www.pokerstars.de Open in urlscan Pro
77.87.180.149 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://s3.amazonaws.com/nxneexfbvktzup/soiupt.html#qs=r-age%20kbaichhbbecgaejdkfjkagfdcibcafbbcbabababafbahcaccagfgackkb...
Effective URL:
https://www.pokerstars.de/sites/aff/grouppoker/2/
Submission: On July 28 via manual (July 28th 2021, 2:48:28 pm UTC) from US

Summary HTTP 106 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 33 IPs in 7 countries across 32 domains to perform 106 HTTP transactions. The main IP is 77.87.180.149, located in Isle of Man, Isle Of Man and belongs to RATIONAL-AS, IM. The main domain is www.pokerstars.de.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on October 14th 2019. Valid for: 2 years.

This is the only time www.pokerstars.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.217.162.184 52.217.162.184	16509 (AMAZON-02) (AMAZON-02)
1 1	208.115.125.90 208.115.125.90	23033 (WOW) (WOW)
4	138.128.7.214 138.128.7.214	55286 (SERVER-MANIA) (SERVER-MANIA)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:215... 2600:9000:2156:b400:10:b308:84c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	13.224.99.92 13.224.99.92	16509 (AMAZON-02) (AMAZON-02)
5	34.232.232.115 34.232.232.115	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3030::6815:21e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3031::6815:4a86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	216.189.51.90 216.189.51.90	6921 (ARACHNITEC) (ARACHNITEC)
2 2	91.92.196.187 91.92.196.187	49882 (SKRILL) (SKRILL)
3 3	77.87.181.72 77.87.181.72	43338 (RATIONAL-AS) (RATIONAL-AS)
1	77.87.180.149 77.87.180.149	43338 (RATIONAL-AS) (RATIONAL-AS)
2	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
11	104.111.238.76 104.111.238.76	16625 (AKAMAI-AS) (AKAMAI-AS)
12	77.87.180.198 77.87.180.198	43338 (RATIONAL-AS) (RATIONAL-AS)
6	104.111.248.191 104.111.248.191	16625 (AKAMAI-AS) (AKAMAI-AS)
5	184.30.20.207 184.30.20.207	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
13	52.208.178.181 52.208.178.181	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	216.58.212.166 216.58.212.166	15169 (GOOGLE) (GOOGLE)
2 2	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
2 2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1 1	185.29.135.226 185.29.135.226	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 6	209.197.3.19 209.197.3.19	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1	62.212.64.230 62.212.64.230	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	34.249.65.165 34.249.65.165	16509 (AMAZON-02) (AMAZON-02)
2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
106	33

1 52.217.162.184 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.115.125.90 (United States) 1 redirects

ASN23033 (WOW, US)
PTR: citylevel.net

www.qatarmobile.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.128.7.214 (Buffalo, United States)

ASN55286 (SERVER-MANIA, CA)

bluestarfresh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:b400:10:b308:84c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.bouncepilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.99.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-99-92.zrh50.r.cloudfront.net

static.traversedlp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.232.232.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-232-115.compute-1.amazonaws.com

api.traversedlp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::6815:21e4 (United States)

ASN13335 (CLOUDFLARENET, US)

offer-notavailable.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:4a86 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

rapid-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.189.51.90 (United States) 1 redirects

ASN6921 (ARACHNITEC, US)
PTR: 216-189-51-90.for-global-telecom.com

go.nanzerkalo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.92.196.187 (United Kingdom) 2 redirects

ASN49882 (SKRILL, GB)

secure.starsaffiliateclub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 77.87.181.72 (Isle of Man, Isle Of Man) 3 redirects

ASN43338 (RATIONAL-AS, IM)

www.pokerstars.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.87.180.149 (Isle of Man, Isle Of Man)

ASN43338 (RATIONAL-AS, IM)

www.pokerstars.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.111.238.76 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-238-76.deploy.static.akamaitechnologies.com

cmsstorage.rationalcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s4.rationalcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 77.87.180.198 (Isle of Man, Isle Of Man)

ASN43338 (RATIONAL-AS, IM)

www.psimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.111.248.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-248-191.deploy.static.akamaitechnologies.com

s.btstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 184.30.20.207 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.208.178.181 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-178-181.eu-west-1.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.166 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f166.1e100.net

8954552.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.90 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.135.226 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 209.197.3.19 (United States) 1 redirects

ASN20446 (HIGHWINDS3, US)
PTR: vip0x013.map2.ssl.hwcdn.net

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.212.64.230 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: tradelab.fr

its.tradelab.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.249.65.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-65-165.eu-west-1.compute.amazonaws.com

d9.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

tapestry.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	thebrighttag.com s.thebrighttag.com	14 KB
12	psimg.com www.psimg.com	528 KB
11	rationalcdn.com cmsstorage.rationalcdn.com s4.rationalcdn.com	201 KB
9	doubleclick.net 5 redirects stats.g.doubleclick.net 8954552.fls.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net	4 KB
8	flashtalking.com 1 redirects servedby.flashtalking.com d9.flashtalking.com	31 KB
7	traversedlp.com static.traversedlp.com api.traversedlp.com	9 KB
6	mathtag.com 1 redirects pixel.mathtag.com sync.mathtag.com	5 KB
6	btstatic.com s.btstatic.com	48 KB
5	google.com 2 redirects adservice.google.com www.google.com	563 B
4	google-analytics.com www.google-analytics.com	19 KB
4	bluestarfresh.com bluestarfresh.com	13 KB
3	googleadservices.com www.googleadservices.com	20 KB
3	facebook.net connect.facebook.net	104 KB
3	gstatic.com fonts.gstatic.com	47 KB
3	pokerstars.eu 3 redirects www.pokerstars.eu	4 KB
2	tapad.com tapestry.tapad.com	833 B
2	google.de www.google.de	218 B
2	facebook.com www.facebook.com	303 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	618 B
2	adnxs.com 2 redirects secure.adnxs.com	2 KB
2	bing.com bat.bing.com	9 KB
2	googleapis.com fonts.googleapis.com	1 KB
2	starsaffiliateclub.com 2 redirects secure.starsaffiliateclub.com	2 KB
2	nanzerkalo.com 1 redirects go.nanzerkalo.com	840 B
2	offer-notavailable.com offer-notavailable.com	94 KB
2	bouncepilot.com static.bouncepilot.com	67 KB
2	googletagmanager.com www.googletagmanager.com	69 KB
1	tradelab.fr its.tradelab.fr	236 B
1	pokerstars.de www.pokerstars.de	5 KB
1	rapid-cdn.com 1 redirects rapid-cdn.com	1 KB
1	qatarmobile.net 1 redirects www.qatarmobile.net	427 B
1	amazonaws.com s3.amazonaws.com	514 B
106	32

	Domain	Requested by
13	s.thebrighttag.com	s.btstatic.com
12	www.psimg.com	www.pokerstars.de www.psimg.com s.btstatic.com
10	cmsstorage.rationalcdn.com	www.pokerstars.de
6	servedby.flashtalking.com	1 redirects s3.amazonaws.com servedby.flashtalking.com
6	s.btstatic.com	cmsstorage.rationalcdn.com s.btstatic.com
5	pixel.mathtag.com	cmsstorage.rationalcdn.com s.btstatic.com pixel.mathtag.com
5	api.traversedlp.com	static.traversedlp.com
4	www.google.com	2 redirects 8954552.fls.doubleclick.net
4	www.google-analytics.com	s.btstatic.com www.pokerstars.de
4	bluestarfresh.com	s3.amazonaws.com bluestarfresh.com
3	www.googleadservices.com	8954552.fls.doubleclick.net www.googleadservices.com
3	connect.facebook.net	s3.amazonaws.com connect.facebook.net
3	stats.g.doubleclick.net	www.google-analytics.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.pokerstars.eu	3 redirects
2	tapestry.tapad.com	servedby.flashtalking.com
2	d9.flashtalking.com	servedby.flashtalking.com d9.flashtalking.com
2	www.google.de	8954552.fls.doubleclick.net
2	googleads.g.doubleclick.net	2 redirects
2	www.facebook.com
2	cm.g.doubleclick.net	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	secure.adnxs.com	2 redirects
2	8954552.fls.doubleclick.net	1 redirects s.btstatic.com
2	bat.bing.com	s.btstatic.com
2	fonts.googleapis.com	www.pokerstars.de
2	secure.starsaffiliateclub.com	2 redirects
2	go.nanzerkalo.com	1 redirects offer-notavailable.com
2	offer-notavailable.com	bluestarfresh.com offer-notavailable.com
2	static.traversedlp.com	www.googletagmanager.com
2	static.bouncepilot.com	s3.amazonaws.com
2	www.googletagmanager.com	bluestarfresh.com
1	its.tradelab.fr	s3.amazonaws.com
1	adservice.google.com	8954552.fls.doubleclick.net
1	sync.mathtag.com	1 redirects
1	s4.rationalcdn.com	cmsstorage.rationalcdn.com
1	www.pokerstars.de	go.nanzerkalo.com
1	rapid-cdn.com	1 redirects
1	www.qatarmobile.net	1 redirects
1	s3.amazonaws.com
106	40

This site contains links to these domains. Also see Links.

Domain
www.bzga.de
contact.rationalwebservices.com
www.pokerstars.tv
www.starsgroup.com
www.gaminglabs.com
www.gamcare.org.uk
www.responsiblegambling.org
www.authorisation.mga.org.mt
www.starsaffiliateclub.com
www.facebook.com
twitter.com
youtube.com
twitch.tv
www.instagram.com

Subject Issuer	Validity	Valid
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.bouncepilot.com Amazon	`2021-06-23` - `2022-07-22`	a year	crt.sh
*.traversedlp.com Go Daddy Secure Certificate Authority - G2	`2020-12-29` - `2022-01-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-15` - `2022-06-14`	a year	crt.sh
pokerstars.de DigiCert SHA2 Secure Server CA	`2019-10-14` - `2021-10-18`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-28` - `2021-09-20`	3 months	crt.sh
rationalcdn.com GeoTrust RSA CA 2018	`2021-06-14` - `2022-06-22`	a year	crt.sh
www.psimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-26` - `2022-02-26`	a year	crt.sh
s.btstatic.com DigiCert SHA2 Secure Server CA	`2020-02-10` - `2022-02-17`	2 years	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.signal.co Entrust Certification Authority - L1K	`2021-01-26` - `2022-02-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-04-12` - `2021-10-12`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.tradelab.fr Go Daddy Secure Certificate Authority - G2	`2019-07-30` - `2021-09-28`	2 years	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-04` - `2022-02-22`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
tag.device9.com Go Daddy Secure Certificate Authority - G2	`2021-07-19` - `2022-08-20`	a year	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.pokerstars.de/sites/aff/grouppoker/2/
Frame ID: 34C501C565671A4BE6D2B46241BDD863
Requests: 82 HTTP requests in this frame

Frame: https://8954552.fls.doubleclick.net/activityi;dc_pre=CKOPvp2BhvICFVIF0wod8gIAhw;src=8954552;type=rmcom0;cat=sg_we0;u27=16635459879463;ord=9886045594435.781;~oref=https%3A%2F%2Fwww.pokerstars.de%2Fsites%2Faff%2Fgrouppoker%2F2%2F
Frame ID: 8B616995764357F269EB828CD62B1556
Requests: 9 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=81a56101-6e31-4e00-a123-c4611e539932&no_iframe=1&mt_adid=117394&source=mathtag
Frame ID: B9D26AF987108A62725AB60877D8965E
Requests: 2 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=16635459879463&ft_partnerid=16635459879463&ft_referrer=https%3A//www.pokerstars.de/sites/aff/grouppoker/2/&ns=http%3A//go.nanzerkalo.com/&cb=590583.1897890292
Frame ID: 320112D92FECC2E0B50BB14076BF8760
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://s3.amazonaws.com/nxneexfbvktzup/soiupt.html Page URL
http://www.qatarmobile.net/qs=r-age%20kbaichhbbecgaejdkfjkagfdcibcafbbcbabababafbahcaccagfgackkbaigdgiacb HTTP 302
http://bluestarfresh.com/a99f3abe1d13ae6bb10f24cfeec4ed6a7/?sid1=40010_5421701_11&sid2=53%2090_716600... Page URL
http://bluestarfresh.com/a99f3abe1d13ae6bb10f24cfeec4ed6a7/?newcid=4740&sid1=40010_5421701_11&sid2=53... Page URL
https://offer-notavailable.com/bettercontent/?utm_source=107546&utm_medium=27&utm_campaign=242&utm_content=130 Page URL
http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=107546&vert=&cid= HTTP 307
http://go.nanzerkalo.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=13047... Page URL
http://go.nanzerkalo.com/match-6757/62487/109977769/1627483695/mf_cb267c23-bacc-418d-8655-d655ad78b67... HTTP 302
https://secure.starsaffiliateclub.com/C.ashx?btag=a_178751b_4639c_&affid=100975426&siteid=178751&adid=4639&c=16274... HTTP 302
https://secure.starsaffiliateclub.com/C.ashx?btag=a_178751b_4639c_&affid=100975426&siteid=178751&adid=4639&c=16274... HTTP 302
https://www.pokerstars.eu/de/sites/aff/grouppoker/2?btag=a_178751b_4639c_1627483696.18-109977769-62487 HTTP 301
https://www.pokerstars.eu/de/sites/aff/grouppoker/2 HTTP 301
http://www.pokerstars.eu/de/sites/aff/grouppoker/2/ HTTP 307
https://www.pokerstars.eu/de/sites/aff/grouppoker/2/ HTTP 301
https://www.pokerstars.de/sites/aff/grouppoker/2/ Page URL

Page Statistics

106
Requests

94 %
HTTPS

41 %
IPv6

32
Domains

40
Subdomains

33
IPs

7
Countries

1289 kB
Transfer

2214 kB
Size

12
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bzga.de/
Title: www.bzga.de

Search URL Search Domain Scan URL

URL: https://contact.rationalwebservices.com/?site=eu&language=de&platform=Web&product=casino&country=&brand=PokerStarsCasino&tracking=/support/
Title: Support

Search URL Search Domain Scan URL

URL: http://www.pokerstars.tv/
Title: TV

Search URL Search Domain Scan URL

URL: http://www.starsgroup.com/

Search URL Search Domain Scan URL

URL: http://www.gaminglabs.com/extranetGLI/cmsAdmin/getsplash.asp?i=187

Search URL Search Domain Scan URL

URL: http://www.gamcare.org.uk/

Search URL Search Domain Scan URL

URL: https://www.responsiblegambling.org/for-industry/rg-check-accreditation/

Search URL Search Domain Scan URL

URL: https://www.authorisation.mga.org.mt/verification.aspx?lang=en&company=68341bc6-27d7-4a0c-a142-5e5f5526b206&details=1

Search URL Search Domain Scan URL

URL: https://www.starsaffiliateclub.com/de/

Search URL Search Domain Scan URL

URL: http://www.facebook.com/PokerStars

Search URL Search Domain Scan URL

URL: http://twitter.com/pokerstarsde

Search URL Search Domain Scan URL

URL: http://youtube.com/PokerStarsDE

Search URL Search Domain Scan URL

URL: http://twitch.tv/PokerStarsDE

Search URL Search Domain Scan URL

URL: http://www.instagram.com/pokerstars/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://s3.amazonaws.com/nxneexfbvktzup/soiupt.html Page URL
http://www.qatarmobile.net/qs=r-age%20kbaichhbbecgaejdkfjkagfdcibcafbbcbabababafbahcaccagfgackkbaigdgiacb HTTP 302
http://bluestarfresh.com/a99f3abe1d13ae6bb10f24cfeec4ed6a7/?sid1=40010_5421701_11&sid2=53%2090_716600315_0_0_0_3829489_40_1990_75257_5421701_10_545&sid3=40 Page URL
http://bluestarfresh.com/a99f3abe1d13ae6bb10f24cfeec4ed6a7/?newcid=4740&sid1=40010_5421701_11&sid2=53%2090_716600315_0_0_0_3829489_40_1990_75257_5421701_10_545&sid3=40&sid4=&dev_click= Page URL
https://offer-notavailable.com/bettercontent/?utm_source=107546&utm_medium=27&utm_campaign=242&utm_content=130 Page URL
http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=107546&vert=&cid= HTTP 307
http://go.nanzerkalo.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=1304795033032083466 Page URL
http://go.nanzerkalo.com/match-6757/62487/109977769/1627483695/mf_cb267c23-bacc-418d-8655-d655ad78b670/dHM0NjQtaW50ZXJuYXRpb25hbGVtYWlsLWdlbmVyYWw=/?flux_txid=475075720557923304&flux_hid=1304795033032083466 HTTP 302
https://secure.starsaffiliateclub.com/C.ashx?btag=a_178751b_4639c_&affid=100975426&siteid=178751&adid=4639&c=1627483696.18-109977769-62487 HTTP 302
https://secure.starsaffiliateclub.com/C.ashx?btag=a_178751b_4639c_&affid=100975426&siteid=178751&adid=4639&c=1627483696.18-109977769-62487&AutoR=1 HTTP 302
https://www.pokerstars.eu/de/sites/aff/grouppoker/2?btag=a_178751b_4639c_1627483696.18-109977769-62487 HTTP 301
https://www.pokerstars.eu/de/sites/aff/grouppoker/2 HTTP 301
http://www.pokerstars.eu/de/sites/aff/grouppoker/2/ HTTP 307
https://www.pokerstars.eu/de/sites/aff/grouppoker/2/ HTTP 301
https://www.pokerstars.de/sites/aff/grouppoker/2/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://www.qatarmobile.net/qs=r-age%20kbaichhbbecgaejdkfjkagfdcibcafbbcbabababafbahcaccagfgackkbaigdgiacb HTTP 302
http://bluestarfresh.com/a99f3abe1d13ae6bb10f24cfeec4ed6a7/?sid1=40010_5421701_11&sid2=53%2090_716600315_0_0_0_3829489_40_1990_75257_5421701_10_545&sid3=40

Request Chain 19

http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=107546&vert=&cid= HTTP 307
http://go.nanzerkalo.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=1304795033032083466

Request Chain 66

https://8954552.fls.doubleclick.net/activityi;src=8954552;type=rmcom0;cat=sg_we0;u27=16635459879463;ord=9886045594435.781;~oref=https%3A%2F%2Fwww.pokerstars.de%2Fsites%2Faff%2Fgrouppoker%2F2%2F HTTP 302
https://8954552.fls.doubleclick.net/activityi;dc_pre=CKOPvp2BhvICFVIF0wod8gIAhw;src=8954552;type=rmcom0;cat=sg_we0;u27=16635459879463;ord=9886045594435.781;~oref=https%3A%2F%2Fwww.pokerstars.de%2Fsites%2Faff%2Fgrouppoker%2F2%2F

Request Chain 67

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.thebrighttag.com%2Fcs?btt=0&tp=an&uid=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.thebrighttag.com%252Fcs%3Fbtt%3D0%26tp%3Dan%26uid%3D%24UID HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=an&uid=3580527774822717315

Request Chain 68

https://sync-tm.everesttech.net/upi/pid/epROgTTp/?redir=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3D0WCbX0j%26uid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/epROgTTp/?redir=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3D0WCbX0j%26uid%3D%24%7BTM_USER_ID%7D&_test=YQFuMQADToFIbAA4 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=0WCbX0j&uid=YQFuMQADToFIbAA4&_test=YQFuMQADToFIbAA4

Request Chain 69

https://cm.g.doubleclick.net/pixel?google_nid=signal_dmp&google_cm&btt=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=signal_dmp&google_cm=&btt=0&google_tc= HTTP 302
https://s.thebrighttag.com/cs?tp=gcms&btt=0&google_gid=CAESEFoQ6bZbNzFJI0wkwOumsu8&google_cver=1

Request Chain 70

https://sync.mathtag.com/sync/js?redir=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Ftp%3Dmm%26uid%3D%5BMM_UUID%5D%26btt%3D0 HTTP 302
https://s.thebrighttag.com/cs?tp=mm&uid=b8746101-6e31-4e00-a1ad-dac824d007eb&btt=0

Request Chain 71

https://servedby.flashtalking.com/map/?key=s3lJXta567k8G63uyekk63hUj6k11&url=https://s.thebrighttag.com/cs?btt=0&tp=dJNjEOZ&uid=[%FT_GUID%] HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=dJNjEOZ&uid=495701936DB783

Request Chain 89

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/702974000/?random=1244430205&cv=9&fst=1627483697927&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCKOPvp2BhvICFVIF0wod8gIAhw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D16635459879463%3Bord%3D9886045594435.781%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.de%252Fsites%252Faff%252Fgrouppoker%252F2%252F&ref=https%3A%2F%2Fwww.pokerstars.de%2F&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=MW4BYdTQOo3a3wO2vZDQDg&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/702974000/?random=1244430205&cv=9&fst=1627483697927&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCKOPvp2BhvICFVIF0wod8gIAhw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D16635459879463%3Bord%3D9886045594435.781%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.de%252Fsites%252Faff%252Fgrouppoker%252F2%252F&ref=https%3A%2F%2Fwww.pokerstars.de%2F&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=MW4BYdTQOo3a3wO2vZDQDg&cid=CAQSKQCNIrLMnU_JCaBg6OW7NpLDKpCV2LKgkT1vUh9zFQtFYvMPc7jGYzeC&random=1678687003&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/702974000/?random=1244430205&cv=9&fst=1627483697927&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCKOPvp2BhvICFVIF0wod8gIAhw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D16635459879463%3Bord%3D9886045594435.781%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.de%252Fsites%252Faff%252Fgrouppoker%252F2%252F&ref=https%3A%2F%2Fwww.pokerstars.de%2F&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=MW4BYdTQOo3a3wO2vZDQDg&cid=CAQSKQCNIrLMnU_JCaBg6OW7NpLDKpCV2LKgkT1vUh9zFQtFYvMPc7jGYzeC&random=1678687003&resp=GooglemKTybQhCsO&ipr=y

Request Chain 90

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/752674712/?random=608821893&cv=9&fst=1627483697927&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCKOPvp2BhvICFVIF0wod8gIAhw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D16635459879463%3Bord%3D9886045594435.781%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.de%252Fsites%252Faff%252Fgrouppoker%252F2%252F&ref=https%3A%2F%2Fwww.pokerstars.de%2F&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=MW4BYc3UOrKKjuwPhNG_2Ao&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/752674712/?random=608821893&cv=9&fst=1627483697927&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCKOPvp2BhvICFVIF0wod8gIAhw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D16635459879463%3Bord%3D9886045594435.781%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.de%252Fsites%252Faff%252Fgrouppoker%252F2%252F&ref=https%3A%2F%2Fwww.pokerstars.de%2F&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=MW4BYc3UOrKKjuwPhNG_2Ao&cid=CAQSKQCNIrLMyJ5vLXghwKhModN0x9Gs4ApU35Uf12TPyWDg6TpEM-32Z4S_&random=4195020521&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/752674712/?random=608821893&cv=9&fst=1627483697927&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCKOPvp2BhvICFVIF0wod8gIAhw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D16635459879463%3Bord%3D9886045594435.781%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.de%252Fsites%252Faff%252Fgrouppoker%252F2%252F&ref=https%3A%2F%2Fwww.pokerstars.de%2F&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=MW4BYc3UOrKKjuwPhNG_2Ao&cid=CAQSKQCNIrLMyJ5vLXghwKhModN0x9Gs4ApU35Uf12TPyWDg6TpEM-32Z4S_&random=4195020521&resp=GooglemKTybQhCsO&ipr=y

106 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK soiupt.html
s3.amazonaws.com/nxneexfbvktzup/ 158 B
514 B 414ms
126ms Document
text/html 52.217.162.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/nxneexfbvktzup/soiupt.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.162.184 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Host: s3.amazonaws.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-id-2: jr/JSwCgQNIQDM854iQ9ggH6vP191xZyDhim0S1DBsAtN1+wKLKfvUbfnUZfnPTBwGs4Wk/NSCA=
x-amz-request-id: 7NNH59733ZBGTNTH
Date: Wed, 28 Jul 2021 14:48:08 GMT
Last-Modified: Wed, 28 Jul 2021 02:57:13 GMT
ETag: "09fb71c79c0568707e6e6d2b3c3e355b"
Accept-Ranges: bytes
Content-Type: text/html
Server: AmazonS3
Content-Length: 158

GET
H/1.1

200
OK

/ Show response
bluestarfresh.com/a99f3abe1d13ae6bb10f24cfeec4ed6a7/
Redirect Chain

http://www.qatarmobile.net/qs=r-age%20kbaichhbbecgaejdkfjkagfdcibcafbbcbabababafbahcaccagfgackkbaigdgiacb
http://bluestarfresh.com/a99f3abe1d13ae6bb10f24cfeec4ed6a7/?sid1=40010_5421701_11&sid2=53%2090_716600315_0_0_0_3829489_40_1990_75257_5421701_10_545&sid3=40

6 KB
6 KB

206ms
192ms

Document
text/html

138.128.7.214
SERVER-MANIA

General

Check archive.org

Show headers Download Go to

Full URL: http://bluestarfresh.com/a99f3abe1d13ae6bb10f24cfeec4ed6a7/?sid1=40010_5421701_11&sid2=53%2090_716600315_0_0_0_3829489_40_1990_75257_5421701_10_545&sid3=40
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/nxneexfbvktzup/soiupt.html
Protocol: HTTP/1.1
Server: 138.128.7.214 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software: nginx / PHP/7.3.26
Resource Hash: e9e7e2497dd481a85a38e27d6dc6f993a7382cfcb16faa408e550f7c0b69825b

Request headers

Host: bluestarfresh.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s3.amazonaws.com/nxneexfbvktzup/soiupt.html#qs=r-age%20kbaichhbbecgaejdkfjkagfdcibcafbbcbabababafbahcaccagfgackkbaigdgiacb

Response headers

Server: nginx
Date: Wed, 28 Jul 2021 14:57:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.26

Redirect headers

Date: Wed, 28 Jul 2021 14:48:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By: PHP/5.4.16
location: http://bluestarfresh.com/a99f3abe1d13ae6bb10f24cfeec4ed6a7/?sid1=40010_5421701_11&sid2=53 90_716600315_0_0_0_3829489_40_1990_75257_5421701_10_545&sid3=40
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 87 KB
35 KB 19ms
18ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW

Requested by

Host: bluestarfresh.com
URL: http://bluestarfresh.com/a99f3abe1d13ae6bb10f24cfeec4ed6a7/?sid1=40010_5421701_11&sid2=53%2090_716600315_0_0_0_3829489_40_1990_75257_5421701_10_545&sid3=40

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d549889ba9f35b8355d68b9be28a3a186621c6b01471b774716bf19642af77e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://bluestarfresh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 14:48:10 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35455
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 28 Jul 2021 14:48:10 GMT

POST
H/1.1 200
OK fp.php
bluestarfresh.com/ 306 B
507 B 357ms
357ms XHR
text/html 138.128.7.214
SERVER-MANIA

General

Check archive.org

Show headers Download Go to

Full URL: http://bluestarfresh.com/fp.php
Requested by: Host: bluestarfresh.com
URL: http://bluestarfresh.com/a99f3abe1d13ae6bb10f24cfeec4ed6a7/?sid1=40010_5421701_11&sid2=53%2090_716600315_0_0_0_3829489_40_1990_75257_5421701_10_545&sid3=40
Protocol: HTTP/1.1
Server: 138.128.7.214 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software: nginx / PHP/7.3.26
Resource Hash

Request headers

Pragma: no-cache
Origin: http://bluestarfresh.com
Accept-Encoding: gzip, deflate
Host: bluestarfresh.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded
Accept: */*
Cache-Control: no-cache
Referer: http://bluestarfresh.com/a99f3abe1d13ae6bb10f24cfeec4ed6a7/?sid1=40010_5421701_11&sid2=53%2090_716600315_0_0_0_3829489_40_1990_75257_5421701_10_545&sid3=40
Connection: keep-alive
Content-Length: 883
Referer: http://bluestarfresh.com/a99f3abe1d13ae6bb10f24cfeec4ed6a7/?sid1=40010_5421701_11&sid2=53%2090_716600315_0_0_0_3829489_40_1990_75257_5421701_10_545&sid3=40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Wed, 28 Jul 2021 14:57:14 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/7.3.26
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 29a38865-21e1-485f-8a85-c343bbbe30fb.js Show response
static.bouncepilot.com/ 33 KB
33 KB 45ms
9ms Script
application/javascript 2600:9000:2156:b400:10:b308:84c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bouncepilot.com/29a38865-21e1-485f-8a85-c343bbbe30fb.js
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/nxneexfbvktzup/soiupt.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:b400:10:b308:84c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e61357f90c697f10c90ec9140ad77b04da9b8c38be42c958e1951ac3ece0c0c7

Request headers

Referer: http://bluestarfresh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 14:56:12 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jul 2021 16:52:04 GMT
server: AmazonS3
age: 111596
etag: "f6225316cfad721041627719cf1dfcfd"
x-cache: Error from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 33917
x-amz-cf-id: f0t_rx5j8YAY9Aa6KtAwlWLQ6Z3eXBdBtIDk5EkmKbSDGsUkpIoaCA==

GET
H/1.1 200
OK retargeting.js Show response
static.traversedlp.com/v1/ 11 KB
4 KB 129ms
29ms Script
application/javascript 13.224.99.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.traversedlp.com/v1/retargeting.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-92.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3ad3fefdb207753cf1f7f14c610030fd6b00660db09420776630d056c35a2c58

Request headers

Referer: http://bluestarfresh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: F12F5DseUFay5ZveUw335ReTN1KGpJUZ
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 10 Jun 2021 05:37:15 GMT
Server: AmazonS3
Age: 5130
ETag: W/"c31ba40743566f87f00f822e3cefb390"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 e96895e7fdc48b58a3d95d2e8e23a8b0.cloudfront.net (CloudFront)
Connection: keep-alive
Date: Wed, 28 Jul 2021 14:06:14 GMT
X-Amz-Cf-Pop: ZRH50-C1
X-Amz-Cf-Id: LAv41SkCVnKgLszga-Yg_iaX2w9FHMz9BIOFcdQZhrXT6zUf1K-7GA==

GET
H2 200 cookie
api.traversedlp.com/retargeting/v1/ 18 B
410 B 297ms
96ms XHR
application/json 34.232.232.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traversedlp.com/retargeting/v1/cookie
Requested by: Host: static.traversedlp.com
URL: https://static.traversedlp.com/v1/retargeting.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.232.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-232-115.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

Referer: http://bluestarfresh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 14:48:11 GMT
server: nginx/1.20.0
etag: W/"12-86d81FY+WDtP4sdiTK7DKw"
vary: Accept-Encoding
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
access-control-allow-origin: http://bluestarfresh.com
access-control-expose-headers
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 18

GET
H/1.1 200
OK / Show response
bluestarfresh.com/a99f3abe1d13ae6bb10f24cfeec4ed6a7/ 6 KB
6 KB 102ms
101ms Document
text/html 138.128.7.214
SERVER-MANIA

General

Check archive.org

Show headers Download Go to

Full URL: http://bluestarfresh.com/a99f3abe1d13ae6bb10f24cfeec4ed6a7/?newcid=4740&sid1=40010_5421701_11&sid2=53%2090_716600315_0_0_0_3829489_40_1990_75257_5421701_10_545&sid3=40&sid4=&dev_click=
Requested by: Host: bluestarfresh.com
URL: http://bluestarfresh.com/a99f3abe1d13ae6bb10f24cfeec4ed6a7/?sid1=40010_5421701_11&sid2=53%2090_716600315_0_0_0_3829489_40_1990_75257_5421701_10_545&sid3=40
Protocol: HTTP/1.1
Server: 138.128.7.214 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software: nginx / PHP/7.3.26
Resource Hash: 35280dcdaa2133ae54a0d04d8089fc800b5308fa33dc37615f63487320f76e65

Request headers

Host: bluestarfresh.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://bluestarfresh.com/a99f3abe1d13ae6bb10f24cfeec4ed6a7/?sid1=40010_5421701_11&sid2=53%2090_716600315_0_0_0_3829489_40_1990_75257_5421701_10_545&sid3=40
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: clkcheck28271=305a3027fef8c860445f3ee5b3325fd1_107546
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://bluestarfresh.com/a99f3abe1d13ae6bb10f24cfeec4ed6a7/?sid1=40010_5421701_11&sid2=53%2090_716600315_0_0_0_3829489_40_1990_75257_5421701_10_545&sid3=40

Response headers

Server: nginx
Date: Wed, 28 Jul 2021 14:57:14 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.26

POST enqueue
api.traversedlp.com/retargetinginclusion/ 0
0

OPTIONS
H2 200 enqueue
api.traversedlp.com/retargetinginclusion/ Frame 0
0 289ms
96ms Preflight
text/html 34.232.232.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traversedlp.com/retargetinginclusion/enqueue
Protocol: H2
Server: 34.232.232.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-232-115.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://bluestarfresh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 28 Jul 2021 14:48:11 GMT
content-type: text/html; charset=utf-8
content-length: 228
server: nginx/1.20.0
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
access-control-allow-origin: http://bluestarfresh.com
access-control-allow-credentials: true
access-control-expose-headers
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-headers: content-type,authorization
allow: ACL,BIND,CHECKOUT,CONNECT,COPY,DELETE,GET,HEAD,LINK,LOCK,M-SEARCH,MERGE,MKACTIVITY,MKCALENDAR,MKCOL,MOVE,NOTIFY,PATCH,POST,PROPFIND,PROPPATCH,PURGE,PUT,REBIND,REPORT,SEARCH,SOURCE,SUBSCRIBE,TRACE,UNBIND,UNLINK,UNLOCK,UNSUBSCRIBE
etag: W/"e4-6lFXkgJZ15OAZuBnvvjMtg"
vary: Accept-Encoding

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 87 KB
35 KB 25ms
23ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW

Requested by

Host: bluestarfresh.com
URL: http://bluestarfresh.com/a99f3abe1d13ae6bb10f24cfeec4ed6a7/?newcid=4740&sid1=40010_5421701_11&sid2=53%2090_716600315_0_0_0_3829489_40_1990_75257_5421701_10_545&sid3=40&sid4=&dev_click=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d549889ba9f35b8355d68b9be28a3a186621c6b01471b774716bf19642af77e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://bluestarfresh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 14:48:11 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35455
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 28 Jul 2021 14:48:11 GMT

POST
H/1.1 200
OK fp.php
bluestarfresh.com/ 233 B
433 B 313ms
313ms XHR
text/html 138.128.7.214
SERVER-MANIA

General

Check archive.org

Show headers Download Go to

Full URL: http://bluestarfresh.com/fp.php
Requested by: Host: bluestarfresh.com
URL: http://bluestarfresh.com/a99f3abe1d13ae6bb10f24cfeec4ed6a7/?newcid=4740&sid1=40010_5421701_11&sid2=53%2090_716600315_0_0_0_3829489_40_1990_75257_5421701_10_545&sid3=40&sid4=&dev_click=
Protocol: HTTP/1.1
Server: 138.128.7.214 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software: nginx / PHP/7.3.26
Resource Hash

Request headers

Pragma: no-cache
Origin: http://bluestarfresh.com
Accept-Encoding: gzip, deflate
Host: bluestarfresh.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded
Accept: */*
Cache-Control: no-cache
Referer: http://bluestarfresh.com/a99f3abe1d13ae6bb10f24cfeec4ed6a7/?newcid=4740&sid1=40010_5421701_11&sid2=53%2090_716600315_0_0_0_3829489_40_1990_75257_5421701_10_545&sid3=40&sid4=&dev_click=
Cookie: clkcheck28271=305a3027fef8c860445f3ee5b3325fd1_107546
Connection: keep-alive
Content-Length: 924
Referer: http://bluestarfresh.com/a99f3abe1d13ae6bb10f24cfeec4ed6a7/?newcid=4740&sid1=40010_5421701_11&sid2=53%2090_716600315_0_0_0_3829489_40_1990_75257_5421701_10_545&sid3=40&sid4=&dev_click=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Wed, 28 Jul 2021 14:57:14 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/7.3.26
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 29a38865-21e1-485f-8a85-c343bbbe30fb.js Show response
static.bouncepilot.com/ 33 KB
33 KB 8ms
7ms Script
application/javascript 2600:9000:2156:b400:10:b308:84c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bouncepilot.com/29a38865-21e1-485f-8a85-c343bbbe30fb.js
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/nxneexfbvktzup/soiupt.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:b400:10:b308:84c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e61357f90c697f10c90ec9140ad77b04da9b8c38be42c958e1951ac3ece0c0c7

Request headers

Referer: http://bluestarfresh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 14:56:12 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jul 2021 16:52:04 GMT
server: AmazonS3
age: 111596
etag: "f6225316cfad721041627719cf1dfcfd"
x-cache: Error from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 33917
x-amz-cf-id: nRNMeIJAHmfx6SFSeN8qaVx87YeIiI9QYXcpxsU8xT1uDMah7jZOEQ==

GET
H/1.1 200
OK retargeting.js Show response
static.traversedlp.com/v1/ 11 KB
4 KB 29ms
29ms Script
application/javascript 13.224.99.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.traversedlp.com/v1/retargeting.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-92.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3ad3fefdb207753cf1f7f14c610030fd6b00660db09420776630d056c35a2c58

Request headers

Referer: http://bluestarfresh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: F12F5DseUFay5ZveUw335ReTN1KGpJUZ
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 10 Jun 2021 05:37:15 GMT
Server: AmazonS3
Age: 5130
ETag: W/"c31ba40743566f87f00f822e3cefb390"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 e96895e7fdc48b58a3d95d2e8e23a8b0.cloudfront.net (CloudFront)
Connection: keep-alive
Date: Wed, 28 Jul 2021 14:06:14 GMT
X-Amz-Cf-Pop: ZRH50-C1
X-Amz-Cf-Id: lLp6Ob6ZfPADvlojJD6IvGTHywmhnrvGkR6z1UZyhdo9SEpu2hGcDQ==

GET
H2 200 cookie Show response
api.traversedlp.com/retargeting/v1/ 18 B
404 B 205ms
205ms XHR
application/json 34.232.232.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traversedlp.com/retargeting/v1/cookie
Requested by: Host: static.traversedlp.com
URL: https://static.traversedlp.com/v1/retargeting.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.232.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-232-115.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 306094011fa17d1eb215263299126f9f95f50a1c2235c991846ccfd1911a6dce

Request headers

Referer: http://bluestarfresh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 14:48:11 GMT
server: nginx/1.20.0
etag: W/"12-86d81FY+WDtP4sdiTK7DKw"
vary: Accept-Encoding
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
access-control-allow-origin: http://bluestarfresh.com
access-control-expose-headers
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 18

OPTIONS
H2 200 enqueue
api.traversedlp.com/retargetinginclusion/ Frame 0
0 117ms
117ms Preflight
text/html 34.232.232.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traversedlp.com/retargetinginclusion/enqueue
Protocol: H2
Server: 34.232.232.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-232-115.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://bluestarfresh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 28 Jul 2021 14:48:11 GMT
content-type: text/html; charset=utf-8
content-length: 228
server: nginx/1.20.0
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
access-control-allow-origin: http://bluestarfresh.com
access-control-allow-credentials: true
access-control-expose-headers
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-headers: content-type,authorization
allow: ACL,BIND,CHECKOUT,CONNECT,COPY,DELETE,GET,HEAD,LINK,LOCK,M-SEARCH,MERGE,MKACTIVITY,MKCALENDAR,MKCOL,MOVE,NOTIFY,PATCH,POST,PROPFIND,PROPPATCH,PURGE,PUT,REBIND,REPORT,SEARCH,SOURCE,SUBSCRIBE,TRACE,UNBIND,UNLINK,UNLOCK,UNSUBSCRIBE
etag: W/"e4-6lFXkgJZ15OAZuBnvvjMtg"
vary: Accept-Encoding

POST
H2 200 enqueue
api.traversedlp.com/retargetinginclusion/ 0
326 B 100ms
100ms XHR
text/plain 34.232.232.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traversedlp.com/retargetinginclusion/enqueue
Requested by: Host: static.traversedlp.com
URL: https://static.traversedlp.com/v1/retargeting.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.232.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-232-115.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

Referer: http://bluestarfresh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: http://bluestarfresh.com
date: Wed, 28 Jul 2021 14:48:11 GMT
access-control-allow-credentials: true
server: nginx/1.20.0
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
vary: X-HTTP-Method-Override
access-control-expose-headers

GET
H2 200 / Show response
offer-notavailable.com/bettercontent/ 3 KB
2 KB 295ms
262ms Document
text/html 2606:4700:3030::6815:21e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer-notavailable.com/bettercontent/?utm_source=107546&utm_medium=27&utm_campaign=242&utm_content=130
Requested by: Host: bluestarfresh.com
URL: http://bluestarfresh.com/a99f3abe1d13ae6bb10f24cfeec4ed6a7/?newcid=4740&sid1=40010_5421701_11&sid2=53%2090_716600315_0_0_0_3829489_40_1990_75257_5421701_10_545&sid3=40&sid4=&dev_click=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:21e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dba8f52818ae72e3b7cadd92c26250056cbcc1f3224b59c9b7716994bcecc4d

Request headers

:method: GET
:authority: offer-notavailable.com
:scheme: https
:path: /bettercontent/?utm_source=107546&utm_medium=27&utm_campaign=242&utm_content=130
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://bluestarfresh.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://bluestarfresh.com/

Response headers

date: Wed, 28 Jul 2021 14:48:12 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W4yJVjXRPFgnqE%2BSfd%2BIEkrlJwT2er4KoelCHTwr5BsOd89ZkJ9NCTOv6k%2BceeSAQXuaBEiKPJMPqX615QUX70otojmb2ed0gBOjyzDvMbQ2t4%2BZapXx2RvgDFgsONTB5HSptlzS0vQlp5kEERGkjFq7kS81"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 675ee831ac414e67-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 desktop.png
offer-notavailable.com/bettercontent/images/ 92 KB
93 KB 38ms
20ms Image
image/png 2606:4700:3030::6815:21e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer-notavailable.com/bettercontent/images/desktop.png
Requested by: Host: offer-notavailable.com
URL: https://offer-notavailable.com/bettercontent/?utm_source=107546&utm_medium=27&utm_campaign=242&utm_content=130
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:21e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaa36f72eb72b3aff2db9f718a8dd759386c865beb007d21521c120d4a1c1864

Request headers

:path: /bettercontent/images/desktop.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: offer-notavailable.com
referer: https://offer-notavailable.com/bettercontent/?utm_source=107546&utm_medium=27&utm_campaign=242&utm_content=130
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://offer-notavailable.com/bettercontent/?utm_source=107546&utm_medium=27&utm_campaign=242&utm_content=130
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 14:48:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 552007
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 94237
last-modified: Wed, 06 Nov 2019 23:26:55 GMT
server: cloudflare
etag: "5dc356bf-1701d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=45uLRO4vNl1TH5NQnEUhQrfkK%2Fa%2Batfx1wyYBTekUhXjFB5ueEFBkde0zYBguwW0Sd1wHIyMJcU%2BbGKPVTEvEFquwfNAeHlC7QBZJl3U6izOAZg6s35CABMlmaMYWz%2BtG5YuroSHTtjCc57Zwbj6qHDQq88a"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 675ee8337ab54ec7-FRA
expires: Sat, 21 Aug 2021 05:28:05 GMT

GET
H/1.1

200
OK

ts464-internationalemail-general Show response
go.nanzerkalo.com/
Redirect Chain

http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=107546&vert=&cid=
http://go.nanzerkalo.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=1304795033032083466

496 B
562 B

451ms
436ms

Document
text/html

216.189.51.90
ARACHNITEC

General

Check archive.org

Show headers Download Go to

Full URL: http://go.nanzerkalo.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=1304795033032083466
Requested by: Host: offer-notavailable.com
URL: https://offer-notavailable.com/bettercontent/?utm_source=107546&utm_medium=27&utm_campaign=242&utm_content=130
Protocol: HTTP/1.1
Server: 216.189.51.90 , United States, ASN6921 (ARACHNITEC, US),
Reverse DNS: 216-189-51-90.for-global-telecom.com
Software: nginx/1.14.2 /
Resource Hash: 4d40f438017ea1a1465afdba3904d8f221e900ea665e0615702b27a41bf0cde1

Request headers

Host: go.nanzerkalo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://offer-notavailable.com/bettercontent/?utm_source=107546&utm_medium=27&utm_campaign=242&utm_content=130

Response headers

Server: nginx/1.14.2
Date: Wed, 28 Jul 2021 14:48:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Content-Encoding: gzip

Redirect headers

Date: Wed, 28 Jul 2021 14:48:15 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.14
Set-Cookie: PHPSESSID=90010f01650011d49a77b57d53dd5196; expires=Wed, 04-Aug-2021 14:48:15 GMT; Max-Age=604800; path=/; secure; SameSite=None csid3=90010f01650011d49a77b57d53dd5196; expires=Thu, 28-Jul-2022 14:48:15 GMT; Max-Age=31536000; path=/; secure; SameSite=None PHPSESSID=90010f01650011d49a77b57d53dd5196; expires=Thu, 29-Jul-2021 14:48:15 GMT; Max-Age=86400; path=/; secure; SameSite=None
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-Robots-Tag: noindex, noarchive, nofollow
P3P: CP="This is not a P3P policy"
Location: http://go.nanzerkalo.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=1304795033032083466
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lItBlwDgNnyLawIeZwVKOAi1Pbi8JiKAi14X7DByv3%2BOitC9iFGP7%2BbGP%2BuUmHlcVvz4S6FBPsHQE6HPeBTlS4CZf%2FxipV2ZOzBJNMYjfzbXoU0ca3iHUT%2B2pvU1Ngz9uAV7LHPW0L%2B2A8dg"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 675ee8469fda648b-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
www.pokerstars.de/sites/aff/grouppoker/2/
Redirect Chain

http://go.nanzerkalo.com/match-6757/62487/109977769/1627483695/mf_cb267c23-bacc-418d-8655-d655ad78b670/dHM0NjQtaW50ZXJuYXRpb25hbGVtYWlsLWdlbmVyYWw=/?flux_txid=475075720557923304&flux_hid=1304795033...
https://secure.starsaffiliateclub.com/C.ashx?btag=a_178751b_4639c_&affid=100975426&siteid=178751&adid=4639&c=1627483696.18-109977769-62487
https://secure.starsaffiliateclub.com/C.ashx?btag=a_178751b_4639c_&affid=100975426&siteid=178751&adid=4639&c=1627483696.18-109977769-62487&AutoR=1
https://www.pokerstars.eu/de/sites/aff/grouppoker/2?btag=a_178751b_4639c_1627483696.18-109977769-62487
https://www.pokerstars.eu/de/sites/aff/grouppoker/2
http://www.pokerstars.eu/de/sites/aff/grouppoker/2/
https://www.pokerstars.eu/de/sites/aff/grouppoker/2/
https://www.pokerstars.de/sites/aff/grouppoker/2/

19 KB
5 KB

120ms
35ms

Document
text/html

77.87.180.149
RATIONAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pokerstars.de/sites/aff/grouppoker/2/

Requested by

Host: go.nanzerkalo.com
URL: http://go.nanzerkalo.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=1304795033032083466

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

77.87.180.149 Isle of Man, Isle Of Man, ASN43338 (RATIONAL-AS, IM),

Reverse DNS

Software

Apache /

Resource Hash

c85cbc016ee424158090ab27732ce06e1c588550086b1f3a1cd7e4dc2f371d62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: www.pokerstars.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://go.nanzerkalo.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://go.nanzerkalo.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=1304795033032083466

Response headers

Date: Wed, 28 Jul 2021 14:48:17 GMT
Server: Apache
Set-Cookie: geoip_country=DE; path=/; domain=www.pokerstars.de NSC_hfofsbmIptut-8001=ffffffff0943141b45525d5f4f58455e445a4a422971;expires=Wed, 28-Jul-2021 14:50:17 GMT;path=/;secure;httponly
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5102
Keep-Alive: timeout=5, max=223
Connection: Keep-Alive
Content-Type: text/html
Strict-Transport-Security: max-age=31536000

Redirect headers

Date: Wed, 28 Jul 2021 14:48:16 GMT
Server: Apache
Set-Cookie: geoip_country=DE; path=/; domain=www.pokerstars.eu NSC_hfofsbmIptut-8001_xjui_tjhnb4-5=ffffffff0943141445525d5f4f58455e445a4a422971;expires=Wed, 28-Jul-2021 14:50:16 GMT;path=/;secure;httponly
Location: https://www.pokerstars.de/sites/aff/grouppoker/2/
Content-Length: 257
Keep-Alive: timeout=5, max=120
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Strict-Transport-Security: max-age=31536000

GET
H2 200 css
fonts.googleapis.com/ 6 KB
764 B 24ms
22ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500

Requested by

Host: www.pokerstars.de
URL: https://www.pokerstars.de/sites/aff/grouppoker/2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d4876c12b071f74470f52c0404d10730ab271ae769c2c407fe131dae8b33e236

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 13:20:08 GMT
server: ESF
date: Wed, 28 Jul 2021 14:48:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Jul 2021 14:48:17 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
718 B 38ms
36ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700

Requested by

Host: www.pokerstars.de
URL: https://www.pokerstars.de/sites/aff/grouppoker/2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f4ddb2f3c22c9b168d1e4d11a4008f36151709c7085e497d32273a3efe850745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 12:48:30 GMT
server: ESF
date: Wed, 28 Jul 2021 14:48:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Jul 2021 14:48:17 GMT

GET
H2 200 bootstrap.min.css
cmsstorage.rationalcdn.com/assets/ps/assets/common/bootstrap/css/ 21 KB
5 KB 103ms
28ms Stylesheet
text/css 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/bootstrap/css/bootstrap.min.css
Requested by: Host: www.pokerstars.de
URL: https://www.pokerstars.de/sites/aff/grouppoker/2/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8878fe76a9d5f812136977a768b0292a70190104050ce601f84fd75c92c2f35d

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 14:48:17 GMT
content-encoding: gzip
last-modified: Thu, 12 Nov 2015 11:26:08 GMT
server: Apache
etag: "54f2-5245635907400"
ntcoent-length: 21746
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: private, max-age=135003
accept-ranges: bytes
content-length: 4529

GET
H2 200 layout.css
cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/ 205 KB
27 KB 120ms
46ms Stylesheet
text/css 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/layout.css
Requested by: Host: www.pokerstars.de
URL: https://www.pokerstars.de/sites/aff/grouppoker/2/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d394c4cfa9f4a18e3b60a8b8fc1eb98f2d88ac3a93c321bc69c4eda336cdcf21

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cteonnt-length: 210237
date: Wed, 28 Jul 2021 14:48:17 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 11:01:20 GMT
server: Apache
etag: "3353d-5c82ce8004000"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: private, max-age=1196515
accept-ranges: bytes
content-length: 27351

GET
H/1.1 200
OK no-redirect.js Show response
www.psimg.com/sites/assets/js/ 30 B
542 B 87ms
34ms Script
application/javascript 77.87.180.198
RATIONAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.psimg.com/sites/assets/js/no-redirect.js

Requested by

Host: www.pokerstars.de
URL: https://www.pokerstars.de/sites/aff/grouppoker/2/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

77.87.180.198 Isle of Man, Isle Of Man, ASN43338 (RATIONAL-AS, IM),

Reverse DNS

Software

Apache /

Resource Hash

0cc60f07ff95c7e8968c2aa379fe4b2691aab2b6e61083ec240aab87532425b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 14:48:17 GMT
Last-Modified: Mon, 04 Mar 2019 11:27:54 GMT
Server: Apache
ETag: "1e-583430c2ee280"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=218
Content-Length: 30

GET
H2 200 PstrkIdManager.js Show response
cmsstorage.rationalcdn.com/assets/ps/assets/tracking/ 27 KB
6 KB 130ms
55ms Script
application/javascript 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/tracking/PstrkIdManager.js
Requested by: Host: www.pokerstars.de
URL: https://www.pokerstars.de/sites/aff/grouppoker/2/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b197971af1d6f531f9fba6cab817c7eae42fc90b644f1a75394a62644ba1d165

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 14:48:17 GMT
content-encoding: gzip
last-modified: Fri, 25 Jun 2021 14:31:37 GMT
server: Apache
etag: "6a3e-5c597ff450440"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 5989

GET
H/1.1 200
OK ps-styles.css
www.psimg.com/sites/assets/pages/ps/ 8 KB
2 KB 85ms
32ms Stylesheet
text/css 77.87.180.198
RATIONAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.psimg.com/sites/assets/pages/ps/ps-styles.css

Requested by

Host: www.pokerstars.de
URL: https://www.pokerstars.de/sites/aff/grouppoker/2/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

77.87.180.198 Isle of Man, Isle Of Man, ASN43338 (RATIONAL-AS, IM),

Reverse DNS

Software

Apache /

Resource Hash

0a9e8052dd71352510a69ba0b9c9705f24d662a42fa20877986e35690160cd08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 14:48:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Jun 2021 07:16:32 GMT
Server: Apache
ETag: "2157-5c57dcd7f463d-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=116
Content-Length: 1901

GET
H/1.1 200
OK hero-styles.css
www.psimg.com/sites/assets/pages/ps/t01-left-title-56/ 2 KB
1 KB 86ms
33ms Stylesheet
text/css 77.87.180.198
RATIONAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.psimg.com/sites/assets/pages/ps/t01-left-title-56/hero-styles.css

Requested by

Host: www.pokerstars.de
URL: https://www.pokerstars.de/sites/aff/grouppoker/2/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

77.87.180.198 Isle of Man, Isle Of Man, ASN43338 (RATIONAL-AS, IM),

Reverse DNS

Software

Apache /

Resource Hash

d9544b3b9eb6449ea22b0a851773aa2d55e47806d6c51231e786c68e6f057a71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 14:48:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Jul 2020 12:48:09 GMT
Server: Apache
ETag: "7a5-5ab6bbc1d2faf-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=195
Content-Length: 600

GET
H/1.1 200
OK table-styles.css
www.psimg.com/sites/assets/pages/ps/t02-with-one-table/ 1 KB
1 KB 85ms
33ms Stylesheet
text/css 77.87.180.198
RATIONAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.psimg.com/sites/assets/pages/ps/t02-with-one-table/table-styles.css

Requested by

Host: www.pokerstars.de
URL: https://www.pokerstars.de/sites/aff/grouppoker/2/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

77.87.180.198 Isle of Man, Isle Of Man, ASN43338 (RATIONAL-AS, IM),

Reverse DNS

Software

Apache /

Resource Hash

3bd4f67775a474ee9b6948e59c214d1cde3deabf7df4226a28db2f585940c8a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 14:48:17 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Jan 2019 14:45:45 GMT
Server: Apache
ETag: "42f-57f9455355840-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=179
Content-Length: 490

GET
H/1.1 200
OK pokerstars-logo.png
www.psimg.com/sites/assets/pages/ps/ 43 KB
43 KB 22ms
20ms Image
image/png 77.87.180.198
RATIONAL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.psimg.com/sites/assets/pages/ps/pokerstars-logo.png

Requested by

Host: www.pokerstars.de
URL: https://www.pokerstars.de/sites/aff/grouppoker/2/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

77.87.180.198 Isle of Man, Isle Of Man, ASN43338 (RATIONAL-AS, IM),

Reverse DNS

Software

Apache /

Resource Hash

0e42226e585bcdd0c90a3065bf757764547a3b5c203dca662868ee5cad1cd567

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 14:48:17 GMT
Last-Modified: Thu, 05 Mar 2020 09:12:10 GMT
Server: Apache
ETag: "ab95-5a017ee85ee80"
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=193
Content-Length: 43925

GET
H/1.1 200
OK security.png
www.psimg.com/sites/assets/pages/ps/usp-panel-img/ 69 KB
69 KB 24ms
22ms Image
image/png 77.87.180.198
RATIONAL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.psimg.com/sites/assets/pages/ps/usp-panel-img/security.png

Requested by

Host: www.pokerstars.de
URL: https://www.pokerstars.de/sites/aff/grouppoker/2/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

77.87.180.198 Isle of Man, Isle Of Man, ASN43338 (RATIONAL-AS, IM),

Reverse DNS

Software

Apache /

Resource Hash

b55af6cfaa363cdd151167a8a36dac0d4bac2bc2d5f0753b7b730b2ef4ba555f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 14:48:17 GMT
Last-Modified: Tue, 19 Jan 2021 02:38:40 GMT
Server: Apache
ETag: "11342-5b937bc79ec00"
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=115
Content-Length: 70466

GET
H/1.1 200
OK download-poker.png
www.psimg.com/sites/assets/pages/ps/usp-panel-img/ 113 KB
114 KB 23ms
20ms Image
image/png 77.87.180.198
RATIONAL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.psimg.com/sites/assets/pages/ps/usp-panel-img/download-poker.png

Requested by

Host: www.pokerstars.de
URL: https://www.pokerstars.de/sites/aff/grouppoker/2/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

77.87.180.198 Isle of Man, Isle Of Man, ASN43338 (RATIONAL-AS, IM),

Reverse DNS

Software

Apache /

Resource Hash

2f0fa553351394cc54e9562d18e015776cb640805972ed72737c23121ecdcdc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 14:48:17 GMT
Last-Modified: Tue, 19 Jan 2021 02:38:40 GMT
Server: Apache
ETag: "1c5a3-5b937bc79ec00"
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=178
Content-Length: 116131

GET
H/1.1 200
OK support.png
www.psimg.com/sites/assets/pages/ps/usp-panel-img/ 57 KB
57 KB 41ms
22ms Image
image/png 77.87.180.198
RATIONAL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.psimg.com/sites/assets/pages/ps/usp-panel-img/support.png

Requested by

Host: www.pokerstars.de
URL: https://www.pokerstars.de/sites/aff/grouppoker/2/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

77.87.180.198 Isle of Man, Isle Of Man, ASN43338 (RATIONAL-AS, IM),

Reverse DNS

Software

Apache /

Resource Hash

c6bdcf95a45be07ebf8f86c862c2e0c8a61ce99f2ebaf30552ac15b3d6bd84c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 14:48:17 GMT
Last-Modified: Tue, 19 Jan 2021 02:38:40 GMT
Server: Apache
ETag: "e388-5b937bc79ec00"
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=200
Content-Length: 58248

GET
H2 200 facebook.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/ 2 KB
1 KB 30ms
28ms Image
image/svg+xml 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/facebook.svg
Requested by: Host: www.pokerstars.de
URL: https://www.pokerstars.de/sites/aff/grouppoker/2/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6aa11e842888cd75c787ba6e59d03d8139f93af3da4876c39b7d1600124a126c

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 14:48:17 GMT
content-encoding: gzip
last-modified: Tue, 27 Nov 2018 11:38:33 GMT
server: Apache
etag: "774-57ba3e3a9e040"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 913

GET
H2 200 twitter.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/ 3 KB
1 KB 33ms
31ms Image
image/svg+xml 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/twitter.svg
Requested by: Host: www.pokerstars.de
URL: https://www.pokerstars.de/sites/aff/grouppoker/2/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5ff86f271c2c50f1074477420ba9679ed243b281f5cfb7f66129bdf5eea43c24

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 14:48:17 GMT
content-encoding: gzip
last-modified: Tue, 27 Nov 2018 11:38:34 GMT
server: Apache
etag: "a1a-57ba3e3b92280"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 1080

GET
H2 200 youtube.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/ 1 KB
895 B 33ms
31ms Image
image/svg+xml 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/youtube.svg
Requested by: Host: www.pokerstars.de
URL: https://www.pokerstars.de/sites/aff/grouppoker/2/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3bca67455c27a03bbaa0a91d29cbf8d2080c9c46e81f914d380528dd2e8c23cb

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 14:48:17 GMT
content-encoding: gzip
last-modified: Tue, 27 Nov 2018 12:48:01 GMT
server: Apache
etag: "573-57ba4dc188240"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 718

GET
H2 200 twitch.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/ 2 KB
1 KB 34ms
33ms Image
image/svg+xml 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/twitch.svg
Requested by: Host: www.pokerstars.de
URL: https://www.pokerstars.de/sites/aff/grouppoker/2/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 4bfcd81b1c8cb16dbef3943b9e226283221681bd87a4ebd2ffd169bcd9586597

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 14:48:17 GMT
content-encoding: gzip
last-modified: Tue, 27 Nov 2018 11:38:34 GMT
server: Apache
etag: "8cb-57ba3e3b92280"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 993

GET
H2 200 instagram.svg
cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/ 2 KB
1 KB 35ms
33ms Image
image/svg+xml 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/images/generic/social/instagram.svg
Requested by: Host: www.pokerstars.de
URL: https://www.pokerstars.de/sites/aff/grouppoker/2/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: de2d174b8956ce02c80601c3f05b3033fd83b4607df0b2700b919d9d12653365

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 14:48:17 GMT
content-encoding: gzip
last-modified: Tue, 27 Nov 2018 11:38:33 GMT
server: Apache
etag: "6b7-57ba3e3a9e040"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 899

GET
H2 200 lib.js Show response
cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/ 117 KB
42 KB 28ms
28ms Script
application/javascript 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/scripts/lib.js
Requested by: Host: www.pokerstars.de
URL: https://www.pokerstars.de/sites/aff/grouppoker/2/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 70bf070ead0b1c4728fa295b5e98b14cf9b228c8ede128e726d4311654fcc585

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 14:48:17 GMT
content-encoding: gzip
last-modified: Mon, 15 Feb 2021 15:15:47 GMT
server: Apache
etag: "1d377-5bb6175da0ec0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 42733

GET
H/1.1 200
OK link.js Show response
www.psimg.com/sites/assets/js/ 2 KB
2 KB 24ms
24ms Script
application/javascript 77.87.180.198
RATIONAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.psimg.com/sites/assets/js/link.js

Requested by

Host: www.pokerstars.de
URL: https://www.pokerstars.de/sites/aff/grouppoker/2/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

77.87.180.198 Isle of Man, Isle Of Man, ASN43338 (RATIONAL-AS, IM),

Reverse DNS

Software

Apache /

Resource Hash

cffddca8d8e50c017deb4c68842840d34179c4d4340473d70b545f02540147e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 14:48:17 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Sep 2016 09:56:31 GMT
Server: Apache
ETag: "8ac-53be7ed7671c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=202
Content-Length: 1057

GET
H2 200 config.js Show response
cmsstorage.rationalcdn.com/assets/ps/assets/data/ps_de/de-de/ 14 KB
6 KB 33ms
30ms Script
application/javascript 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/data/ps_de/de-de/config.js
Requested by: Host: www.pokerstars.de
URL: https://www.pokerstars.de/sites/aff/grouppoker/2/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 51a81808ca1d23ba799073204dd27221b0d53e9aba2c083709e9a4511a567f54

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 14:48:17 GMT
content-encoding: gzip
last-modified: Thu, 24 Jun 2021 14:13:16 GMT
server: Apache
etag: "379c-5c5839fcdb700"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=84600
accept-ranges: bytes
content-length: 5969

GET
H/1.1 200
OK tag.js Show response
s.btstatic.com/ 34 KB
13 KB 122ms
36ms Script
application/javascript 104.111.248.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.btstatic.com/tag.js
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/tracking/PstrkIdManager.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.248.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-248-191.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5c2b76989e49a2bd8c651a35634fd43081b13bde1a6385fb8e36dccc1d0d42d8

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 14:48:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Jun 2021 15:31:52 GMT
Server: nginx
Vary: Accept-Encoding
P3P: CP=NOI DSP COR NID
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 12525

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/sync/ 252 B
722 B 47ms
20ms Script
text/javascript 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/js?cs_jsonp=pstrkIdManager.mmUuidSync&mt_nsync=1
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/tracking/PstrkIdManager.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 3810 5cb7d7e master zrh-pixel-x30 /
Resource Hash: c9f4a6e7d2d216a11524615a0caa79c8ea203468341313d992cbfa6d64e966fc

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 14:48:17 GMT
Server: MT3 3810 5cb7d7e master zrh-pixel-x30
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 252
Expires: Wed, 28 Jul 2021 14:48:06 GMT

GET
H/1.1 200
OK group-desktop.jpg
www.psimg.com/sites/assets/images/headline/images2020/ 213 KB
214 KB 54ms
19ms Image
image/jpeg 77.87.180.198
RATIONAL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.psimg.com/sites/assets/images/headline/images2020/group-desktop.jpg

Requested by

Host: www.pokerstars.de
URL: https://www.pokerstars.de/sites/aff/grouppoker/2/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

77.87.180.198 Isle of Man, Isle Of Man, ASN43338 (RATIONAL-AS, IM),

Reverse DNS

Software

Apache /

Resource Hash

afa0f37fff2f8e7bfec52887259ffecae576029f92dc9511c6b12e24449227a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 14:48:17 GMT
Last-Modified: Wed, 29 Jul 2020 13:51:36 GMT
Server: Apache
ETag: "3555b-5ab94daaf8a00"
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=112
Content-Length: 218459

GET
H/1.1 200
OK sprite-ps.png
www.psimg.com/sites/assets/pages/all/ 16 KB
17 KB 40ms
19ms Image
image/png 77.87.180.198
RATIONAL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.psimg.com/sites/assets/pages/all/sprite-ps.png

Requested by

Host: www.psimg.com
URL: https://www.psimg.com/sites/assets/pages/ps/t02-with-one-table/table-styles.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

77.87.180.198 Isle of Man, Isle Of Man, ASN43338 (RATIONAL-AS, IM),

Reverse DNS

Software

Apache /

Resource Hash

5ae8a670947d2e60836b1262227fc4bb0d6365c79c8de2b920a7567e8daa77fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.psimg.com/sites/assets/pages/ps/t02-with-one-table/table-styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 14:48:17 GMT
Last-Modified: Mon, 28 Sep 2020 08:05:26 GMT
Server: Apache
ETag: "402f-5b05b210c07b3"
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=198
Content-Length: 16431

GET
H2 200 footer-small.png
s4.rationalcdn.com/img/bg/estate/ 109 KB
110 KB 39ms
29ms Image
image/png 104.111.238.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4.rationalcdn.com/img/bg/estate/footer-small.png
Requested by: Host: cmsstorage.rationalcdn.com
URL: https://cmsstorage.rationalcdn.com/assets/ps/assets/common/styles/layout.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-76.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 84aa17f8bd026a331b01dd69bd992c95ce09df60557637f4e5fbad466338b86c

Request headers

Referer: https://cmsstorage.rationalcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 14:48:17 GMT
last-modified: Fri, 09 Apr 2021 14:58:50 GMT
server: AkamaiNetStorage
etag: "9aadd769e4bbf2669df3e4de51d9d751:1617980330.571575"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 112066

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 16 KB
16 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.pokerstars.de
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 17:17:27 GMT
x-content-type-options: nosniff
age: 77450
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 17:17:27 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.pokerstars.de
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 18:26:24 GMT
x-content-type-options: nosniff
age: 159713
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Jul 2022 18:26:24 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.pokerstars.de
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 01:45:21 GMT
x-content-type-options: nosniff
age: 133376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 01:45:21 GMT

GET
H/1.1 200
OK tag Show response
s.thebrighttag.com/ 24 KB
6 KB 112ms
42ms Script
text/javascript 52.208.178.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.thebrighttag.com/tag?site=G58M8eX&referrer=https%3A%2F%2Fwww.pokerstars.de%2Fsites%2Faff%2Fgrouppoker%2F2%2F&docReferrer=http%3A%2F%2Fgo.nanzerkalo.com%2F&H=-66mh2ew
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7a88b1aa1bacfd660c918b236d7a70cecd908099c7805fa2682e58ba45a5bd5e

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jul 2021 14:48:17 GMT
content-encoding: gzip
Server: nginx
ETag: 2794d38f9499ea14cc7cc435c8df72b5
P3P: CP=NOI DSP COR NID
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 5225
X-BT-RequestId: d8267bf0-efb2-11eb-841d-0000ac150838

GET
H/1.1 200
OK ced0fc472aa6365f5428e58e4639a7605ca36261.js Show response
s.btstatic.com/lib/ 40 KB
4 KB 33ms
32ms Script
application/javascript 104.111.248.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.btstatic.com/lib/ced0fc472aa6365f5428e58e4639a7605ca36261.js?v=2
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.248.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-248-191.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3fc0991859b77e2bce01c007930d5363bbfc4147e5d07f8f7063bd6450b01720

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
x-amz-version-id: im8MzWRw6rhcHTR94obs9hKTFJHaLYc1
Content-Encoding: gzip
Last-Modified: Thu, 24 Jun 2021 09:17:44 GMT
Server: nginx
ETag: "61296e73ba280ed88dd3061d96549a54"
Vary: Accept-Encoding
P3P: CP=NOI DSP COR NID
Cache-Control: max-age=31536000
Date: Wed, 28 Jul 2021 14:48:17 GMT
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 3638

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: s.btstatic.com
URL: https://s.btstatic.com/lib/ced0fc472aa6365f5428e58e4639a7605ca36261.js?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 6013
date: Wed, 28 Jul 2021 13:08:04 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Wed, 28 Jul 2021 15:08:04 GMT

GET
H/1.1 200
OK trk.core.js Show response
www.psimg.com/ga/ 17 KB
7 KB 20ms
20ms Script
application/javascript 77.87.180.198
RATIONAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.psimg.com/ga/trk.core.js

Requested by

Host: s.btstatic.com
URL: https://s.btstatic.com/lib/ced0fc472aa6365f5428e58e4639a7605ca36261.js?v=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

77.87.180.198 Isle of Man, Isle Of Man, ASN43338 (RATIONAL-AS, IM),

Reverse DNS

Software

Apache /

Resource Hash

5e0a1c10fb9780a50a88bf6a518d0cab6cd28d759b62c72fd7ed5c57e3afbcea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 14:48:17 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Jun 2019 15:20:46 GMT
Server: Apache
ETag: "4373-58baec5ffcf80-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=109
Content-Length: 6433

GET
H/1.1 200
OK 66d21f0973fb7b6de164cd19e97b3eccf7e71027.js Show response
s.btstatic.com/lib/ 2 KB
768 B 31ms
31ms Script
application/javascript 104.111.248.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.btstatic.com/lib/66d21f0973fb7b6de164cd19e97b3eccf7e71027.js?v=2
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.248.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-248-191.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1f111799d49e279ce18886e967bd7d294a32b46276c74f894f9f1e2c79b11681

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
x-amz-version-id: 4fLxateZvFF5dkrIbFzg9V.pP6f6qBR5
Content-Encoding: gzip
Last-Modified: Wed, 19 May 2021 13:05:54 GMT
Server: nginx
ETag: "b3daf2208678ab3de75c672a3d6e6bd7"
Vary: Accept-Encoding
P3P: CP=NOI DSP COR NID
Cache-Control: max-age=31536000
Date: Wed, 28 Jul 2021 14:48:17 GMT
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 316

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
89 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-19572383-1&cid=496751242.1627483698&jid=666444967&gjid=1479037576&_gid=1129886074.1627483698&_u=aHDAgEABEAAAAE~&z=1932156185

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 28 Jul 2021 14:48:17 GMT
content-type: text/plain
access-control-allow-origin: https://www.pokerstars.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-56166869-1&cid=496751242.1627483698&jid=693018993&gjid=54625169&_gid=1129886074.1627483698&_u=aHDAgEABEAAAAE~&z=1191218650

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 28 Jul 2021 14:48:17 GMT
content-type: text/plain
access-control-allow-origin: https://www.pokerstars.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-57072753-4&cid=496751242.1627483698&jid=1814680361&gjid=1483042327&_gid=1129886074.1627483698&_u=aHDAgEABEAAAAE~&z=615522082

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 28 Jul 2021 14:48:17 GMT
content-type: text/plain
access-control-allow-origin: https://www.pokerstars.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=989971659&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pokerstars.de%2Fsites%2Faff%2Fgrouppoker%2F2%2F&dr=http%3A%2F%2Fgo.nanzerkalo.com%2F&dp=%2Fsites%2Faff%2Fgrouppoker%2F2%2F&ul=en-us&de=UTF-8&dt=Sichern%20Sie%20sich%20einen%20100%25%20Ersteinzahlungsbonus%20von%20bis%20zu%20%24600.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAgEABE~&jid=666444967&gjid=1479037576&cid=496751242.1627483698&tid=UA-19572383-1&_gid=1129886074.1627483698&cd1=(none)&cd2=A&cg1=de&cd12=496751242.1627483698&cd26=496751242.1627483698&z=1834024246

Requested by

Host: www.pokerstars.de
URL: https://www.pokerstars.de/sites/aff/grouppoker/2/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 07:19:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 26940
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=989971659&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pokerstars.de%2Fsites%2Faff%2Fgrouppoker%2F2%2F&dr=http%3A%2F%2Fgo.nanzerkalo.com%2F&ul=en-us&de=UTF-8&dt=Sichern%20Sie%20sich%20einen%20100%25%20Ersteinzahlungsbonus%20von%20bis%20zu%20%24600.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAgEABEAAAAE~&jid=693018993&gjid=54625169&cid=496751242.1627483698&tid=UA-56166869-1&_gid=1129886074.1627483698&cd1=(none)&cd2=A&cg1=de&cd12=496751242.1627483698&cd26=496751242.1627483698&z=1814636961

Requested by

Host: www.pokerstars.de
URL: https://www.pokerstars.de/sites/aff/grouppoker/2/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 07:19:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 26940
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=989971659&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pokerstars.de%2Fsites%2Faff%2Fgrouppoker%2F2%2F&dr=http%3A%2F%2Fgo.nanzerkalo.com%2F&ul=en-us&de=UTF-8&dt=Sichern%20Sie%20sich%20einen%20100%25%20Ersteinzahlungsbonus%20von%20bis%20zu%20%24600.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAgEABEAAAAE~&jid=1814680361&gjid=1483042327&cid=496751242.1627483698&tid=UA-57072753-4&_gid=1129886074.1627483698&cd1=(none)&cd2=A&cg1=de&cd12=496751242.1627483698&cd26=496751242.1627483698&z=828663636

Requested by

Host: www.pokerstars.de
URL: https://www.pokerstars.de/sites/aff/grouppoker/2/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 07:19:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 26940
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK d03029fc8bd66611412fcf465575544b20816ddd.js Show response
s.btstatic.com/lib/ 196 B
615 B 29ms
29ms Script
application/javascript 104.111.248.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.btstatic.com/lib/d03029fc8bd66611412fcf465575544b20816ddd.js?v=2
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.248.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-248-191.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e1bfaddd7a87f0ebad2f9166ee27718d78150a42891cd42d3337dc7ed5921912

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
x-amz-version-id: PPH6NqRrERp7JvKpe969zscjyUkhKvhx
Content-Encoding: gzip
Last-Modified: Wed, 19 May 2021 13:10:13 GMT
Server: nginx
ETag: "3533bccfeb47c045ee75607995610a1e"
Vary: Accept-Encoding
P3P: CP=NOI DSP COR NID
Cache-Control: max-age=31536000
Date: Wed, 28 Jul 2021 14:48:17 GMT
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 163

GET
H/1.1 200
OK 33ed5d5c8121287d51e1c997fe7acd87db78e7a0.js Show response
s.btstatic.com/lib/ 190 B
614 B 29ms
28ms Script
application/javascript 104.111.248.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.btstatic.com/lib/33ed5d5c8121287d51e1c997fe7acd87db78e7a0.js?v=2
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.248.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-248-191.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d40f6a16855ea8700ba43b2bae612b2dabe0de0477356204e3da86fc494fe3e5

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
x-amz-version-id: ucGf9wh9wTxcNrJUbb.Z82qgkvl4HstC
Content-Encoding: gzip
Last-Modified: Wed, 19 May 2021 13:10:57 GMT
Server: nginx
ETag: "b925f2a59cfc982567e4e6e008996741"
Vary: Accept-Encoding
P3P: CP=NOI DSP COR NID
Cache-Control: max-age=31536000
Date: Wed, 28 Jul 2021 14:48:17 GMT
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 162

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 47ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6e9e8d16e703a71a0020912bb5435e8af2e5b41bbd4661905471f84dfb52e1d3

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 14:48:17 GMT
content-encoding: gzip
last-modified: Tue, 20 Jul 2021 18:24:21 GMT
x-msedge-ref: Ref A: 8EECD5888F16441EA7EEF1441C537B16 Ref B: FRAEDGE1216 Ref C: 2021-07-28T14:48:17Z
etag: "80b87575947dd71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9014

GET
H/1.1 200
OK BrightTag.jquery-1.5.1.js Show response
s.btstatic.com/ 82 KB
29 KB 34ms
34ms Script
application/javascript 104.111.248.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.btstatic.com/BrightTag.jquery-1.5.1.js
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.248.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-248-191.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1d878d54b9a998f52c94a6956310423cba9996302c42f60d9b7fe81da51992c7

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 14:48:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 22 Jul 2021 16:10:13 GMT
Server: nginx
Vary: Accept-Encoding
P3P: CP=NOI DSP COR NID
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 29695

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ 1 KB
2 KB 22ms
22ms Script
text/javascript 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=398041&mt_adid=117394&
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 3810 5cb7d7e master cdg-pixel-x24 /
Resource Hash: 221dd264ff1358b01c815e4aeb1b91cb014347ac1d94f1decb096914c45bc8a5

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 14:48:17 GMT
Server: MT3 3810 5cb7d7e master cdg-pixel-x24
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 1411
Expires: Wed, 28 Jul 2021 14:50:22 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 95 KB
25 KB 21ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/nxneexfbvktzup/soiupt.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24676
x-xss-protection: 0
pragma: public
x-fb-debug: psy5uOVNN1an1Hj1LKX/+BEUtQk9ALoga388KKRldMqHhx5Bag8BsDaQHsK1gJR2mbEd8ihmd96uoClgGn7UAQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
date: Wed, 28 Jul 2021 14:48:17 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29

200

activityi;dc_pre=CKOPvp2BhvICFVIF0wod8gIAhw;src=8954552;type=rmcom0;cat=sg_we0;u27=16635459879463;ord=9886045594435.781;~oref=https%3A%2F%2Fwww.pokerstars.de%2Fsites%2Faff%2Fgrouppoker%2F2%2F Show response
8954552.fls.doubleclick.net/ Frame 8B61
Redirect Chain

https://8954552.fls.doubleclick.net/activityi;src=8954552;type=rmcom0;cat=sg_we0;u27=16635459879463;ord=9886045594435.781;~oref=https%3A%2F%2Fwww.pokerstars.de%2Fsites%2Faff%2Fgrouppoker%2F2%2F
https://8954552.fls.doubleclick.net/activityi;dc_pre=CKOPvp2BhvICFVIF0wod8gIAhw;src=8954552;type=rmcom0;cat=sg_we0;u27=16635459879463;ord=9886045594435.781;~oref=https%3A%2F%2Fwww.pokerstars.de%2Fs...

2 KB
731 B

40ms
26ms

Document
text/html

216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8954552.fls.doubleclick.net/activityi;dc_pre=CKOPvp2BhvICFVIF0wod8gIAhw;src=8954552;type=rmcom0;cat=sg_we0;u27=16635459879463;ord=9886045594435.781;~oref=https%3A%2F%2Fwww.pokerstars.de%2Fsites%2Faff%2Fgrouppoker%2F2%2F

Requested by

Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f166.1e100.net

Software

cafe /

Resource Hash

6525cf03b464b33988d4dc99c5afd5483e8e9b2401ab0f2239d0b5c0c80dfe9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8954552.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CKOPvp2BhvICFVIF0wod8gIAhw;src=8954552;type=rmcom0;cat=sg_we0;u27=16635459879463;ord=9886045594435.781;~oref=https%3A%2F%2Fwww.pokerstars.de%2Fsites%2Faff%2Fgrouppoker%2F2%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pokerstars.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.pokerstars.de/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jul 2021 14:48:17 GMT
expires: Wed, 28 Jul 2021 14:48:17 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 706
x-xss-protection: 0
set-cookie: IDE=AHWqTUmvzt_0PwReZ7ECQFL5nVXbQnrEGZdXDx6L7YFf_FpKtkU_6QIwiJgNgJbNFZo; expires=Mon, 22-Aug-2022 14:48:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jul 2021 14:48:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8954552.fls.doubleclick.net/activityi;dc_pre=CKOPvp2BhvICFVIF0wod8gIAhw;src=8954552;type=rmcom0;cat=sg_we0;u27=16635459879463;ord=9886045594435.781;~oref=https%3A%2F%2Fwww.pokerstars.de%2Fsites%2Faff%2Fgrouppoker%2F2%2F
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

cs
s.thebrighttag.com/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.thebrighttag.com%2Fcs?btt=0&tp=an&uid=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.thebrighttag.com%252Fcs%3Fbtt%3D0%26tp%3Dan%26uid%3D%24UID
https://s.thebrighttag.com/cs?btt=0&tp=an&uid=3580527774822717315

35 B
717 B

106ms
42ms

Image
image/gif

52.208.178.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=an&uid=3580527774822717315
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jul 2021 14:48:17 GMT
Server: nginx
P3P: CP=NOI DSP COR NID
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
X-BT-RequestId: d8738a80-efb2-11eb-8a16-0000ac150994

Redirect headers

Pragma: no-cache
Date: Wed, 28 Jul 2021 14:48:17 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e470f09a-5522-47f3-b308-6647639d5440
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.thebrighttag.com/cs?btt=0&tp=an&uid=3580527774822717315
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

cs
s.thebrighttag.com/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/epROgTTp/?redir=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3D0WCbX0j%26uid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/epROgTTp/?redir=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3D0WCbX0j%26uid%3D%24%7BTM_USER_ID%7D&_test=YQFuMQADToFIbAA4
https://s.thebrighttag.com/cs?btt=0&tp=0WCbX0j&uid=YQFuMQADToFIbAA4&_test=YQFuMQADToFIbAA4

35 B
722 B

79ms
38ms

Image
image/gif

52.208.178.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=0WCbX0j&uid=YQFuMQADToFIbAA4&_test=YQFuMQADToFIbAA4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jul 2021 14:48:17 GMT
Server: nginx
P3P: CP=NOI DSP COR NID
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
X-BT-RequestId: d8738a80-efb2-11eb-9b1d-0000ac1508e9

Redirect headers

pragma: no-cache
date: Wed, 28 Jul 2021 14:48:17 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1627483698.893847,VS0,VE0
x-served-by: cache-fra19134-FRA
x-cache: HIT
location: https://s.thebrighttag.com/cs?btt=0&tp=0WCbX0j&uid=YQFuMQADToFIbAA4&_test=YQFuMQADToFIbAA4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

cs
s.thebrighttag.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=signal_dmp&google_cm&btt=0
https://cm.g.doubleclick.net/pixel?google_nid=signal_dmp&google_cm=&btt=0&google_tc=
https://s.thebrighttag.com/cs?tp=gcms&btt=0&google_gid=CAESEFoQ6bZbNzFJI0wkwOumsu8&google_cver=1

35 B
741 B

83ms
39ms

Image
image/gif

52.208.178.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?tp=gcms&btt=0&google_gid=CAESEFoQ6bZbNzFJI0wkwOumsu8&google_cver=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jul 2021 14:48:17 GMT
Server: nginx
P3P: CP=NOI DSP COR NID
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
X-BT-RequestId: d86e5a62-efb2-11eb-9d02-0000ac150b6c

Redirect headers

pragma: no-cache
date: Wed, 28 Jul 2021 14:48:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.thebrighttag.com/cs?tp=gcms&btt=0&google_gid=CAESEFoQ6bZbNzFJI0wkwOumsu8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 305
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

cs
s.thebrighttag.com/
Redirect Chain

https://sync.mathtag.com/sync/js?redir=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Ftp%3Dmm%26uid%3D%5BMM_UUID%5D%26btt%3D0
https://s.thebrighttag.com/cs?tp=mm&uid=b8746101-6e31-4e00-a1ad-dac824d007eb&btt=0

35 B
739 B

67ms
36ms

Image
image/gif

52.208.178.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?tp=mm&uid=b8746101-6e31-4e00-a1ad-dac824d007eb&btt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jul 2021 14:48:17 GMT
Server: nginx
P3P: CP=NOI DSP COR NID
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
X-BT-RequestId: d8683fe1-efb2-11eb-9d02-0000ac150b6c

Redirect headers

Date: Wed, 28 Jul 2021 14:50:43 GMT
Server: MT3 3810 5cb7d7e master cdg-pixel-x13
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://s.thebrighttag.com/cs?tp=mm&uid=b8746101-6e31-4e00-a1ad-dac824d007eb&btt=0
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 28 Jul 2021 14:50:42 GMT

GET
H/1.1

200
OK

cs
s.thebrighttag.com/
Redirect Chain

https://servedby.flashtalking.com/map/?key=s3lJXta567k8G63uyekk63hUj6k11&url=https://s.thebrighttag.com/cs?btt=0&tp=dJNjEOZ&uid=[%FT_GUID%]
https://s.thebrighttag.com/cs?btt=0&tp=dJNjEOZ&uid=495701936DB783

35 B
722 B

36ms
35ms

Image
image/gif

52.208.178.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=dJNjEOZ&uid=495701936DB783
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jul 2021 14:48:17 GMT
Server: nginx
P3P: CP=NOI DSP COR NID
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
X-BT-RequestId: d8627380-efb2-11eb-9c95-0000ac150838

Redirect headers

Pragma: no-cache
Date: Wed, 28 Jul 2021 14:48:17 GMT
Server: prod-xre-app7.frk11
X-HW: 1627483697.dop244.fr8.t,1627483697.cds291.fr8.shn,1627483697.dop244.fr8.t,1627483697.cds017.fr8.sc,1627483697.cds017.fr8.p
Location: https://s.thebrighttag.com/cs?btt=0&tp=dJNjEOZ&uid=495701936DB783
Cache-Control: no-cache, no-store
Connection: Keep-Alive
Content-Length: 0

OPTIONS
H/1.1 200
OK tag
s.thebrighttag.com/ Frame 0
0 105ms
35ms Preflight 52.208.178.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.thebrighttag.com/tag
Protocol: HTTP/1.1
Server: 52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-requested-with
Origin: https://www.pokerstars.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Wed, 28 Jul 2021 14:48:17 GMT
Content-Length: 0
Connection: keep-alive
ETag: d41d8cd98f00b204e9800998ecf8427e
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
X-BT-RequestId: d8644840-efb2-11eb-9406-0000ac1509c1
Access-Control-Max-Age: 86400
Access-Control-Allow-Origin: https://www.pokerstars.de
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Credentials: true
P3P: CP=NOI DSP COR NID

POST
H/1.1 200
OK tag Show response
s.thebrighttag.com/ 7 KB
3 KB 75ms
47ms XHR
text/javascript 52.208.178.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.thebrighttag.com/tag
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/BrightTag.jquery-1.5.1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0871a4fb3ca24b6f2f715f2e777249400db4ceb9d5650cad997633bca060f28a

Request headers

Accept: */*
Referer: https://www.pokerstars.de/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 28 Jul 2021 14:48:17 GMT
content-encoding: gzip
Server: nginx
ETag: 6ccd0a40e11d1c81c773cc8509bc5c57
P3P: CP=NOI DSP COR NID
Access-Control-Allow-Origin: https://www.pokerstars.de
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 2110
X-BT-RequestId: d86e5a60-efb2-11eb-98e1-0000ac150bd9

GET
H2 204 0
bat.bing.com/action/ 0
150 B 30ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=&Ver=2&mid=4b7ab509-99d5-474c-85d5-da3d98d65ef1&sid=d85890c0efb211eb96e11f76a797d11d&vid=d85895f0efb211eb929e672d3460ba90&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Sichern%20Sie%20sich%20einen%20100%25%20Ersteinzahlungsbonus%20von%20bis%20zu%20%24600.&kw=Poker,%20Onlinepoker,%20Poker%20online,%20Beste%20Poker-Site,%20Texas%20Hold%27em,%20Kostenlos%20Pokern,%20Pokerturniere&p=https%3A%2F%2Fwww.pokerstars.de%2Fsites%2Faff%2Fgrouppoker%2F2%2F&r=http%3A%2F%2Fgo.nanzerkalo.com%2F&lt=1950&evt=pageLoad&msclkid=N&sv=1&rn=633721
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 28 Jul 2021 14:48:17 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 06B227B209BF48F4B52DDBE8B3F48FC5 Ref B: FRAEDGE1216 Ref C: 2021-07-28T14:48:17Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame B9D2 631 B
949 B 25ms
25ms Document
text/html 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=81a56101-6e31-4e00-a123-c4611e539932&no_iframe=1&mt_adid=117394&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=398041&mt_adid=117394&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 3810 5cb7d7e master cdg-pixel-x13 /
Resource Hash: 304a0259406001319e10acd097537e33bbc0157670417a48fdd527a889951f65

Request headers

Host: pixel.mathtag.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.pokerstars.de/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid=81a56101-6e31-4e00-a123-c4611e539932
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.pokerstars.de/

Response headers

Content-Type: text/html
Content-Length: 631
Server: MT3 3810 5cb7d7e master cdg-pixel-x13
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Wed, 28 Jul 2021 14:50:22 GMT
Date: Wed, 28 Jul 2021 14:48:17 GMT
Connection: keep-alive

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ 43 B
480 B 36ms
23ms Image
image/gif 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 3810 5cb7d7e master cdg-pixel-x24 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 14:48:17 GMT
Server: MT3 3810 5cb7d7e master cdg-pixel-x24
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 28 Jul 2021 14:50:22 GMT

GET
H3-29 200 identity.js Show response
connect.facebook.net/signals/plugins/ 11 KB
5 KB 17ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.43

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 4673
x-xss-protection: 0
pragma: public
x-fb-debug: a3KQFNsm9SkxmtySCQSCuUQeTfgTjeS5azR2zMCyitJVxYUlkCfCGl6l9ozFxBs00co5as817/HqOJm48qBP+w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 28 Jul 2021 14:48:17 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 1152875091428286 Show response
connect.facebook.net/signals/config/ 261 KB
74 KB 17ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1152875091428286?v=2.9.43&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aedead2705a7a79bfe034558e4dcccd1ae032dd1827c8dbdf06cf8d0cec45625

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 75983
x-xss-protection: 0
pragma: public
x-fb-debug: ffGiWeSSkP3gcuDdXcQT9BSZ1IwcIHiG5Aa08SxU/EIpCWHarO5ht7y25SsC6SmqixQWSVzMvs7f8A4S7/zPbA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 28 Jul 2021 14:48:17 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame B9D2 43 B
480 B 20ms
20ms Image
image/gif 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=81a56101-6e31-4e00-a123-c4611e539932&no_iframe=1&mt_adid=117394&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 3810 5cb7d7e master cdg-pixel-x10 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=81a56101-6e31-4e00-a123-c4611e539932&no_iframe=1&mt_adid=117394&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 14:48:17 GMT
Server: MT3 3810 5cb7d7e master cdg-pixel-x10
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 28 Jul 2021 14:50:22 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
212 B 7ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1152875091428286&ev=PageView&dl=https%3A%2F%2Fwww.pokerstars.de%2Fsites%2Faff%2Fgrouppoker%2F2%2F&rl=http%3A%2F%2Fgo.nanzerkalo.com%2F&if=false&ts=1627483697854&sw=1600&sh=1200&ud[external_id]=92089880065f916134a642f3ca370d1ca39d6eee5594a2d267e3499ed4a9c537&v=2.9.43&r=stable&ec=0&o=30&fbp=fb.1.1627483697853.831355779&it=1627483697795&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 14:48:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 28 Jul 2021 14:48:17 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame 8B61 44 KB
17 KB 45ms
19ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: 8954552.fls.doubleclick.net
URL: https://8954552.fls.doubleclick.net/activityi;dc_pre=CKOPvp2BhvICFVIF0wod8gIAhw;src=8954552;type=rmcom0;cat=sg_we0;u27=16635459879463;ord=9886045594435.781;~oref=https%3A%2F%2Fwww.pokerstars.de%2Fsites%2Faff%2Fgrouppoker%2F2%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

3b7fba8bb89e137ad4ce83b112d860bf6fa6f06c2c8c42baed64b34c4d0f45c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8954552.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 14:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17230
x-xss-protection: 0
server: cafe
etag: 747158272866556147
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 28 Jul 2021 14:48:17 GMT

GET
H2 200 dc_pre=CKOPvp2BhvICFVIF0wod8gIAhw;src=8954552;type=rmcom0;cat=sg_we0;u27=16635459879463;ord=9886045594435.781;~oref=https%3A%2F%2Fwww.pokerstars.de%2Fsites%2Faff%2Fgrouppoker%2F2%2F
adservice.google.com/ddm/fls/z/ Frame 8B61 42 B
515 B 65ms
43ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKOPvp2BhvICFVIF0wod8gIAhw;src=8954552;type=rmcom0;cat=sg_we0;u27=16635459879463;ord=9886045594435.781;~oref=https%3A%2F%2Fwww.pokerstars.de%2Fsites%2Faff%2Fgrouppoker%2F2%2F

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8954552.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 14:48:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 / Show response
www.googleadservices.com/pagead/conversion/752674712/ Frame 8B61 2 KB
1 KB 32ms
17ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/752674712/?random=1627483697927&cv=9&fst=1627483697927&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCKOPvp2BhvICFVIF0wod8gIAhw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D16635459879463%3Bord%3D9886045594435.781%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.de%252Fsites%252Faff%252Fgrouppoker%252F2%252F&ref=https%3A%2F%2Fwww.pokerstars.de%2F&capi=1&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

d0c553c32f2dd55ce9bbe333d8f71ea5421a2793558d9b3fc9419e3780202fcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8954552.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 14:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/privacysandbox/conversion/752674712/ Frame 8B61 0
0 15ms
15ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/pagead/privacysandbox/conversion/752674712/?random=1627483697927&cv=9&fst=1627483697927&num=1&fmt=3&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCKOPvp2BhvICFVIF0wod8gIAhw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D16635459879463%3Bord%3D9886045594435.781%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.de%252Fsites%252Faff%252Fgrouppoker%252F2%252F&ref=https%3A%2F%2Fwww.pokerstars.de%2F&capi=1&hn=www.googleadservices.com&async=1
Requested by: Host: 8954552.fls.doubleclick.net
URL: https://8954552.fls.doubleclick.net/activityi;dc_pre=CKOPvp2BhvICFVIF0wod8gIAhw;src=8954552;type=rmcom0;cat=sg_we0;u27=16635459879463;ord=9886045594435.781;~oref=https%3A%2F%2Fwww.pokerstars.de%2Fsites%2Faff%2Fgrouppoker%2F2%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://8954552.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 / Show response
www.googleadservices.com/pagead/conversion/702974000/ Frame 8B61 2 KB
1 KB 31ms
17ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/702974000/?random=1627483697941&cv=9&fst=1627483697927&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCKOPvp2BhvICFVIF0wod8gIAhw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D16635459879463%3Bord%3D9886045594435.781%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.de%252Fsites%252Faff%252Fgrouppoker%252F2%252F&ref=https%3A%2F%2Fwww.pokerstars.de%2F&capi=1&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

74de3e342434676ffac139b0c4c26fecabd84f76ac6cd65b590324d7bb5024f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8954552.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 14:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/privacysandbox/conversion/702974000/ Frame 8B61 0
0 15ms
15ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/pagead/privacysandbox/conversion/702974000/?random=1627483697941&cv=9&fst=1627483697927&num=2&fmt=3&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCKOPvp2BhvICFVIF0wod8gIAhw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D16635459879463%3Bord%3D9886045594435.781%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.de%252Fsites%252Faff%252Fgrouppoker%252F2%252F&ref=https%3A%2F%2Fwww.pokerstars.de%2F&capi=1&hn=www.googleadservices.com&async=1
Requested by: Host: 8954552.fls.doubleclick.net
URL: https://8954552.fls.doubleclick.net/activityi;dc_pre=CKOPvp2BhvICFVIF0wod8gIAhw;src=8954552;type=rmcom0;cat=sg_we0;u27=16635459879463;ord=9886045594435.781;~oref=https%3A%2F%2Fwww.pokerstars.de%2Fsites%2Faff%2Fgrouppoker%2F2%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://8954552.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK / Show response
its.tradelab.fr/ 43 B
236 B 50ms
13ms Script
image/gif 62.212.64.230
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://its.tradelab.fr/?type=token&p=tlab&gtw=%2F%2Fs.thebrighttag.com%2Fapi%3Fsite%3DG58M8eX%26referrer%3Dtlabset%26signalid%3D16635459879463
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/nxneexfbvktzup/soiupt.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.212.64.230 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: tradelab.fr
Software: nginx/1.17.7 /
Resource Hash: 77b1d2c0857d4e95d4c2ae7aa0abc5aaafa6bd4581b31203d1592759c26f5c44

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 14:48:17 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.17.7
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK / Show response
servedby.flashtalking.com/container/18308;120606;12865;iframe/ Frame 3201 24 KB
24 KB 21ms
20ms Document
text/html 209.197.3.19
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=16635459879463&ft_partnerid=16635459879463&ft_referrer=https%3A//www.pokerstars.de/sites/aff/grouppoker/2/&ns=http%3A//go.nanzerkalo.com/&cb=590583.1897890292
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/nxneexfbvktzup/soiupt.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: vip0x013.map2.ssl.hwcdn.net
Software: prod-xre-app65.frk11 /
Resource Hash: 9ec1fbbba4560a6a41191c08386e7fd1601d46ec380fa4b49db199e818056a4b

Request headers

Host: servedby.flashtalking.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.pokerstars.de/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: flashtalkingad1="GUID=495701936DB783"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.pokerstars.de/

Response headers

Date: Wed, 28 Jul 2021 14:48:17 GMT
Connection: close
Cache-Control: no-cache, no-store
Content-Type: text/html
Server: prod-xre-app65.frk11
Pragma: no-cache
X-HW: 1627483697.dop244.fr8.t,1627483697.cds291.fr8.shn,1627483697.dop244.fr8.t,1627483697.cds017.fr8.sc,1627483697.cds017.fr8.p

GET
H3-29

200

/
www.google.de/pagead/1p-conversion/702974000/ Frame 8B61
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/702974000/?random=1244430205&cv=9&fst=1627483697927&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&eid=3756032...
https://www.google.com/pagead/1p-conversion/702974000/?random=1244430205&cv=9&fst=1627483697927&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&...
https://www.google.de/pagead/1p-conversion/702974000/?random=1244430205&cv=9&fst=1627483697927&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u...

42 B
64 B

96ms
23ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/702974000/?random=1244430205&cv=9&fst=1627483697927&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCKOPvp2BhvICFVIF0wod8gIAhw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D16635459879463%3Bord%3D9886045594435.781%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.de%252Fsites%252Faff%252Fgrouppoker%252F2%252F&ref=https%3A%2F%2Fwww.pokerstars.de%2F&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=MW4BYdTQOo3a3wO2vZDQDg&cid=CAQSKQCNIrLMnU_JCaBg6OW7NpLDKpCV2LKgkT1vUh9zFQtFYvMPc7jGYzeC&random=1678687003&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8954552.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 14:48:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Jul 2021 14:48:18 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/702974000/?random=1244430205&cv=9&fst=1627483697927&num=2&npa=1&label=Y8sxCJWendEBELCQms8C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCKOPvp2BhvICFVIF0wod8gIAhw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D16635459879463%3Bord%3D9886045594435.781%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.de%252Fsites%252Faff%252Fgrouppoker%252F2%252F&ref=https%3A%2F%2Fwww.pokerstars.de%2F&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=MW4BYdTQOo3a3wO2vZDQDg&cid=CAQSKQCNIrLMnU_JCaBg6OW7NpLDKpCV2LKgkT1vUh9zFQtFYvMPc7jGYzeC&random=1678687003&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/752674712/ Frame 8B61
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/752674712/?random=608821893&cv=9&fst=1627483697927&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&eid=37560326...
https://www.google.com/pagead/1p-conversion/752674712/?random=608821893&cv=9&fst=1627483697927&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u...
https://www.google.de/pagead/1p-conversion/752674712/?random=608821893&cv=9&fst=1627483697927&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_...

42 B
154 B

23ms
23ms

Image
image/gif

2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/752674712/?random=608821893&cv=9&fst=1627483697927&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCKOPvp2BhvICFVIF0wod8gIAhw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D16635459879463%3Bord%3D9886045594435.781%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.de%252Fsites%252Faff%252Fgrouppoker%252F2%252F&ref=https%3A%2F%2Fwww.pokerstars.de%2F&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=MW4BYc3UOrKKjuwPhNG_2Ao&cid=CAQSKQCNIrLMyJ5vLXghwKhModN0x9Gs4ApU35Uf12TPyWDg6TpEM-32Z4S_&random=4195020521&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8954552.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 14:48:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Jul 2021 14:48:18 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/752674712/?random=608821893&cv=9&fst=1627483697927&num=1&npa=1&label=qplMCPrE9tQBEJjP8-YC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8954552.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCKOPvp2BhvICFVIF0wod8gIAhw%3Bsrc%3D8954552%3Btype%3Drmcom0%3Bcat%3Dsg_we0%3Bu27%3D16635459879463%3Bord%3D9886045594435.781%3B~oref%3Dhttps%253A%252F%252Fwww.pokerstars.de%252Fsites%252Faff%252Fgrouppoker%252F2%252F&ref=https%3A%2F%2Fwww.pokerstars.de%2F&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=MW4BYc3UOrKKjuwPhNG_2Ao&cid=CAQSKQCNIrLMyJ5vLXghwKhModN0x9Gs4ApU35Uf12TPyWDg6TpEM-32Z4S_&random=4195020521&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 d9core Show response
d9.flashtalking.com/ Frame 3201 11 KB
4 KB 215ms
35ms Script
application/javascript 34.249.65.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d9.flashtalking.com/d9core
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=16635459879463&ft_partnerid=16635459879463&ft_referrer=https%3A//www.pokerstars.de/sites/aff/grouppoker/2/&ns=http%3A//go.nanzerkalo.com/&cb=590583.1897890292
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.65.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-65-165.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash: 5f3099662b77b799467fa41637efcb54382621596a06c7ccd5587c4b8e7d49dc

Request headers

Referer: https://servedby.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 14:48:18 GMT
Content-Encoding: gzip
Server: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
ETag: 5bc31bf7d4a298e1bef9d35fce222bfc
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,SERVER
P3P: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin: d9.flashtalking.com
Cache-Control: private, must-revalidate, proxy-revalidate, max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Content-Length: 3601

GET
H/1.1 200
OK /
servedby.flashtalking.com/spot/1/18308;120607;12865/ Frame 3201 42 B
355 B 27ms
13ms Image
image/gif 209.197.3.19
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedby.flashtalking.com/spot/1/18308;120607;12865/?U7=16635459879463&ft_partnerid=16635459879463&ft_referrer=https%3A//www.pokerstars.de/sites/aff/grouppoker/2/&ns=http%3A//go.nanzerkalo.com/&cb=590583.1897890292&ft_guid=495701936DB783&ft_log=1&ft_trackID=16274836-9797-340D-4871-C0B646303B12&ft_guidCreated=1
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=16635459879463&ft_partnerid=16635459879463&ft_referrer=https%3A//www.pokerstars.de/sites/aff/grouppoker/2/&ns=http%3A//go.nanzerkalo.com/&cb=590583.1897890292
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: vip0x013.map2.ssl.hwcdn.net
Software: prod-xre-app20.frk11 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=16635459879463&ft_partnerid=16635459879463&ft_referrer=https%3A//www.pokerstars.de/sites/aff/grouppoker/2/&ns=http%3A//go.nanzerkalo.com/&cb=590583.1897890292
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jul 2021 14:48:18 GMT
Server: prod-xre-app20.frk11
X-HW: 1627483698.dop001.fr8.shc,1627483698.dop001.fr8.t,1627483698.cds283.fr8.sc,1627483698.cds283.fr8.p
Content-Type: image/gif
Cache-Control: no-cache,no-store
Connection: Keep-Alive
Content-Length: 42

GET
H2 200 1
tapestry.tapad.com/tapestry/ Frame 3201 95 B
497 B 35ms
18ms Image
image/png 35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tapestry.tapad.com/tapestry/1?ta_partner_id=2035&ta_partner_did=495701936DB783&ta_format=png

Requested by

Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=16635459879463&ft_partnerid=16635459879463&ft_referrer=https%3A//www.pokerstars.de/sites/aff/grouppoker/2/&ns=http%3A//go.nanzerkalo.com/&cb=590583.1897890292

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://servedby.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 14:48:18 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1 200
OK /
servedby.flashtalking.com/segment/2/read/a;;pixel/ Frame 3201 42 B
356 B 25ms
12ms Image
image/gif 209.197.3.19
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedby.flashtalking.com/segment/2/read/a;;pixel/?s=12865&d=www.pokerstars.de&r=sites/aff/grouppoker/2/
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=16635459879463&ft_partnerid=16635459879463&ft_referrer=https%3A//www.pokerstars.de/sites/aff/grouppoker/2/&ns=http%3A//go.nanzerkalo.com/&cb=590583.1897890292
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: vip0x013.map2.ssl.hwcdn.net
Software: prod-xre-app29.frk11 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=16635459879463&ft_partnerid=16635459879463&ft_referrer=https%3A//www.pokerstars.de/sites/aff/grouppoker/2/&ns=http%3A//go.nanzerkalo.com/&cb=590583.1897890292
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jul 2021 14:48:18 GMT
Server: prod-xre-app29.frk11
X-HW: 1627483698.dop001.fr8.shc,1627483698.dop001.fr8.t,1627483698.cds010.fr8.sc,1627483698.cds010.fr8.p
Content-Type: image/gif
Cache-Control: no-cache, no-store
Connection: Keep-Alive
Content-Length: 42

GET
H/1.1 200
OK tag Show response
s.thebrighttag.com/ 130 B
718 B 50ms
49ms Script
text/javascript 52.208.178.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.thebrighttag.com/tag?site=G58M8eX&H=-66mh2ew&referrer=https%3A%2F%2Fwww.pokerstars.de%2Fsites%2Faff%2Fgrouppoker%2F2%2F&docReferrer=http%3A%2F%2Fgo.nanzerkalo.com%2F&mode=v2&cf=6854607%2C7470537%2C7177087&_cb_bt_data(%27pstrkidmanager%20mediamath%20uid%27)=15376101-6e30-4300-9a88-b10ac5272efd&_cb_bt_data(%27signal%20id%27)=16635459879463&_cb_bt_data(%27pstrkidmanager%20wid%27)=&_cb_bt_data(%27siteid%27)=DE&_cb_bt_data(%27currentdomain%27)=pokerstars.de&btpdb.G58M8eX.dGZjLjc0Mzg0OTM=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjUzMTk1MDY=U0VTU0lPTg&btpdb.G58M8eX.c2lnbmFsIGlk=MTY2MzU0NTk4Nzk0NjM&btpdb.G58M8eX.dGZjLjM2NjE5ODM=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjc0ODczNTg=U0VTU0lPTg
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f34fc1540010ce97fbbface7ebf06b74eaac6709bfc14e8a2cc37e1ba5708618

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jul 2021 14:48:18 GMT
content-encoding: gzip
Server: nginx
ETag: 9050fabcf743ab5343df9aae4999cbc9
P3P: CP=NOI DSP COR NID
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 149
X-BT-RequestId: d89c9650-efb2-11eb-b52d-0000ac1508e4

GET
H/1.1 200
OK tag Show response
s.thebrighttag.com/ 130 B
718 B 43ms
42ms Script
text/javascript 52.208.178.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.thebrighttag.com/tag?site=G58M8eX&H=-66mh2ew&referrer=https%3A%2F%2Fwww.pokerstars.de%2Fsites%2Faff%2Fgrouppoker%2F2%2F&docReferrer=http%3A%2F%2Fgo.nanzerkalo.com%2F&mode=v2&cf=7353899%2C7487903%2C7358689&_cb_bt_data(%27signal%20id%27)=16635459879463&_cb_bt_data(%27pstrkidmanager%20fbpid%27)=fb.1.1627483697853.831355779&_cb_bt_data(%27pstrkidmanager%20wid%27)=&_cb_bt_data(%27pstrkidmanager%20signal%20id%27)=490970582030534&_cb_bt_data(%27pstrkidmanager%20fbclid%27)=&btpdb.G58M8eX.dGZjLjc0Mzg0OTM=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjUzMTk1MDY=U0VTU0lPTg&btpdb.G58M8eX.c2lnbmFsIGlk=MTY2MzU0NTk4Nzk0NjM&btpdb.G58M8eX.dGZjLjM2NjE5ODM=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjc0ODczNTg=U0VTU0lPTg
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6ea453959190a4a3ac22ff4593ea0536ab34210dd3b201cc9d839b06d77c064b

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jul 2021 14:48:18 GMT
content-encoding: gzip
Server: nginx
ETag: ba9034bfafddd6caac066e3b186e1916
P3P: CP=NOI DSP COR NID
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 149
X-BT-RequestId: d89c9650-efb2-11eb-abd7-0000ac1508e9

GET
H/1.1 200
OK tag Show response
s.thebrighttag.com/ 0
543 B 46ms
45ms Script
text/javascript 52.208.178.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.thebrighttag.com/tag?site=G58M8eX&H=-66mh2ew&referrer=https%3A%2F%2Fwww.pokerstars.de%2Fsites%2Faff%2Fgrouppoker%2F2%2F&docReferrer=http%3A%2F%2Fgo.nanzerkalo.com%2F&mode=v2&cf=7470537%2C7487903%2C7487904&_cb_bt_data(%27pstrkidmanager%20wid%27)=&_cb_bt_data(%27signal%20id%27)=16635459879463&_cb_bt_data(%27pstrkidmanager%20mediamath%20uid%27)=15376101-6e30-4300-9a88-b10ac5272efd&_cb_bt_data(%27pstrkidmanager%20fbpid%27)=fb.1.1627483697853.831355779&_cb_bt_data(%27pstrkidmanager%20fbclid%27)=&btpdb.G58M8eX.dGZjLjc0Mzg0OTM=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjUzMTk1MDY=U0VTU0lPTg&btpdb.G58M8eX.c2lnbmFsIGlk=MTY2MzU0NTk4Nzk0NjM&btpdb.G58M8eX.dGZjLjM2NjE5ODM=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjc0ODczNTg=U0VTU0lPTg
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jul 2021 14:48:18 GMT
Server: nginx
ETag: d41d8cd98f00b204e9800998ecf8427e
P3P: CP=NOI DSP COR NID
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 0
X-BT-RequestId: d89d0b80-efb2-11eb-9b1d-0000ac1508e9

GET
H/1.1 200
OK tag Show response
s.thebrighttag.com/ 0
543 B 44ms
44ms Script
text/javascript 52.208.178.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.thebrighttag.com/tag?site=G58M8eX&H=-66mh2ew&referrer=https%3A%2F%2Fwww.pokerstars.de%2Fsites%2Faff%2Fgrouppoker%2F2%2F&docReferrer=http%3A%2F%2Fgo.nanzerkalo.com%2F&mode=v2&cf=7486915&_cb_bt_data(%27signal%20id%27)=16635459879463&_cb_bt_data(%27ga%20uid%20mixed%27)=1936995837-1627483697&_cb_bt_data(%27ps_ga_property-(bi)%27)=UA-56166869-1&btpdb.G58M8eX.dGZjLjc0Mzg0OTM=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjUzMTk1MDY=U0VTU0lPTg&btpdb.G58M8eX.c2lnbmFsIGlk=MTY2MzU0NTk4Nzk0NjM&btpdb.G58M8eX.dGZjLjM2NjE5ODM=U0VTU0lPTg&btpdb.G58M8eX.dGZjLjc0ODczNTg=U0VTU0lPTg
Requested by: Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jul 2021 14:48:18 GMT
Server: nginx
ETag: d41d8cd98f00b204e9800998ecf8427e
P3P: CP=NOI DSP COR NID
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 0
X-BT-RequestId: d89d0b80-efb2-11eb-b543-0000ac150901

POST
H/1.1 200 lgc Show response
d9.flashtalking.com/ Frame 3201 103 B
748 B 63ms
63ms XHR
application/json 34.249.65.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d9.flashtalking.com/lgc
Requested by: Host: d9.flashtalking.com
URL: https://d9.flashtalking.com/d9core
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.65.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-65-165.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash: e8290f2dc15d0ee88fbe87a179d15357dd7cc1695835646661f10674c4fc8287

Request headers

Referer: https://servedby.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Wed, 28 Jul 2021 14:48:17 GMT
Content-Encoding: gzip
Server: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,SERVER
P3P: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin: https://servedby.flashtalking.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=ISO-8859-1
Content-Length: 79

GET
H/1.1 200
OK /
servedby.flashtalking.com/track/120607;12865;403;16274836-9797-340D-4871-C0B646303B12/ Frame 3201 42 B
396 B 10ms
9ms Image
image/gif 209.197.3.19
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedby.flashtalking.com/track/120607;12865;403;16274836-9797-340D-4871-C0B646303B12/?ft_data=d9:d497df3c35d1449ea85705d80a623187;d9s:d497df3c35d1449ea85705d80a623187&cachebuster=486420.6739096584
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: vip0x013.map2.ssl.hwcdn.net
Software: prod-xre-app32.frk11 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=16635459879463&ft_partnerid=16635459879463&ft_referrer=https%3A//www.pokerstars.de/sites/aff/grouppoker/2/&ns=http%3A//go.nanzerkalo.com/&cb=590583.1897890292
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jul 2021 14:48:18 GMT
Server: prod-xre-app32.frk11
X-HW: 1627483698.dop001.fr8.shc,1627483698.dop001.fr8.t,1627483698.cds283.fr8.sc,1627483698.cds283.fr8.p
Content-Type: image/gif
Cache-Control: no-cache, no-store
Connection: Keep-Alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1
tapestry.tapad.com/tapestry/ Frame 3201 95 B
336 B 16ms
15ms Image
image/png 35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tapestry.tapad.com/tapestry/1?ta_partner_id=2176&ta_partner_did=d497df3c35d1449ea85705d80a623187&ta_format=png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://servedby.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 14:48:18 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1 200
OK api
s.thebrighttag.com/ Frame 3201 0
0 43ms
42ms Image
application/json 52.208.178.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/api?site=G58M8eX&referrer=flashtalking&ftrackid=d9:d497df3c35d1449ea85705d80a623187&uid=16635459879463&cachebuster=978181.3307752509
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.208.178.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-178-181.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://servedby.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK /
servedby.flashtalking.com/segment/modify/agc5_18308;;pixel/ Frame 3201 42 B
517 B 10ms
9ms Image
image/gif 209.197.3.19
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedby.flashtalking.com/segment/modify/agc5_18308;;pixel/?name=tsg&cb=424089.77937408077
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: vip0x013.map2.ssl.hwcdn.net
Software: prod-xre-app14.frk11 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://servedby.flashtalking.com/container/18308;120606;12865;iframe/?U7=16635459879463&ft_partnerid=16635459879463&ft_referrer=https%3A//www.pokerstars.de/sites/aff/grouppoker/2/&ns=http%3A//go.nanzerkalo.com/&cb=590583.1897890292
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jul 2021 14:48:18 GMT
Server: prod-xre-app14.frk11
X-HW: 1627483698.dop001.fr8.shc,1627483698.dop001.fr8.t,1627483698.cds010.fr8.sc,1627483698.cds010.fr8.p
Content-Type: image/gif
Cache-Control: no-cache, no-store
Connection: Keep-Alive
Content-Length: 42

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
91 B 9ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1152875091428286&ev=Microdata&dl=https%3A%2F%2Fwww.pokerstars.de%2Fsites%2Faff%2Fgrouppoker%2F2%2F&rl=http%3A%2F%2Fgo.nanzerkalo.com%2F&if=false&ts=1627483699357&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Sichern%20Sie%20sich%20einen%20100%25%20Ersteinzahlungsbonus%20von%20bis%20zu%20%24600.%22%2C%22meta%3Akeywords%22%3A%22Poker%2C%20Onlinepoker%2C%20Poker%20online%2C%20Beste%20Poker-Site%2C%20Texas%20Hold%27em%2C%20Kostenlos%20Pokern%2C%20Pokerturniere%22%2C%22meta%3Adescription%22%3A%22Laden%20Sie%20PokerStars%20herunter.%20Machen%20Sie%20Ihre%20erste%20Einzahlung%20mit%20dem%20Code%20%5C%22%5Cn%20%20%20%20STARS600%5C%22.%20Sichern%20Sie%20sich%20einen%20100%25%20Bonus%20von%20bis%20zu%20%24600.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&ud[external_id]=92089880065f916134a642f3ca370d1ca39d6eee5594a2d267e3499ed4a9c537&v=2.9.43&r=stable&ec=1&o=30&fbp=fb.1.1627483697853.831355779&it=1627483697795&coo=false&es=automatic&tm=3&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.pokerstars.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 14:48:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 28 Jul 2021 14:48:19 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.traversedlp.com
URL: https://api.traversedlp.com/retargetinginclusion/enqueue

Verdicts & Comments Add Verdict or Comment

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pokerstars.de/	1970-01-19 22:14:19	Name: signalid Value: 16635459879463
www.pokerstars.de/	1970-01-19 20:47:55	Name: btpdb.G58M8eX.c2lnbmFsIGlk Value: MTY2MzU0NTk4Nzk0NjM
www.pokerstars.de/	1969-12-31 23:59:59	Name: btpdb.G58M8eX.dGZjLjUzMTk1MDY Value: U0VTU0lPTg
www.pokerstars.de/	1969-12-31 23:59:59	Name: btpdb.G58M8eX.dGZjLjc0Mzg0OTM Value: U0VTU0lPTg
.pokerstars.de/	1970-01-20 13:35:55	Name: _ga Value: GA1.2.496751242.1627483698
www.pokerstars.de/	1970-01-20 00:23:55	Name: pstrk.info Value: %7B%22Sec15%22%3A0%2C%22UT%22%3A%22A%22%2C%22PT%22%3A%22%22%7D
.pokerstars.de/	1970-01-19 20:04:43	Name: _gat Value: 1
.pokerstars.de/	1970-01-19 20:04:43	Name: _gat_xp0 Value: 1
www.pokerstars.de/	1970-01-20 00:23:55	Name: pstrk.gid Value: 496751242.1627483698
www.pokerstars.de/	1969-12-31 23:59:59	Name: btpdb.G58M8eX.dGZjLjM2NjE5ODM Value: U0VTU0lPTg
.pokerstars.de/	1970-01-19 20:06:10	Name: _gid Value: GA1.2.1129886074.1627483698
.pokerstars.de/	1970-01-19 20:04:43	Name: _gat_t1 Value: 1

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://s.btstatic.com/lib/ced0fc472aa6365f5428e58e4639a7605ca36261.js?v=2(Line 992) Message: on non-fb sites, tracking as usual
console-api	log	URL: https://s.btstatic.com/tag.js(Line 2) Message: Signal: error: {"type":"dbe","message":"ReferenceError: wbid is not defined","dbe.name":"pstrkidmanager wbid","pageId":1555081}
console-api	log	(Line 44) Message: in custom tag: position 1
console-api	log	(Line 66) Message: in custom tag: position 2
console-api	log	(Line 49) Message: sigGetIds: pstrkIdManager is present.....requesting IdReadyEvent....
console-api	log	(Line 14) Message: SmartCustom Event Listener: pstrkIdManagerMediamathReady event captured in smart tag
console-api	log	(Line 15) Message: SmartCustom Event Listener: Mediamath ID:15376101-6e30-4300-9a88-b10ac5272efd
console-api	log	(Line 19) Message: SmartCustom Event Listener: pstrkIdManagerFbpidReady event captured in smart tag
console-api	log	(Line 20) Message: SmartCustom Event Listener: fb_pid:fb.1.1627483697853.831355779
console-api	log	(Line 40) Message: SmartCustom Event Listener: pstrkIdManagerWidReady event captured in smart tag
console-api	log	(Line 41) Message: SmartCustom Event Listener: WID:
console-api	log	(Line 40) Message: SmartCustom Event Listener: pstrkIdManagerWidReady event captured in smart tag
console-api	log	(Line 41) Message: SmartCustom Event Listener: WID:
console-api	log	(Line 30) Message: SmartCustom Event Listener: PstrkIdManagerSignalIDReady event captured in smart tag
console-api	log	(Line 31) Message: SmartCustom Event Listener: signal_id:490970582030534
console-api	log	(Line 30) Message: SmartCustom Event Listener: PstrkIdManagerSignalIDReady event captured in smart tag
console-api	log	(Line 31) Message: SmartCustom Event Listener: signal_id:490970582030534
console-api	log	(Line 35) Message: SmartCustom Event Listener: pstrkIdManagergauidReady event captured in smart tag
console-api	log	(Line 36) Message: SmartCustom Event Listener: pstrk.gid:1936995837-1627483697

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8954552.fls.doubleclick.net
adservice.google.com
api.traversedlp.com
bat.bing.com
bluestarfresh.com
cm.g.doubleclick.net
cmsstorage.rationalcdn.com
connect.facebook.net
d9.flashtalking.com
fonts.googleapis.com
fonts.gstatic.com
go.nanzerkalo.com
googleads.g.doubleclick.net
its.tradelab.fr
offer-notavailable.com
pixel.mathtag.com
rapid-cdn.com
s.btstatic.com
s.thebrighttag.com
s3.amazonaws.com
s4.rationalcdn.com
secure.adnxs.com
secure.starsaffiliateclub.com
servedby.flashtalking.com
static.bouncepilot.com
static.traversedlp.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
tapestry.tapad.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.pokerstars.de
www.pokerstars.eu
www.psimg.com
www.qatarmobile.net
api.traversedlp.com
104.111.238.76
104.111.248.191
13.224.99.92
138.128.7.214
142.250.184.194
142.250.185.66
151.101.14.49
184.30.20.207
185.29.135.226
185.33.221.90
208.115.125.90
209.197.3.19
216.189.51.90
216.58.212.166
2600:9000:2156:b400:10:b308:84c0:93a1
2606:4700:3030::6815:21e4
2606:4700:3031::6815:4a86
2620:1ec:c11::200
2a00:1450:4001:800::2004
2a00:1450:4001:803::200a
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2008
2a00:1450:4001:812::2003
2a00:1450:4001:828::2003
2a00:1450:4001:828::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c08::9a
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
34.232.232.115
34.249.65.165
35.227.248.159
52.208.178.181
52.217.162.184
62.212.64.230
77.87.180.149
77.87.180.198
77.87.181.72
91.92.196.187
0871a4fb3ca24b6f2f715f2e777249400db4ceb9d5650cad997633bca060f28a
0a9e8052dd71352510a69ba0b9c9705f24d662a42fa20877986e35690160cd08
0cc60f07ff95c7e8968c2aa379fe4b2691aab2b6e61083ec240aab87532425b2
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
0e42226e585bcdd0c90a3065bf757764547a3b5c203dca662868ee5cad1cd567
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1d878d54b9a998f52c94a6956310423cba9996302c42f60d9b7fe81da51992c7
1f111799d49e279ce18886e967bd7d294a32b46276c74f894f9f1e2c79b11681
221dd264ff1358b01c815e4aeb1b91cb014347ac1d94f1decb096914c45bc8a5
2f0fa553351394cc54e9562d18e015776cb640805972ed72737c23121ecdcdc7
304a0259406001319e10acd097537e33bbc0157670417a48fdd527a889951f65
306094011fa17d1eb215263299126f9f95f50a1c2235c991846ccfd1911a6dce
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
35280dcdaa2133ae54a0d04d8089fc800b5308fa33dc37615f63487320f76e65
3ad3fefdb207753cf1f7f14c610030fd6b00660db09420776630d056c35a2c58
3b7fba8bb89e137ad4ce83b112d860bf6fa6f06c2c8c42baed64b34c4d0f45c6
3bca67455c27a03bbaa0a91d29cbf8d2080c9c46e81f914d380528dd2e8c23cb
3bd4f67775a474ee9b6948e59c214d1cde3deabf7df4226a28db2f585940c8a0
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fc0991859b77e2bce01c007930d5363bbfc4147e5d07f8f7063bd6450b01720
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4bfcd81b1c8cb16dbef3943b9e226283221681bd87a4ebd2ffd169bcd9586597
4d40f438017ea1a1465afdba3904d8f221e900ea665e0615702b27a41bf0cde1
51a81808ca1d23ba799073204dd27221b0d53e9aba2c083709e9a4511a567f54
5ae8a670947d2e60836b1262227fc4bb0d6365c79c8de2b920a7567e8daa77fd
5c2b76989e49a2bd8c651a35634fd43081b13bde1a6385fb8e36dccc1d0d42d8
5e0a1c10fb9780a50a88bf6a518d0cab6cd28d759b62c72fd7ed5c57e3afbcea
5f3099662b77b799467fa41637efcb54382621596a06c7ccd5587c4b8e7d49dc
5ff86f271c2c50f1074477420ba9679ed243b281f5cfb7f66129bdf5eea43c24
6525cf03b464b33988d4dc99c5afd5483e8e9b2401ab0f2239d0b5c0c80dfe9e
6aa11e842888cd75c787ba6e59d03d8139f93af3da4876c39b7d1600124a126c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e9e8d16e703a71a0020912bb5435e8af2e5b41bbd4661905471f84dfb52e1d3
6ea453959190a4a3ac22ff4593ea0536ab34210dd3b201cc9d839b06d77c064b
70bf070ead0b1c4728fa295b5e98b14cf9b228c8ede128e726d4311654fcc585
74de3e342434676ffac139b0c4c26fecabd84f76ac6cd65b590324d7bb5024f4
77b1d2c0857d4e95d4c2ae7aa0abc5aaafa6bd4581b31203d1592759c26f5c44
7a88b1aa1bacfd660c918b236d7a70cecd908099c7805fa2682e58ba45a5bd5e
7dba8f52818ae72e3b7cadd92c26250056cbcc1f3224b59c9b7716994bcecc4d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84aa17f8bd026a331b01dd69bd992c95ce09df60557637f4e5fbad466338b86c
8878fe76a9d5f812136977a768b0292a70190104050ce601f84fd75c92c2f35d
9ec1fbbba4560a6a41191c08386e7fd1601d46ec380fa4b49db199e818056a4b
aedead2705a7a79bfe034558e4dcccd1ae032dd1827c8dbdf06cf8d0cec45625
afa0f37fff2f8e7bfec52887259ffecae576029f92dc9511c6b12e24449227a3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b197971af1d6f531f9fba6cab817c7eae42fc90b644f1a75394a62644ba1d165
b55af6cfaa363cdd151167a8a36dac0d4bac2bc2d5f0753b7b730b2ef4ba555f
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
c6bdcf95a45be07ebf8f86c862c2e0c8a61ce99f2ebaf30552ac15b3d6bd84c6
c85cbc016ee424158090ab27732ce06e1c588550086b1f3a1cd7e4dc2f371d62
c9f4a6e7d2d216a11524615a0caa79c8ea203468341313d992cbfa6d64e966fc
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cffddca8d8e50c017deb4c68842840d34179c4d4340473d70b545f02540147e7
d0c553c32f2dd55ce9bbe333d8f71ea5421a2793558d9b3fc9419e3780202fcc
d394c4cfa9f4a18e3b60a8b8fc1eb98f2d88ac3a93c321bc69c4eda336cdcf21
d40f6a16855ea8700ba43b2bae612b2dabe0de0477356204e3da86fc494fe3e5
d4876c12b071f74470f52c0404d10730ab271ae769c2c407fe131dae8b33e236
d549889ba9f35b8355d68b9be28a3a186621c6b01471b774716bf19642af77e1
d9544b3b9eb6449ea22b0a851773aa2d55e47806d6c51231e786c68e6f057a71
de2d174b8956ce02c80601c3f05b3033fd83b4607df0b2700b919d9d12653365
e1bfaddd7a87f0ebad2f9166ee27718d78150a42891cd42d3337dc7ed5921912
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61357f90c697f10c90ec9140ad77b04da9b8c38be42c958e1951ac3ece0c0c7
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e8290f2dc15d0ee88fbe87a179d15357dd7cc1695835646661f10674c4fc8287
e9e7e2497dd481a85a38e27d6dc6f993a7382cfcb16faa408e550f7c0b69825b
eaa36f72eb72b3aff2db9f718a8dd759386c865beb007d21521c120d4a1c1864
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f34fc1540010ce97fbbface7ebf06b74eaac6709bfc14e8a2cc37e1ba5708618
f4ddb2f3c22c9b168d1e4d11a4008f36151709c7085e497d32273a3efe850745

www.pokerstars.de Open in urlscan Pro 77.87.180.149 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

106 Requests

94 %HTTPS

41 %IPv6

32 Domains

40 Subdomains

33 IPs

7 Countries

1289 kBTransfer

2214 kBSize

12 Cookies

14 Outgoing links

Page URL History

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.pokerstars.de Open in urlscan Pro
77.87.180.149 Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

94 %
HTTPS

41 %
IPv6

32
Domains

40
Subdomains

33
IPs

7
Countries

1289 kB
Transfer

2214 kB
Size

12
Cookies

106 HTTP transactions
0 data transactions