dec 2021 12:22:52 GMT
x-amz-request-id
Y4483BKRRJSX6Y07
x-amz-id-2
n98ayvR66O2sVaWZmYWWTCyMeU5I0ARb+ChnahlxFfC4XRcebzlpO6Dkp0wW/1hgk1kzco6gHDc=
cf-bgj
minify
server
cloudflare
etag
W/"08ff342285839fe919717fb48d522945"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=1800
cf-ray
6cb210aefa2239d5-CDG
expires
Mon, 10 Jan 2022 01:47:21 GMT
ad.svg
lp.cleverwebserver.com/pokerstars/fr/sports/grp1/imgs/ Frame 48CC 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/pokerstars/fr/sports/grp1/imgs/ad.svg?v=2
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/pokerstars/fr/sports/grp1/?id=548773&group=43452&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfNTcwOWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTU3MDkmYz1ZU0FBSllPTlZSQkFBRlI%3D&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw%3D%3D&r=378201404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7348a7778e4ec3d8c98abd54e28fe0c08465378e1dfbe608b9a0f51c8c41bf4

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://lp.cleverwebserver.com/pokerstars/fr/sports/grp1/?id=548773&group=43452&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfNTcwOWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTU3MDkmYz1ZU0FBSllPTlZSQkFBRlI%3D&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw%3D%3D&r=378201404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 20 Dec 2021 12:22:52 GMT
server
cloudflare
age
345
etag
W/"e15322cd8e1a737e9de12b94a2e69ba5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
6cb210aefa2339d5-CDG
x-amz-request-id
YTR0HZS8DGQP0XBW
x-amz-id-2
P45j+mEfAi0LOLBGOOuxiBvdgtU+VGhzCJYjrhinpI99WSaRcE/shH288Xehc0wIwaOJyK6ziRs=
expires
Mon, 10 Jan 2022 01:47:21 GMT
logo.png
lp.cleverwebserver.com/pokerstars/fr/sports/grp1/imgs/ Frame 48CC 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/pokerstars/fr/sports/grp1/imgs/logo.png?v=2
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/pokerstars/fr/sports/grp1/?id=548773&group=43452&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfNTcwOWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTU3MDkmYz1ZU0FBSllPTlZSQkFBRlI%3D&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw%3D%3D&r=378201404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
982b2129753d358260b04218d4f75f9c287f93ace8653699a22cf448ec7ccbe0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://lp.cleverwebserver.com/pokerstars/fr/sports/grp1/?id=548773&group=43452&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfNTcwOWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTU3MDkmYz1ZU0FBSllPTlZSQkFBRlI%3D&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw%3D%3D&r=378201404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:21 GMT
cf-cache-status
HIT
age
323
cf-polished
origFmt=png, origSize=5663
cf-ray
6cb210aefa2639d5-CDG
last-modified
Mon, 20 Dec 2021 12:22:52 GMT
content-disposition
inline; filename="logo.webp"
content-length
2930
x-amz-id-2
q2s0Ruoyg7JPqxHTZyc7S+6MN27gysOhpww8tKwpWNBVLGQvfSUDV6I2GHloPiNwf7dLCTfsrp4=
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"1448b9218abb94687feb6f9b5cc8920c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-amz-request-id
6X6701V231VXXW57
cache-control
public, max-age=1800
accept-ranges
bytes
content-type
image/webp
expires
Mon, 10 Jan 2022 01:47:21 GMT
copy-mobile.svg
lp.cleverwebserver.com/pokerstars/fr/sports/grp1/imgs/ Frame 48CC 		52 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/pokerstars/fr/sports/grp1/imgs/copy-mobile.svg?v=2
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/pokerstars/fr/sports/grp1/?id=548773&group=43452&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfNTcwOWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTU3MDkmYz1ZU0FBSllPTlZSQkFBRlI%3D&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw%3D%3D&r=378201404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89aba511181409d49f50e5dbbdd706f562a3f1598f35a4215e65d9e9bcb12e8c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://lp.cleverwebserver.com/pokerstars/fr/sports/grp1/?id=548773&group=43452&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfNTcwOWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTU3MDkmYz1ZU0FBSllPTlZSQkFBRlI%3D&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw%3D%3D&r=378201404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 20 Dec 2021 12:22:52 GMT
server
cloudflare
age
345
etag
W/"6eca3e8960014e7f4b42ddde36696238"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
6cb210aefa2739d5-CDG
x-amz-request-id
Y4484PS4ZPQGSPMS
x-amz-id-2
8dTKKPHJC9XUDS1dYEFs/R6D67WJlhkHYf0UDdwAVU2hIn5UXWTg38neM3y3itJZdG42djVkMAo=
expires
Mon, 10 Jan 2022 01:47:21 GMT
copy-728x90.svg
lp.cleverwebserver.com/pokerstars/fr/sports/grp1/imgs/ Frame 48CC 		51 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/pokerstars/fr/sports/grp1/imgs/copy-728x90.svg?v=2
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/pokerstars/fr/sports/grp1/?id=548773&group=43452&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfNTcwOWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTU3MDkmYz1ZU0FBSllPTlZSQkFBRlI%3D&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw%3D%3D&r=378201404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff966b5361f7855d88b73da7596369d93cf8568fe19e9064c10b70325815d05e

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://lp.cleverwebserver.com/pokerstars/fr/sports/grp1/?id=548773&group=43452&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfNTcwOWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTU3MDkmYz1ZU0FBSllPTlZSQkFBRlI%3D&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw%3D%3D&r=378201404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 20 Dec 2021 12:22:52 GMT
server
cloudflare
age
345
etag
W/"8a646d7c5e5a125bb152777053ba34a5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
6cb210aefa2839d5-CDG
x-amz-request-id
03841JX25227FS3Y
x-amz-id-2
f1jkQdY02o2jWq0A03m7AooEIAq4SgIvDHKdxHp9xDcZQc0iP9aFuy/j8QOnq5a+t+DRjjkHWts=
expires
Mon, 10 Jan 2022 01:47:21 GMT
copy.jpg
lp.cleverwebserver.com/pokerstars/fr/sports/grp1/imgs/ Frame 48CC 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/pokerstars/fr/sports/grp1/imgs/copy.jpg?v=2
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/pokerstars/fr/sports/grp1/?id=548773&group=43452&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfNTcwOWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTU3MDkmYz1ZU0FBSllPTlZSQkFBRlI%3D&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw%3D%3D&r=378201404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab9c1a988c7340b826fcdf27f0f17d09a98d240f2921a5ea9d0f341d4a330497

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://lp.cleverwebserver.com/pokerstars/fr/sports/grp1/?id=548773&group=43452&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfNTcwOWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTU3MDkmYz1ZU0FBSllPTlZSQkFBRlI%3D&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw%3D%3D&r=378201404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:21 GMT
cf-cache-status
HIT
age
323
cf-polished
origFmt=jpeg, origSize=107973
cf-ray
6cb210aefa2a39d5-CDG
last-modified
Mon, 20 Dec 2021 12:23:42 GMT
content-disposition
inline; filename="copy.webp"
content-length
49944
x-amz-id-2
V5lvx/C7RA0JMMcmwJ7RYbZZ2tOZPaqHyBjZabMWsyLje2iNvRch25wYVgeYl7qAI0xR9uhndgM=
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"d804992ff4d2acb2ae702a843fe4d6b3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-amz-request-id
XCK6DHGS5TF3NR83
cache-control
public, max-age=1800
accept-ranges
bytes
content-type
image/webp
expires
Mon, 10 Jan 2022 01:47:21 GMT
copy-push.svg
lp.cleverwebserver.com/pokerstars/fr/sports/grp1/imgs/ Frame 48CC 		54 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/pokerstars/fr/sports/grp1/imgs/copy-push.svg?v=2
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/pokerstars/fr/sports/grp1/?id=548773&group=43452&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfNTcwOWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTU3MDkmYz1ZU0FBSllPTlZSQkFBRlI%3D&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw%3D%3D&r=378201404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6461c753b2cb242bd7afeded6f99913fb9c40244ffdb5b264235f8a8451077f

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://lp.cleverwebserver.com/pokerstars/fr/sports/grp1/?id=548773&group=43452&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfNTcwOWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTU3MDkmYz1ZU0FBSllPTlZSQkFBRlI%3D&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw%3D%3D&r=378201404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 20 Dec 2021 12:22:52 GMT
server
cloudflare
age
345
etag
W/"aa41ecb1bc315a2b6f87ed5d09c69ced"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
6cb210af3a4e39d5-CDG
x-amz-request-id
2X2EKJJP1M6JQH2C
x-amz-id-2
+QtaIcfvYeGo91TXKPr9evmKyioFYdKhAYcLTIhz35P7wfDO90fzfB4dzR7Ky9n/i0UErDT+G/0=
expires
Mon, 10 Jan 2022 01:47:21 GMT
legal.svg
lp.cleverwebserver.com/pokerstars/fr/sports/grp1/imgs/ Frame 48CC 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/pokerstars/fr/sports/grp1/imgs/legal.svg?v=2
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/pokerstars/fr/sports/grp1/?id=548773&group=43452&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfNTcwOWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTU3MDkmYz1ZU0FBSllPTlZSQkFBRlI%3D&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw%3D%3D&r=378201404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e328332ff78a4535f853e3609e5fba88b2fdc7c30a03d8e58352b67310931f55

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://lp.cleverwebserver.com/pokerstars/fr/sports/grp1/?id=548773&group=43452&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfNTcwOWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTU3MDkmYz1ZU0FBSllPTlZSQkFBRlI%3D&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw%3D%3D&r=378201404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 20 Dec 2021 12:22:52 GMT
server
cloudflare
age
345
etag
W/"a6c2a3774bda81497df228a89110af7b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
6cb210af3a5139d5-CDG
x-amz-request-id
BRJMBFCN2VEQSH1P
x-amz-id-2
edMztLKZYRNjF7GLtlxFIruCqqey86iS4FvLjwYngDibSLmE2qHNNigoqal5U3QIUXX3zsyd00o=
expires
Mon, 10 Jan 2022 01:47:21 GMT
rocket-loader.min.js
lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 48CC 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/pokerstars/fr/sports/grp1/?id=548773&group=43452&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfNTcwOWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTU3MDkmYz1ZU0FBSllPTlZSQkFBRlI%3D&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw%3D%3D&r=378201404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://lp.cleverwebserver.com/pokerstars/fr/sports/grp1/?id=548773&group=43452&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfNTcwOWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTU3MDkmYz1ZU0FBSllPTlZSQkFBRlI%3D&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw%3D%3D&r=378201404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 05 Jan 2022 15:17:54 GMT
server
cloudflare
etag
W/"61d5b6a2-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
6cb210af3a5339d5-CDG
vary
Accept-Encoding
expires
Wed, 12 Jan 2022 01:17:21 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame BB3B 		0
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BB3B 		0
0
integrator.js
adservice.google.fr/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=www.arnolds.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 01:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.arnolds.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 01:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4215530080586041&correlator=335057075191806&output=ldjh&impl=fif&eid=44714449&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20220110&iu_parts=44890869%3A22579995370%2Cca-pub-3831894559014614-tag%2Cf5df9001-d77c-4313-8061-7b23276728af&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x280&prev_scp=ti%3D0a3ff35b-9e0b-46e3-b444-82d12c3d9f44%26bid%3D0.17%26bid-p%3Dgoogle%26bsc%3D30&eri=1&cookie=ID%3D1418754bdceb94cc-2268de0d1acd00ac%3AT%3D1641777440%3AS%3DALNI_MaGhxyN-G1kITPQGDwTij6A45TaEg&bc=31&abxe=1&lmt=1641777441&dt=1641777441133&dlt=1641777439923&idt=519&frm=20&biw=1600&bih=1200&oid=2&adxs=410&adys=1250&adks=1687471662&ucis=5&ifi=5&u_his=6&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.arnolds.com.br%2Fcrash-bandicoot-os-5-niveis%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&ref=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252Fcrash-bandicoot-os-5-niveis%252F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=1365420389.1641777440&ga_sid=1641777441&ga_hid=988903706&ga_fc=true&fws=4&ohw=305&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e5fd79e8359b28b9138da7f3d28df860228e8ac6096057ec12b0daafa90532c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10220
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.arnolds.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bg-pushdown.jpg
lp.cleverwebserver.com/pokerstars/fr/sports/grp1/imgs/ Frame 48CC 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/pokerstars/fr/sports/grp1/imgs/bg-pushdown.jpg?v=2
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/pokerstars/fr/sports/grp1/style.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b44bc2c476ed873040b37bd283647cd59dddde4838e2a0a58e28ffc397cf2ab2

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://lp.cleverwebserver.com/pokerstars/fr/sports/grp1/style.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:21 GMT
cf-cache-status
REVALIDATED
x-amz-request-id
59J9Y3ZSZ0EAS0SX
cf-polished
origSize=65405, status=webp_bigger
last-modified
Mon, 20 Dec 2021 12:22:52 GMT
content-length
65397
x-amz-id-2
flWjJii/s4F1QsR0j0rUQO9/LjwDMQ9gzM+Pc2Z6k3d80ezT0xJHXk63P5oX+tY/aWLlwhNQpyM=
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"7ecac264ced0df387b8ca7649f9adc2d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=1800
accept-ranges
bytes
cf-ray
6cb210af5a6e39d5-CDG
expires
Mon, 10 Jan 2022 01:47:21 GMT
clever-core-other.js
lp.cleverwebserver.com/ Frame 48CC 		1 KB
813 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.cleverwebserver.com/clever-core-other.js
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5755144f0dce959dc794da1dfdc2acaebcf06d9b48532cb75dc972c33600f26d

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://lp.cleverwebserver.com/pokerstars/fr/sports/grp1/?id=548773&group=43452&tracker=aHR0cHM6Ly9zZWN1cmUuc3RhcnNhZmZpbGlhdGVjbHViLmNvbS9DLmFzaHg%2FYnRhZz1hXzE3NDQ1OWJfNTcwOWNfJmFmZmlkPTIzNTY0MTAmc2l0ZWlkPTE3NDQ1OSZhZGlkPTU3MDkmYz1ZU0FBSllPTlZSQkFBRlI%3D&ref=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw%3D%3D&r=378201404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:21 GMT
content-encoding
br
cf-cache-status
HIT
age
643
cf-polished
origSize=1782
last-modified
Mon, 20 Dec 2021 12:22:44 GMT
x-amz-request-id
ZM9TZ39KQM469SWQ
x-amz-id-2
RJ9OxQ4qgFRai2Fl7CCqAi4oyRUUhkUOfnxWTXyygT5oVv/rAL6qvWbvjceunms4zzMXCux5JYA=
cf-bgj
minify
server
cloudflare
etag
W/"471cfd4668aa76384941e518bd3e63f9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
6cb210af8aa639d5-CDG
expires
Mon, 10 Jan 2022 01:47:21 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012111011823000/ Frame ACBD 		189 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
563388
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55592
x-xss-protection
0
server
sffe
date
Mon, 03 Jan 2022 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"11dee2040f5fc1d7"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 03 Jan 2023 12:47:33 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame ACBD 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
563388
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4992
x-xss-protection
0
server
sffe
date
Mon, 03 Jan 2022 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"858600ba27ef7413"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 03 Jan 2023 12:47:33 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame ACBD 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
563388
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28555
x-xss-protection
0
server
sffe
date
Mon, 03 Jan 2022 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a64e482645fd262b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 03 Jan 2023 12:47:33 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame ACBD 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
563388
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1731
x-xss-protection
0
server
sffe
date
Mon, 03 Jan 2022 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cb4f0e89d7d37d9b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 03 Jan 2023 12:47:33 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame ACBD 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
563388
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12826
x-xss-protection
0
server
sffe
date
Mon, 03 Jan 2022 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"0f988502fa2967b0"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 03 Jan 2023 12:47:33 GMT
css
fonts.googleapis.com/ Frame ACBD 		6 KB
670 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 09 Jan 2022 23:53:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 10 Jan 2022 01:17:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Jan 2022 01:17:21 GMT
pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame ACBD 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/pt.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 09 Jan 2022 11:09:27 GMT
x-content-type-options
nosniff
server
cafe
age
50874
etag
7735524722462771930
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2886
x-xss-protection
0
expires
Mon, 10 Jan 2022 11:09:27 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame ACBD 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 09 Jan 2022 06:46:14 GMT
x-content-type-options
nosniff
server
cafe
age
66667
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Mon, 10 Jan 2022 06:46:14 GMT
l
www.google.com/ads/measurement/ Frame ACBD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQmpdzX9Ez63fn_r4b6N-6ITuJL2VDJtDbIL4jxWKOsgw5TQWtmA8PqNlWZgWJIG_OSP0OnkSeW3TAO2HCjKF3_jhsXDQ
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame ACBD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CRUu9IInbYaylOcn47gP3vL_QBofQ8KhnvMb9tO8M2dkeEAEglZvKIWD70YCDjAqgAa6hwocDyAEJqQKDayIY0A-zPuACAKgDAcgDCqoEjQJP0IdtYoFaykozquFb2fghrnO12NMmozJbIbXitLiUbIQWuOt4h2Z0mrgfKRyXHLr_ns_OvLvYZusHLgmyZ1r5NcT-5r1b9U7KdzPWFlSBlOpT2Yb0teCU6MMilhFjdDSnqvYmpUq6jhQDz0-kXbJRzj6PPlK8YXrXr5WaUH3QR828lOFzcjyPKlOtsCqVCrAHEp3MJxHDt6Nl9HWyNTP92OV34pVf551g1qkmvIXQlKYFcj4BSPXsO9LtRKvMT8ehZsPYJAkuToXJ813cEhCfAjMYWVHrUU9Dr8u5K9IwuUI2S3bd3OdG-21dMz_geN4ApuUrOg6CCUK2pcEk4lFUpAx3_HQunUC_3nSKzsAEkMmotcED4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7revXioB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCwuCvSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc1OTc5ODM4Njg4ODQzNjCACgPICwHYEwLQFQGYFgGAFwGyFx4KHAgAEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=xwisdCHaTM0&uach_m=[UACH]&template_id=484&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
e.js
live.demand.supply/e/ 		0
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.55&b=1&r=arnolds.com.br_fluid_sq&sy=8fc78901-c18b-4d97-9b80-31a6499ff4d4&ts=30&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.arnolds.com.br&mlre=adssuper.com&mlin=0&mlsi=300x280&mlbw=4g&mlcs=NaN&mltp=0a3ff35b-9e0b-46e3-b444-82d12c3d9f44&e=lm&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FNDHS63ZJHQZ13DRM34A2HTF
date
Mon, 10 Jan 2022 01:17:21 GMT
cf-cache-status
HIT
age
1942757
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6cb210afef713b4f-CDG
si
googleads.g.doubleclick.net/pagead/drt/ Frame FCF3
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H3
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

date
Mon, 10 Jan 2022 01:17:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 813B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/pt.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 09 Jan 2022 11:09:27 GMT
x-content-type-options
nosniff
server
cafe
age
50874
etag
7735524722462771930
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2886
x-xss-protection
0
expires
Mon, 10 Jan 2022 11:09:27 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 813B 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 09 Jan 2022 06:46:14 GMT
x-content-type-options
nosniff
server
cafe
age
66667
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Mon, 10 Jan 2022 06:46:14 GMT
pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FCF3 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/pt.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 09 Jan 2022 11:09:27 GMT
x-content-type-options
nosniff
server
cafe
age
50874
etag
7735524722462771930
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2886
x-xss-protection
0
expires
Mon, 10 Jan 2022 11:09:27 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FCF3 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 09 Jan 2022 06:46:14 GMT
x-content-type-options
nosniff
server
cafe
age
66667
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Mon, 10 Jan 2022 06:46:14 GMT
/
www.pokerstarssports.fr/sites/aff/football/cinq-premiers-paris-rembourses/ Frame 191E
Redirect Chain
  • https://secure.starsaffiliateclub.com/C.ashx?btag=a_174459b_5709c_&affid=2356410&siteid=174459&adid=5709&c=YSAAJYONVRBAAFR
  • https://secure.starsaffiliateclub.com/C.ashx?btag=a_174459b_5709c_&affid=2356410&siteid=174459&adid=5709&c=YSAAJYONVRBAAFR&AutoR=1
  • https://www.pokerstarssports.fr/sites/aff/football/cinq-premiers-paris-rembourses/?btag=a_174459b_5709c_YSAAJYONVRBAAFR
  • https://www.pokerstarssports.fr/sites/aff/football/cinq-premiers-paris-rembourses/
26 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.pokerstarssports.fr/sites/aff/football/cinq-premiers-paris-rembourses/
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/clever-core-other.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
77.87.181.187 Douglas, Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
Apache /
Resource Hash
17de5dfc7a146e3318f676d1e363efec0ac5e53ae094b46870788c4c523639d1
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://lp.cleverwebserver.com/

Response headers

Date
Mon, 10 Jan 2022 01:17:21 GMT
Server
Apache
Vary
User-Agent,Accept-Encoding
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
7564
Keep-Alive
timeout=5, max=244
Connection
Keep-Alive
Content-Type
text/html
Strict-Transport-Security
max-age=157680000

Redirect headers

Date
Mon, 10 Jan 2022 01:17:21 GMT
Server
Apache
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Expires
0
Vary
User-Agent
Location
https://www.pokerstarssports.fr/sites/aff/football/cinq-premiers-paris-rembourses/
Keep-Alive
timeout=5, max=178
Connection
Keep-Alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=157680000
2076313506083323656
tpc.googlesyndication.com/simgad/15768737117852531184/ Frame ACBD 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15768737117852531184/2076313506083323656
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1c8d65c43fe1c88be74c33135292fd56fd9bef142e202be5c153b79662df629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 23:25:08 GMT
x-content-type-options
nosniff
age
93133
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68287
x-xss-protection
0
last-modified
Tue, 23 Feb 2021 08:32:25 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 08 Jan 2023 23:25:08 GMT
truncated
/ Frame ACBD 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fca1cecbb79ec1a111a8704840209211403a227b6d36818224dd490926077583

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame ACBD 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81ee995dffa34893af62c18cca723cd6e6138ffacf1c232adefb58fd067500cb

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame ACBD 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.arnolds.com.br
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 17:56:19 GMT
x-content-type-options
nosniff
age
372062
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 05 Jan 2023 17:56:19 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame ACBD 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.arnolds.com.br
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 17:58:32 GMT
x-content-type-options
nosniff
age
371929
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 05 Jan 2023 17:58:32 GMT
v2
de.tynt.com/deb/ 		4 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=w!0hpugnb9nc&dn=TC&cc=1&r=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252Fcrash-bandicoot-os-5-niveis%252F
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:21 GMT
cache-control
max-age=86400
content-type
application/javascript
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length
4
expires
Tue, 11 Jan 2022 01:17:21 GMT
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=w!0hpugnb9nc&lm=0&ts=1641777441014&dn=TC&iso=0&r=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252Fcrash-bandicoot-os-5-niveis%252F&t=Crash%20Bandicoot%3A%20Os%205%20n%C3%ADveis%20mais%20dif%C3%ADceis%20de%20colis%C3%A3o
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:21 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
js
www.googletagmanager.com/gtag/ 		90 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-139883519-66&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-108875794-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7b13d546052354706446b460f9ca5425d232f9491f0ccc9847c40e354da73552
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:21 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36303
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 10 Jan 2022 01:17:21 GMT
js
www.googletagmanager.com/gtag/ 		90 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-135425005-2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-108875794-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1cf3fbe536aa50fd14d375fd582f69aa1c0b47f9ae7cc8dec59c0c9bb8fb7a84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:21 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36244
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 10 Jan 2022 01:17:21 GMT
bootstrap.js
ad.lomadee.fun/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lomadee.fun/bootstrap.js
Requested by
Host: ad.lomadee.fun
URL: https://ad.lomadee.fun/banners/script.js?sourceId=36084693&dimension=17&height=250&width=300&method=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a4a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e70a1af556242beff3bd3241729d79cc869bdbfeef0b32b7420be65eced904ce

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 01:17:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hhS6mKqzpkYXyeTecEPm1V8uBw3xMg%2FB2uZ44%2FU%2F0fDyBji9OdntbMb50ttcBW%2F0AQxJxASZp4i9df7l2X48PE%2FagiujaqNUX0cNUMT1Q%2FRuoz%2B0MpEoqmDcfowt%2Bl8zXnM8BWaQxbcH0r8PJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
6cb210b12b1d3a35-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
0
container.html
3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8358 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 10 Jan 2022 01:17:20 GMT
expires
Tue, 10 Jan 2023 01:17:20 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
e.js
live.demand.supply/e/ 		0
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=arnolds.com.br_fluid_sq&pn=1&sn=2&pc=0.9718599319458008&ds=true&e=wdp&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FNDHS63ZJHQZ13DRM34A2HTF
date
Mon, 10 Jan 2022 01:17:21 GMT
cf-cache-status
HIT
age
1942757
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6cb210b119e33b4f-CDG
e.js
live.demand.supply/e/ 		0
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.17&b=2&r=arnolds.com.br_fluid_sq&sy=8fc78901-c18b-4d97-9b80-31a6499ff4d4&ts=30&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.arnolds.com.br&mlre=adssuper.com&mlin=0&mlsi=300x280&mlbw=4g&mlcs=NaN&mltp=0a3ff35b-9e0b-46e3-b444-82d12c3d9f44&e=lm&dsReferer=aHR0cHM6Ly93d3cuYXJub2xkcy5jb20uYnIvY3Jhc2gtYmFuZGljb290LW9zLTUtbml2ZWlzLz91dG1fc291cmNlPWZhY2Vib29rJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1mYW5wYWdlcw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FNDHS63ZJHQZ13DRM34A2HTF
date
Mon, 10 Jan 2022 01:17:21 GMT
cf-cache-status
HIT
age
1942757
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6cb210b119e73b4f-CDG
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=w!0hpugnb9nc&lm=0&ts=1641777441014&dn=TC&iso=0&r=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252Fcrash-bandicoot-os-5-niveis%252F&t=Crash%20Bandicoot%3A%20Os%205%20n%C3%ADveis%20mais%20dif%C3%ADceis%20de%20colis%C3%A3o
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:21 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=988903706&t=pageview&_s=1&dl=https%3A%2F%2Fwww.arnolds.com.br%2Fcrash-bandicoot-os-5-niveis%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&dr=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252Fcrash-bandicoot-os-5-niveis%252F&ul=en-us&de=UTF-8&dt=Crash%20Bandicoot%3A%20Os%205%20n%C3%ADveis%20mais%20dif%C3%ADceis%20de%20colis%C3%A3o&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=430343128&gjid=918590636&cid=1365420389.1641777440&tid=UA-139883519-66&_gid=1721626616.1641777440&_r=1&gtm=2ou150&z=532451090
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 01:17:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.arnolds.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-139883519-66&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
975
date
Mon, 10 Jan 2022 01:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 10 Jan 2022 03:01:06 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=988903706&t=pageview&_s=1&dl=https%3A%2F%2Fwww.arnolds.com.br%2Fcrash-bandicoot-os-5-niveis%2F%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfanpages&dr=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252Fcrash-bandicoot-os-5-niveis%252F&ul=en-us&de=UTF-8&dt=Crash%20Bandicoot%3A%20Os%205%20n%C3%ADveis%20mais%20dif%C3%ADceis%20de%20colis%C3%A3o&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=599774259&gjid=171220091&cid=1365420389.1641777440&tid=UA-135425005-2&_gid=1721626616.1641777440&_r=1&gtm=2ou150&z=1162407088
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 01:17:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.arnolds.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1511 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COOHoAEQpLvFARjXhb--ATAB&v=APEucNWkjMfFie6tJvLZJ2b1wBBEZTqVhuaJxNbk18m3rSth_v90tWJJDqYSOPwOe79uOzAQ8IaIwD47CLK2s77jZlfaEpYhXPihJA0ZoVAbhd5Of9tpPDvcG3hvmMXrIgYoUlE5T_1ogBy5tR7fvTHWf94I6C_6Wjhdvunm3-zyfbdKzHnA4cUy1Qekwebk9W5CfSjj1ZKyEZKPCaZDJW-5nNa6_koC8Q
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 10 Jan 2022 01:17:21 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 2013 		54 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-At0moTXetlWdgl8X2ldMw6Goav1jlnAoTEGacVyPccsB4_9CPvSDHNYUC-l220chozrfsuTa4Hy6lRRCCRyQiY2TuINd5RPYPCvAhjzSiukJWoH9g6d5h9Q2hYRwqelBYzkVOBePnr5uzhjLS9V_jT3bzGvQ&dbm_d=AKAmf-D2AN-ifpCdKBryI3qwD-hIxTko9P8VmpLT-CI_Itq8wu1E2koAqbQX-jBPUbG8nzj7bbbKQK6LZOcXozbo_eQe0VpblK_z1j7_ViHSl5ocW2_GRjTVTG7GeestGok4NFyZC75GjV_1FFxoLLsYR1-Fsh0cCVeX46TSsEx8Cca-xvia1nTh40eC4F90N2rJfg1Zgbg6E5iRUYc_IT8a_icSd3iUrDDReVZs1AijksBRR7otc2NKNnOwNiiYCocZU6t6FYqmMXgRZrXETzKIE3d_WTgUK2sdUZw8dGYSZhn3_1mhTBI2uLoDmAIdkCAAErQAx6RLN6Ka0SrC6n_32Sr506hHWdF1JSAI5y7NOiug7K_btaqV5S7X3uljXHLsUSYly0lp1cpqUdZaNaDy0hPZrvve8vxn5PC5u2p8VUQz78jv380Fq5XbpmUlOqOSVMMWGe_aWvOa7tWr3UvFOaoL3EpoUoytGOjrSlis3s0ob83Ti2toPb_Qtf0FxD64egswlG2181dOkJ1CbXLVoKuWhHqtVz0frXzKu6nmXdv76WCqJlvG6LqtS_6T_NCLCfJ2rD_uYbQjV8H3DcDXKWQnepUmswmC7v6HyP5Qig_Emdjzcc7kLF5zV9uowsXgr6rbF1e93LuUR196gDZW_w3Ef7-CiJ3kvrldWVYR1dMKI8Z7_MbYaCKT6z_1rIabJtK0-BgzPa4oXxplqrILDMjWZ6ZukQP2Op0ddOwxStmFjPB65UE5AHQXXEy9HQqIA_OR0Ph4spdxSqnrKXhUpZtq-0--oTuZ-p3Nwa4_2xcs05-d2r4zAtcu3wUKoaRe0gs9qU_amndTWSRCXEBUnhb8za3BcTZF-2WyxR7rpeAVc0faqtBJxj-eEyBORjcw8Jf_2RLZUB0DCr52JKuXGyWAdv_tXaGsz2psHmVLWw9ZpL6FVrsEv5ppbEuhjwYG1rvdUdsMnyF8sIo9Jvh471PSJAI0rxc0Xpg6L04tvZyJaTRh7oEGFfM7qYNYgJm4ALHS74Eo1eRaQjcioegsIA0EAKfYSEou_ieJTgdstht89TNtZFAX2MNYeKXrSx8JwtPbaRYhdWdWci7TMeJgLgqUVERA_uQzWg-Y5yDCWdNReZCYjovcCwTwa3CbMDmFdilQIbhvwcQz7MBG_of2IaJvPpbQWl8P1uGFe3msdv9nUwRjYiqVSGUeGdHDWo2MhKRKDkCt_-v1AgsZxvIzw-wthnYBo8Srfuebi1vQB-pRv4O-6WGvYisoIyzpEe-iDhXvs87tOOrDlC8dqZ4_rchcqsbohBf4qpAzGwrcvTLemBfp-vHYCeOqk5j63VIQ0OM3SbmeDKwWRjfpUrJGE8Vk4VNanenjletqeK4qyRfI--zs2d8to5vNccpXcKcLfWAwC0WLp93-WSaAHK2DX3tHFF95s9dI3kgIQ0-bo471SOvn7mjzsfDWgjvB9YFLxo_fonL-JIeXMqF4u9tRAa4BGbVRolk3Tw5IsWIxyNt1RykLczytZIMllfHRPhxLN7VGyPtDYOgbBx0SiJdDlBv2zETTe3E_P_mbCjiuQ8GaqS4ereI4k4-yTEVXvP73ICBPoKJgn67t-Hv0amADmK48_w2pU-0cEZxhVqiPJkr-culXZ5pxA5V2Hnh_nVDrPAfyYyssQW1N9LiiizsOAwPoyXYU_VSzgt5QNcmrTH2tIMAXZce-wsrF_mCYWlclu7vNUnN4igHS_9TOTSR_QwmHCID2nk0_Wfou7LY7FtobXx3ZSSkqlRU2UHf9rM_2Lg9rgyU-ksNtH7nedWvGU28NLSaKYWBPfO6JiDMp_R43eH1VUrHODTh1bvIN2XJVL23yXTPpxHpyGvchWWLwiF9gnjvVjQMG_ArqDYUdapLNR75Y4MLl2zRFffIu-AobZ6_Y_x5Tscu3NyQ1wPSukakXVFC33NxSTEaUHHD3xH9KYTCtwq5PPb9y48Lk1FZAcUjgIBET7g7SAZdflGOas_aWDHkAo3ryzNNCLCbHO36O9AOAY5V5VudygzmR8UWoy2CHOXvqMLMmOgDSXjmbSiKPFPS5TUga3ancpzmFr355CF-IKO-Y42AFgNM0wP1FZcOKebigLVOl-DcLWezZaQgEIkWDyNMSrPH1DIiMYvJVyPs_FmO4AGb-S_sjqWx7Q_OCs6CagEhFzis0afy8OPlmevf6TVV8P37g36NOVgIywQFxgzLOWwaOQTPbTU1uP640KK8omVAPgj4FtLe_BKVPINI1KbX9FqT1t_xTgR_RbhljblVk06T1DwwQ1r5QQ_SgkvVa_na8Gk_rX-j_VipQkySP7qZ7euyLz3Nn_4FRPS34w8Wc1Mc7EqizjJmStTlBILVOx_E3tL-D7aMff3y0WFy8_pFddFhc4SHFnGsfqJd3BDL1QdkGl5yStGTUf_9ld4eqFtGTA-CuZcX69KAXSTuQXxp34vUSMaS0ytwwN_9le6aPPMFoKyMq8EjtXfbZkeUOrXr3ehUsLeCm7rz0LOZSLUIexR0sXnr8LQHLuO0LwIPcIQ_YzNHvCMvq3eYosq_TSju1BuRFr-cKQbXtfHMphGgkao34BhKZKL5hl2_myPd3VOTJ7A09QCoWgbLVlhV_tyrPjCWnfSz5_J1PLgIlq17O_id_ZxAOlZvCvy2vqsfJOhUMpe3CBhuF8PfxA005tMSMHalXk1s3BccxkPkXmzdRqFlv13fR4_BgVkGsOg9SzxmSkg8_rsG3xAVocCpMqt_u1y4FAIGyCV_5jYMdO2Eudq6biO6PBu3u1TuunITZamvjq5HFVx2t6ci6Mmaz3ERzwZWzEMQ3RRnGXEWH1mCL5RTFsu7LK8_5lTbd-T8QO728AhRNFocNIP01OxY_fXlP25VRTmnOUrjbCD2XREn9qanGOa5ovfqWC30B04zCwUq65zRqtV7eNiSewXTaGSHanMUszY42G-_IIBvLw6JJaArp0dvxHBrQj-IUyNpn1UvC_kCpn4auSidLSthzEjMDBquruagzC6CKXWn23D0ZBDX-SY4DSkrhSt0w_ChS1UPr534HHIBmPdpDfkq12p3vTdt_Waj5AYIeJUzf6-53CCIINFcxCHaYxotXkMwlTwXcQUKeTpkpT5sJ_JLxXCbhL8Byst8yBHONY5E7QY4Lok1XpUpyB-vXAEIN35BUBj9EQSFX6O9Tx_CA7BiAWd589ECmVC_gdewCNPk2kY29uqnLN6nnB185ePFurdok6-k5WYbIoSz5x7WCgedG&cid=CAASEuRoCLiE6updbDstLaV34b2Oqg&rfl=2%2Chttps%253A%252F%252Fwww.arnolds.com.br%252Fcrash-bandicoot-os-5-niveis%252F%253Futm_source%253Dfacebook%2526utm_medium%253Dsocial%2526utm_campaign%253Dfanpages%240
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6dbaa05f7fb5a912f5c83e94769b782ae994171ccdf83134cd73e31bd2ff2c7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 01:17:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27473
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 2013 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/window_focus_fy2019.js
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:03:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
816
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1210
x-xss-protection
0
server
cafe
etag
9753579932288205849
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 01:03:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2013 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37632
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641385868096614"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 10 Jan 2022 01:17:21 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 2013 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 00:58:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1153
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6485
x-xss-protection
0
server
cafe
etag
13366392639478751132
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 00:58:08 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2013 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BcfpvKB375SOXIUOMcxz5gp0dQ23-8sBIppjTPdwAWK8wsh2dcknWlW3ly148qhXrIH0KKpbyRQba0bdyrtd9PK7wJeolCWvsJhNB6JazHzvqRSOY
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 01:17:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=w!0hpugnb9nc&lm=0&ts=1641777441014&dn=TC&iso=0&r=https%3A%2F%2Fadssuper.com%2Fsocial.php%3Fsrc%3Dhttps%253A%252F%252Fwww.arnolds.com.br%252Fcrash-bandicoot-os-5-niveis%252F
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:21 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
rum
dsum-sec.casalemedia.com/ Frame 1511
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJr7LdOfduXLUl4iSssmLnk&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJr7LdOfduXLUl4iSssmLnk&google_cver=1&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJr7LdOfduXLUl4iSssmLnk&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COOHoAEQpLvFARjXhb--ATAB&v=APEucNWkjMfFie6tJvLZJ2b1wBBEZTqVhuaJxNbk18m3rSth_v90tWJJDqYSOPwOe79uOzAQ8IaIwD47CLK2s77jZlfaEpYhXPihJA0ZoVAbhd5Of9tpPDvcG3hvmMXrIgYoUlE5T_1ogBy5tR7fvTHWf94I6C_6Wjhdvunm3-zyfbdKzHnA4cUy1Qekwebk9W5CfSjj1ZKyEZKPCaZDJW-5nNa6_koC8Q
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 01:17:21 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 10 Jan 2022 01:17:21 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 01:17:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJr7LdOfduXLUl4iSssmLnk&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Mon, 10 Jan 2022 01:17:21 GMT
rum
dsum-sec.casalemedia.com/ Frame 1511
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YduJIcgllHS4Hd4C1pzOPwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJr7LdOfduXLUl4iSssmLnk&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJr7LdOfduXLUl4iSssmLnk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COOHoAEQpLvFARjXhb--ATAB&v=APEucNWkjMfFie6tJvLZJ2b1wBBEZTqVhuaJxNbk18m3rSth_v90tWJJDqYSOPwOe79uOzAQ8IaIwD47CLK2s77jZlfaEpYhXPihJA0ZoVAbhd5Of9tpPDvcG3hvmMXrIgYoUlE5T_1ogBy5tR7fvTHWf94I6C_6Wjhdvunm3-zyfbdKzHnA4cUy1Qekwebk9W5CfSjj1ZKyEZKPCaZDJW-5nNa6_koC8Q
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 01:17:21 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 10 Jan 2022 01:17:21 GMT

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 01:17:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJr7LdOfduXLUl4iSssmLnk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 1511
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEK07vNjLu1D60L6eI6Vlgh0&google_cver=1
43 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEK07vNjLu1D60L6eI6Vlgh0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COOHoAEQpLvFARjXhb--ATAB&v=APEucNWkjMfFie6tJvLZJ2b1wBBEZTqVhuaJxNbk18m3rSth_v90tWJJDqYSOPwOe79uOzAQ8IaIwD47CLK2s77jZlfaEpYhXPihJA0ZoVAbhd5Of9tpPDvcG3hvmMXrIgYoUlE5T_1ogBy5tR7fvTHWf94I6C_6Wjhdvunm3-zyfbdKzHnA4cUy1Qekwebk9W5CfSjj1ZKyEZKPCaZDJW-5nNa6_koC8Q
Protocol
HTTP/1.1
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 01:17:21 GMT
X-Proxy-Origin
37.59.164.101; 37.59.164.101; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
ce4bc3f2-7b1c-4682-8e2a-1ee64cf1f695
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 01:17:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEK07vNjLu1D60L6eI6Vlgh0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1511
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ1OTcyMzA5MTY4NDY2MjU3MA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ1OTcyMzA5MTY4NDY2MjU3MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COOHoAEQpLvFARjXhb--ATAB&v=APEucNWkjMfFie6tJvLZJ2b1wBBEZTqVhuaJxNbk18m3rSth_v90tWJJDqYSOPwOe79uOzAQ8IaIwD47CLK2s77jZlfaEpYhXPihJA0ZoVAbhd5Of9tpPDvcG3hvmMXrIgYoUlE5T_1ogBy5tR7fvTHWf94I6C_6Wjhdvunm3-zyfbdKzHnA4cUy1Qekwebk9W5CfSjj1ZKyEZKPCaZDJW-5nNa6_koC8Q
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 01:17:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 01:17:21 GMT
X-Proxy-Origin
37.59.164.101; 37.59.164.101; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
14875c07-141e-4175-be98-44fca68f09b5
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ1OTcyMzA5MTY4NDY2MjU3MA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220104/r20110914/ Frame 2013 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220104/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-At0moTXetlWdgl8X2ldMw6Goav1jlnAoTEGacVyPccsB4_9CPvSDHNYUC-l220chozrfsuTa4Hy6lRRCCRyQiY2TuINd5RPYPCvAhjzSiukJWoH9g6d5h9Q2hYRwqelBYzkVOBePnr5uzhjLS9V_jT3bzGvQ&dbm_d=AKAmf-D2AN-ifpCdKBryI3qwD-hIxTko9P8VmpLT-CI_Itq8wu1E2koAqbQX-jBPUbG8nzj7bbbKQK6LZOcXozbo_eQe0VpblK_z1j7_ViHSl5ocW2_GRjTVTG7GeestGok4NFyZC75GjV_1FFxoLLsYR1-Fsh0cCVeX46TSsEx8Cca-xvia1nTh40eC4F90N2rJfg1Zgbg6E5iRUYc_IT8a_icSd3iUrDDReVZs1AijksBRR7otc2NKNnOwNiiYCocZU6t6FYqmMXgRZrXETzKIE3d_WTgUK2sdUZw8dGYSZhn3_1mhTBI2uLoDmAIdkCAAErQAx6RLN6Ka0SrC6n_32Sr506hHWdF1JSAI5y7NOiug7K_btaqV5S7X3uljXHLsUSYly0lp1cpqUdZaNaDy0hPZrvve8vxn5PC5u2p8VUQz78jv380Fq5XbpmUlOqOSVMMWGe_aWvOa7tWr3UvFOaoL3EpoUoytGOjrSlis3s0ob83Ti2toPb_Qtf0FxD64egswlG2181dOkJ1CbXLVoKuWhHqtVz0frXzKu6nmXdv76WCqJlvG6LqtS_6T_NCLCfJ2rD_uYbQjV8H3DcDXKWQnepUmswmC7v6HyP5Qig_Emdjzcc7kLF5zV9uowsXgr6rbF1e93LuUR196gDZW_w3Ef7-CiJ3kvrldWVYR1dMKI8Z7_MbYaCKT6z_1rIabJtK0-BgzPa4oXxplqrILDMjWZ6ZukQP2Op0ddOwxStmFjPB65UE5AHQXXEy9HQqIA_OR0Ph4spdxSqnrKXhUpZtq-0--oTuZ-p3Nwa4_2xcs05-d2r4zAtcu3wUKoaRe0gs9qU_amndTWSRCXEBUnhb8za3BcTZF-2WyxR7rpeAVc0faqtBJxj-eEyBORjcw8Jf_2RLZUB0DCr52JKuXGyWAdv_tXaGsz2psHmVLWw9ZpL6FVrsEv5ppbEuhjwYG1rvdUdsMnyF8sIo9Jvh471PSJAI0rxc0Xpg6L04tvZyJaTRh7oEGFfM7qYNYgJm4ALHS74Eo1eRaQjcioegsIA0EAKfYSEou_ieJTgdstht89TNtZFAX2MNYeKXrSx8JwtPbaRYhdWdWci7TMeJgLgqUVERA_uQzWg-Y5yDCWdNReZCYjovcCwTwa3CbMDmFdilQIbhvwcQz7MBG_of2IaJvPpbQWl8P1uGFe3msdv9nUwRjYiqVSGUeGdHDWo2MhKRKDkCt_-v1AgsZxvIzw-wthnYBo8Srfuebi1vQB-pRv4O-6WGvYisoIyzpEe-iDhXvs87tOOrDlC8dqZ4_rchcqsbohBf4qpAzGwrcvTLemBfp-vHYCeOqk5j63VIQ0OM3SbmeDKwWRjfpUrJGE8Vk4VNanenjletqeK4qyRfI--zs2d8to5vNccpXcKcLfWAwC0WLp93-WSaAHK2DX3tHFF95s9dI3kgIQ0-bo471SOvn7mjzsfDWgjvB9YFLxo_fonL-JIeXMqF4u9tRAa4BGbVRolk3Tw5IsWIxyNt1RykLczytZIMllfHRPhxLN7VGyPtDYOgbBx0SiJdDlBv2zETTe3E_P_mbCjiuQ8GaqS4ereI4k4-yTEVXvP73ICBPoKJgn67t-Hv0amADmK48_w2pU-0cEZxhVqiPJkr-culXZ5pxA5V2Hnh_nVDrPAfyYyssQW1N9LiiizsOAwPoyXYU_VSzgt5QNcmrTH2tIMAXZce-wsrF_mCYWlclu7vNUnN4igHS_9TOTSR_QwmHCID2nk0_Wfou7LY7FtobXx3ZSSkqlRU2UHf9rM_2Lg9rgyU-ksNtH7nedWvGU28NLSaKYWBPfO6JiDMp_R43eH1VUrHODTh1bvIN2XJVL23yXTPpxHpyGvchWWLwiF9gnjvVjQMG_ArqDYUdapLNR75Y4MLl2zRFffIu-AobZ6_Y_x5Tscu3NyQ1wPSukakXVFC33NxSTEaUHHD3xH9KYTCtwq5PPb9y48Lk1FZAcUjgIBET7g7SAZdflGOas_aWDHkAo3ryzNNCLCbHO36O9AOAY5V5VudygzmR8UWoy2CHOXvqMLMmOgDSXjmbSiKPFPS5TUga3ancpzmFr355CF-IKO-Y42AFgNM0wP1FZcOKebigLVOl-DcLWezZaQgEIkWDyNMSrPH1DIiMYvJVyPs_FmO4AGb-S_sjqWx7Q_OCs6CagEhFzis0afy8OPlmevf6TVV8P37g36NOVgIywQFxgzLOWwaOQTPbTU1uP640KK8omVAPgj4FtLe_BKVPINI1KbX9FqT1t_xTgR_RbhljblVk06T1DwwQ1r5QQ_SgkvVa_na8Gk_rX-j_VipQkySP7qZ7euyLz3Nn_4FRPS34w8Wc1Mc7EqizjJmStTlBILVOx_E3tL-D7aMff3y0WFy8_pFddFhc4SHFnGsfqJd3BDL1QdkGl5yStGTUf_9ld4eqFtGTA-CuZcX69KAXSTuQXxp34vUSMaS0ytwwN_9le6aPPMFoKyMq8EjtXfbZkeUOrXr3ehUsLeCm7rz0LOZSLUIexR0sXnr8LQHLuO0LwIPcIQ_YzNHvCMvq3eYosq_TSju1BuRFr-cKQbXtfHMphGgkao34BhKZKL5hl2_myPd3VOTJ7A09QCoWgbLVlhV_tyrPjCWnfSz5_J1PLgIlq17O_id_ZxAOlZvCvy2vqsfJOhUMpe3CBhuF8PfxA005tMSMHalXk1s3BccxkPkXmzdRqFlv13fR4_BgVkGsOg9SzxmSkg8_rsG3xAVocCpMqt_u1y4FAIGyCV_5jYMdO2Eudq6biO6PBu3u1TuunITZamvjq5HFVx2t6ci6Mmaz3ERzwZWzEMQ3RRnGXEWH1mCL5RTFsu7LK8_5lTbd-T8QO728AhRNFocNIP01OxY_fXlP25VRTmnOUrjbCD2XREn9qanGOa5ovfqWC30B04zCwUq65zRqtV7eNiSewXTaGSHanMUszY42G-_IIBvLw6JJaArp0dvxHBrQj-IUyNpn1UvC_kCpn4auSidLSthzEjMDBquruagzC6CKXWn23D0ZBDX-SY4DSkrhSt0w_ChS1UPr534HHIBmPdpDfkq12p3vTdt_Waj5AYIeJUzf6-53CCIINFcxCHaYxotXkMwlTwXcQUKeTpkpT5sJ_JLxXCbhL8Byst8yBHONY5E7QY4Lok1XpUpyB-vXAEIN35BUBj9EQSFX6O9Tx_CA7BiAWd589ECmVC_gdewCNPk2kY29uqnLN6nnB185ePFurdok6-k5WYbIoSz5x7WCgedG&cid=CAASEuRoCLiE6updbDstLaV34b2Oqg&rfl=2%2Chttps%253A%252F%252Fwww.arnolds.com.br%252Fcrash-bandicoot-os-5-niveis%252F%253Futm_source%253Dfacebook%2526utm_medium%253Dsocial%2526utm_campaign%253Dfanpages%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f974e8d6e570fde2dd07cee4041a1b83dc62b583b47a817c2caa29ada0f1c7e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 00:46:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1843
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9529
x-xss-protection
0
server
cafe
etag
16937460792814555877
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 00:46:38 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220104/r20110914/elements/html/ Frame 2013 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220104/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-At0moTXetlWdgl8X2ldMw6Goav1jlnAoTEGacVyPccsB4_9CPvSDHNYUC-l220chozrfsuTa4Hy6lRRCCRyQiY2TuINd5RPYPCvAhjzSiukJWoH9g6d5h9Q2hYRwqelBYzkVOBePnr5uzhjLS9V_jT3bzGvQ&dbm_d=AKAmf-D2AN-ifpCdKBryI3qwD-hIxTko9P8VmpLT-CI_Itq8wu1E2koAqbQX-jBPUbG8nzj7bbbKQK6LZOcXozbo_eQe0VpblK_z1j7_ViHSl5ocW2_GRjTVTG7GeestGok4NFyZC75GjV_1FFxoLLsYR1-Fsh0cCVeX46TSsEx8Cca-xvia1nTh40eC4F90N2rJfg1Zgbg6E5iRUYc_IT8a_icSd3iUrDDReVZs1AijksBRR7otc2NKNnOwNiiYCocZU6t6FYqmMXgRZrXETzKIE3d_WTgUK2sdUZw8dGYSZhn3_1mhTBI2uLoDmAIdkCAAErQAx6RLN6Ka0SrC6n_32Sr506hHWdF1JSAI5y7NOiug7K_btaqV5S7X3uljXHLsUSYly0lp1cpqUdZaNaDy0hPZrvve8vxn5PC5u2p8VUQz78jv380Fq5XbpmUlOqOSVMMWGe_aWvOa7tWr3UvFOaoL3EpoUoytGOjrSlis3s0ob83Ti2toPb_Qtf0FxD64egswlG2181dOkJ1CbXLVoKuWhHqtVz0frXzKu6nmXdv76WCqJlvG6LqtS_6T_NCLCfJ2rD_uYbQjV8H3DcDXKWQnepUmswmC7v6HyP5Qig_Emdjzcc7kLF5zV9uowsXgr6rbF1e93LuUR196gDZW_w3Ef7-CiJ3kvrldWVYR1dMKI8Z7_MbYaCKT6z_1rIabJtK0-BgzPa4oXxplqrILDMjWZ6ZukQP2Op0ddOwxStmFjPB65UE5AHQXXEy9HQqIA_OR0Ph4spdxSqnrKXhUpZtq-0--oTuZ-p3Nwa4_2xcs05-d2r4zAtcu3wUKoaRe0gs9qU_amndTWSRCXEBUnhb8za3BcTZF-2WyxR7rpeAVc0faqtBJxj-eEyBORjcw8Jf_2RLZUB0DCr52JKuXGyWAdv_tXaGsz2psHmVLWw9ZpL6FVrsEv5ppbEuhjwYG1rvdUdsMnyF8sIo9Jvh471PSJAI0rxc0Xpg6L04tvZyJaTRh7oEGFfM7qYNYgJm4ALHS74Eo1eRaQjcioegsIA0EAKfYSEou_ieJTgdstht89TNtZFAX2MNYeKXrSx8JwtPbaRYhdWdWci7TMeJgLgqUVERA_uQzWg-Y5yDCWdNReZCYjovcCwTwa3CbMDmFdilQIbhvwcQz7MBG_of2IaJvPpbQWl8P1uGFe3msdv9nUwRjYiqVSGUeGdHDWo2MhKRKDkCt_-v1AgsZxvIzw-wthnYBo8Srfuebi1vQB-pRv4O-6WGvYisoIyzpEe-iDhXvs87tOOrDlC8dqZ4_rchcqsbohBf4qpAzGwrcvTLemBfp-vHYCeOqk5j63VIQ0OM3SbmeDKwWRjfpUrJGE8Vk4VNanenjletqeK4qyRfI--zs2d8to5vNccpXcKcLfWAwC0WLp93-WSaAHK2DX3tHFF95s9dI3kgIQ0-bo471SOvn7mjzsfDWgjvB9YFLxo_fonL-JIeXMqF4u9tRAa4BGbVRolk3Tw5IsWIxyNt1RykLczytZIMllfHRPhxLN7VGyPtDYOgbBx0SiJdDlBv2zETTe3E_P_mbCjiuQ8GaqS4ereI4k4-yTEVXvP73ICBPoKJgn67t-Hv0amADmK48_w2pU-0cEZxhVqiPJkr-culXZ5pxA5V2Hnh_nVDrPAfyYyssQW1N9LiiizsOAwPoyXYU_VSzgt5QNcmrTH2tIMAXZce-wsrF_mCYWlclu7vNUnN4igHS_9TOTSR_QwmHCID2nk0_Wfou7LY7FtobXx3ZSSkqlRU2UHf9rM_2Lg9rgyU-ksNtH7nedWvGU28NLSaKYWBPfO6JiDMp_R43eH1VUrHODTh1bvIN2XJVL23yXTPpxHpyGvchWWLwiF9gnjvVjQMG_ArqDYUdapLNR75Y4MLl2zRFffIu-AobZ6_Y_x5Tscu3NyQ1wPSukakXVFC33NxSTEaUHHD3xH9KYTCtwq5PPb9y48Lk1FZAcUjgIBET7g7SAZdflGOas_aWDHkAo3ryzNNCLCbHO36O9AOAY5V5VudygzmR8UWoy2CHOXvqMLMmOgDSXjmbSiKPFPS5TUga3ancpzmFr355CF-IKO-Y42AFgNM0wP1FZcOKebigLVOl-DcLWezZaQgEIkWDyNMSrPH1DIiMYvJVyPs_FmO4AGb-S_sjqWx7Q_OCs6CagEhFzis0afy8OPlmevf6TVV8P37g36NOVgIywQFxgzLOWwaOQTPbTU1uP640KK8omVAPgj4FtLe_BKVPINI1KbX9FqT1t_xTgR_RbhljblVk06T1DwwQ1r5QQ_SgkvVa_na8Gk_rX-j_VipQkySP7qZ7euyLz3Nn_4FRPS34w8Wc1Mc7EqizjJmStTlBILVOx_E3tL-D7aMff3y0WFy8_pFddFhc4SHFnGsfqJd3BDL1QdkGl5yStGTUf_9ld4eqFtGTA-CuZcX69KAXSTuQXxp34vUSMaS0ytwwN_9le6aPPMFoKyMq8EjtXfbZkeUOrXr3ehUsLeCm7rz0LOZSLUIexR0sXnr8LQHLuO0LwIPcIQ_YzNHvCMvq3eYosq_TSju1BuRFr-cKQbXtfHMphGgkao34BhKZKL5hl2_myPd3VOTJ7A09QCoWgbLVlhV_tyrPjCWnfSz5_J1PLgIlq17O_id_ZxAOlZvCvy2vqsfJOhUMpe3CBhuF8PfxA005tMSMHalXk1s3BccxkPkXmzdRqFlv13fR4_BgVkGsOg9SzxmSkg8_rsG3xAVocCpMqt_u1y4FAIGyCV_5jYMdO2Eudq6biO6PBu3u1TuunITZamvjq5HFVx2t6ci6Mmaz3ERzwZWzEMQ3RRnGXEWH1mCL5RTFsu7LK8_5lTbd-T8QO728AhRNFocNIP01OxY_fXlP25VRTmnOUrjbCD2XREn9qanGOa5ovfqWC30B04zCwUq65zRqtV7eNiSewXTaGSHanMUszY42G-_IIBvLw6JJaArp0dvxHBrQj-IUyNpn1UvC_kCpn4auSidLSthzEjMDBquruagzC6CKXWn23D0ZBDX-SY4DSkrhSt0w_ChS1UPr534HHIBmPdpDfkq12p3vTdt_Waj5AYIeJUzf6-53CCIINFcxCHaYxotXkMwlTwXcQUKeTpkpT5sJ_JLxXCbhL8Byst8yBHONY5E7QY4Lok1XpUpyB-vXAEIN35BUBj9EQSFX6O9Tx_CA7BiAWd589ECmVC_gdewCNPk2kY29uqnLN6nnB185ePFurdok6-k5WYbIoSz5x7WCgedG&cid=CAASEuRoCLiE6updbDstLaV34b2Oqg&rfl=2%2Chttps%253A%252F%252Fwww.arnolds.com.br%252Fcrash-bandicoot-os-5-niveis%252F%253Futm_source%253Dfacebook%2526utm_medium%253Dsocial%2526utm_campaign%253Dfanpages%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 00:49:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1683
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 00:49:18 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2013 		0
346 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvIDmBmYhC0GiUo0DK2A69nw-soOhZEizWKl5p00biJV-Fgf1kXQKLpRW8zqfUzW9chBVPSKOeRgTnpate5juNaAaL8caXpXLybiqrZ0RkWPtPhTAUGaow5_7_KS4NBqt54IW7c4sUrSzmSgAdYVhhBjgxQ2U2pevpwx1SaqPDotLGxCsn67OAl1yN6DQG8YlGuyw5kxndFxIRGSWopTnx-JinjiGqGFr3_a_hJZyGEloOBwfNdkB1KxTQwwhgaUoApbN3h555zHZGSIgJwSFGGTyNif4jqEYqK2C_MmPM8_z0lQErEN2sRVIq2t50wg32UxmtKVflkofaYOP07tQQbAscZHolnfJb9hY4DnftgIstJAdyjPwEjq1_PON-cojf6DpjOJsUTvK4wUuxF9sMgpTiQ5vQyT4mrcMjfjJqXQo_HqQMuHjii-3R2oJhePEIWslU2BSYIUqGBLLbIzokHXKADbd5GrbnVw5EI231E0OVUF1gSSKWskd1OtR4NrJrSc1NN3ZJDZ22aRb7DHAEwtC4bDZ4LyN_DT9yUeXSoXOxNbIjJzCnTfLstkkUQGhgqo5b0S4rrml0eRXGnjfNLn3lhfbKXZ_exYLxkrgUyIfRSgc3UtUlToEC7G3dH36jpiMUL_GSW_3Pw-5VT14bd9sLDiDZN5UwGXOC5ES55LY2gm6sp46Ku7T76mGTa1l5jKV7T8DvNls8ajJWHLKsVQ4Sx89PA0MkxBSxGctdnSiGRF2on0Pt_ocw3MwR4e6pWMsWuqwXw4gsjkXrPdRUoaBVII6o6LtwDm72_MQ9dzkZ5Uaf9umoVH7VXFTkIKE7kZhCQkI7lvJxmdcTf6vogay3M8loDp8WwbR3CbMeDgPZwlODqnM3cdq6CrZwDyg04uZN-Oy2QLkozFuYaUkh0wX9conKiF5_GKMFxvCdO3nWAbmBhDitv8nt1DEoF2PwlRM9xdk1BxJELlGjqpVwjqzxVlmKSHCswRJN6gvjA6oYp-Fi2nzeakl6-vLUrGfh_lFiV1zV6pnQJHfbjYs_eheul26GJxKsPUYUMPPkLE41vblggaJa8yKst0353y1lkfByIzWd2pIAbDXDVNPSPBvwmbMr5qdFDX3AE9kUEy5dy-9h0K_44qYnRjiLVKOlq3dc3sWlKf-xqZMIYtYhu6quISjzA-xLFUn1NW_s9gGq7TOhDHfw7UiHqG1EgmovKUG1-Bd-vtdMDwiJbhTpgEMqZmy--PY7pm7d2QOhcr6BaNvEFHBVgeR8g3eb-zbVe43xWeYSGxDdVFlp8xyWo6dNIwMVbNNU&sai=AMfl-YTBMyf_BVtr42Gy7HJuhthyWTuMGxren2LMqbpURcZPmwU4Ca3EgRUWW2SX8R2YMpng39n3yYMaIKeaIAl3XTAkro9mPDDmDo8Hh3zFLZvMp2ODotjw45tHbJ7RXYl14PGjCZe8QalZvPc3rX3ho45DTZR_4hK3TI-tD2TYIEMc_mAIbyXJlg&sig=Cg0ArKJSzGhLjoHB_-tEEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220104.30934&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-At0moTXetlWdgl8X2ldMw6Goav1jlnAoTEGacVyPccsB4_9CPvSDHNYUC-l220chozrfsuTa4Hy6lRRCCRyQiY2TuINd5RPYPCvAhjzSiukJWoH9g6d5h9Q2hYRwqelBYzkVOBePnr5uzhjLS9V_jT3bzGvQ&dbm_d=AKAmf-D2AN-ifpCdKBryI3qwD-hIxTko9P8VmpLT-CI_Itq8wu1E2koAqbQX-jBPUbG8nzj7bbbKQK6LZOcXozbo_eQe0VpblK_z1j7_ViHSl5ocW2_GRjTVTG7GeestGok4NFyZC75GjV_1FFxoLLsYR1-Fsh0cCVeX46TSsEx8Cca-xvia1nTh40eC4F90N2rJfg1Zgbg6E5iRUYc_IT8a_icSd3iUrDDReVZs1AijksBRR7otc2NKNnOwNiiYCocZU6t6FYqmMXgRZrXETzKIE3d_WTgUK2sdUZw8dGYSZhn3_1mhTBI2uLoDmAIdkCAAErQAx6RLN6Ka0SrC6n_32Sr506hHWdF1JSAI5y7NOiug7K_btaqV5S7X3uljXHLsUSYly0lp1cpqUdZaNaDy0hPZrvve8vxn5PC5u2p8VUQz78jv380Fq5XbpmUlOqOSVMMWGe_aWvOa7tWr3UvFOaoL3EpoUoytGOjrSlis3s0ob83Ti2toPb_Qtf0FxD64egswlG2181dOkJ1CbXLVoKuWhHqtVz0frXzKu6nmXdv76WCqJlvG6LqtS_6T_NCLCfJ2rD_uYbQjV8H3DcDXKWQnepUmswmC7v6HyP5Qig_Emdjzcc7kLF5zV9uowsXgr6rbF1e93LuUR196gDZW_w3Ef7-CiJ3kvrldWVYR1dMKI8Z7_MbYaCKT6z_1rIabJtK0-BgzPa4oXxplqrILDMjWZ6ZukQP2Op0ddOwxStmFjPB65UE5AHQXXEy9HQqIA_OR0Ph4spdxSqnrKXhUpZtq-0--oTuZ-p3Nwa4_2xcs05-d2r4zAtcu3wUKoaRe0gs9qU_amndTWSRCXEBUnhb8za3BcTZF-2WyxR7rpeAVc0faqtBJxj-eEyBORjcw8Jf_2RLZUB0DCr52JKuXGyWAdv_tXaGsz2psHmVLWw9ZpL6FVrsEv5ppbEuhjwYG1rvdUdsMnyF8sIo9Jvh471PSJAI0rxc0Xpg6L04tvZyJaTRh7oEGFfM7qYNYgJm4ALHS74Eo1eRaQjcioegsIA0EAKfYSEou_ieJTgdstht89TNtZFAX2MNYeKXrSx8JwtPbaRYhdWdWci7TMeJgLgqUVERA_uQzWg-Y5yDCWdNReZCYjovcCwTwa3CbMDmFdilQIbhvwcQz7MBG_of2IaJvPpbQWl8P1uGFe3msdv9nUwRjYiqVSGUeGdHDWo2MhKRKDkCt_-v1AgsZxvIzw-wthnYBo8Srfuebi1vQB-pRv4O-6WGvYisoIyzpEe-iDhXvs87tOOrDlC8dqZ4_rchcqsbohBf4qpAzGwrcvTLemBfp-vHYCeOqk5j63VIQ0OM3SbmeDKwWRjfpUrJGE8Vk4VNanenjletqeK4qyRfI--zs2d8to5vNccpXcKcLfWAwC0WLp93-WSaAHK2DX3tHFF95s9dI3kgIQ0-bo471SOvn7mjzsfDWgjvB9YFLxo_fonL-JIeXMqF4u9tRAa4BGbVRolk3Tw5IsWIxyNt1RykLczytZIMllfHRPhxLN7VGyPtDYOgbBx0SiJdDlBv2zETTe3E_P_mbCjiuQ8GaqS4ereI4k4-yTEVXvP73ICBPoKJgn67t-Hv0amADmK48_w2pU-0cEZxhVqiPJkr-culXZ5pxA5V2Hnh_nVDrPAfyYyssQW1N9LiiizsOAwPoyXYU_VSzgt5QNcmrTH2tIMAXZce-wsrF_mCYWlclu7vNUnN4igHS_9TOTSR_QwmHCID2nk0_Wfou7LY7FtobXx3ZSSkqlRU2UHf9rM_2Lg9rgyU-ksNtH7nedWvGU28NLSaKYWBPfO6JiDMp_R43eH1VUrHODTh1bvIN2XJVL23yXTPpxHpyGvchWWLwiF9gnjvVjQMG_ArqDYUdapLNR75Y4MLl2zRFffIu-AobZ6_Y_x5Tscu3NyQ1wPSukakXVFC33NxSTEaUHHD3xH9KYTCtwq5PPb9y48Lk1FZAcUjgIBET7g7SAZdflGOas_aWDHkAo3ryzNNCLCbHO36O9AOAY5V5VudygzmR8UWoy2CHOXvqMLMmOgDSXjmbSiKPFPS5TUga3ancpzmFr355CF-IKO-Y42AFgNM0wP1FZcOKebigLVOl-DcLWezZaQgEIkWDyNMSrPH1DIiMYvJVyPs_FmO4AGb-S_sjqWx7Q_OCs6CagEhFzis0afy8OPlmevf6TVV8P37g36NOVgIywQFxgzLOWwaOQTPbTU1uP640KK8omVAPgj4FtLe_BKVPINI1KbX9FqT1t_xTgR_RbhljblVk06T1DwwQ1r5QQ_SgkvVa_na8Gk_rX-j_VipQkySP7qZ7euyLz3Nn_4FRPS34w8Wc1Mc7EqizjJmStTlBILVOx_E3tL-D7aMff3y0WFy8_pFddFhc4SHFnGsfqJd3BDL1QdkGl5yStGTUf_9ld4eqFtGTA-CuZcX69KAXSTuQXxp34vUSMaS0ytwwN_9le6aPPMFoKyMq8EjtXfbZkeUOrXr3ehUsLeCm7rz0LOZSLUIexR0sXnr8LQHLuO0LwIPcIQ_YzNHvCMvq3eYosq_TSju1BuRFr-cKQbXtfHMphGgkao34BhKZKL5hl2_myPd3VOTJ7A09QCoWgbLVlhV_tyrPjCWnfSz5_J1PLgIlq17O_id_ZxAOlZvCvy2vqsfJOhUMpe3CBhuF8PfxA005tMSMHalXk1s3BccxkPkXmzdRqFlv13fR4_BgVkGsOg9SzxmSkg8_rsG3xAVocCpMqt_u1y4FAIGyCV_5jYMdO2Eudq6biO6PBu3u1TuunITZamvjq5HFVx2t6ci6Mmaz3ERzwZWzEMQ3RRnGXEWH1mCL5RTFsu7LK8_5lTbd-T8QO728AhRNFocNIP01OxY_fXlP25VRTmnOUrjbCD2XREn9qanGOa5ovfqWC30B04zCwUq65zRqtV7eNiSewXTaGSHanMUszY42G-_IIBvLw6JJaArp0dvxHBrQj-IUyNpn1UvC_kCpn4auSidLSthzEjMDBquruagzC6CKXWn23D0ZBDX-SY4DSkrhSt0w_ChS1UPr534HHIBmPdpDfkq12p3vTdt_Waj5AYIeJUzf6-53CCIINFcxCHaYxotXkMwlTwXcQUKeTpkpT5sJ_JLxXCbhL8Byst8yBHONY5E7QY4Lok1XpUpyB-vXAEIN35BUBj9EQSFX6O9Tx_CA7BiAWd589ECmVC_gdewCNPk2kY29uqnLN6nnB185ePFurdok6-k5WYbIoSz5x7WCgedG&cid=CAASEuRoCLiE6updbDstLaV34b2Oqg&rfl=2%2Chttps%253A%252F%252Fwww.arnolds.com.br%252Fcrash-bandicoot-os-5-niveis%252F%253Futm_source%253Dfacebook%2526utm_medium%253Dsocial%2526utm_campaign%253Dfanpages%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Mon, 10 Jan 2022 01:17:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2013 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-At0moTXetlWdgl8X2ldMw6Goav1jlnAoTEGacVyPccsB4_9CPvSDHNYUC-l220chozrfsuTa4Hy6lRRCCRyQiY2TuINd5RPYPCvAhjzSiukJWoH9g6d5h9Q2hYRwqelBYzkVOBePnr5uzhjLS9V_jT3bzGvQ&dbm_d=AKAmf-D2AN-ifpCdKBryI3qwD-hIxTko9P8VmpLT-CI_Itq8wu1E2koAqbQX-jBPUbG8nzj7bbbKQK6LZOcXozbo_eQe0VpblK_z1j7_ViHSl5ocW2_GRjTVTG7GeestGok4NFyZC75GjV_1FFxoLLsYR1-Fsh0cCVeX46TSsEx8Cca-xvia1nTh40eC4F90N2rJfg1Zgbg6E5iRUYc_IT8a_icSd3iUrDDReVZs1AijksBRR7otc2NKNnOwNiiYCocZU6t6FYqmMXgRZrXETzKIE3d_WTgUK2sdUZw8dGYSZhn3_1mhTBI2uLoDmAIdkCAAErQAx6RLN6Ka0SrC6n_32Sr506hHWdF1JSAI5y7NOiug7K_btaqV5S7X3uljXHLsUSYly0lp1cpqUdZaNaDy0hPZrvve8vxn5PC5u2p8VUQz78jv380Fq5XbpmUlOqOSVMMWGe_aWvOa7tWr3UvFOaoL3EpoUoytGOjrSlis3s0ob83Ti2toPb_Qtf0FxD64egswlG2181dOkJ1CbXLVoKuWhHqtVz0frXzKu6nmXdv76WCqJlvG6LqtS_6T_NCLCfJ2rD_uYbQjV8H3DcDXKWQnepUmswmC7v6HyP5Qig_Emdjzcc7kLF5zV9uowsXgr6rbF1e93LuUR196gDZW_w3Ef7-CiJ3kvrldWVYR1dMKI8Z7_MbYaCKT6z_1rIabJtK0-BgzPa4oXxplqrILDMjWZ6ZukQP2Op0ddOwxStmFjPB65UE5AHQXXEy9HQqIA_OR0Ph4spdxSqnrKXhUpZtq-0--oTuZ-p3Nwa4_2xcs05-d2r4zAtcu3wUKoaRe0gs9qU_amndTWSRCXEBUnhb8za3BcTZF-2WyxR7rpeAVc0faqtBJxj-eEyBORjcw8Jf_2RLZUB0DCr52JKuXGyWAdv_tXaGsz2psHmVLWw9ZpL6FVrsEv5ppbEuhjwYG1rvdUdsMnyF8sIo9Jvh471PSJAI0rxc0Xpg6L04tvZyJaTRh7oEGFfM7qYNYgJm4ALHS74Eo1eRaQjcioegsIA0EAKfYSEou_ieJTgdstht89TNtZFAX2MNYeKXrSx8JwtPbaRYhdWdWci7TMeJgLgqUVERA_uQzWg-Y5yDCWdNReZCYjovcCwTwa3CbMDmFdilQIbhvwcQz7MBG_of2IaJvPpbQWl8P1uGFe3msdv9nUwRjYiqVSGUeGdHDWo2MhKRKDkCt_-v1AgsZxvIzw-wthnYBo8Srfuebi1vQB-pRv4O-6WGvYisoIyzpEe-iDhXvs87tOOrDlC8dqZ4_rchcqsbohBf4qpAzGwrcvTLemBfp-vHYCeOqk5j63VIQ0OM3SbmeDKwWRjfpUrJGE8Vk4VNanenjletqeK4qyRfI--zs2d8to5vNccpXcKcLfWAwC0WLp93-WSaAHK2DX3tHFF95s9dI3kgIQ0-bo471SOvn7mjzsfDWgjvB9YFLxo_fonL-JIeXMqF4u9tRAa4BGbVRolk3Tw5IsWIxyNt1RykLczytZIMllfHRPhxLN7VGyPtDYOgbBx0SiJdDlBv2zETTe3E_P_mbCjiuQ8GaqS4ereI4k4-yTEVXvP73ICBPoKJgn67t-Hv0amADmK48_w2pU-0cEZxhVqiPJkr-culXZ5pxA5V2Hnh_nVDrPAfyYyssQW1N9LiiizsOAwPoyXYU_VSzgt5QNcmrTH2tIMAXZce-wsrF_mCYWlclu7vNUnN4igHS_9TOTSR_QwmHCID2nk0_Wfou7LY7FtobXx3ZSSkqlRU2UHf9rM_2Lg9rgyU-ksNtH7nedWvGU28NLSaKYWBPfO6JiDMp_R43eH1VUrHODTh1bvIN2XJVL23yXTPpxHpyGvchWWLwiF9gnjvVjQMG_ArqDYUdapLNR75Y4MLl2zRFffIu-AobZ6_Y_x5Tscu3NyQ1wPSukakXVFC33NxSTEaUHHD3xH9KYTCtwq5PPb9y48Lk1FZAcUjgIBET7g7SAZdflGOas_aWDHkAo3ryzNNCLCbHO36O9AOAY5V5VudygzmR8UWoy2CHOXvqMLMmOgDSXjmbSiKPFPS5TUga3ancpzmFr355CF-IKO-Y42AFgNM0wP1FZcOKebigLVOl-DcLWezZaQgEIkWDyNMSrPH1DIiMYvJVyPs_FmO4AGb-S_sjqWx7Q_OCs6CagEhFzis0afy8OPlmevf6TVV8P37g36NOVgIywQFxgzLOWwaOQTPbTU1uP640KK8omVAPgj4FtLe_BKVPINI1KbX9FqT1t_xTgR_RbhljblVk06T1DwwQ1r5QQ_SgkvVa_na8Gk_rX-j_VipQkySP7qZ7euyLz3Nn_4FRPS34w8Wc1Mc7EqizjJmStTlBILVOx_E3tL-D7aMff3y0WFy8_pFddFhc4SHFnGsfqJd3BDL1QdkGl5yStGTUf_9ld4eqFtGTA-CuZcX69KAXSTuQXxp34vUSMaS0ytwwN_9le6aPPMFoKyMq8EjtXfbZkeUOrXr3ehUsLeCm7rz0LOZSLUIexR0sXnr8LQHLuO0LwIPcIQ_YzNHvCMvq3eYosq_TSju1BuRFr-cKQbXtfHMphGgkao34BhKZKL5hl2_myPd3VOTJ7A09QCoWgbLVlhV_tyrPjCWnfSz5_J1PLgIlq17O_id_ZxAOlZvCvy2vqsfJOhUMpe3CBhuF8PfxA005tMSMHalXk1s3BccxkPkXmzdRqFlv13fR4_BgVkGsOg9SzxmSkg8_rsG3xAVocCpMqt_u1y4FAIGyCV_5jYMdO2Eudq6biO6PBu3u1TuunITZamvjq5HFVx2t6ci6Mmaz3ERzwZWzEMQ3RRnGXEWH1mCL5RTFsu7LK8_5lTbd-T8QO728AhRNFocNIP01OxY_fXlP25VRTmnOUrjbCD2XREn9qanGOa5ovfqWC30B04zCwUq65zRqtV7eNiSewXTaGSHanMUszY42G-_IIBvLw6JJaArp0dvxHBrQj-IUyNpn1UvC_kCpn4auSidLSthzEjMDBquruagzC6CKXWn23D0ZBDX-SY4DSkrhSt0w_ChS1UPr534HHIBmPdpDfkq12p3vTdt_Waj5AYIeJUzf6-53CCIINFcxCHaYxotXkMwlTwXcQUKeTpkpT5sJ_JLxXCbhL8Byst8yBHONY5E7QY4Lok1XpUpyB-vXAEIN35BUBj9EQSFX6O9Tx_CA7BiAWd589ECmVC_gdewCNPk2kY29uqnLN6nnB185ePFurdok6-k5WYbIoSz5x7WCgedG&cid=CAASEuRoCLiE6updbDstLaV34b2Oqg&rfl=2%2Chttps%253A%252F%252Fwww.arnolds.com.br%252Fcrash-bandicoot-os-5-niveis%252F%253Futm_source%253Dfacebook%2526utm_medium%253Dsocial%2526utm_campaign%253Dfanpages%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 18:05:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
112298
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Jan 2023 18:05:43 GMT
11142515848572072222
s0.2mdn.net/simgad/ Frame 2013 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11142515848572072222
Requested by
Host: 3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com
URL: https://3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c345e79d4270528fbc2c1640ca9f839d79708aeb44828debb614797e246ca91b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 15:41:29 GMT
x-content-type-options
nosniff
age
552952
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38285
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 08:37:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 03 Jan 2023 15:41:29 GMT
/
adtrue.fun/dynamic/ads/ 		0
633 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtrue.fun/dynamic/ads/
Requested by
Host: ad.lomadee.fun
URL: https://ad.lomadee.fun/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:1bfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
242121
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KM0CDWO3Be%2FNIly0XshdY5uGxOTdEZqljpbhh8YBRwdbF54ZGKhNAXNTxlfm%2FdGpAfiD4AbAhv4V9ONBWbFymr1zS7qVhmuDTv3tVKZ1dFJnsyBAHDB%2B0WnzMz7mPnTevf7mXxRaIxCc"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
6cb210b2f88c3311-CDG
expires
0
m542bee40d5e121507accc460c259dd41.otf
megacdn.top/fonts/ 		268 KB
269 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://megacdn.top/fonts/m542bee40d5e121507accc460c259dd41.otf
Requested by
Host: ad.lomadee.fun
URL: https://ad.lomadee.fun/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:3197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f93c21032adbadcb001721989879f993a926ae21b90dbb155ee4e0dd9764524e

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
274848
pragma
no-cache
server
cloudflare
etag
742539e9fab336c1667deae4097f6e3a
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BMMxQBxusq%2BIs3LLdKj%2BR8yH3%2B1lXH%2B%2Bs0jk9kyfePFAYfvrNu7PtqDxZDKfrTlsbWsbANdGKS7rq2NtsZR3cAH5Zmmrnpjz1LhG%2BYpzpH3YD9XitP5Og8c3L0lO6JmLRWKnupfoHipd9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/opentype
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
6cb210b2ec3ccdc7-CDG
expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame AFB5 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com
URL: https://3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 09 Jan 2022 13:26:12 GMT
expires
Mon, 10 Jan 2022 13:26:12 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
42669
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 2013 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a1668f47968a039403dfcf98d40974bef85dacba9e1d4f3832e43fcf41d4b2e

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 897B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Sat, 08 Jan 2022 18:05:45 GMT
expires
Sun, 08 Jan 2023 18:05:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
112296
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=w!0hpugnb9nc&lm=0&ts=1641777441014&dn=TC&iso=0
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:21 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame AFB5
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAyJ6yCL4zy9QVrWZOBSRMI&google_cver=1&google_push=AYg5qPLX_2RIwuKEW5ct9rfdUiQ6NqLus_weIU6OCeB4mbEERt6P9boFieGhujXyzPHxSqobeKxk4SXhUquru4LxzZ3REFAdBtg
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzE2MDQxNzUyNTAyNDA3ODg0NQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAyJ6yCL4zy9QVrWZOBSRMI&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAyJ6yCL4zy9QVrWZOBSRMI&google_cver=1
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Server
2620:112:f006:bbbb::12 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 01:17:22 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 01:17:22 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAyJ6yCL4zy9QVrWZOBSRMI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AFB5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFB3EokebzeS5mP9ruQIPyg&google_push=AYg5qPIq8CeSYfCtswxGyrQpIjbhp_oNu0_PEpz-1XKpQ8p0y72wyoICen...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFB3EokebzeS5mP9ruQIPyg&google_push=AYg5qPIq8CeSYfCtswxGyrQpIjbhp_oNu0_PEpz-1XKpQ8p0y72wyoICenHAKoro6ZtIcA5wWTnVT2dKlWknJiGFs0oVC9vEsEU
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 01:17:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 01:17:21 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1641777442.793646,VS0,VE160
x-served-by
cache-cdg20769-CDG
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFB3EokebzeS5mP9ruQIPyg&google_push=AYg5qPIq8CeSYfCtswxGyrQpIjbhp_oNu0_PEpz-1XKpQ8p0y72wyoICenHAKoro6ZtIcA5wWTnVT2dKlWknJiGFs0oVC9vEsEU
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame AFB5
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEPyO-fky7deOgMJ_xCiMm5Y&google_cver=1&google_push=AYg5qPJ6KmVZPvOjUQ32cOTPmp6JNY-QyRRAau1CeBI4coqkTvCJlEyjw11ccrVMkrAPoqX21VlxrXQIfKF7zDo7M3rpZy9alkLY
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Q2ZmQndQSGpEOVNHNl91OUlvbmJZUQ%3D%3D&google_push=AYg5qPJ6KmVZPvOjUQ32cOTPmp6JNY-QyRRAau1CeBI4coqkTvCJlEyjw11ccrVMkrAPoqX21VlxrXQIfKF7z...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Q2ZmQndQSGpEOVNHNl91OUlvbmJZUQ%3D%3D&google_push=AYg5qPJ6KmVZPvOjUQ32cOTPmp6JNY-QyRRAau1CeBI4coqkTvCJlEyjw11ccrVMkrAPoqX21VlxrXQIfKF7zDo7M3rpZy9alkLY
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 01:17:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Q2ZmQndQSGpEOVNHNl91OUlvbmJZUQ%3D%3D&google_push=AYg5qPJ6KmVZPvOjUQ32cOTPmp6JNY-QyRRAau1CeBI4coqkTvCJlEyjw11ccrVMkrAPoqX21VlxrXQIfKF7zDo7M3rpZy9alkLY
date
Mon, 10 Jan 2022 01:17:22 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
243
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pixel
cm.g.doubleclick.net/ Frame AFB5
Redirect Chain
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEJYDF4MHQh5zw_HZSJQmUZY&google_cver=1&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM
0
0
sync
rtb2-useast.torchad.com/ Frame AFB5 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb2-useast.torchad.com/sync?exchange=309&google_gid=CAESEI5AVIfh9hHCs0O0VEUvc50&google_cver=1&google_push=AYg5qPIw7zIhVQC37ph_XEx3beXKYumt3NZW3cNkPfbTSmk88T1FsQl4Wlhko95HwR3_VTzKlkKSOXrt2WOp0W9o9yRAuximlJM0
Requested by
Host: 3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com
URL: https://3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2604:9e00:1:129::2:a01 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 01:17:22 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
sync
ssbsync.smartadserver.com/api/ Frame AFB5 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESECGQMSEDq5WQ8ry_Cah4-P4&google_cver=1&google_push=AYg5qPLqCa7b_l6XZaSZzJj2_aLDlwBNkv4IXxO5FYRDqE6O1GsS33nNrOSWnLL0p_v7-4WzIQpSXBRFZ3OKWfu9oLAyP5EBcS6x
Requested by
Host: 3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com
URL: https://3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.241.6.33 Singapore, Singapore, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:23 GMT
content-length
0
dot.gif
s0.2mdn.net/ Frame AFB5 		43 B
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEEU4-5Yui6cHCkmtP_m6WQk&google_cver=1&google_push=AYg5qPKnODsnZWl9-5VaUCYLqtXyKA2blG-8MUZ0yp2-Fv8ADCfnrRr7MIdunoR4TMgnxtTxRr-a5TtK0NDCRKEYCtEbGu9lU5_h
Requested by
Host: 3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com
URL: https://3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jan 2022 01:17:21 GMT
attr
cm.g.doubleclick.net/pixel/ Frame AFB5 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JAocGeyFTX9lOjvHiYOwXjnwdQxnOrCZ1RTR8tnkV6BE0fxOlikZVcKbz-V3xhmRXHZUx-_A
Requested by
Host: 3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com
URL: https://3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:21 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
V_1BK8LT12tPAXVBd9VW07x8-6IwLId0KwHdjemGMHg.js
pagead2.googlesyndication.com/bg/ Frame 897B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/V_1BK8LT12tPAXVBd9VW07x8-6IwLId0KwHdjemGMHg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57fd412bc2d3d76b4f01754177d556d3bc7cfba2302c87742b01dd8de9863078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 23:51:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
5122
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13406
x-xss-protection
0
last-modified
Tue, 21 Dec 2021 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 09 Jan 2023 23:51:59 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2013 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvIDmBmYhC0GiUo0DK2A69nw-soOhZEizWKl5p00biJV-Fgf1kXQKLpRW8zqfUzW9chBVPSKOeRgTnpate5juNaAaL8caXpXLybiqrZ0RkWPtPhTAUGaow5_7_KS4NBqt54IW7c4sUrSzmSgAdYVhhBjgxQ2U2pevpwx1SaqPDotLGxCsn67OAl1yN6DQG8YlGuyw5kxndFxIRGSWopTnx-JinjiGqGFr3_a_hJZyGEloOBwfNdkB1KxTQwwhgaUoApbN3h555zHZGSIgJwSFGGTyNif4jqEYqK2C_MmPM8_z0lQErEN2sRVIq2t50wg32UxmtKVflkofaYOP07tQQbAscZHolnfJb9hY4DnftgIstJAdyjPwEjq1_PON-cojf6DpjOJsUTvK4wUuxF9sMgpTiQ5vQyT4mrcMjfjJqXQo_HqQMuHjii-3R2oJhePEIWslU2BSYIUqGBLLbIzokHXKADbd5GrbnVw5EI231E0OVUF1gSSKWskd1OtR4NrJrSc1NN3ZJDZ22aRb7DHAEwtC4bDZ4LyN_DT9yUeXSoXOxNbIjJzCnTfLstkkUQGhgqo5b0S4rrml0eRXGnjfNLn3lhfbKXZ_exYLxkrgUyIfRSgc3UtUlToEC7G3dH36jpiMUL_GSW_3Pw-5VT14bd9sLDiDZN5UwGXOC5ES55LY2gm6sp46Ku7T76mGTa1l5jKV7T8DvNls8ajJWHLKsVQ4Sx89PA0MkxBSxGctdnSiGRF2on0Pt_ocw3MwR4e6pWMsWuqwXw4gsjkXrPdRUoaBVII6o6LtwDm72_MQ9dzkZ5Uaf9umoVH7VXFTkIKE7kZhCQkI7lvJxmdcTf6vogay3M8loDp8WwbR3CbMeDgPZwlODqnM3cdq6CrZwDyg04uZN-Oy2QLkozFuYaUkh0wX9conKiF5_GKMFxvCdO3nWAbmBhDitv8nt1DEoF2PwlRM9xdk1BxJELlGjqpVwjqzxVlmKSHCswRJN6gvjA6oYp-Fi2nzeakl6-vLUrGfh_lFiV1zV6pnQJHfbjYs_eheul26GJxKsPUYUMPPkLE41vblggaJa8yKst0353y1lkfByIzWd2pIAbDXDVNPSPBvwmbMr5qdFDX3AE9kUEy5dy-9h0K_44qYnRjiLVKOlq3dc3sWlKf-xqZMIYtYhu6quISjzA-xLFUn1NW_s9gGq7TOhDHfw7UiHqG1EgmovKUG1-Bd-vtdMDwiJbhTpgEMqZmy--PY7pm7d2QOhcr6BaNvEFHBVgeR8g3eb-zbVe43xWeYSGxDdVFlp8xyWo6dNIwMVbNNU&sai=AMfl-YTBMyf_BVtr42Gy7HJuhthyWTuMGxren2LMqbpURcZPmwU4Ca3EgRUWW2SX8R2YMpng39n3yYMaIKeaIAl3XTAkro9mPDDmDo8Hh3zFLZvMp2ODotjw45tHbJ7RXYl14PGjCZe8QalZvPc3rX3ho45DTZR_4hK3TI-tD2TYIEMc_mAIbyXJlg&sig=Cg0ArKJSzGhLjoHB_-tEEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=167&vt=11&dtpt=166&dett=2&cstd=0&cisv=r20220104.30934&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-At0moTXetlWdgl8X2ldMw6Goav1jlnAoTEGacVyPccsB4_9CPvSDHNYUC-l220chozrfsuTa4Hy6lRRCCRyQiY2TuINd5RPYPCvAhjzSiukJWoH9g6d5h9Q2hYRwqelBYzkVOBePnr5uzhjLS9V_jT3bzGvQ&dbm_d=AKAmf-D2AN-ifpCdKBryI3qwD-hIxTko9P8VmpLT-CI_Itq8wu1E2koAqbQX-jBPUbG8nzj7bbbKQK6LZOcXozbo_eQe0VpblK_z1j7_ViHSl5ocW2_GRjTVTG7GeestGok4NFyZC75GjV_1FFxoLLsYR1-Fsh0cCVeX46TSsEx8Cca-xvia1nTh40eC4F90N2rJfg1Zgbg6E5iRUYc_IT8a_icSd3iUrDDReVZs1AijksBRR7otc2NKNnOwNiiYCocZU6t6FYqmMXgRZrXETzKIE3d_WTgUK2sdUZw8dGYSZhn3_1mhTBI2uLoDmAIdkCAAErQAx6RLN6Ka0SrC6n_32Sr506hHWdF1JSAI5y7NOiug7K_btaqV5S7X3uljXHLsUSYly0lp1cpqUdZaNaDy0hPZrvve8vxn5PC5u2p8VUQz78jv380Fq5XbpmUlOqOSVMMWGe_aWvOa7tWr3UvFOaoL3EpoUoytGOjrSlis3s0ob83Ti2toPb_Qtf0FxD64egswlG2181dOkJ1CbXLVoKuWhHqtVz0frXzKu6nmXdv76WCqJlvG6LqtS_6T_NCLCfJ2rD_uYbQjV8H3DcDXKWQnepUmswmC7v6HyP5Qig_Emdjzcc7kLF5zV9uowsXgr6rbF1e93LuUR196gDZW_w3Ef7-CiJ3kvrldWVYR1dMKI8Z7_MbYaCKT6z_1rIabJtK0-BgzPa4oXxplqrILDMjWZ6ZukQP2Op0ddOwxStmFjPB65UE5AHQXXEy9HQqIA_OR0Ph4spdxSqnrKXhUpZtq-0--oTuZ-p3Nwa4_2xcs05-d2r4zAtcu3wUKoaRe0gs9qU_amndTWSRCXEBUnhb8za3BcTZF-2WyxR7rpeAVc0faqtBJxj-eEyBORjcw8Jf_2RLZUB0DCr52JKuXGyWAdv_tXaGsz2psHmVLWw9ZpL6FVrsEv5ppbEuhjwYG1rvdUdsMnyF8sIo9Jvh471PSJAI0rxc0Xpg6L04tvZyJaTRh7oEGFfM7qYNYgJm4ALHS74Eo1eRaQjcioegsIA0EAKfYSEou_ieJTgdstht89TNtZFAX2MNYeKXrSx8JwtPbaRYhdWdWci7TMeJgLgqUVERA_uQzWg-Y5yDCWdNReZCYjovcCwTwa3CbMDmFdilQIbhvwcQz7MBG_of2IaJvPpbQWl8P1uGFe3msdv9nUwRjYiqVSGUeGdHDWo2MhKRKDkCt_-v1AgsZxvIzw-wthnYBo8Srfuebi1vQB-pRv4O-6WGvYisoIyzpEe-iDhXvs87tOOrDlC8dqZ4_rchcqsbohBf4qpAzGwrcvTLemBfp-vHYCeOqk5j63VIQ0OM3SbmeDKwWRjfpUrJGE8Vk4VNanenjletqeK4qyRfI--zs2d8to5vNccpXcKcLfWAwC0WLp93-WSaAHK2DX3tHFF95s9dI3kgIQ0-bo471SOvn7mjzsfDWgjvB9YFLxo_fonL-JIeXMqF4u9tRAa4BGbVRolk3Tw5IsWIxyNt1RykLczytZIMllfHRPhxLN7VGyPtDYOgbBx0SiJdDlBv2zETTe3E_P_mbCjiuQ8GaqS4ereI4k4-yTEVXvP73ICBPoKJgn67t-Hv0amADmK48_w2pU-0cEZxhVqiPJkr-culXZ5pxA5V2Hnh_nVDrPAfyYyssQW1N9LiiizsOAwPoyXYU_VSzgt5QNcmrTH2tIMAXZce-wsrF_mCYWlclu7vNUnN4igHS_9TOTSR_QwmHCID2nk0_Wfou7LY7FtobXx3ZSSkqlRU2UHf9rM_2Lg9rgyU-ksNtH7nedWvGU28NLSaKYWBPfO6JiDMp_R43eH1VUrHODTh1bvIN2XJVL23yXTPpxHpyGvchWWLwiF9gnjvVjQMG_ArqDYUdapLNR75Y4MLl2zRFffIu-AobZ6_Y_x5Tscu3NyQ1wPSukakXVFC33NxSTEaUHHD3xH9KYTCtwq5PPb9y48Lk1FZAcUjgIBET7g7SAZdflGOas_aWDHkAo3ryzNNCLCbHO36O9AOAY5V5VudygzmR8UWoy2CHOXvqMLMmOgDSXjmbSiKPFPS5TUga3ancpzmFr355CF-IKO-Y42AFgNM0wP1FZcOKebigLVOl-DcLWezZaQgEIkWDyNMSrPH1DIiMYvJVyPs_FmO4AGb-S_sjqWx7Q_OCs6CagEhFzis0afy8OPlmevf6TVV8P37g36NOVgIywQFxgzLOWwaOQTPbTU1uP640KK8omVAPgj4FtLe_BKVPINI1KbX9FqT1t_xTgR_RbhljblVk06T1DwwQ1r5QQ_SgkvVa_na8Gk_rX-j_VipQkySP7qZ7euyLz3Nn_4FRPS34w8Wc1Mc7EqizjJmStTlBILVOx_E3tL-D7aMff3y0WFy8_pFddFhc4SHFnGsfqJd3BDL1QdkGl5yStGTUf_9ld4eqFtGTA-CuZcX69KAXSTuQXxp34vUSMaS0ytwwN_9le6aPPMFoKyMq8EjtXfbZkeUOrXr3ehUsLeCm7rz0LOZSLUIexR0sXnr8LQHLuO0LwIPcIQ_YzNHvCMvq3eYosq_TSju1BuRFr-cKQbXtfHMphGgkao34BhKZKL5hl2_myPd3VOTJ7A09QCoWgbLVlhV_tyrPjCWnfSz5_J1PLgIlq17O_id_ZxAOlZvCvy2vqsfJOhUMpe3CBhuF8PfxA005tMSMHalXk1s3BccxkPkXmzdRqFlv13fR4_BgVkGsOg9SzxmSkg8_rsG3xAVocCpMqt_u1y4FAIGyCV_5jYMdO2Eudq6biO6PBu3u1TuunITZamvjq5HFVx2t6ci6Mmaz3ERzwZWzEMQ3RRnGXEWH1mCL5RTFsu7LK8_5lTbd-T8QO728AhRNFocNIP01OxY_fXlP25VRTmnOUrjbCD2XREn9qanGOa5ovfqWC30B04zCwUq65zRqtV7eNiSewXTaGSHanMUszY42G-_IIBvLw6JJaArp0dvxHBrQj-IUyNpn1UvC_kCpn4auSidLSthzEjMDBquruagzC6CKXWn23D0ZBDX-SY4DSkrhSt0w_ChS1UPr534HHIBmPdpDfkq12p3vTdt_Waj5AYIeJUzf6-53CCIINFcxCHaYxotXkMwlTwXcQUKeTpkpT5sJ_JLxXCbhL8Byst8yBHONY5E7QY4Lok1XpUpyB-vXAEIN35BUBj9EQSFX6O9Tx_CA7BiAWd589ECmVC_gdewCNPk2kY29uqnLN6nnB185ePFurdok6-k5WYbIoSz5x7WCgedG&cid=CAASEuRoCLiE6updbDstLaV34b2Oqg&rfl=2%2Chttps%253A%252F%252Fwww.arnolds.com.br%252Fcrash-bandicoot-os-5-niveis%252F%253Futm_source%253Dfacebook%2526utm_medium%253Dsocial%2526utm_campaign%253Dfanpages%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 01:17:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=w!0hpugnb9nc&lm=0&ts=1641777441014&dn=TC&iso=0
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:21 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 897B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B8jSHIYnbYbHyI__D7_UPsJ-2uAwAAAAAOAHgBAI&bg=!29il2JzNAAbDtiZlw7Y7ACkAdvg8WuFfL_CdbP5sCVr-XW3duKEMSxt9zZG68ox66BwR0kNffpVuLgIAAABqUgAAAA9oAQeZAyfnsUTYSN4af9dLZHfV5SsrUW8FnGlm0MC-wbi92aWBn31Ki-PC1g-LsVR8gLuZ-a0xnjLj7fpT8KeELJhROl39LqaT3V00IO5hYt75I3tWwWXPRYhybViu-lhJJXhyoX9LrIus63GnrfUuS6CB8Ui8Ct5E7UY_RGZ2NiJTSymlWz6NvKEykuhDOBwyZSIX9LHZjC1AiFYkGQjsuTb1HCpHyYP0IHg2foPMA5zQsYJysqBbF6eEMuQZBmdrSxniBBRWbQpSPLwvkIVO_-nIOKEtr6_x5Av3IB6989DT3fIrtde1uxDS43ZHRiZOUL0_mmgEKvOZOeV8zE7T7GNZqiItdYm93nNemwMt2Q1oXL3ToBOQVbhRUakZG9XzgmRdUpzbBEtshJJkuIPwaSBaZVHss6Q0mbS4NCRB7SrCd4TKMUXAztoYmXNl72aRj7ugqMCfQYN_nudK_5sJfwis_EmwLEsaDhHSxlYWYsSN_IFXOWu5Bzub3-SVTjsrhYfXj_wVxJVSJ2N1byXRNUNEu3yqg-p26t5asOGErjBsv8UoDYs1ZEzWVdqdEZinWpzaNYVNJqTAcSVxEnyiBDdrb7BLq1aUzP2w2WTW-NVirtHnxAGgb2pr-OOOHHbgGaXHJmETw-AzQO7CWjzmm5SgfTrDTftj-3DRnSZx4oJn4zXZu-yOLYx__uzTFYcla7rme6wmq_iBP7KKfhMBUtwSSuywqZUth9_DGhwONyoj-eQMxMyNIHIUfvosKTEXVkIfaAObEWbleP-LQ4AgIluonnwF31GdbsRuqfVdr-IQNGoxvRF7Bg11z2FJv62PkY8b1E6JJwzqKK3YdUhadt2Z6TAqMVXR8Xi3oLgjVXCq4rSNCpLeEz7a1Nb4GPQIHAxFQsD3Bp7NAbNJR9IFbmI-z0Di7PjxeH5Pv0uXiwOAqf6QOtEqKcHT6IBa_9SvBeZ7SF1Txa5Pc1C80gVjoIur7wt6pOwy0Q-c9CUEYDZn89qmug5L83SejaAmw__SZvX3d6oJBFE2E25nZDKatVNbbpExZg_PhwCtlTajyb9zvypYBrRfH07qP5E
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 01:17:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
OtAutoBlock.js
cdn.cookielaw.org/consent/723163eb-986d-40ec-b913-60e870dc2555/ Frame 191E 		372 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/723163eb-986d-40ec-b913-60e870dc2555/OtAutoBlock.js
Requested by
Host: www.pokerstarssports.fr
URL: https://www.pokerstarssports.fr/sites/aff/football/cinq-premiers-paris-rembourses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2a1d46ab2d923c7d5f8b100d9832cf3c4599ed99c53124b1533fb1a828f919
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.pokerstarssports.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 10 Jan 2022 01:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
2OGN3u8KaggFCu7+sWyp1Q==
age
11273
vary
Accept-Encoding
content-length
29460
x-ms-lease-status
unlocked
last-modified
Thu, 14 Oct 2021 13:04:27 GMT
server
cloudflare
etag
0x8D98F13271B21E1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
d6a9c167-e01e-0171-4394-daec8a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6cb210b46b2440a5-CDG
expires
Mon, 10 Jan 2022 05:17:21 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ Frame 191E 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.pokerstarssports.fr
URL: https://www.pokerstarssports.fr/sites/aff/football/cinq-premiers-paris-rembourses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d2a74d8b25e1ccd4b1294b0b937804bc24aeea7f46edad3f3c1f91604d2708c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.pokerstarssports.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 10 Jan 2022 01:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
dMq6iJthjOyg56NOUFVpHQ==
age
12211
vary
Accept-Encoding
content-length
6508
x-ms-lease-status
unlocked
last-modified
Thu, 06 Jan 2022 07:32:13 GMT
server
cloudflare
etag
0x8D9D0E6A87A7FA2
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f1cd27d8-601e-0064-49e3-026846000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6cb210b46b2640a5-CDG
css
fonts.googleapis.com/ Frame 191E 		8 KB
732 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Requested by
Host: www.pokerstarssports.fr
URL: https://www.pokerstarssports.fr/sites/aff/football/cinq-premiers-paris-rembourses/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3fa49132cfd4ae80349a262b643fc4f9afa40c41a56032d7e05c3500f4ec9313
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.pokerstarssports.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 00:08:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 10 Jan 2022 01:17:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Jan 2022 01:17:21 GMT
css
fonts.googleapis.com/ Frame 191E 		2 KB
572 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed&display=swap
Requested by
Host: www.pokerstarssports.fr
URL: https://www.pokerstarssports.fr/sites/aff/football/cinq-premiers-paris-rembourses/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0f473fefe40384ad90ca8a03212ad487e428a3cd5f403f5bd77a31a1a23414cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.pokerstarssports.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 09 Jan 2022 23:30:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 10 Jan 2022 01:17:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Jan 2022 01:17:21 GMT
bootstrap.min.css
cmsstorage.rationalcdn.com/assets/bs/assets/common/bootstrap/css/ Frame 191E 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cmsstorage.rationalcdn.com/assets/bs/assets/common/bootstrap/css/bootstrap.min.css
Requested by
Host: www.pokerstarssports.fr
URL: https://www.pokerstarssports.fr/sites/aff/football/cinq-premiers-paris-rembourses/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-76.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8878fe76a9d5f812136977a768b0292a70190104050ce601f84fd75c92c2f35d

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.pokerstarssports.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:22 GMT
content-encoding
gzip
last-modified
Mon, 05 Mar 2018 16:59:47 GMT
server
Apache
etag
"54f2-566ad40daa6c0"
ntcoent-length
21746
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
private, max-age=975868
accept-ranges
bytes
content-length
4529
layout.css
cmsstorage.rationalcdn.com/assets/bs/assets/common/styles/ Frame 191E 		220 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cmsstorage.rationalcdn.com/assets/bs/assets/common/styles/layout.css
Requested by
Host: www.pokerstarssports.fr
URL: https://www.pokerstarssports.fr/sites/aff/football/cinq-premiers-paris-rembourses/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-76.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ff7a5c5a02c8eaef84aa31c9ac5a4b87ff7d3f6bfd4cb819526951f4a7311589

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.pokerstarssports.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cteonnt-length
225247
date
Mon, 10 Jan 2022 01:17:22 GMT
content-encoding
gzip
last-modified
Wed, 28 Jul 2021 11:08:42 GMT
server
Apache
etag
"36fdf-5c82d0258a280"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
private, max-age=1146339
accept-ranges
bytes
content-length
25946
PstrkIdManager.js
cmsstorage.rationalcdn.com/assets/ps/assets/tracking/ Frame 191E 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/tracking/PstrkIdManager.js
Requested by
Host: www.pokerstarssports.fr
URL: https://www.pokerstarssports.fr/sites/aff/football/cinq-premiers-paris-rembourses/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-76.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6c10ff7971ac5fc6a3536c9e8a38aa796ba7b817348a98064364bdd9ccead5cf

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.pokerstarssports.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:22 GMT
content-encoding
gzip
last-modified
Fri, 22 Oct 2021 14:51:32 GMT
server
Apache
etag
"41e6-5cef2259ce500"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
5499
bs-styles.css
www.psimg.com/sites/assets/pages/bs/ Frame 191E 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.psimg.com/sites/assets/pages/bs/bs-styles.css
Requested by
Host: www.pokerstarssports.fr
URL: https://www.pokerstarssports.fr/sites/aff/football/cinq-premiers-paris-rembourses/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
77.87.180.198 Douglas, Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
Apache /
Resource Hash
ee121ae661945d8e6075737b2223387c0984f9a743ed2ad9ff3a1766cc91384d
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.pokerstarssports.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 01:17:22 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Jun 2021 12:29:37 GMT
Server
Apache
ETag
"3151-5c5097a138fdb-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Strict-Transport-Security
max-age=157680000
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=213
Content-Length
2670
hero-styles-druk.css
www.psimg.com/sites/assets/pages/bs/t02-right-vw/ Frame 191E 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.psimg.com/sites/assets/pages/bs/t02-right-vw/hero-styles-druk.css
Requested by
Host: www.pokerstarssports.fr
URL: https://www.pokerstarssports.fr/sites/aff/football/cinq-premiers-paris-rembourses/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
77.87.180.198 Douglas, Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
Apache /
Resource Hash
fc3c6f64f8fc7453c95d75a9a98b6dade6595d34af2efb73989f3104040dcbf4
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.pokerstarssports.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 01:17:22 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Aug 2021 12:58:50 GMT
Server
Apache
ETag
"157f-5ca3994167680-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Strict-Transport-Security
max-age=157680000
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=165
Content-Length
1242
message.gif
www.psimg.com/sites/assets/pages/ps/fr-legal/ Frame 191E 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.psimg.com/sites/assets/pages/ps/fr-legal/message.gif
Requested by
Host: www.pokerstarssports.fr
URL: https://www.pokerstarssports.fr/sites/aff/football/cinq-premiers-paris-rembourses/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
77.87.180.198 Douglas, Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
Apache /
Resource Hash
b6e0ed111b18c28106493805edceb946a1922f14d7e8e3b6cbb4a1323ea5acf3
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.pokerstarssports.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 01:17:22 GMT
Last-Modified
Thu, 13 May 2021 11:06:05 GMT
Server
Apache
ETag
"4ce0-5c2341d0c8140"
Strict-Transport-Security
max-age=157680000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=212
Content-Length
19680
message-mob.gif
www.psimg.com/sites/assets/pages/ps/fr-legal/ Frame 191E 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.psimg.com/sites/assets/pages/ps/fr-legal/message-mob.gif
Requested by
Host: www.pokerstarssports.fr
URL: https://www.pokerstarssports.fr/sites/aff/football/cinq-premiers-paris-rembourses/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
77.87.180.198 Douglas, Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
Apache /
Resource Hash
6accb914154d46183fe79dbd09ea0735453a98e6365940152f1b1c735cc219c5
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.pokerstarssports.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 01:17:22 GMT
Last-Modified
Mon, 24 May 2021 14:13:00 GMT
Server
Apache
ETag
"3590-5c31401c4f300"
Strict-Transport-Security
max-age=157680000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=163
Content-Length
13712
betstars-logo.png
www.psimg.com/sites/assets/pages/bs/ Frame 191E 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.psimg.com/sites/assets/pages/bs/betstars-logo.png
Requested by
Host: www.pokerstarssports.fr
URL: https://www.pokerstarssports.fr/sites/aff/football/cinq-premiers-paris-rembourses/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
77.87.180.198 Douglas, Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
Apache /
Resource Hash
5b27ff831ca71bf69b6edae703bf9dfec6e70fa07b4c1f92f05853e0b53b47d6
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.pokerstarssports.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 01:17:22 GMT
Last-Modified
Thu, 11 Mar 2021 16:11:44 GMT
Server
Apache
ETag
"788d-5bd450a22d000"
Strict-Transport-Security
max-age=157680000
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=211
Content-Length
30861
wb-de-icon.png
www.psimg.com/sites/assets/pages/bs/t02-right-vw/ Frame 191E 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.psimg.com/sites/assets/pages/bs/t02-right-vw/wb-de-icon.png
Requested by
Host: www.pokerstarssports.fr
URL: https://www.pokerstarssports.fr/sites/aff/football/cinq-premiers-paris-rembourses/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
77.87.180.198 Douglas, Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
Apache /
Resource Hash
bb8d74ef8360ef8dc0bca6b758a01a4cc347402b37cc1ab8b0fd9984221b374d
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.pokerstarssports.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 01:17:22 GMT
Last-Modified
Fri, 14 May 2021 10:22:00 GMT
Server
Apache
ETag
"1e41-5c2479d3c6200"
Strict-Transport-Security
max-age=157680000
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=244
Content-Length
7745
superboost.jpg
www.psimg.com/sites/assets/images/betstars/headline/2021/other-offers-section/ Frame 191E 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.psimg.com/sites/assets/images/betstars/headline/2021/other-offers-section/superboost.jpg
Requested by
Host: www.pokerstarssports.fr
URL: https://www.pokerstarssports.fr/sites/aff/football/cinq-premiers-paris-rembourses/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
77.87.180.198 Douglas, Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
Apache /
Resource Hash
a68ca5a4362542336218d08ebda175b87f5efe4a9fc24c4259e6a56fcc4b0856
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.pokerstarssports.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 01:17:22 GMT
Last-Modified
Thu, 18 Mar 2021 17:27:00 GMT
Server
Apache
ETag
"5bc7-5bdd2e8332100"
Strict-Transport-Security
max-age=157680000
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=162
Content-Length
23495
rab.jpg
www.psimg.com/sites/assets/images/betstars/headline/2021/other-offers-section/ Frame 191E 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.psimg.com/sites/assets/images/betstars/headline/2021/other-offers-section/rab.jpg
Requested by
Host: www.pokerstarssports.fr
URL: https://www.pokerstarssports.fr/sites/aff/football/cinq-premiers-paris-rembourses/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
77.87.180.198 Douglas, Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
Apache /
Resource Hash
a63ddf38726569927397c5e2df11aabb251d9b8daeec29c0faaabac107d33397
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.pokerstarssports.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 01:17:22 GMT
Last-Modified
Thu, 18 Mar 2021 17:27:00 GMT
Server
Apache
ETag
"3ea6-5bdd2e8332100"
Strict-Transport-Security
max-age=157680000
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=244
Content-Length
16038
freebet.jpg
www.psimg.com/sites/assets/images/betstars/headline/2021/other-offers-section/ Frame 191E 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.psimg.com/sites/assets/images/betstars/headline/2021/other-offers-section/freebet.jpg
Requested by
Host: www.pokerstarssports.fr
URL: https://www.pokerstarssports.fr/sites/aff/football/cinq-premiers-paris-rembourses/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
77.87.180.198 Douglas, Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
Apache /
Resource Hash
60874230a6d53bb32a69c06b8736c5643e9e7fa46c898afdd4b28012e5eea28b
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.pokerstarssports.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 01:17:22 GMT
Last-Modified
Thu, 18 Mar 2021 17:27:00 GMT
Server
Apache
ETag
"419c-5bdd2e8332100"
Strict-Transport-Security
max-age=157680000
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=250
Content-Length
16796
rennes.png
cms.rationalcdn.com/v3/assets/blteecf9626d9a38b03/blt9db9c4ceb4f64945/5fb7a39effb61e50a0fae862/ Frame 191E 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.rationalcdn.com/v3/assets/blteecf9626d9a38b03/blt9db9c4ceb4f64945/5fb7a39effb61e50a0fae862/rennes.png
Requested by
Host: www.pokerstarssports.fr
URL: https://www.pokerstarssports.fr/sites/aff/football/cinq-premiers-paris-rembourses/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-76.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
1cd7e3414978faf9c0fab2a4f2e9d165756cd735cfe4e0cef432c2d522abe14c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.pokerstarssports.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:22 GMT
last-modified
Thu, 17 Dec 2020 11:11:25 GMT
server
Akamai Image Manager
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=1679595
access-control-allow-headers
content-disposition, content-type, cache-control, content-length
content-length
4652
expires
Sat, 29 Jan 2022 11:50:37 GMT
facebook.svg
cmsstorage.rationalcdn.com/assets/bs/assets/common/images/generic/social/ Frame 191E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/bs/assets/common/images/generic/social/facebook.svg
Requested by
Host: www.pokerstarssports.fr
URL: https://www.pokerstarssports.fr/sites/aff/football/cinq-premiers-paris-rembourses/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-76.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6aa11e842888cd75c787ba6e59d03d8139f93af3da4876c39b7d1600124a126c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.pokerstarssports.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:22 GMT
content-encoding
gzip
last-modified
Tue, 27 Nov 2018 13:01:13 GMT
server
Apache
etag
"774-57ba50b4d7840"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
913
twitter.svg
cmsstorage.rationalcdn.com/assets/bs/assets/common/images/generic/social/ Frame 191E 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/bs/assets/common/images/generic/social/twitter.svg
Requested by
Host: www.pokerstarssports.fr
URL: https://www.pokerstarssports.fr/sites/aff/football/cinq-premiers-paris-rembourses/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-76.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5ff86f271c2c50f1074477420ba9679ed243b281f5cfb7f66129bdf5eea43c24

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.pokerstarssports.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:22 GMT
content-encoding
gzip
last-modified
Tue, 27 Nov 2018 13:01:13 GMT
server
Apache
etag
"a1a-57ba50b4d7840"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
1080
youtube.svg
cmsstorage.rationalcdn.com/assets/bs/assets/common/images/generic/social/ Frame 191E 		1 KB
895 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/bs/assets/common/images/generic/social/youtube.svg
Requested by
Host: www.pokerstarssports.fr
URL: https://www.pokerstarssports.fr/sites/aff/football/cinq-premiers-paris-rembourses/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-76.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3bca67455c27a03bbaa0a91d29cbf8d2080c9c46e81f914d380528dd2e8c23cb

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.pokerstarssports.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:22 GMT
content-encoding
gzip
last-modified
Tue, 27 Nov 2018 13:01:13 GMT
server
Apache
etag
"573-57ba50b4d7840"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
718
instagram.svg
cmsstorage.rationalcdn.com/assets/bs/assets/common/images/generic/social/ Frame 191E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/bs/assets/common/images/generic/social/instagram.svg
Requested by
Host: www.pokerstarssports.fr
URL: https://www.pokerstarssports.fr/sites/aff/football/cinq-premiers-paris-rembourses/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-76.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
de2d174b8956ce02c80601c3f05b3033fd83b4607df0b2700b919d9d12653365

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.pokerstarssports.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:22 GMT
content-encoding
gzip
last-modified
Tue, 27 Nov 2018 13:01:13 GMT
server
Apache
etag
"6b7-57ba50b4d7840"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
899
lib.js
cmsstorage.rationalcdn.com/assets/bs/assets/common/scripts/ Frame 191E 		98 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmsstorage.rationalcdn.com/assets/bs/assets/common/scripts/lib.js
Requested by
Host: www.pokerstarssports.fr
URL: https://www.pokerstarssports.fr/sites/aff/football/cinq-premiers-paris-rembourses/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-76.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fecb548aab32732b397fe67f3e9843f82b2cec0bee84aa8fa21e27f290f64749

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.pokerstarssports.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:22 GMT
content-encoding
gzip
last-modified
Tue, 28 Sep 2021 08:56:29 GMT
server
Apache
etag
"1874e-5cd0a63a9e940"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
35964
link.js
www.psimg.com/sites/assets/js/ Frame 191E 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.psimg.com/sites/assets/js/link.js
Requested by
Host: www.pokerstarssports.fr
URL: https://www.pokerstarssports.fr/sites/aff/football/cinq-premiers-paris-rembourses/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
77.87.180.198 Douglas, Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
Apache /
Resource Hash
cffddca8d8e50c017deb4c68842840d34179c4d4340473d70b545f02540147e7
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.pokerstarssports.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 01:17:22 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Sep 2016 09:56:31 GMT
Server
Apache
ETag
"8ac-53be7ed7671c0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Strict-Transport-Security
max-age=157680000
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=164
Content-Length
1057
config.js
cmsstorage.rationalcdn.com/assets/bs/assets/data/bs_fr/fr-fr/ Frame 191E 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmsstorage.rationalcdn.com/assets/bs/assets/data/bs_fr/fr-fr/config.js
Requested by
Host: www.pokerstarssports.fr
URL: https://www.pokerstarssports.fr/sites/aff/football/cinq-premiers-paris-rembourses/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-76.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f3a5d1df4717266e5cc80a4f1f04374285a2bbec2b920cd4220eedd5fe16d74f

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.pokerstarssports.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:22 GMT
content-encoding
gzip
last-modified
Thu, 14 Oct 2021 09:38:34 GMT
server
Apache
etag
"4da4-5ce4cd7a05a80"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
7708
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=w!0hpugnb9nc&lm=0&ts=1641777441014&dn=TC&iso=0
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:22 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
723163eb-986d-40ec-b913-60e870dc2555.json
cdn.cookielaw.org/consent/723163eb-986d-40ec-b913-60e870dc2555/ Frame 191E 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/723163eb-986d-40ec-b913-60e870dc2555/723163eb-986d-40ec-b913-60e870dc2555.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f98c5a2391694717a4fd1b357e012bb224d393ecbb028fe67b0894d1062d7ab3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.pokerstarssports.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 10 Jan 2022 01:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
vpbhfwQiINZyw2t6utFl9Q==
age
11393
vary
Accept-Encoding
content-length
1428
x-ms-lease-status
unlocked
last-modified
Thu, 14 Oct 2021 13:04:26 GMT
server
cloudflare
etag
0x8D98F1326C61404
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
8dc77cc4-a01e-00fa-027a-d71101000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6cb210b4eea6cda7-CDG
expires
Mon, 10 Jan 2022 05:17:22 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ Frame 191E 		163 B
373 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f39a9aae1a3970b1087e2dd27728d22fa2aa750c0743e548ccfcfbf36e72097f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.pokerstarssports.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:22 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6cb210b5acdbee60-CDG
trackingLoader.js
cmsstorage.rationalcdn.com/assets/ps/assets/tracking/ Frame 191E 		30 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmsstorage.rationalcdn.com/assets/ps/assets/tracking/trackingLoader.js
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/tracking/PstrkIdManager.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-76.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
726b896f637efa5d4813b617c31f0432d13a5a2206c8bdbc63750e616bd6ce11

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.pokerstarssports.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:22 GMT
content-encoding
gzip
last-modified
Thu, 21 Oct 2021 08:23:54 GMT
server
Apache
etag
"78af-5ced89d7c9a80"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
3549
welcome-boost-mobile-06.jpg
www.psimg.com/sites/assets/images/betstars/headline/2021/ Frame 191E 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.psimg.com/sites/assets/images/betstars/headline/2021/welcome-boost-mobile-06.jpg
Requested by
Host: www.pokerstarssports.fr
URL: https://www.pokerstarssports.fr/sites/aff/football/cinq-premiers-paris-rembourses/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
77.87.180.198 Douglas, Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
Apache /
Resource Hash
e86631bcc85aa70d72ec1b01c97211703e39e85ce25f919a4352e879c538691c
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.pokerstarssports.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 01:17:22 GMT
Last-Modified
Tue, 08 Jun 2021 18:01:00 GMT
Server
Apache
ETag
"dc68-5c444f0c7cf00"
Strict-Transport-Security
max-age=157680000
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=243
Content-Length
56424
sprite-ps.png
www.psimg.com/sites/assets/pages/all/ Frame 191E 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.psimg.com/sites/assets/pages/all/sprite-ps.png
Requested by
Host: www.psimg.com
URL: https://www.psimg.com/sites/assets/pages/bs/bs-styles.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
77.87.180.198 Douglas, Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
Apache /
Resource Hash
5ae8a670947d2e60836b1262227fc4bb0d6365c79c8de2b920a7567e8daa77fd
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.psimg.com/sites/assets/pages/bs/bs-styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 01:17:22 GMT
Last-Modified
Mon, 28 Sep 2020 08:05:26 GMT
Server
Apache
ETag
"402f-5b05b210c07b3"
Strict-Transport-Security
max-age=157680000
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=242
Content-Length
16431
down-arrow.svg
cmsstorage.rationalcdn.com/assets/bs/assets/common/images/generic/menu/ Frame 191E 		1 KB
814 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsstorage.rationalcdn.com/assets/bs/assets/common/images/generic/menu/down-arrow.svg
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/bs/assets/common/styles/layout.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-76.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bd205ffe59aa5dbad8d578251c5f0a3af93f88dafaa33628f00d99ffc3eca7c4

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://cmsstorage.rationalcdn.com/assets/bs/assets/common/styles/layout.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:22 GMT
content-encoding
gzip
last-modified
Thu, 03 May 2018 09:22:19 GMT
server
Apache
etag
"533-56b49bd7688c0"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
content-length
637
footer-small.png
s4.rationalcdn.com/img/bg/estate/ Frame 191E 		109 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s4.rationalcdn.com/img/bg/estate/footer-small.png
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/bs/assets/common/styles/layout.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
84aa17f8bd026a331b01dd69bd992c95ce09df60557637f4e5fbad466338b86c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://cmsstorage.rationalcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:22 GMT
last-modified
Fri, 09 Apr 2021 14:58:50 GMT
server
AkamaiNetStorage
etag
"9aadd769e4bbf2669df3e4de51d9d751:1617980330.571575"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
112066
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 191E 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.pokerstarssports.fr
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 14:02:00 GMT
x-content-type-options
nosniff
age
472522
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 04 Jan 2023 14:02:00 GMT
DrukText-MediumItalic-Cy-Gr-Web.woff
s1.rationalcdn.com/vendors/marketing/web/images/druk-text-fonts/ Frame 191E 		65 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.rationalcdn.com/vendors/marketing/web/images/druk-text-fonts/DrukText-MediumItalic-Cy-Gr-Web.woff
Requested by
Host: www.psimg.com
URL: https://www.psimg.com/sites/assets/pages/bs/t02-right-vw/hero-styles-druk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
eeeb73ab2734bcbf9a66f2b124e9c4c68912e1a4835762a0a9b4b6014f895f88

Request headers

Referer
https://www.psimg.com/
Origin
https://www.pokerstarssports.fr
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:22 GMT
last-modified
Mon, 19 Apr 2021 08:42:44 GMT
server
AkamaiNetStorage
etag
"6a3cdf34c27313352812c6b73dcbf16f:1618821764.136852"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
font/woff
access-control-allow-origin
*
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
66235
DrukTextWide-Medium-Cy-Gr-Web.woff
s1.rationalcdn.com/vendors/marketing/web/images/druk-text-fonts/ Frame 191E 		83 KB
84 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.rationalcdn.com/vendors/marketing/web/images/druk-text-fonts/DrukTextWide-Medium-Cy-Gr-Web.woff
Requested by
Host: www.psimg.com
URL: https://www.psimg.com/sites/assets/pages/bs/t02-right-vw/hero-styles-druk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
40547beae40e26aa9b2a7d636a3bd34b4c70ca66288dbe730acc07a843080734

Request headers

Referer
https://www.psimg.com/
Origin
https://www.pokerstarssports.fr
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:22 GMT
last-modified
Mon, 19 Apr 2021 08:42:47 GMT
server
AkamaiNetStorage
etag
"ba170405ebfa2cde5fc3d368c917560d:1618821767.558302"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
font/woff
access-control-allow-origin
*
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
85359
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 191E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.pokerstarssports.fr
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 13:39:48 GMT
x-content-type-options
nosniff
age
214654
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 07 Jan 2023 13:39:48 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 191E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.pokerstarssports.fr
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 17:56:19 GMT
x-content-type-options
nosniff
age
372063
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 05 Jan 2023 17:56:19 GMT
20200818-155719-betstars.ttf
s1.rationalcdn.com/vendors/amelco/images/2020/08/ Frame 191E 		79 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.rationalcdn.com/vendors/amelco/images/2020/08/20200818-155719-betstars.ttf
Requested by
Host: www.psimg.com
URL: https://www.psimg.com/sites/assets/pages/bs/bs-styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
81eb43dc91150c80896595147280e4132f2ce7269051947a9ad6034428f18c48

Request headers

Referer
https://www.psimg.com/
Origin
https://www.pokerstarssports.fr
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:22 GMT
content-encoding
gzip
last-modified
Tue, 18 Aug 2020 14:57:19 GMT
server
AkamaiNetStorage
etag
"8a885b1d2969abb77fbd0b17b2782b8f:1597762640.50992"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
font/ttf
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/ Frame 191E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.pokerstarssports.fr
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 14:17:54 GMT
x-content-type-options
nosniff
age
471568
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15720
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:08:56 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 04 Jan 2023 14:17:54 GMT
/
megacdn.top/ Frame 38AA 		208 B
762 B 		Document
General
Check archive.org
Download Go to
Full URL
https://megacdn.top/
Requested by
Host: ad.lomadee.fun
URL: https://ad.lomadee.fun/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:3197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d3f9d8ff33e31cd0334df91cdb3586df887757daeb652ed27c69b6a43ff78e4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages

Response headers

date
Mon, 10 Jan 2022 01:17:23 GMT
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
expires
0
pragma
no-cache
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VYx6CZNNOncRCjOirrPf%2BLXLyWeuh77CaVqvbw1d7ZbJEnK4C4NzZdXofBRnSUtKhw0az2%2BH33oMExRQItI5NRsQh778PX1pspAxA3bnhV3dC6NsSVyBi0QpOtUPvSLwHMa5UK3sd04D%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6cb210b5de383ba9-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
trk.core.idm.js
www.psimg.com/ga/ Frame 191E 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.psimg.com/ga/trk.core.idm.js
Requested by
Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/tracking/trackingLoader.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
77.87.180.198 Douglas, Isle Of Man, ASN43338 (RATIONAL-AS, IM),
Reverse DNS
Software
Apache /
Resource Hash
1b224796655120cc461d4c7487ca102a378ec3ecb4e9cd9936eb3248f97ba6f1
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.pokerstarssports.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 01:17:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 25 Nov 2021 14:56:13 GMT
Server
Apache
ETag
"4007-5d19e2cfe1aec-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Strict-Transport-Security
max-age=157680000
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=241
Content-Length
6098
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.23.0/ Frame 191E 		312 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99ac0e388250281fe8851ef71799b3222bab0db5612c2c17deba3962626e0ec1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.pokerstarssports.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 10 Jan 2022 01:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
joMckLq8BtEunD8NH/4XVA==
age
7175391
vary
Accept-Encoding
content-length
76366
x-ms-lease-status
unlocked
last-modified
Thu, 02 Sep 2021 03:11:58 GMT
server
cloudflare
etag
0x8D96DBF6CBEE741
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b5056f91-801e-0125-4a6c-c40600000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6cb210b68d1540a5-CDG
activeview
pagead2.googlesyndication.com/pcs/ Frame 813B 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsswg318-4G08psmYsPjdN-wEvJ_xENbXKapoWs0lOswiez7nRXBARU8BJKnA3jJsXCzjbpVysjzE8fv61xrSGGAr7VSOn7hln04tdqCbVywVAd6cgUDtw&sai=AMfl-YQHODSVCYZTSjUW60AgaH-ZNM9PN9XD_-JmQj7ZYCcXi7t-wjGXh9IwGRIzN__yjV23AiCcQq-xPIwe8vLNLgCNn9nJUZudaiu4jJDQScTUQa4IUcUJXbTvY3lbx4A&sig=Cg0ArKJSzC7j-ejN6pm6EAE&id=ampim&o=410,639&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1020&mtos=0,0,1020,1020,1020&tos=0,0,1020,0,0&tfs=106&tls=1126&g=100&h=100&tt=1126&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=2806002317
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 01:17:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fr.json
cdn.cookielaw.org/consent/723163eb-986d-40ec-b913-60e870dc2555/c526dfc0-e864-45a1-81b0-9fcc40314c54/ Frame 191E 		112 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/723163eb-986d-40ec-b913-60e870dc2555/c526dfc0-e864-45a1-81b0-9fcc40314c54/fr.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89036e410a8c1d04a4c35b5ee76ca08a80b3e5d8c715fe7a1277c6fbf4d2878c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.pokerstarssports.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 10 Jan 2022 01:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
8HwtOdHjpf9adSWsL3Rvpg==
age
11185
vary
Accept-Encoding
content-length
22373
x-ms-lease-status
unlocked
last-modified
Thu, 14 Oct 2021 13:04:32 GMT
server
cloudflare
etag
0x8D98F1329EACF19
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
b07f0a9e-d01e-015b-44fc-c099cf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6cb210b6ffa9cda7-CDG
expires
Mon, 10 Jan 2022 05:17:22 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/6.23.0/assets/ Frame 191E 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.23.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.pokerstarssports.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 10 Jan 2022 01:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
r7t3xbAZ3QK/7lQuu5X7ww==
age
7175090
vary
Accept-Encoding
content-length
2950
x-ms-lease-status
unlocked
last-modified
Thu, 02 Sep 2021 03:11:51 GMT
server
cloudflare
etag
0x8D96DBF68EC8D5B
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
859544d4-301e-00b0-146c-c42166000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6cb210b74fd9cda7-CDG
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.23.0/assets/v2/ Frame 191E 		47 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.23.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59415c8f1106151e421f5a3e46e8f8aca679ea9cefba5eb1d386ca0381d48c18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.pokerstarssports.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 10 Jan 2022 01:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
+0xPzL52AeUkZsqLfWvieg==
age
11185
vary
Accept-Encoding
content-length
11387
x-ms-lease-status
unlocked
last-modified
Thu, 02 Sep 2021 03:11:53 GMT
server
cloudflare
etag
0x8D96DBF69F1D28E
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
ee071714-e01e-009b-7c94-da55de000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6cb210b74fdccda7-CDG
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.23.0/assets/ Frame 191E 		20 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.23.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.pokerstarssports.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 10 Jan 2022 01:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Ye6OeZcNyuFoWog7CYs00A==
age
7175090
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Thu, 02 Sep 2021 03:12:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
e09f4c78-901e-003e-366c-c46ec7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
6cb210b74fddcda7-CDG
activeview
pagead2.googlesyndication.com/pcs/ Frame ACBD 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst-IOxxMI8iCUv_YE_E2XpmYVx1I-Z6aHIxvPOYKxQ2r-EmwibMv-PasDkwZBpRTGIr3O4jLEmnQ7pN2iwFzzPy_4HnVl9-xB030iIBNBSzPK5yWBIyPA&sai=AMfl-YRGZChUmcc8RrU45bCa3VgSRV1Qh09aThyd6EVGbOtBl06ZQt9lxLpvpCxpeZuWrGoK3b6qoFJOKaxaInrmrBQcRDG6JgbverZsn0ty5Wa3nWpLDWKwDbv9Kp5DXgKe&sig=Cg0ArKJSzJ5rKzeuE8IWEAE&id=ampim&o=992,639&d=300,280&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=53&tls=1053&g=98.21428656578064&h=98.21428656578064&tt=1053&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=1948922598
Requested by
Host: www.arnolds.com.br
URL: https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 01:17:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jquery.js
megacdn.top/ Frame 38AA 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://megacdn.top/jquery.js
Requested by
Host: megacdn.top
URL: https://megacdn.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:3197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7303ec715a1cd82d9dcbc67206fd490523934e5bae0708ba2f6ca56f0e43387

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://megacdn.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 01:17:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=62IC2xXOS7VqshQpTGBsP2aWfr4JgWfIh8U9c3aSGEoaQfAKKFFgKKXdujmvhygpIB%2BGnmp5IEudp6J5hqy9MNrKBbRiDia9f5UHXuNVAAAgsqhnJTofZEgi8n7bR6ZP%2FPAB7NnnPERkIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
6cb210bb4e933ba9-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
0
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
30d8fc1e45b10251e207bb18d7e33ffa45ad64070b8a2b522572eb064c5c7855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 01:17:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8665
x-xss-protection
0
/
awscloudfront.ml/ Frame A3F9 		208 B
761 B 		Document
General
Check archive.org
Download Go to
Full URL
https://awscloudfront.ml/
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:31a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d3f9d8ff33e31cd0334df91cdb3586df887757daeb652ed27c69b6a43ff78e4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://megacdn.top/

Response headers

date
Mon, 10 Jan 2022 01:17:24 GMT
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
expires
0
pragma
no-cache
cf-cache-status
HIT
age
5
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lnKeUqr0Fk6MJTZfIlmQliR1Gp26SKqO2dRnvi4MW%2BYkiu%2FE%2Bc2LFakPx2DvbY4OEzgDCZyuRoaKidLeYDN%2FZKgu6y84JBHshk3dnnAJqa6kZZ3ynsTwTdzLMgC0wE7xNosyB7bGReBfI4tbnsN2"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6cb210c1cb9dcda7-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 10 Jan 2022 01:17:23 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 844C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Sun, 09 Jan 2022 23:52:08 GMT
expires
Mon, 09 Jan 2023 23:52:08 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
5116
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame DB49 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d1cba0844378ca410230c6de379de89f4fbf557880d2d7915699b535b15cbef3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-li7hq3NAJTEqcabmVrSF1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 10 Jan 2022 01:17:24 GMT
date
Mon, 10 Jan 2022 01:17:24 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-li7hq3NAJTEqcabmVrSF1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
V_1BK8LT12tPAXVBd9VW07x8-6IwLId0KwHdjemGMHg.js
pagead2.googlesyndication.com/bg/ Frame 844C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/V_1BK8LT12tPAXVBd9VW07x8-6IwLId0KwHdjemGMHg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57fd412bc2d3d76b4f01754177d556d3bc7cfba2302c87742b01dd8de9863078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 23:51:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
5125
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13406
x-xss-protection
0
last-modified
Tue, 21 Dec 2021 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 09 Jan 2023 23:51:59 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DB49 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=4215530080586041&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
jquery.js
awscloudfront.ml/ Frame A3F9 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://awscloudfront.ml/jquery.js
Requested by
Host: awscloudfront.ml
URL: https://awscloudfront.ml/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:31a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7303ec715a1cd82d9dcbc67206fd490523934e5bae0708ba2f6ca56f0e43387

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://awscloudfront.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HePfV9MeaVwOy%2FwWju7ZkmvYoVleTYYqc7NiyNFsIN15sLoUGURh3Ng3BnmncbZLP4W%2BsRl4FQDG69DFp9citoSWjLug1BiJuaTa6Qmd2MQhHkXGtm4i0D7ZWffRabxr6xXC%2F%2F34CniM0zby1zYX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
6cb210c24a25a8a3-CDG
expires
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=4215530080586041&bg=!MTKlMnbNAAbDtiZlw7Y7ACkAdvg8Wo8ZJ8IibP-m0rvSupHHSo1ZwZJYpWIvWpF1iIMpqxYWaQQpWQIAAAB1UgAAAAZoAQeZAoo-AOp9YU230xZiUKgDdWnActxUHGqYDWGWdsONZ44cQB-Dk3VNvbQYkffIhbifOnru1higOiua5SGP3XcFSSbFzjBeEZTC1EiUlRZmqaw3aK9WFNDj5AVIa3NJJ0YPW8GSiTzlTjbLAMPE_CSxqKjP6tW9sG4ZIeSytScKqERwyA45IesgfnXnljuDdv89hXIBXhOfgJ4xr4bBwR3yNIAnWMRxFSTdypMFUnBE5IDkSlegwGiZtkfVodSHoHrIyeGysS1DO7197zlWGkKZbsRI8OH-X_yNt8HOhg-G6NzRjjb73nk_0Mjz-5QtbWgXWxmXI4Jon3J7xDlohr6hlcNFo4nVS4Xeljh_rlPdUXR_hqK4NBRaAxb8M75xqSG1pjLXlsVaa8Rz0rPgYdujaxZs5HYDEpFuNgrM7yPZiNuycBuAhy3gMlVUYw39E-4Z82B5ThVvir5Ck4hUvPcqDIQ6FTaeQxVRwm-Kc_F4HUDqPP9iTzXBuP7TyKY1m8dCvnr8ghS4H5AQYP1fgtSxmuU61KR_owTXUbdyqsJ5P1FDei6q1sggtd7RU5IeuJBAvMTBszwy5VGqArZJTnMITu9q0MX5mspmhuK5ro8q1bblu0oH3c9pwgHy5S7tNXlpVbDHKEFoub3x0zt1HCpLHjhDSUAuwOTzh-KtXZ_aq24Oecw9jAtxa93Unr3tnhuIeOBOA145h8QbRG48gpOjuag_l6ZT6t6X4C1FnylES73_jEHGTGVJqhpLBStBqf286ghWVGvAhaWzLZHEpSiWuskk81V3ILcrsm9lrJRBJutQ_vCwm4Di5mvkhclV83TWj0brTR7TlHTeEq5lrh6ptQlNV6Z9j-y_tfWsAQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.arnolds.com.br/crash-bandicoot-os-5-niveis/?utm_source=facebook&utm_medium=social&utm_campaign=fanpages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 01:17:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c1ee4c174b3b485049176b5ff8cbbe10e.otf
megacdn.top/fonts/ Frame 38AA 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://megacdn.top/fonts/c1ee4c174b3b485049176b5ff8cbbe10e.otf
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:3197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fae3b82f2a2636c28341de00137bf10e9099af47ce29e3e91a93e19bcd8baf8

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://megacdn.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6612
pragma
no-cache
server
cloudflare
etag
c142ef1b22659240c7b3d3de27a8e202
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKkgmGPzdXTyo3gWU02B%2BiNuVCFj6D1cTSZ6kOvP%2FuBV16CEpFZmRvDGc0LLDjxXbT0oQSw3ZNsp7DjEFd2lxWE9ryFFZ%2FUlPqxXtpETPef8YO3Tb90hwnroe3sbcfncFk%2FNN2CNw7YjWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/opentype
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
6cb210c28e8f3ba9-CDG
expires
0
d433acfd-b1ef-4571-a709-82e0db0f0518
https://www.arnolds.com.br/ Frame A9C9 		174 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.arnolds.com.br/d433acfd-b1ef-4571-a709-82e0db0f0518
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e55275e2cf00c39ce90846157f36235e11ad02f5718bfc6afb5a55fcf692d25

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length
174
Content-Type
text/javascript
i301a18860e11e5a70468ddc2f36fe34b.otf
megacdn.top/fonts/ Frame 38AA 		504 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://megacdn.top/fonts/i301a18860e11e5a70468ddc2f36fe34b.otf
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:3197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f3a43ac8ca5345a2a3c21ebc4fbb10805c10f3510e4474fd0eb2d0eb4beb233

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://megacdn.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
504
pragma
no-cache
server
cloudflare
etag
5da6fdc11e443a6b6f54af697e5528f0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z6gQAT0uBlf2kigeJRy9VpEWZBGr3AMNjzpULiy4PB2Zw%2B76E%2Fm8Z9DnKxIH989rDW6kEOxyFi6APPryGbgqNHRXxFcXHkQbVstU%2Ft29n%2F10y6D5B%2FsOwNBLuv1Bde92tGxNlHsvSv%2BsBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/opentype
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
6cb210c7cf333ba9-CDG
expires
0
re6dee9a55c4ab6ab7a36b94d1d5ea379.otf
megacdn.top/fonts/ Frame 38AA 		204 KB
205 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://megacdn.top/fonts/re6dee9a55c4ab6ab7a36b94d1d5ea379.otf
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:3197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
858ba163a1acaa4a0b86995a99f99b8b6bbf36c89fe39bb2f8cf9cadce0e7c6e

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://megacdn.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
209068
pragma
no-cache
server
cloudflare
etag
cdf1b1b4d034da4e40774ce2eced6b13
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ely7oe1yBOFJ%2F2ZKcwedu0GeC%2FByEzb38zSOxOlU%2BcmfSxuP5uRS7dcAdjXwnv5JbRrcNEuuZ%2F7hphyRVxtXQSx0g7XTucPuNepUVmaIV8u6XVDNDz7ihRJun8IZcnYhR239gJBQjFY%2F8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/opentype
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
6cb210ccfdef3ba9-CDG
expires
0
m4889d3f8297ba3edf6742129c80a4da3.otf
megacdn.top/fonts/ Frame 38AA 		13 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://megacdn.top/fonts/m4889d3f8297ba3edf6742129c80a4da3.otf
Requested by
Host: www.adssuper.com
URL: https://www.adssuper.com/instagram/campanha.php?id=%3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb&ref=downloadmegajogos&titulo=VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:3197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5809ed31d719b1196046279579827de938320472852187ee4e606b5f459de3fa

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://megacdn.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 01:17:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13392
pragma
no-cache
server
cloudflare
etag
76f13c64c8e4d869acfd65ed826c876b
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NSlGg6vFH9ntGs0EaPYyYcm72HXDIla10URR6HA%2Fv37lBQ1TIG%2B9Wl3kHhXxvtUgu5888nayHaVghbBzzxaauNy4gYWOIMiCFDKHKC2IxTJl4yv0kSLWAwfL%2FdqxNOJZw4JwbBNfKIG%2BXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/opentype
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
6cb210d2becc3ba9-CDG
expires
0
/
www.streamix.tv/ Frame 66FE 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
statistcdn.com
URL
https://statistcdn.com/analyze.js?typeId=f
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvVfNLD5dcl7EigB2aiQ1PafWMvpJkqvNG7_xaIJgsVhmXSL8TpDHV_9GjAs8KhZXdA9yiALzhi8lfyJ9PHIDn5yNnOY83FtOUqk3l8jtkR5f82P225GlH_mbjlMZdt2rVqi5MhxksFVOTa3RMxSQa5pay5YazoP7Fj-s9SOpNedLzFiqeqRlIt7W51w1C8HID7-AzW2wDtww3aQw99_PzV9StBX_TNNQm08Kbn_xL1tZFLYG-3SwiIDiT5I8H6fIqIOn0j0oNvDEqMlCcsmVEG8Rr3nxUIFaCKTas39I6Uj1FHnP4vTZKOMI1STjCDyMStBskmBgN0nQxXErUP_N_Ay4uepiPHPh7GUPzjifGt_P5V1nDa0dPv-c9tYlydinIHVw&sai=AMfl-YRKjkckb6467-IYZvX8ofhrKm5PTRBoeZTSBnw5R-T31uVqjr0FpMGBI-IRplxH6qa7BG0M7ycD1cxBY5zED6TiPqxTh_fIzePw4vTykXWbalRhjSpEj3jTMuHiMFQ&sig=Cg0ArKJSzMWhV47hXJD_EAE&uach_m=[UACH]&urlfix=1&adurl=
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM
Domain
www.streamix.tv
URL
https://www.streamix.tv/

Verdicts & Comments Add Verdict or Comment

161 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| onsecuritypolicyviolation object| onslotchange undefined| $ function| jQuery function| GerarCookie function| LerCookie function| ExcluirCookie function| passou function| $a function| gtag object| dataLayer number| g_iCount function| relogio string| mensagem function| clickIE function| clickNS string| demandSupplySc string| demandSupplyCr number| demandSupplySr object| houseAdCampaigns string| demandSupplyTi number| demandSupplyAp object| demandSupplyTc object| demandSupply object| dspbjs object| _app object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| setCookie function| getCookie function| createGeoRestrictionCookie object| AdSlotCollection object| WebComponents function| __CE_installPolyfill object| ShadyCSS object| regeneratorRuntime object| googletag object| ggeac object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle string| google_user_agent_client_hint object| gaplugins object| gaGlobal object| gaData boolean| __isGoogleAllowed object| pbjs325474 object| _0x4750 function| _0x2d31 object| _0x3be95a string| _0x5d4e33 object| _0x208045 object| _0x2f4b54 function| _0x3be6ec object| _0x3bf056 boolean| _0x47663c boolean| mutexNetwork function| MobileDetect function| pbjs325474Chunk object| _pbjsGlobals object| ADAGIO object| iframe object| _wau string| k object| _scszo5us13a object| 13nxey00luzg object| zfgformats function| setImmediate function| clearImmediate function| _sxvhiu function| _wxfdtpn string| wau_w_col string| wau_w_siz object| WAU_ren function| WAU_dynamic function| WAU_dynamic_request function| WAU_r_d function| WAU_insert function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_lrs function| WAU_cps function| docReady object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id function| onClickTrigger function| kkp4a5x5tv boolean| zfgloadedpopup object| CleverCore number| CleverCoreRegistryLoaded object| _dtspv object| x string| x1 string| x2 object| Tynt object| _33Across function| __uspapi object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| ampInaboxIframes object| ampInaboxPendingMessages object| _0x36c8 function| _0x5788 string| _0x4e0fff object| _0x4bfc20 string| _0x234d7c object| _0x5df6c5 object| _0x2c5c89 object| _0x1318cb string| _0x47323f string| _0x1bba13 string| _0x480c44 string| _0x10d8c6 string| _0x597499 function| _0x1ceef4 string| _0x20146e string| _0x18bcea string| _0x63f56c object| _0x3bf4dd string| _0x2381f6 string| _0x483225 string| _0x2046f6 function| _0x56f075 string| _0x152d3d string| _0x43dca6 string| _0x1986b9 object| _0x2b8212 string| _0x7fc93c string| _0x401767 string| _0x3a3039 function| _0x423e42 object| _0x1c06cb object| _0x7c2254 boolean| _0x24b14d object| _0x57fd58 object| _0x44e9e8 object| GoogleGcLKhOms object| google_image_requests

51 Cookies

Domain/Path Name / Value
www.adssuper.com/ Name: idpub
Value: 2
adssuper.com/ Name: viewsAds
Value: downloadmegajogos
www.arnolds.com.br/ Name: PHPSESSID
Value: o1sg84qhon6nf6vr1uorb4mnof
www.arnolds.com.br/ Name: ppwp_wp_session
Value: 903b3b91a1c661ce92ffcc778079a4ba%7C%7C1641779239%7C%7C1641778879
www.arnolds.com.br/ Name: idcriptografada
Value: %3D%3DQO2kjNhNTJt92YuMmb5NXZk5yc1R2b4VmZyUiZyUSYzUCckVXPyR3Ow1WYmkjN5YTYzUya05iclZmc1NnclBHcvNmLyV2ajFmc0ZmMlYmMlE2MlAHZ11jc0tDctFmJ3MzMxE2Ml02bj5Sap52btVGZu4WZw9mZyUiZyUSYzUCckVXPyR3Ow1WYmczMzETYzUCaj5SehRGMyVmemJTJmJTJhNTJwRWd9IHd7AXbhZSO2kjNhNTJnJ3buU2cpRWYyFGctMnclh2YlVGbuIXZrNWYyRnZyUiZyUSYzUCckVXPyR3Ow1WYmoERwITJy1EMyUibvlGdjVGbs92QwITJlRXZsBXbvNEMyUyMwITJz1WaTBjMlUGaU1jbktDctFmJGRTM3IjR3Q0QERTMwkzMyYUMBN0Q1MUN2IURDdjQxgzMDVkNzgTO2oDapRnY64mc11Dd49jO0VmbnFWb
www.arnolds.com.br/ Name: nome
Value: VGhlIFNpbXMgMyBUb3JyZW50ICsgVG9kYXMgRExDJiM4MjE3O3MgW1BULUJSXSAmIzgyMTE7IERvd25sb2Fk
www.arnolds.com.br/ Name: ref
Value: downloadmegajogos
adssuper.com/ Name: linkRedir
Value: https%3A%2F%2Fwww.arnolds.com.br%2Fcrash-bandicoot-os-5-niveis%2F
live.demand.supply/ Name: demandSupplyTi
Value: 0a3ff35b-9e0b-46e3-b444-82d12c3d9f44
www.arnolds.com.br/ Name: __oagr
Value: true
.arnolds.com.br/ Name: _ga
Value: GA1.3.1365420389.1641777440
.arnolds.com.br/ Name: _gid
Value: GA1.3.1721626616.1641777440
.arnolds.com.br/ Name: _gat_gtag_UA_108875794_3
Value: 1
rotumal.com/ Name: OAID
Value: e9aca72003d24bc896573a9f813dd171
rotumal.com/ Name: oaidts
Value: 1641777440
my.rtmark.net/ Name: ID
Value: e9aca72003d24bc896573a9f813dd171
www.arnolds.com.br/ Name: prefetchAd_2748187
Value: true
www.arnolds.com.br/ Name: clever-last-tracker-43452
Value: 1
www.arnolds.com.br/ Name: clever-counter-43452
Value: 0-1
.dtscout.com/ Name: m
Value: 1
.dtscout.com/ Name: b
Value: 1
.dtscout.com/ Name: oa
Value: 1
.dtscout.com/ Name: df
Value: 1641777440
.doubleclick.net/ Name: IDE
Value: AHWqTUly4__ygz61cU-T-tLxImW2Rlkmip9zwYA2qMP0c3OmlpUKY2SPhREms2w3ejA
secure.starsaffiliateclub.com/ Name: CEK
Value: a
.doubleclick.net/ Name: DSID
Value: NO_DATA
.arnolds.com.br/ Name: __gads
Value: ID=1418754bdceb94cc:T=1641777440:S=ALNI_MZ3He0tM8ANDuFkKVKTYZ-k1IlvFw
.arnolds.com.br/ Name: _gat_gtag_UA_139883519_66
Value: 1
secure.starsaffiliateclub.com/ Name: XYZ
Value: 120&2&148&&&&0&1&&96166a6f-f156-471a-918a-c39d525755c6&&a_174459b_5709&
secure.starsaffiliateclub.com/ Name: A_5709
Value: a=5709&r=0&fv=0&lv=0&vc=0&fc=20220110&lc=20220110011721&cc=1
secure.starsaffiliateclub.com/ Name: PM_50
Value: c=YSAAJYONVRBAAFR&s=174459&ad=5709&md=0&pm=50&d=20220110011721&ip=624665701&r=0&ref=https://lp.cleverwebserver.com/
.arnolds.com.br/ Name: _gat_gtag_UA_135425005_2
Value: 1
.adnxs.com/ Name: uuid2
Value: 2459723091684662570
.casalemedia.com/ Name: CMPS
Value: 1212
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E>8fity+!]tbPl1M>e)ZlrFUfJ+tGXxpONY-^oU?AOVQob0[AkWF(AEJ3xNab/ts.y_c*bpRz*qF1`*b^]P)jXMi
.casalemedia.com/ Name: CMST
Value: YduJIWHbiSEA
.casalemedia.com/ Name: CMID
Value: YduJIcgllHS4Hd4C1pzOQAAA
.casalemedia.com/ Name: CMPRO
Value: 1104
.casalemedia.com/ Name: CMRUM3
Value: 2d61db89212760CAESEJr7LdOfduXLUl4iSssmLnk
www.pokerstarssports.fr/ Name: sti
Value: NWJ0G34bLDITAgxocwJhKi0uICw0M3hRBS4rL30YPxNzSmABJzcTUxBCIXVXFAlWSSRQb3RtJCtSRE9vaW9pP31xDh4heT1xbWZDZ1gzHidBc2JqZStweXAOAEhLLBtmUTp%2FN1N0YXY9KhFdUldKQHFUPVRJTnURPQl0TGIBIjQoCg1UX0thXkZ5F3gBKTIgJwYUAA85eERDQlpCThUqeVZPXwlhTW9PLwFlX0EkMW8yLTUXVBMSF0U%3D
www.pokerstarssports.fr/ Name: pti
Value: NWJ0G34bLDITAgxocwJhKi0uICw0M3hRBS4rL30YPxNzSmABJzcTUxBCIXVXFAlWSSRQb3RtJCtSRE9vaW9pP31xDh4heT1xbWZDZ1gzHidBc2JqZStweXAOAEhLLBtmUTp%2FN1N0YXY9KhFdUldKQHFUPVRJTnURPQl0TGIBIjQoCg1UX0thXkZ5F3gBKTIgJwYUAA85eERDQlpCThUqeVZPXwlhTW9PLwFlX0EkMW8yLTUXVBMSF0U%3D
.pokerstarssports.fr/ Name: promo_ia
Value: a_174459b_5709c_YSAAJYONVRBAAFR
.pokerstarssports.fr/ Name: sti2
Value: NWJ0G34bLDITAgxocwJhKi0uICw0M3hRBS4rL30YPxNzSmABJzcTUxBCIXVXFAlWSSRQb3RtJCtSRE9vaW9pP31xDh4heT1xbWZDZ1gzHidBc2JqZStweXAOAEhLLBtmUTp%2FN1N0YXY9KhFdUldKQHFUPVRJTnURPQl0TGIBIjQoCg1UX0thXkZ5F3gBKTIgJwYUAA85eERDQlpCThUqeVZPXwlhTW9PLwFlX0EkMW8yLTUXVBMSF0U%3D
.pokerstarssports.fr/ Name: pti2
Value: NWJ0G34bLDITAgxocwJhKi0uICw0M3hRBS4rL30YPxNzSmABJzcTUxBCIXVXFAlWSSRQb3RtJCtSRE9vaW9pP31xDh4heT1xbWZDZ1gzHidBc2JqZStweXAOAEhLLBtmUTp%2FN1N0YXY9KhFdUldKQHFUPVRJTnURPQl0TGIBIjQoCg1UX0thXkZ5F3gBKTIgJwYUAA85eERDQlpCThUqeVZPXwlhTW9PLwFlX0EkMW8yLTUXVBMSF0U%3D
.pokerstarssports.fr/ Name: stiram
Value: NWJ0G34bLDITAgxocwJhKi0uICw0M3hRBS4rL30YPxNzSmABJzcTUxBCIXVXFAlWSSRQb3RtJCtSRE9vaW9pP31xDh4heT1xbWZDZ1gzHidBc2JqZStweXAOAEhLLBtmUTp%2FN1Nie2s9SVpXG05VTXFUPUlPSHVMexMmFzBAc3JuZTt1eXBWBlUIRSBYF0BaCRBlCg4KT09JLCo1MH1SADcpKXkqX28GMhQLd18oN20yKTtCPBIRFnZWQl5KBBhrbnBOTUlYUFpFVkYxY1NUXHURPQl0TGIBIjQoCg%3D%3D
.pokerstarssports.fr/ Name: ptiram
Value: NWJ0G34bLDITAgxocwJhKi0uICw0M3hRBS4rL30YPxNzSmABJzcTUxBCIXVXFAlWSSRQb3RtJCtSRE9vaW9pP31xDh4heT1xbWZDZ1gzHidBc2JqZStweXAOAEhLLBtmUTp%2FN1Nie2s9SVpXG05VTXFUPUlPSHVMexMmFzBAc3JuZTt1eXBWBlUIRSBYF0BaCRBlCg4KT09JLCo1MH1SADcpKXkqX28GMhQLd18oN20yKTtCPBIRFnZWQl5KBBhrbnBOTUlYUFpFVkYxY1NUXHURPQl0TGIBIjQoCg%3D%3D
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YduJIQAEaA5vYAAF
.turn.com/ Name: uid
Value: 3160417525024078845
.c.appier.net/ Name: _auid
Value: CffBwPHjD9SG6_u9IonbYQ
.c.appier.net/ Name: _gu
Value: CAESEPyO-fky7deOgMJ_xCiMm5Y
www.arnolds.com.br/ Name: adsclicks
Value: clicou

9 Console Messages

Source Level URL
Text
network error URL: https://adssuper.com/social.php?src=https%3A%2F%2Fwww.arnolds.com.br%2Fcrash-bandicoot-os-5-niveis%2F
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://ad.lomadee.fun/banners/script.js?sourceId=36084693&dimension=17&height=250&width=300&method=0
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ad.lomadee.com/banners/script.js?sourceId=36084693&dimension=17&height=250&width=300&method=0, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://ad.lomadee.fun/banners/script.js?sourceId=36084693&dimension=17&height=250&width=300&method=0
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ad.lomadee.com/banners/script.js?sourceId=36084693&dimension=17&height=250&width=300&method=0, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other warning URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://adtrue.fun/dynamic/ads/
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://statistcdn.com/analyze.js?typeId=f
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLUEO894_6uvNGiTYcFDGCuufqTXLjTD1_uqE-yjKv2v539xJSYrYHZ3QATTenlj2k7sTGDI7LTAH1WjJdlIj0MYidJZlM
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3c62713a9dc01f72a4c85badf42f60c2.safeframe.googlesyndication.com
a.c.appier.net
ad.lomadee.com
ad.lomadee.fun
ad.turn.com
adservice.google.com
adservice.google.fr
adssuper.com
adtrue.fun
api.demand.supply
awscloudfront.ml
cdn.ampproject.org
cdn.cookielaw.org
cdn.jsdelivr.net
cdn.tynt.com
cm.g.doubleclick.net
cmp.optad360.io
cms.rationalcdn.com
cmsstorage.rationalcdn.com
de.tynt.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
get.optad360.io
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
ic.tynt.com
live.demand.supply
lp.cleverwebserver.com
megacdn.top
my.rtmark.net
onmarshtompor.com
pagead2.googlesyndication.com
r.turn.com
rotumal.com
rtb2-useast.torchad.com
s0.2mdn.net
s1.rationalcdn.com
s4.rationalcdn.com
scripts.cleverwebserver.com
secure.starsaffiliateclub.com
securepubads.g.doubleclick.net
sender.clevernt.com
ssbsync.smartadserver.com
statistcdn.com
sync-tm.everesttech.net
t.dtscout.com
tpc.googlesyndication.com
ui.cleverwebserver.com
waust.at
whos.amung.us
www.adssuper.com
www.arnolds.com.br
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.pokerstarssports.fr
www.psimg.com
www.streamix.tv
cm.g.doubleclick.net
securepubads.g.doubleclick.net
statistcdn.com
www.googletagservices.com
www.streamix.tv
104.111.238.76
104.18.29.199
13.32.121.81
139.162.117.143
139.45.195.8
139.45.197.237
139.45.197.243
142.250.184.226
142.250.185.162
148.69.64.76
151.101.2.49
158.69.139.229
2.18.234.21
2001:df2:a300:bbbb::135
2600:9000:223c:b600:6:b871:4f00:93a1
2600:9000:225e:3a00:11:a4de:2580:93a1
2604:9e00:1:129::2:a01
2606:4700:10::6814:b944
2606:4700:20::ac43:4739
2606:4700:3030::6815:3197
2606:4700:3031::ac43:a4a4
2606:4700:3033::6815:31a3
2606:4700:3037::6815:1bfe
2606:4700::6810:5714
2606:4700::6810:8616
2606:4700::6810:9540
2606:4700::6812:18f6
2620:112:f006:bbbb::12
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2006
2a00:1450:4001:811::2001
2a00:1450:4001:812::2001
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2004
2a00:1450:4001:830::2008
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
37.252.172.250
40.127.233.95
47.241.6.33
54.36.217.27
67.202.105.32
67.202.105.33
67.202.94.93
77.87.180.198
77.87.181.187
02c3c7a072a35862fe9819e0606db72ca95cd3a6521058ab5d1cb9ff654a9802
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
0882fe11baf5c777266a9ab3f14aa451432c7099158b2d69b3515ee5c8e66d4d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c83d8686329e6c1a04c31eed0a96c4ab76dc78cf314de9d192d3505fd3c70f5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f473fefe40384ad90ca8a03212ad487e428a3cd5f403f5bd77a31a1a23414cb
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1717cad6a3d1cdabeb6f2f0e1900b1f5ba60bb16aecb91a1b1a23ce1eb1d6bd6
17de5dfc7a146e3318f676d1e363efec0ac5e53ae094b46870788c4c523639d1
1a4722f7c6bfc8ed582a1da7f4e552be5350efe348638b31ec4a1291963c8e8e
1b224796655120cc461d4c7487ca102a378ec3ecb4e9cd9936eb3248f97ba6f1
1cd7e3414978faf9c0fab2a4f2e9d165756cd735cfe4e0cef432c2d522abe14c
1cf3fbe536aa50fd14d375fd582f69aa1c0b47f9ae7cc8dec59c0c9bb8fb7a84
1dfb319d079364884218d161458302dcf520a66892765d656888716fa61f90d6
21a633d767147427bb95ee7559c8a90934723f9b788953f11a96aab8927c8bcf
2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62
27f3e97f04587e1c7897b1d0ffeccdec3b91173297342ac575ceabf689f65cf3
2aab1504fa53e70d0e551e6376884b9cb11384d8020b4449a8f3ad00a5010b11
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
30d8fc1e45b10251e207bb18d7e33ffa45ad64070b8a2b522572eb064c5c7855
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
3576922397316887f88852b48f78b1c12ded2614eeb82db173297333c368b5a8
3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5
3a1668f47968a039403dfcf98d40974bef85dacba9e1d4f3832e43fcf41d4b2e
3baee6b91d41cdf1f6876a21a763e66bd5ef64b156af02da2a1b2291f9a2b584
3bca67455c27a03bbaa0a91d29cbf8d2080c9c46e81f914d380528dd2e8c23cb
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
3e55275e2cf00c39ce90846157f36235e11ad02f5718bfc6afb5a55fcf692d25
3fa49132cfd4ae80349a262b643fc4f9afa40c41a56032d7e05c3500f4ec9313
40547beae40e26aa9b2a7d636a3bd34b4c70ca66288dbe730acc07a843080734
46195d7053583e21dc5abad45d28bd05f3ed6990374941625035053acfd6573e
46dfc2c1a3c0bf63c930428713f978fddb9af2c67b6e2d37d74019ded895a271
47a00c205ac23427984e572961850c21efd9d16502680c3876904f4a9840e61d
47ad6011e5af86c7553984269c5b2a0bd5c73f600001486b4675060dd3f2991e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
499d0d880b4d33b2711508aec3eddd440b65d39031c410fc64b2c5347f21d399
4b31f597e9852f3e8ef045d9f6032a8ecfe9d8e5c6cde3196c6964e193fe6615
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d2a74d8b25e1ccd4b1294b0b937804bc24aeea7f46edad3f3c1f91604d2708c
4d3f9d8ff33e31cd0334df91cdb3586df887757daeb652ed27c69b6a43ff78e4
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5253670d6147cb5de1350fd9206d311f4811352e3f9f20d4355bba9bc3f188d6
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5585dde13c733b5e473618b4c25b75257756643a782abd07804e4eafe6bf533c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5755144f0dce959dc794da1dfdc2acaebcf06d9b48532cb75dc972c33600f26d
57fd412bc2d3d76b4f01754177d556d3bc7cfba2302c87742b01dd8de9863078
5809ed31d719b1196046279579827de938320472852187ee4e606b5f459de3fa
58592287ef223ccfaf4321691662284da44741fefda1fa1abd3c70d70d6101cc
59415c8f1106151e421f5a3e46e8f8aca679ea9cefba5eb1d386ca0381d48c18
5ae8a670947d2e60836b1262227fc4bb0d6365c79c8de2b920a7567e8daa77fd
5b27ff831ca71bf69b6edae703bf9dfec6e70fa07b4c1f92f05853e0b53b47d6
5ff86f271c2c50f1074477420ba9679ed243b281f5cfb7f66129bdf5eea43c24
60874230a6d53bb32a69c06b8736c5643e9e7fa46c898afdd4b28012e5eea28b
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6408cb70afe8d80dab6967d0bfdb1858f05a90a7be3467f7e220d026788c3700
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
6aa11e842888cd75c787ba6e59d03d8139f93af3da4876c39b7d1600124a126c
6accb914154d46183fe79dbd09ea0735453a98e6365940152f1b1c735cc219c5
6ae32bfb576572d24258baa827124bc49e0f5a14b47e729a747ba49091801b14
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c10ff7971ac5fc6a3536c9e8a38aa796ba7b817348a98064364bdd9ccead5cf
6dbaa05f7fb5a912f5c83e94769b782ae994171ccdf83134cd73e31bd2ff2c7e
6e252225ba18824b66f582a958eb7049ce79d55a71df11b82928a0002bf8f7fe
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
726b896f637efa5d4813b617c31f0432d13a5a2206c8bdbc63750e616bd6ce11
72a30fe1eed2ac6c197ead23800b9ba2260ce8d948f4b0ad6c66e3badc18975a
73271f83e0d89e09da51434a964dde15ced7b91331f3b96357eb05ee81a85567
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
79f471eadb0ffd0f4403eb18faa86c1f11465bd01ffc03b537611abff81007b6
7b13d546052354706446b460f9ca5425d232f9491f0ccc9847c40e354da73552
803a3764ff60317a34392383ed24e52fec4327665c0fa9b2c3c904c276d1bb48
815fd8cd1ff4fb8f036b23e556f20ad5f7bf54f8cfee11c9c609de72765d3441
81eb43dc91150c80896595147280e4132f2ce7269051947a9ad6034428f18c48
81ee995dffa34893af62c18cca723cd6e6138ffacf1c232adefb58fd067500cb
84aa17f8bd026a331b01dd69bd992c95ce09df60557637f4e5fbad466338b86c
858ba163a1acaa4a0b86995a99f99b8b6bbf36c89fe39bb2f8cf9cadce0e7c6e
8878fe76a9d5f812136977a768b0292a70190104050ce601f84fd75c92c2f35d
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
89036e410a8c1d04a4c35b5ee76ca08a80b3e5d8c715fe7a1277c6fbf4d2878c
89aba511181409d49f50e5dbbdd706f562a3f1598f35a4215e65d9e9bcb12e8c
8f7699487d0076cd30bcc2e643ed6eb268d035886a25a1a76ed967f68b5ed5c3
8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd
982b2129753d358260b04218d4f75f9c287f93ace8653699a22cf448ec7ccbe0
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
99ac0e388250281fe8851ef71799b3222bab0db5612c2c17deba3962626e0ec1
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c6ce7b0c6df1f16a194be60fca2ca5cff0726696f21fca2ae30d63009e221de
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
9f312aead73c7059dc22bbff1a38210eaacd5e2d7beaaec586a32575c54bc35a
9f3a43ac8ca5345a2a3c21ebc4fbb10805c10f3510e4474fd0eb2d0eb4beb233
9fae3b82f2a2636c28341de00137bf10e9099af47ce29e3e91a93e19bcd8baf8
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1c8d65c43fe1c88be74c33135292fd56fd9bef142e202be5c153b79662df629
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f19a030fd4294a9f24e41012f744ac5d7ad92a811a66155635e14d139e19d9
a63ddf38726569927397c5e2df11aabb251d9b8daeec29c0faaabac107d33397
a68ca5a4362542336218d08ebda175b87f5efe4a9fc24c4259e6a56fcc4b0856
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9789e4a25fa23efe97512b4c8d286347f1c0320e319a3b12c14d6b4c3aa116f
ab9c1a988c7340b826fcdf27f0f17d09a98d240f2921a5ea9d0f341d4a330497
acb8211d1c3000b4b7d774055e93a623f70cdaf47f655f2e7764dc87541127ea
acdd6ff842180fbd42a4de729e21e798cc309f09d41cae5a2992eb7dd2e4fdb1
ad9f9715cc466d6b47c51f9bf3f3a86fd2796fff2e553f9cb67d7a6f4058f743
b09c8f21fb8b53a6e355b9c415e1faef94f5dcab16f138261b0b76f6fb816432
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b44bc2c476ed873040b37bd283647cd59dddde4838e2a0a58e28ffc397cf2ab2
b5633cefe7c581879292959bcb7039b1a41dad5d474103f166aa10669d54e0fe
b6e0ed111b18c28106493805edceb946a1922f14d7e8e3b6cbb4a1323ea5acf3
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb8d74ef8360ef8dc0bca6b758a01a4cc347402b37cc1ab8b0fd9984221b374d
bd205ffe59aa5dbad8d578251c5f0a3af93f88dafaa33628f00d99ffc3eca7c4
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
bec35833fdefd9f00dea8ea4453556d725b2c2368792502677410c6f72699636
c345e79d4270528fbc2c1640ca9f839d79708aeb44828debb614797e246ca91b
c3bf9a688b9ca3ba16c7e43c5ee8af2ad0f619c3a098c7ba12a14ed8975333bd
c7303ec715a1cd82d9dcbc67206fd490523934e5bae0708ba2f6ca56f0e43387
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd086711f75f41459add89ea1ff8d275eee2511a159b357cbb7a9b3f1b6ff965
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cffddca8d8e50c017deb4c68842840d34179c4d4340473d70b545f02540147e7
d1cba0844378ca410230c6de379de89f4fbf557880d2d7915699b535b15cbef3
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d70fde5e3f9ae842eb1bb7265406f1f4a63666bf23cdf4464da7e65077509996
db1f2f4de4a134a2c6da8be0bf4f997c02d446699f4ae7e12821b90fbd583b84
de2d174b8956ce02c80601c3f05b3033fd83b4607df0b2700b919d9d12653365
def3ab8589eb9f8ff02ee25450654bc2cefabde824ee0ec617b10d7bc9da6fda
e328332ff78a4535f853e3609e5fba88b2fdc7c30a03d8e58352b67310931f55
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5fd79e8359b28b9138da7f3d28df860228e8ac6096057ec12b0daafa90532c1
e69abd7e0cc82f336e61fea889e406ecbbeb7ece1df960231b7a9ba0d1dd1676
e70a1af556242beff3bd3241729d79cc869bdbfeef0b32b7420be65eced904ce
e7348a7778e4ec3d8c98abd54e28fe0c08465378e1dfbe608b9a0f51c8c41bf4
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
e86631bcc85aa70d72ec1b01c97211703e39e85ce25f919a4352e879c538691c
e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba
eb2a1d46ab2d923c7d5f8b100d9832cf3c4599ed99c53124b1533fb1a828f919
ee121ae661945d8e6075737b2223387c0984f9a743ed2ad9ff3a1766cc91384d
eeeb73ab2734bcbf9a66f2b124e9c4c68912e1a4835762a0a9b4b6014f895f88
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f39a9aae1a3970b1087e2dd27728d22fa2aa750c0743e548ccfcfbf36e72097f
f3a5d1df4717266e5cc80a4f1f04374285a2bbec2b920cd4220eedd5fe16d74f
f3f972ad41e826956495a2a0381723347276c553d300907cf8cc7486c8f069e4
f45f1605b74f0189aa51adaa9942f86984f3df9c6988bccd1bf792e880b0e97b
f54b1696bff73222472b53c7ca9d4355e21ec50d25c51a96c618baeb6f4b197a
f6461c753b2cb242bd7afeded6f99913fb9c40244ffdb5b264235f8a8451077f
f79f2ece8792038c95ab1052120d5d48f8e73c759a7ec551184f5c8f30c6811f
f93c21032adbadcb001721989879f993a926ae21b90dbb155ee4e0dd9764524e
f974e8d6e570fde2dd07cee4041a1b83dc62b583b47a817c2caa29ada0f1c7e5
f98c5a2391694717a4fd1b357e012bb224d393ecbb028fe67b0894d1062d7ab3
fb94b462f27f138f78bc2f58584c8e4377ea23828ec4bf2de9a76b624419b6d0
fc3c6f64f8fc7453c95d75a9a98b6dade6595d34af2efb73989f3104040dcbf4
fca1cecbb79ec1a111a8704840209211403a227b6d36818224dd490926077583
fecb548aab32732b397fe67f3e9843f82b2cec0bee84aa8fa21e27f290f64749
ff7a5c5a02c8eaef84aa31c9ac5a4b87ff7d3f6bfd4cb819526951f4a7311589
ff966b5361f7855d88b73da7596369d93cf8568fe19e9064c10b70325815d05e