urlscan.io logo urlscan.io
SecurityTrails logo

api.whatsapp.com Open in urlscan Pro
2a03:2880:f22d:c5:face:b00c:0:167  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://onx.la/08eea
Effective URL: https://api.whatsapp.com/send/?phone=573162261500&text=SI+estoy+interesado+&type=phone_number&app_absent=0
Submission: On December 14 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 4 countries across 25 domains to perform 84 HTTP transactions. The main IP is 2a03:2880:f22d:c5:face:b00c:0:167, located in and belongs to . The main domain is api.whatsapp.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on September 23rd 2022. Valid for: 3 months.
This is the only time api.whatsapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 52.22.106.250 14618 (AMAZON-AES)
11 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 148.69.64.76 12353 (VODAFONE-...)
3 2a00:1450:400... 15169 (GOOGLE)
20 2600:9000:20e... 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.225.77.245 16509 (AMAZON-02)
3 2a03:2880:f02... 32934 (FACEBOOK)
1 37.157.2.247 198622 (ADFORM)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2606:4700:1::... 13335 (CLOUDFLAR...)
3 35.190.43.134 15169 (GOOGLE)
1 4 2a03:2880:f12... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 37.157.4.41 198622 (ADFORM)
1 1 2a03:2880:f21... ()
9 2a03:2880:f22... ()
84 23
2    52.22.106.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-106-250.compute-1.amazonaws.com
onx.la
11    2606:4700::6812:18f6 (United States)

ASN13335 (CLOUDFLARENET, US)
scripts.cleverwebserver.com
ui.cleverwebserver.com
lp.cleverwebserver.com
call.cleverwebserver.com
1    148.69.64.76 (Porto, Portugal)

ASN12353 (VODAFONE-PT Vodafone Portugal, PT)
PTR: are.clevernt.com
sender.clevernt.com
3    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
20    2600:9000:20eb:8200:1e:e35f:100:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.onurix.com
5    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
www.google-analytics.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
gml-grp.com
2    2606:4700::6812:8ce (United States)

ASN13335 (CLOUDFLARENET, US)
www.betano.de
2    2606:4700::6813:b110 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.gmlinteractive.com
1    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    13.225.77.245 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-77-245.fra2.r.cloudfront.net
sc-static.net
3    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    37.157.2.247 (Denmark)

ASN198622 (ADFORM, DK)
s2.adform.net
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2606:4700:1::6813:854e (United States)

ASN13335 (CLOUDFLARENET, US)
a.mgid.com
3    35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com
4    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    37.157.4.41 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
1    2a03:2880:f21c:80c5:face:b00c:0:167 (None, )

ASN- ()
wa.me
9    2a03:2880:f22d:c5:face:b00c:0:167 (None, )

ASN- ()
api.whatsapp.com
static.whatsapp.net
Apex Domain
Subdomains		 Transfer
20 onurix.com
cdn.onurix.com
471 KB
11 cleverwebserver.com
scripts.cleverwebserver.com — Cisco Umbrella Rank: 31606
ui.cleverwebserver.com — Cisco Umbrella Rank: 32165
lp.cleverwebserver.com — Cisco Umbrella Rank: 62815
call.cleverwebserver.com — Cisco Umbrella Rank: 33448
306 KB
8 whatsapp.net
static.whatsapp.net
423 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
253 B
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 28
40 KB
3 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 924
1 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 373
12 KB
3 adform.net
s2.adform.net — Cisco Umbrella Rank: 5749
track.adform.net — Cisco Umbrella Rank: 4163
32 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
132 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
3 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
212 KB
2 mgid.com
a.mgid.com — Cisco Umbrella Rank: 21417
5 KB
2 gmlinteractive.com
cdn.gmlinteractive.com — Cisco Umbrella Rank: 597226
7 KB
2 betano.de
www.betano.de — Cisco Umbrella Rank: 599062
2 KB
2 gml-grp.com
gml-grp.com — Cisco Umbrella Rank: 63750
2 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 211
13 KB
2 google.com
apis.google.com — Cisco Umbrella Rank: 97
www.google.com — Cisco Umbrella Rank: 2
22 KB
2 onx.la
onx.la
13 KB
1 whatsapp.com
api.whatsapp.com
25 KB
1 wa.me
wa.me
893 B
1 google.de
www.google.de — Cisco Umbrella Rank: 7952
548 B
1 sc-static.net
sc-static.net — Cisco Umbrella Rank: 894
13 KB
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
2 KB
1 gstatic.com
fonts.gstatic.com
44 KB
1 clevernt.com
sender.clevernt.com — Cisco Umbrella Rank: 58280
431 B
84 25
Domain Requested by
20 cdn.onurix.com onx.la
8 static.whatsapp.net api.whatsapp.com
static.whatsapp.net
8 lp.cleverwebserver.com onx.la
lp.cleverwebserver.com
4 www.facebook.com 1 redirects www.betano.de
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 tr.snapchat.com sc-static.net
www.betano.de
3 bat.bing.com onx.la
bat.bing.com
www.betano.de
3 connect.facebook.net www.googletagmanager.com
connect.facebook.net
3 fonts.googleapis.com lp.cleverwebserver.com
cdn.onurix.com
www.betano.de
3 www.googletagmanager.com onx.la
www.betano.de
www.googletagmanager.com
2 track.adform.net 1 redirects www.betano.de
2 a.mgid.com onx.la
www.betano.de
2 cdn.gmlinteractive.com www.betano.de
2 www.betano.de 1 redirects lp.cleverwebserver.com
2 gml-grp.com 2 redirects
2 cdnjs.cloudflare.com onx.la
2 onx.la onx.la
1 api.whatsapp.com onx.la
1 wa.me 1 redirects
1 www.google.de www.betano.de
1 www.google.com www.betano.de
1 s2.adform.net onx.la
1 sc-static.net www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 apis.google.com onx.la
1 call.cleverwebserver.com onx.la
1 sender.clevernt.com 1 redirects
1 ui.cleverwebserver.com onx.la
1 scripts.cleverwebserver.com onx.la
84 30

This site contains links to these domains. Also see Links.

Domain
cleveradvertising.com
wa.me
Subject Issuer Validity Valid
onurix.com
Amazon		 2022-04-03 -
2023-05-02		 a year crt.sh
cleverwebserver.com
Cloudflare Inc ECC CA-3		 2022-09-06 -
2023-09-05		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
www.onurix.com
Amazon		 2021-12-12 -
2023-01-10		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
sc-static.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-27 -
2023-01-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-23 -
2022-12-22		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-11-25 -
2023-05-25		 6 months crt.sh
*.snap.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-08-16		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.whatsapp.net
DigiCert SHA2 High Assurance Server CA		 2022-09-23 -
2022-12-22		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://api.whatsapp.com/send/?phone=573162261500&text=SI+estoy+interesado+&type=phone_number&app_absent=0
Frame ID: 6743B144540C7B55192B7452AE343282
Requests: 20 HTTP requests in this frame

Frame: https://onx.la/null
Frame ID: 4CFC4144B3D870D20A104D1D21B84DC0
Requests: 28 HTTP requests in this frame

Frame: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=633235&group=62980&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUJHWUZMU1JCQUFERQ%3D%3D&ref=aHR0cHM6Ly9vbngubGEvMDhlZWE%3D&r=877766457
Frame ID: 2AB01334444180DBF4D8BD7755431368
Requests: 10 HTTP requests in this frame

Frame: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=2&siteid=1151
Frame ID: BF47AA0E60E87F9141E922619B31E240
Requests: 27 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=59013e41-1b63-4d8e-a887-ea6d3795d988&u_scsid=70caec7b-fd72-4e1a-9219-c3379fe17203&u_sclid=f52347cd-e2dc-488a-a54d-8f0b4f61d9e3
Frame ID: 612632D979AA9C773E16B12CA9CA4E28
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Redirecting

Page URL History Show full URLs

  1. https://onx.la/08eea Page URL
  2. https://wa.me/573162261500?text=SI%20estoy%20interesado%20 HTTP 302
    https://api.whatsapp.com/send/?phone=573162261500&text=SI+estoy+interesado+&type=phone_number&app_abs... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

84
Requests

92 %
HTTPS

76 %
IPv6

25
Domains

30
Subdomains

23
IPs

4
Countries

1778 kB
Transfer

5491 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://onx.la/08eea Page URL
  2. https://wa.me/573162261500?text=SI%20estoy%20interesado%20 HTTP 302
    https://api.whatsapp.com/send/?phone=573162261500&text=SI+estoy+interesado+&type=phone_number&app_absent=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://sender.clevernt.com/transporter/62980.php?ppuc=1&ppu=0&id=633235&ref=aHR0cHM6Ly9vbngubGEvMDhlZWE%3D&ruri=&r=877766457&tok=33419711310201791433&t=1671058610&cmpId=&fb=0&wl=1&iv=-1&ctr=DE&sz=1200&landing=1&hei=360 HTTP 302
  • https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=633235&group=62980&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUJHWUZMU1JCQUFERQ%3D%3D&ref=aHR0cHM6Ly9vbngubGEvMDhlZWE%3D&r=877766457
Request Chain 43
  • https://gml-grp.com/C.ashx?btag=a_1151b_904c_&affid=431&siteid=1151&adid=904&c=YSABGYFLSRBAADE HTTP 302
  • https://gml-grp.com/C.ashx?btag=a_1151b_904c_&affid=431&siteid=1151&adid=904&c=YSABGYFLSRBAADE&AutoR=1 HTTP 302
  • https://www.betano.de/promos/de/Betano-DE.aspx?btag=a_1151b_904c_YSABGYFLSRBAADE&utm_medium=431&utm_source=2&siteid=1151 HTTP 302
  • https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=2&siteid=1151
Request Chain 69
  • https://track.adform.net/Serving/TrackPoint/?pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=135944117417&ADFtpmode=2&loc=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D2%26siteid%3D1151&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
  • https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=135944117417&ADFtpmode=2&loc=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D2%26siteid%3D1151&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Request Chain 71
  • https://www.facebook.com/tr/?id=234568464078651&ev=Microdata&dl=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D2%26siteid%3D1151&rl=https%3A%2F%2Flp.cleverwebserver.com%2F&if=true&ts=1671058614175&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&a=tmgoogletagmanager&ec=2&o=30&it=1671058612539&coo=false&es=automatic&tm=3&rqm=GET HTTP 302
  • https://www.facebook.com/tr/?a=tmgoogletagmanager&cd[DataLayer]=%5B%5D&cd[JSON-LD]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&coo=false&dl=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D2%26siteid%3D1151&ec=2&es=automatic&ev=Microdata&id=234568464078651&if=true&it=1671058612539&o=30&r=stable&redirect=0&rl=https%3A%2F%2Flp.cleverwebserver.com%2F&rqm=GET&sh=1200&sw=1600&tm=3&ts=1671058614175&v=2.9.90

84 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
08eea
onx.la/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onx.la/08eea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.106.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-106-250.compute-1.amazonaws.com
Software
awselb/2.0 / PHP/7.3.33
Resource Hash
89cab21c404ff0ef033e6d69329c5c57aad97a494375c8f0dfbaa15d479981f5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, must-revalidate, private
content-length
2219
content-type
text/html; charset=UTF-8
date
Wed, 14 Dec 2022 22:56:50 GMT
expires
Wed, 14 Dec 2022 22:56:50 GMT
server
awselb/2.0
x-powered-by
PHP/7.3.33
9cc51c70b7d1ce7a6710af35f27b550f.js
scripts.cleverwebserver.com/ 		132 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.cleverwebserver.com/9cc51c70b7d1ce7a6710af35f27b550f.js
Requested by
Host: onx.la
URL: https://onx.la/08eea
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dae3cfcd0f2d91cd69bf264ed649eb1dd4e06bfb0b6fb02b06a447003b8254f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onx.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 22:56:50 GMT
x-amz-version-id
YB1T9AQ6Do.iP.WjjeZDmlv2WCWYqeyN
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 14 Dec 2022 17:10:20 GMT
server
cloudflare
x-amz-request-id
YS78Q9Y6749HSVE6
age
748
etag
W/"97f04217a75cdc4d3fabe2a4df6841d2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
779a88fd7ff39be0-FRA
x-amz-id-2
eADDPY6H1eKuU0Sp4WIS+Qek3jJDaCpLxsQrjSFh22B+Bd7A6iifQoPPznAXVKMDCGeeHKuqMCI=
expires
Wed, 14 Dec 2022 23:26:50 GMT
/
ui.cleverwebserver.com/ 		160 B
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ui.cleverwebserver.com/
Requested by
Host: onx.la
URL: https://onx.la/08eea
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6485b46ca315118bfcf650f4a86bac9e6135d68cf5a5fde6b933d5d75a02e825

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onx.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 22:56:50 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
779a88fe493f9be0-FRA
content-type
application/javascript
null
onx.la/ Frame 4CFC 		11 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onx.la/null
Requested by
Host: onx.la
URL: https://onx.la/08eea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.106.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-106-250.compute-1.amazonaws.com
Software
awselb/2.0 / PHP/7.3.33
Resource Hash
5c93b4e2e658d0e87dd6374842cd999aa2b26d5424cafdde1448a4fba535a626

Request headers

Referer
https://onx.la/08eea
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, must-revalidate, private
content-length
11230
content-type
text/html; charset=UTF-8
date
Wed, 14 Dec 2022 22:56:51 GMT
expires
Wed, 14 Dec 2022 22:56:51 GMT
server
awselb/2.0
x-powered-by
PHP/7.3.33
/
lp.cleverwebserver.com/betano/de/sports/grp1/ Frame 2AB0
Redirect Chain
  • https://sender.clevernt.com/transporter/62980.php?ppuc=1&ppu=0&id=633235&ref=aHR0cHM6Ly9vbngubGEvMDhlZWE%3D&ruri=&r=877766457&tok=33419711310201791433&t=1671058610&cmpId=&fb=0&wl=1&iv=-1&ctr=DE&sz=...
  • https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=633235&group=62980&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUJ...
1 KB
715 B 		Document
General
Check archive.org
Download Go to
Full URL
https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=633235&group=62980&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUJHWUZMU1JCQUFERQ%3D%3D&ref=aHR0cHM6Ly9vbngubGEvMDhlZWE%3D&r=877766457
Requested by
Host: onx.la
URL: https://onx.la/08eea
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
677c7d98b2066fd6e4bd0da6f4f4e0e4e29e9181141e71bc3a788e604cd12798

Request headers

Referer
https://onx.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=1800
cf-cache-status
MISS
cf-ray
779a89001bf19be0-FRA
content-encoding
br
content-type
text/html
date
Wed, 14 Dec 2022 22:56:51 GMT
expires
Wed, 14 Dec 2022 23:26:51 GMT
last-modified
Wed, 14 Dec 2022 17:05:41 GMT
server
cloudflare
vary
Accept-Encoding
x-amz-id-2
nNBtkzoprvvps027RQIB68uFH3kU+rgrgVxRxaGnrVBybojdZCkWQ5fMhUprYIGe6LQ4SIdQ9MM=
x-amz-request-id
C16PQWBB3FYC4AF0

Redirect headers

cache-control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
content-type
text/html; charset=UTF-8
date
Wed, 14 Dec 2022 22:56:51 GMT
expires
Fri, 27 Jun 1986 23:00:00 GMT
last-modified
Wed, 14 Dec 2022 22:56:51 GMT
location
https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=633235&group=62980&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUJHWUZMU1JCQUFERQ%3D%3D&ref=aHR0cHM6Ly9vbngubGEvMDhlZWE%3D&r=877766457
pragma
no-cache
server
nginx
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		655 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f312aead73c7059dc22bbff1a38210eaacd5e2d7beaaec586a32575c54bc35a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
/
call.cleverwebserver.com/ 		43 B
156 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://call.cleverwebserver.com/?id=62980&c=DE&r=HE&l=58&b=Chrome&os=Win10&mob=0&v=1.33.3&ref=aHR0cHM6Ly9vbngubGEvMDhlZWE%3D&ruri=&iv=-1&ctr=DE&sz=1200
Requested by
Host: onx.la
URL: https://onx.la/08eea
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onx.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 22:56:51 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
779a88fefa2f9be0-FRA
content-length
43
content-type
image/gif
js
www.googletagmanager.com/gtag/ Frame 4CFC 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-72913840-5
Requested by
Host: onx.la
URL: https://onx.la/null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
73c1e253a02bb416439695b9430c05043e44d9c7fec6bf397fec9b99706250c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onx.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 22:56:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43654
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 14 Dec 2022 22:56:51 GMT
bootstrap.min.css
cdn.onurix.com/web/assets/css/ Frame 4CFC 		139 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.onurix.com/web/assets/css/bootstrap.min.css
Requested by
Host: onx.la
URL: https://onx.la/null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8200:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6819939767e492cfe44998e97e1328cc121cb3b3167c80924dbdbe942fc1a77e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onx.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 14:27:34 GMT
content-encoding
gzip
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
x-amz-version-id
null
last-modified
Thu, 02 Jun 2022 16:29:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
808158
etag
W/"63caaf5a48aed3a981643343ebac7a35"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, max-age=8640000
x-amz-cf-id
3KxsoQgsNNbFDXfBO0QWk4X3vTE2JajnAlsoFIwPIOuJPX2fe36P9g==
bootstrap-social.css
cdn.onurix.com/web/assets/css/ Frame 4CFC 		28 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.onurix.com/web/assets/css/bootstrap-social.css
Requested by
Host: onx.la
URL: https://onx.la/null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8200:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
275ad38575769a9c620913155a7bacf2636aae462f78a2d67db83c4d1461a60e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onx.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 01:02:42 GMT
content-encoding
gzip
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
x-amz-version-id
null
last-modified
Thu, 02 Jun 2022 16:29:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
78850
etag
W/"e211f3eb78f9e7c2fd2bf0043481ea72"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, max-age=8640000
x-amz-cf-id
iudDQFwX9ru6taf7oOrb6kGRfL364iljvU9YCRmanOfLNY33F5Vn0Q==
plugins.css
cdn.onurix.com/web/assets/css/ Frame 4CFC 		225 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.onurix.com/web/assets/css/plugins.css
Requested by
Host: onx.la
URL: https://onx.la/null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8200:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b61170c570b35792e6612ccb32cb828d644cb5a8a692ebc7656f4ce710451d68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onx.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:01:19 GMT
content-encoding
gzip
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
x-amz-version-id
null
last-modified
Thu, 02 Jun 2022 16:29:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
204933
etag
W/"ee8b1c59cf808ad7ece610402eecc620"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, max-age=8640000
x-amz-cf-id
alc0vC7I1Afx1NLBB2YFulrHKYVE7fGWsrDIU_6pEhoKBrnjg4-tFA==
main.css
cdn.onurix.com/web/assets/css/ Frame 4CFC 		66 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.onurix.com/web/assets/css/main.css
Requested by
Host: onx.la
URL: https://onx.la/null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8200:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ca91f61e60e1f54766cc8f4534ce9db9c9a05850fb39f3f9fbb9e5e3efff134

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onx.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 18:45:12 GMT
x-amz-version-id
null
content-encoding
gzip
last-modified
Tue, 22 Nov 2022 13:48:03 GMT
server
AmazonS3
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
etag
W/"c46b7ca3493f8be5854c70fa0e3fc284"
age
15100
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
v3F6AhBy0kbApB1Q8j25bSherlzv0y69CscBsmyWUmJw-W6-Xuj7Hg==
themes.css
cdn.onurix.com/web/assets/css/ Frame 4CFC 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.onurix.com/web/assets/css/themes.css
Requested by
Host: onx.la
URL: https://onx.la/null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8200:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f92d2de12476e4800ece4cf4aae2ca4f45a56ae77e999e210a1363806723271

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onx.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 11:45:57 GMT
content-encoding
gzip
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
x-amz-version-id
null
last-modified
Thu, 02 Jun 2022 16:29:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
126655
etag
W/"4ab9efe60cd3ebf2b724ed334e46d4ec"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, max-age=8640000
x-amz-cf-id
48OVX7vd_ID5BRtfmsHWWNCMdSMOLP9SEcKpYMfsmepeiDCoUh469Q==
jquery.min.js
cdn.onurix.com/web/assets/js/ Frame 4CFC 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onurix.com/web/assets/js/jquery.min.js
Requested by
Host: onx.la
URL: https://onx.la/null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8200:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onx.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 14:27:34 GMT
content-encoding
gzip
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
x-amz-version-id
null
last-modified
Thu, 02 Jun 2022 16:29:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
808158
etag
W/"710458dd559c957714ac4a8e95357eb5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=8640000
x-amz-cf-id
DFKUFvikx8FdDfRnILtnPUp4mmqH2IJttkm2647_CEPj4nFg-k8_hw==
bootstrap.min.js
cdn.onurix.com/web/assets/js/ Frame 4CFC 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onurix.com/web/assets/js/bootstrap.min.js
Requested by
Host: onx.la
URL: https://onx.la/null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8200:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fecc5917f95a4ba2c4e591ac7a2ca650eb142879f61a0194842496f5b6fbd366

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onx.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 14:27:34 GMT
content-encoding
gzip
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
x-amz-version-id
null
last-modified
Thu, 02 Jun 2022 16:29:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
808158
etag
W/"d00f6797c3ca41b712886d160befa7b4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=8640000
x-amz-cf-id
b5yTzeVE0ithYD89xxCm_w2UA2Wke1l-C0UPRMJMnBqefS83MnkxTw==
platform.js
apis.google.com/js/ Frame 4CFC 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: onx.la
URL: https://onx.la/null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e0194519c661e2457b5eed727ddb9096a5b13778ba6c1a3813d97852ad8bcdf
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onx.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 14 Dec 2022 22:56:51 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20982
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"0053a8bd2046ac7c"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Dec 2022 22:56:51 GMT
jquery-confirm.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.2/ Frame 4CFC 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.2/jquery-confirm.min.js
Requested by
Host: onx.la
URL: https://onx.la/null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d14cf552496ba4036ec2a27b334679e2388e13f199c25a76101482eac970ea3f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onx.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 22:56:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2947591
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6362
last-modified
Mon, 04 May 2020 16:11:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec1-6cf8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YXLGC6oYi2a3HSEWJubpli5GwPfm7GRL8k5oY4mjSgRhL%2F06cZ15C0ujXH2nfjIMf7hW0rdzyWVDiynHT8GDmkwcmcr92i34XpN6Ma3GaSweCu68Y9J%2Bh8g67hWi5viCWKEwGgojYGXW1flEjnFXg2jx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
779a8900bbd0bbe5-FRA
expires
Mon, 04 Dec 2023 22:56:51 GMT
plugins.js
cdn.onurix.com/web/assets/js/ Frame 4CFC 		792 KB
230 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onurix.com/web/assets/js/plugins.js
Requested by
Host: onx.la
URL: https://onx.la/null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8200:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
74273066540e98f18789141f8c716b8c7a366956c420c9f5d4f60f49857c6bc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onx.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 14:27:34 GMT
content-encoding
gzip
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
x-amz-version-id
null
last-modified
Thu, 02 Jun 2022 16:29:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
808158
etag
W/"416bce33943523f861b34debe22705bd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=8640000
x-amz-cf-id
AZk_7rOCmtTLQ5SVbBehBNUGYl3BnbtFRuuvySHPEu2PLMt54NN5Kw==
logo50.png
cdn.onurix.com/web/assets/img/ Frame 4CFC 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.onurix.com/web/assets/img/logo50.png
Requested by
Host: onx.la
URL: https://onx.la/null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8200:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fef08bb770de31e21a771b1683dda8d28d3c978f6e1159303c93ea1549fcc07c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onx.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 18:45:12 GMT
x-amz-version-id
null
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 21:08:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
15100
etag
"ad21d089afb311a7627086b18364146e"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2883
x-amz-cf-id
Vz_wXzLWyKhGvehNFmiPnNqdmytowc_uKRE6Od-f-DK24HsTGJ13HA==
es.png
cdn.onurix.com/web/assets/img/flags/ Frame 4CFC 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.onurix.com/web/assets/img/flags/es.png
Requested by
Host: onx.la
URL: https://onx.la/null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8200:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d78c4fd516efd93e32056aa666f16bae5d21f65a51131c436b22d3f4fb117393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onx.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 01:02:42 GMT
x-amz-version-id
null
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Thu, 02 Jun 2022 16:29:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
78850
etag
"d764eb39dec0274a70b9b6315b110ab0"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=8640000
accept-ranges
bytes
content-length
1852
x-amz-cf-id
bLYsvCXAGO-lId6rAjRR4izhR_dahWErcssbAHHl3MILZdrI56cbwg==
en.png
cdn.onurix.com/web/assets/img/flags/ Frame 4CFC 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.onurix.com/web/assets/img/flags/en.png
Requested by
Host: onx.la
URL: https://onx.la/null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8200:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f8d4dc8a2de390baede6c2ed7dcf8b105301cd30d4bb49eb5d8fe7b58cda36fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onx.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 14:27:35 GMT
x-amz-version-id
null
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Thu, 02 Jun 2022 16:29:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
808157
etag
"931a5c99353036eddb0c811640ab4b0d"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=8640000
accept-ranges
bytes
content-length
2488
x-amz-cf-id
IEt3Uv3rZFaDhLc0qXntc63B0ZF2KhTLEcQ4H8OwSdNBVEKl9Xj2cQ==
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ Frame 4CFC 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: onx.la
URL: https://onx.la/null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onx.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 22:56:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
189676
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2Fkk2JwfpN4QtDHa55d7LRE%2FVIc0L1Dk59YixHoGhiavn25mzSMUEzOPC1Nz92yF1LMIu0KgygiHGkyzGocfGCzCd2gYucI1aJgLPAlIG3%2F6Di33%2FSpeJ7TrdqzLiXW%2F0KKRMRQUE0Yyg6XlhJF39cv9"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
779a89027f07bbe5-FRA
expires
Mon, 04 Dec 2023 22:56:51 GMT
bootstrap_error.min.css
cdn.onurix.com/web/assets/css/ Frame 4CFC 		108 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.onurix.com/web/assets/css/bootstrap_error.min.css
Requested by
Host: onx.la
URL: https://onx.la/null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8200:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf76deced8154c9bb5d86f892d81e6f8292d40900cdbdb484063dc0644019ef7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onx.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 08:33:00 GMT
content-encoding
gzip
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
x-amz-version-id
null
last-modified
Thu, 02 Jun 2022 16:29:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
311032
etag
W/"b10ff26c25b42323817ac67a7038c391"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, max-age=8640000
x-amz-cf-id
CAdzY8Tjtbmo_A2-fCLWOAVGQiIpV7rokUUpt5gfAvUdgFyFkn2GrA==
plugins_error.css
cdn.onurix.com/web/assets/css/ Frame 4CFC 		211 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.onurix.com/web/assets/css/plugins_error.css
Requested by
Host: onx.la
URL: https://onx.la/null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8200:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1a293c17367401f95e0033f63690458c58408db245c695aa90fcdac702d9bf66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onx.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 14:27:35 GMT
content-encoding
gzip
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
x-amz-version-id
null
last-modified
Thu, 02 Jun 2022 16:29:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
808157
etag
W/"e6735a92e844586bb13710fd97a4fba0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, max-age=8640000
x-amz-cf-id
2fTHWDN4BHuc5EUIVwa-Sbh-bNNCYiZxOtTr_RuN-GpqoTZqD2erLw==
main_error.css
cdn.onurix.com/web/assets/css/ Frame 4CFC 		82 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.onurix.com/web/assets/css/main_error.css
Requested by
Host: onx.la
URL: https://onx.la/null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8200:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5bf147816dd912f69bc4b5181eba3aadba92959bcceb7c2611d6ebfc71a6b5f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onx.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 11:45:57 GMT
content-encoding
gzip
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
x-amz-version-id
null
last-modified
Thu, 02 Jun 2022 16:29:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
126655
etag
W/"fc8596fbbbcf42d13391615246bb3bba"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, max-age=8640000
x-amz-cf-id
MY2zQg9BARqiWPHuizLwh4pe1b4cpkJ4RcuT7fjjcSFn4O_ckuZc5Q==
themes_error.css
cdn.onurix.com/web/assets/css/ Frame 4CFC 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.onurix.com/web/assets/css/themes_error.css
Requested by
Host: onx.la
URL: https://onx.la/null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8200:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab0b457b80cef3e95cd052a050585750d385e355e6543c366c8c85ef299b5dfd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onx.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 15:32:22 GMT
content-encoding
gzip
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
x-amz-version-id
null
last-modified
Thu, 02 Jun 2022 16:29:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
372270
etag
W/"2d589f556ddda0926691f77b53e11a8a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, max-age=8640000
x-amz-cf-id
KRlYn9tmB_Le4xwOs40Lo0jaCIzsDInNgF734MfVVfyYuRAJ2Hs2xQ==
modernizr_error.min.js
cdn.onurix.com/web/assets/js/ Frame 4CFC 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onurix.com/web/assets/js/modernizr_error.min.js
Requested by
Host: onx.la
URL: https://onx.la/null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8200:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b066d510c4090e83cec09026d4d5ab1ff2dbb08f68459761dad83ffec1774e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onx.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 14:27:35 GMT
content-encoding
gzip
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
x-amz-version-id
null
last-modified
Thu, 02 Jun 2022 16:29:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
808157
etag
W/"91fff4814d41a78907a0cc7b722dbd54"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=8640000
x-amz-cf-id
wFE7FSSw0xAXFco8JRVBxxvc5ksWpY7Y8sCXFvtjiWiuAYV0Gl7JvA==
logo512.png
cdn.onurix.com/web/assets/img/ Frame 4CFC 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.onurix.com/web/assets/img/logo512.png
Requested by
Host: onx.la
URL: https://onx.la/null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8200:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5dc01eb027679fdf0f544924efc6512f44e990d550e55f9ef2292df92f389a3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onx.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 18:45:12 GMT
x-amz-version-id
null
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 21:08:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
15100
etag
"68f4273accbabe7a057daad1dd9b89b2"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
39821
x-amz-cf-id
EpJ3Wvyw-54_rO8AjQmCj53ONwqqQuy0WjfgwALTTercFFvGFSIn_A==
medios-de-pago.png
cdn.onurix.com/web/assets/img/ Frame 4CFC 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.onurix.com/web/assets/img/medios-de-pago.png
Requested by
Host: onx.la
URL: https://onx.la/null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8200:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0ea131a8a292456efa9e9a8915ddc9dda759229232fdda6f0166231aceed5766

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onx.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 14:27:35 GMT
x-amz-version-id
null
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Thu, 02 Jun 2022 16:29:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
808157
etag
"809e44cdcbf221c5b7681c55b3ee536b"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=8640000
accept-ranges
bytes
content-length
6127
x-amz-cf-id
ec4FES0TKEMac96_7WYyy1yR2DtIip15GgAb-J_BmKEuvY3vzRDX7w==
app.js
cdn.onurix.com/web/assets/js/ Frame 4CFC 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onurix.com/web/assets/js/app.js
Requested by
Host: onx.la
URL: https://onx.la/null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8200:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
99de438a78b16dc0eab407baf55306f02e3775f09f428bac09ee5e13f0bc31eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onx.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 14:27:35 GMT
content-encoding
gzip
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
x-amz-version-id
null
last-modified
Thu, 02 Jun 2022 16:29:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
808157
etag
W/"c1acc5cff18b09c3e6a86816734bf19a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=8640000
x-amz-cf-id
vtI8T6qQiy8uibtgIfV7mhwOvjUt32Jr4YLxgUmcsUlsJ_h6dIQlvw==
apdi.js
cdn.onurix.com/web/assets/js/ Frame 4CFC 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onurix.com/web/assets/js/apdi.js
Requested by
Host: onx.la
URL: https://onx.la/null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8200:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5957c5b418c1a2128adb6982bf2bebd2217eec361f0dbca241302756c72dd26e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onx.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 11:45:57 GMT
content-encoding
gzip
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
x-amz-version-id
null
last-modified
Thu, 02 Jun 2022 16:29:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
126655
etag
W/"e7074e25120359e4e243050002f0b75c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=8640000
x-amz-cf-id
LclmPvdOUjXNROQMk5dbBLDp2GSAY6s7f2ja6gzXzg0cgu-Su_cK2w==
style.css
lp.cleverwebserver.com/betano/de/sports/grp1/ Frame 2AB0 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lp.cleverwebserver.com/betano/de/sports/grp1/style.css?v=3
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=633235&group=62980&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUJHWUZMU1JCQUFERQ%3D%3D&ref=aHR0cHM6Ly9vbngubGEvMDhlZWE%3D&r=877766457
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e16cf57d5864a0923be893617f104cda5486ea3b4eb1f8a1d402a9debd74eb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=633235&group=62980&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUJHWUZMU1JCQUFERQ%3D%3D&ref=aHR0cHM6Ly9vbngubGEvMDhlZWE%3D&r=877766457
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 22:56:51 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
288BARZG09N3PDJF
age
800
cf-polished
origSize=10303
x-amz-id-2
AXeZggxR5MPY1PaW02Lh5t1bRrqmrQ3CgXAqEkYZcAVyBbPPYjT/Cz3+AJxT+RdyTvo09FTGPzw=
cf-bgj
minify
last-modified
Sat, 03 Dec 2022 01:36:47 GMT
server
cloudflare
etag
W/"073bb6043f3339ac3a807ec409b6e0af"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=1800
cf-ray
779a89009cba9be0-FRA
expires
Wed, 14 Dec 2022 23:26:51 GMT
anzeige.svg
lp.cleverwebserver.com/betano/de/sports/grp1/imgs/ Frame 2AB0 		1 KB
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/betano/de/sports/grp1/imgs/anzeige.svg?v=3
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=633235&group=62980&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUJHWUZMU1JCQUFERQ%3D%3D&ref=aHR0cHM6Ly9vbngubGEvMDhlZWE%3D&r=877766457
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98af5e2d044165db4fe04e7a288c125ad78d50bd9e212ca6e520e5a55140e869

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=633235&group=62980&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUJHWUZMU1JCQUFERQ%3D%3D&ref=aHR0cHM6Ly9vbngubGEvMDhlZWE%3D&r=877766457
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 22:56:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Dec 2022 12:51:02 GMT
server
cloudflare
x-amz-request-id
RJR1A4FVY3YTBR2G
age
800
etag
W/"3e9d1a10a1056de77db1bab72b55ef1c"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
779a89009cbc9be0-FRA
x-amz-id-2
tdDmcrk6fEU8FeL+BLL4tR+7Ic1pSJx0i9bptjMzTUvKnB/l1tr/dCIlgmciQEwLs8wcBR6nGc8=
expires
Wed, 14 Dec 2022 23:26:51 GMT
copy.svg
lp.cleverwebserver.com/betano/de/sports/grp1/imgs/ Frame 2AB0 		59 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/betano/de/sports/grp1/imgs/copy.svg?v=3
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=633235&group=62980&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUJHWUZMU1JCQUFERQ%3D%3D&ref=aHR0cHM6Ly9vbngubGEvMDhlZWE%3D&r=877766457
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
633b156edd6a32c425a6208ab23dd393267ba2ee301308afe7c64aca4d4dc223

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=633235&group=62980&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUJHWUZMU1JCQUFERQ%3D%3D&ref=aHR0cHM6Ly9vbngubGEvMDhlZWE%3D&r=877766457
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 22:56:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Dec 2022 12:51:02 GMT
server
cloudflare
x-amz-request-id
YSP99Z1V4Z951E8V
age
1427
etag
W/"7f803ad83ee753fad0274978d34e95d1"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
779a89009cc49be0-FRA
x-amz-id-2
GWWeztoS5xFv6iwWeH6QQn9B2J7DWQeUayUw0e7pb9obw16JasdxW0+O03UX6ITvfopZ2WP/HeQ=
expires
Wed, 14 Dec 2022 23:26:51 GMT
copy-push.svg
lp.cleverwebserver.com/betano/de/sports/grp1/imgs/ Frame 2AB0 		59 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/betano/de/sports/grp1/imgs/copy-push.svg?v=3
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=633235&group=62980&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUJHWUZMU1JCQUFERQ%3D%3D&ref=aHR0cHM6Ly9vbngubGEvMDhlZWE%3D&r=877766457
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d63715c3e74f56f56f02445733f7d1e1ba3332d37d4e2cb0cfac2b14ef85dc7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=633235&group=62980&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUJHWUZMU1JCQUFERQ%3D%3D&ref=aHR0cHM6Ly9vbngubGEvMDhlZWE%3D&r=877766457
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 22:56:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 10 Dec 2022 20:09:14 GMT
server
cloudflare
x-amz-request-id
8B76EESSWH4YFT3E
age
800
etag
W/"ce447a43d49084fb0a8eb2d04e2cec1a"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
779a8900acc69be0-FRA
x-amz-id-2
49LOG9Se0YpOsIhpuaUjsrQSio39+6iQDGHdT0JJ+Jv3fJjB8o8jnllzXMYXEZXCr/3LVLZrl4I=
expires
Wed, 14 Dec 2022 23:26:51 GMT
rocket-loader.min.js
lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 2AB0 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=633235&group=62980&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUJHWUZMU1JCQUFERQ%3D%3D&ref=aHR0cHM6Ly9vbngubGEvMDhlZWE%3D&r=877766457
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=633235&group=62980&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUJHWUZMU1JCQUFERQ%3D%3D&ref=aHR0cHM6Ly9vbngubGEvMDhlZWE%3D&r=877766457
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 22:56:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 12 Dec 2022 12:08:17 GMT
server
cloudflare
etag
W/"639719b1-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
779a8900acc89be0-FRA
expires
Fri, 16 Dec 2022 22:56:51 GMT
css
fonts.googleapis.com/ Frame 2AB0 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/style.css?v=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
19d4fa5e5f7164cfa51ca5e06216f551c4905d14ee02301a5ad2bb70272b7a3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 14 Dec 2022 22:56:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 22:21:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Dec 2022 22:56:51 GMT
analytics.js
www.google-analytics.com/ Frame 4CFC 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-72913840-5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onx.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 14 Dec 2022 21:24:37 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
5534
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 14 Dec 2022 23:24:37 GMT
clever-core-other.js
lp.cleverwebserver.com/ Frame 2AB0 		1 KB
868 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.cleverwebserver.com/clever-core-other.js
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc75c92c970b9b9b4ea98bdce25142d32aee462d66d6e04090e78e299957f365

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=633235&group=62980&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUJHWUZMU1JCQUFERQ%3D%3D&ref=aHR0cHM6Ly9vbngubGEvMDhlZWE%3D&r=877766457
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 22:56:51 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
M9SNVVJ5JFK0ZJXB
age
1238
cf-polished
origSize=2002
x-amz-id-2
mnYKR1BiQyjgQ4s/doC7j1QHeNP4Yf14ekz61wSVxDAoauCnuUFrmCglkX8iLLE1OllvJgP/YUM=
cf-bgj
minify
last-modified
Wed, 14 Dec 2022 17:05:50 GMT
server
cloudflare
etag
W/"0625f7f83d53fd3b06d4460137a2bc86"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=1800
cf-ray
779a8901fead9be0-FRA
expires
Wed, 14 Dec 2022 23:26:51 GMT
bg-pushdown.jpg
lp.cleverwebserver.com/betano/de/sports/grp1/imgs/ Frame 2AB0 		193 KB
194 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/betano/de/sports/grp1/imgs/bg-pushdown.jpg?v=3
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/style.css?v=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0a65a77d1593668305691feb5f004c2599cb703916067e3a927b46c17058d3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/betano/de/sports/grp1/style.css?v=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 22:56:51 GMT
cf-cache-status
HIT
x-amz-request-id
XYT38G4QJTHYJJXX
age
797
cf-polished
origFmt=jpeg, origSize=244492
content-disposition
inline; filename="bg-pushdown.webp"
content-length
197696
x-amz-id-2
gUdl1wsJnHrEG29vIS7/VQ0i4ZQDeXdhSrgOPajFc/5lrS1189seVk8ArPu6xWAWxflG0A4J9+4=
cf-bgj
imgq:100,h2pri
last-modified
Mon, 12 Dec 2022 12:49:30 GMT
server
cloudflare
etag
"8df38c6720c708f82ea587c0a1dd83bb"
vary
Accept
content-type
image/webp
cache-control
public, max-age=1800
accept-ranges
bytes
cf-ray
779a8901feb09be0-FRA
expires
Wed, 14 Dec 2022 23:26:51 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 2AB0 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lp.cleverwebserver.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 16:15:31 GMT
x-content-type-options
nosniff
age
369680
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Dec 2023 16:15:31 GMT
css
fonts.googleapis.com/ Frame 4CFC 		18 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,600italic,700,700italic
Requested by
Host: cdn.onurix.com
URL: https://cdn.onurix.com/web/assets/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4ff44a828d3863f32d2facd2fce2881b2e50c9f1bbfb54504ab04937695bf676
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.onurix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 14 Dec 2022 22:56:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 22:43:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Dec 2022 22:56:51 GMT
Betano-DE.aspx
www.betano.de/promos/de/ Frame BF47
Redirect Chain
  • https://gml-grp.com/C.ashx?btag=a_1151b_904c_&affid=431&siteid=1151&adid=904&c=YSABGYFLSRBAADE
  • https://gml-grp.com/C.ashx?btag=a_1151b_904c_&affid=431&siteid=1151&adid=904&c=YSABGYFLSRBAADE&AutoR=1
  • https://www.betano.de/promos/de/Betano-DE.aspx?btag=a_1151b_904c_YSABGYFLSRBAADE&utm_medium=431&utm_source=2&siteid=1151
  • https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=2&siteid=1151
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=2&siteid=1151
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/clever-core-other.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1948b809a04912efd39b9d82e7029245446aab614b635d9a59aa5c70746926a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lp.cleverwebserver.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
cf-cache-status
EXPIRED
cf-ray
779a89054e209b31-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 14 Dec 2022 22:56:52 GMT
last-modified
Wed, 14 Dec 2022 22:53:24 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-farm
ce3
x-xss-protection
1; mode=block

Redirect headers

age
0
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
779a8904dd959b31-FRA
content-type
text/html; charset=utf-8
date
Wed, 14 Dec 2022 22:56:52 GMT
location
/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=2&siteid=1151
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
x-cacheable-status
302
x-content-type-options
nosniff
x-farm
ce3
x-xss-protection
1; mode=block
collect
www.google-analytics.com/j/ Frame 4CFC 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=80260153&t=pageview&_s=1&dl=https%3A%2F%2Fonx.la%2Fnull&ul=en-us&de=UTF-8&dt=ONX.la%20Acortador%20de%20URLs&sd=24-bit&sr=1600x1200&vp=&je=0&_u=YEBAAUABAAAAACAAI~&jid=353461714&gjid=1518714518&cid=1873211613.1671058612&tid=UA-72913840-5&_gid=2011831902.1671058612&_r=1&gtm=2oubu0&z=124196516
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://onx.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 22:56:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onx.la
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame BF47 		8 KB
716 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700,900&subset=cyrillic,greek
Requested by
Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=2&siteid=1151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c5e699934cfe12bf4a603217c46f701a31d4e6a3e11c0f32a83e2668b4d15e1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 14 Dec 2022 22:56:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 22:11:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Dec 2022 22:56:52 GMT
source-4.css
cdn.gmlinteractive.com/static-files/promos/css/ Frame BF47 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.gmlinteractive.com/static-files/promos/css/source-4.css
Requested by
Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=2&siteid=1151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5c7bf7bd941608a78b93872b8ac2508dc754dc6bf26271de549092826d7faa18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 22:56:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 11 Apr 2022 10:05:18 GMT
server
cloudflare
age
375
etag
W/"04382a58b4dd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
x-farm
14
cf-ray
779a89061c80bba3-FRA
logo-de.svg
cdn.gmlinteractive.com/static-files/promos/ Frame BF47 		18 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.gmlinteractive.com/static-files/promos/logo-de.svg
Requested by
Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=2&siteid=1151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1353d3cfd641b4848f94b3bd3c3f936536718e2f53c91095d5f3cb9793e3354e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 22:56:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 05 Mar 2021 12:32:44 GMT
server
cloudflare
age
208
etag
W/"03e13a4bb11d71:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-farm
15
cf-ray
779a89063cafbba3-FRA
gtm.js
www.googletagmanager.com/ Frame BF47 		302 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Requested by
Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=2&siteid=1151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
26f357b4e833968ca9d297512bb595d650d89faff82f92581dfc8f189c21f078
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 22:56:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98744
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 14 Dec 2022 22:56:52 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/ Frame BF47 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/?random=1671058612446&cv=11&fst=1671058612446&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D2%26siteid%3D1151&ref=https%3A%2F%2Flp.cleverwebserver.com%2F&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50ae17bc5e9011822a19fcddf865d7110f35ddaba357960fd960b87d0fefe2cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 22:56:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
915
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ Frame BF47 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 14 Dec 2022 21:24:37 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
5535
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 14 Dec 2022 23:24:37 GMT
scevent.min.js
sc-static.net/ Frame BF47 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.77.245 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-77-245.fra2.r.cloudfront.net
Software
CloudFront /
Resource Hash
127ed38a4225bf1e539654ce93433380bfe10c5796588d6309ecec6afe02a3c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 22:56:52 GMT
content-encoding
gzip
via
1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA2-C2
x-cache
LambdaGeneratedResponse from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
13267
x-amz-cf-id
s7nMh8R1gU_ymc5WaNRomPpB9XVtHnNN5z9hhhpHB9wQ3sB06aGlzA==
fbevents.js
connect.facebook.net/en_US/ Frame BF47 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 14 Dec 2022 22:56:52 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27298
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
+q0Bfsmfy8NMGwwZ/M6dFGBZEXvnP5aR9snP5a1r4Ky/mzB7fg6KRW6hItGtLKUA/covMMusWBoq+Y1sFTfZ4A==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
trackpoint-async.js
s2.adform.net/banners/scripts/st/ Frame BF47 		78 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by
Host: onx.la
URL: https://onx.la/08eea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
45d4d6fe0a9cae467c6d81caef5edd008c13b70ba403979f979fb86d400378c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 22:56:52 GMT
content-encoding
gzip
last-modified
Tue, 29 Nov 2022 10:23:25 GMT
server
nginx
x-amz-request-id
tx00000b607f2982f72f17d-006385e0d3-3293868f-default
etag
W/"83eb5fafaa212c785f7393188ff817aa"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
bat.js
bat.bing.com/ Frame BF47 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: onx.la
URL: https://onx.la/08eea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Wed, 14 Dec 2022 22:56:52 GMT
last-modified
Mon, 05 Dec 2022 17:15:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BA20FBA79A8C46C0A645AB296546AAD0 Ref B: FRAEDGE1817 Ref C: 2022-12-14T22:56:52Z
etag
"027e538cd8d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11460
mgsensor.js
a.mgid.com/ Frame BF47 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.mgid.com/mgsensor.js?d=1671058612473
Requested by
Host: onx.la
URL: https://onx.la/08eea
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcc6b633543bcc378409b05b180dd30d3d8104624c0948612f7ea501b103fe25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 22:56:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
3d907937-a717-4564-90da-3514968577bc
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cf-ray
779a8908392592ba-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js
www.googletagmanager.com/gtag/ Frame BF47 		206 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-W0C280Z7PP&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9f4e58943d7dc2696185b0610e03bfe9b612baffbd922e79ee274dc37e31e4db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 22:56:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
73943
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 14 Dec 2022 22:56:52 GMT
linkid.js
www.google-analytics.com/plugins/ua/ Frame BF47 		2 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 22:03:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3202
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 14 Dec 2022 23:03:30 GMT
identity.js
connect.facebook.net/signals/plugins/ Frame BF47 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.90
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 14 Dec 2022 22:56:52 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20722
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
lS/4ufpOMG4CFQFvi1nTBKaKycBMhv238vrHWdPrqmqMuXWc/tU5d9Jsb8gfj8qOHjHB+DC4q50OMLVd8koRTw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
234568464078651
connect.facebook.net/signals/config/ Frame BF47 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/234568464078651?v=2.9.90&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3198680c25a046472558836928539479ab06fe4d515a5b314c6bd60609a76b9f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 14 Dec 2022 22:56:52 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86238
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
AnzFWEs6toCKG300EP9FAMIwivtCko0IC8jvalDJYboEs6tpbzbggvIkbKp/CneAPoyT+ctbnNxmmyox2M+3xQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
i
tr.snapchat.com/cm/ Frame 6126 		0
294 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=59013e41-1b63-4d8e-a887-ea6d3795d988&u_scsid=70caec7b-fd72-4e1a-9219-c3379fe17203&u_sclid=f52347cd-e2dc-488a-a54d-8f0b4f61d9e3
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://www.betano.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Wed, 14 Dec 2022 22:56:52 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
0
59013e41-1b63-4d8e-a887-ea6d3795d988.js
tr.snapchat.com/config/de/ Frame BF47 		146 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/config/de/59013e41-1b63-4d8e-a887-ea6d3795d988.js
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
f89c6e01dda9dce70ce27a525200928133bf6c1fd7267af651ace7f81c297b2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://www.betano.de/
Origin
https://www.betano.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 22:56:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 google
server
API Gateway
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://www.betano.de
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
p
tr.snapchat.com/ Frame BF47 		68 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.snapchat.com/p?pid=59013e41-1b63-4d8e-a887-ea6d3795d988&ev=PAGE_VIEW&intg=gtm&pl=https%3A%2F%2Flp.cleverwebserver.com%2F&bt=1d53c387&if=true&m_dcl=490&m_ic=1&m_pi=490&m_pl=0&m_pv=v2&m_rd=873&m_sl=859&rf=https%3A%2F%2Flp.cleverwebserver.com%2F&trackId=270d71ce-4ffb-4a77-868b-f7cd8e6e6878&ts=1671058612582&u_sclid=f52347cd-e2dc-488a-a54d-8f0b4f61d9e3&u_scsid=70caec7b-fd72-4e1a-9219-c3379fe17203&v=2.0.0
Requested by
Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=2&siteid=1151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 22:56:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, no-transform
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
137000673.js
bat.bing.com/p/action/ Frame BF47 		0
117 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/137000673.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Wed, 14 Dec 2022 22:56:52 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FB61066AF1EC4BC6B36F00AFDFB52A9D Ref B: FRAEDGE1817 Ref C: 2022-12-14T22:56:52Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ Frame BF47 		0
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=137000673&Ver=2&mid=fd2ebb96-59bf-48ed-a561-6b9b5899ac7f&sid=998859207c0211edbf992f7879f65e08&vid=9988b2207c0211ed8b03b3c867290f88&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Flp.cleverwebserver.com%2F&r=&lt=491&evt=pageLoad&ifm=1&sv=1&rn=972981
Requested by
Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=2&siteid=1151
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 14 Dec 2022 22:56:52 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 37C4B9594058405D83DFC4D0C850784F Ref B: FRAEDGE1817 Ref C: 2022-12-14T22:56:52Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame BF47 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=234568464078651&ev=PageView&dl=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D2%26siteid%3D1151&rl=https%3A%2F%2Flp.cleverwebserver.com%2F&if=true&ts=1671058612670&sw=1600&sh=1200&v=2.9.90&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&it=1671058612539&coo=false&tm=1&rqm=GET
Requested by
Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=2&siteid=1151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 14 Dec 2022 22:56:52 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ Frame BF47 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=234568464078651&ev=PageView&dl=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D2%26siteid%3D1151&rl=https%3A%2F%2Flp.cleverwebserver.com%2F&if=true&ts=1671058612674&sw=1600&sh=1200&v=2.9.90&r=stable&a=tmgoogletagmanager&ec=1&o=30&it=1671058612539&coo=false&rqm=GET
Requested by
Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=2&siteid=1151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 14 Dec 2022 22:56:52 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.google.com/pagead/1p-user-list/763238947/ Frame BF47 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/763238947/?random=1671058612446&cv=11&fst=1671055200000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=2&url=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D2%26siteid%3D1151&ref=https%3A%2F%2Flp.cleverwebserver.com%2F&fmt=3&is_vtc=1&random=381991455&rmt_tld=0&ipr=y
Requested by
Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=2&siteid=1151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 22:56:52 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/763238947/ Frame BF47 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/763238947/?random=1671058612446&cv=11&fst=1671055200000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=2&url=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D2%26siteid%3D1151&ref=https%3A%2F%2Flp.cleverwebserver.com%2F&fmt=3&is_vtc=1&random=381991455&rmt_tld=1&ipr=y
Requested by
Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=2&siteid=1151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 22:56:52 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/Serving/TrackPoint/ Frame BF47
Redirect Chain
  • https://track.adform.net/Serving/TrackPoint/?pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=135944117417&ADFtpmode=2&loc=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx...
  • https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=135944117417&ADFtpmode=2&loc=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE...
121 B
600 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=135944117417&ADFtpmode=2&loc=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D2%26siteid%3D1151&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Requested by
Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=2&siteid=1151
Protocol
H2
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9d1d32f6fd1ed2900029c8afdf804a635950357b2c472d542333a1f6e4aa123e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 22:56:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
194
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 22:56:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
content-type
text/html; charset=utf-8
location
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=135944117417&ADFtpmode=2&loc=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D2%26siteid%3D1151&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
1x1.gif
a.mgid.com/ Frame BF47 		43 B
207 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.mgid.com/1x1.gif?id=714661&type=c&tg=&r=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D2%26siteid%3D1151&nv=0&clid=&clidv=0&d=1671058612709
Requested by
Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=2&siteid=1151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 22:56:52 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
779a89098d338fc8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
content-type
image/gif
/
www.facebook.com/tr/ Frame BF47
Redirect Chain
  • https://www.facebook.com/tr/?id=234568464078651&ev=Microdata&dl=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D2%26siteid%3D1151&rl=https%3A%2F%2Flp.cl...
  • https://www.facebook.com/tr/?a=tmgoogletagmanager&cd[DataLayer]=%5B%5D&cd[JSON-LD]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]...
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?a=tmgoogletagmanager&cd[DataLayer]=%5B%5D&cd[JSON-LD]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&coo=false&dl=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D2%26siteid%3D1151&ec=2&es=automatic&ev=Microdata&id=234568464078651&if=true&it=1671058612539&o=30&r=stable&redirect=0&rl=https%3A%2F%2Flp.cleverwebserver.com%2F&rqm=GET&sh=1200&sw=1600&tm=3&ts=1671058614175&v=2.9.90
Protocol
H3
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 14 Dec 2022 22:56:54 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 22:56:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
content-type
text/plain
location
/tr/?a=tmgoogletagmanager&cd[DataLayer]=%5B%5D&cd[JSON-LD]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&coo=false&dl=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D2%26siteid%3D1151&ec=2&es=automatic&ev=Microdata&id=234568464078651&if=true&it=1671058612539&o=30&r=stable&redirect=0&rl=https%3A%2F%2Flp.cleverwebserver.com%2F&rqm=GET&sh=1200&sw=1600&tm=3&ts=1671058614175&v=2.9.90
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
expires
0
Primary Request /
api.whatsapp.com/send/
Redirect Chain
  • https://wa.me/573162261500?text=SI%20estoy%20interesado%20
  • https://api.whatsapp.com/send/?phone=573162261500&text=SI+estoy+interesado+&type=phone_number&app_absent=0
106 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.whatsapp.com/send/?phone=573162261500&text=SI+estoy+interesado+&type=phone_number&app_absent=0
Requested by
Host: onx.la
URL: https://onx.la/08eea
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f22d:c5:face:b00c:0:167 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a228170a54e50ec31dd307582d3a5bb2ccb0d453454af5ece1b91fb4bf2733d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob:;script-src 'self' data: blob: 'unsafe-eval' 'unsafe-inline' *.fbcdn.net *.whatsapp.com *.whatsapp.net;style-src 'self' data: blob: 'unsafe-inline' whatsapp.com *.whatsapp.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com whatsapp.net *.whatsapp.net;connect-src 'self' data: blob: https://*.whatsapp.com;font-src data: https://*.fbcdn.net https://static.whatsapp.net;img-src 'self' data: blob: whatsapp.com *.whatsapp.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com whatsapp.net *.whatsapp.net;frame-src 'self' data: blob: whatsapp:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://onx.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src 'self' data: blob:;script-src 'self' data: blob: 'unsafe-eval' 'unsafe-inline' *.fbcdn.net *.whatsapp.com *.whatsapp.net;style-src 'self' data: blob: 'unsafe-inline' whatsapp.com *.whatsapp.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com whatsapp.net *.whatsapp.net;connect-src 'self' data: blob: https://*.whatsapp.com;font-src data: https://*.fbcdn.net https://static.whatsapp.net;img-src 'self' data: blob: whatsapp.com *.whatsapp.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com whatsapp.net *.whatsapp.net;frame-src 'self' data: blob: whatsapp:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 22:56:54 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=3,i
strict-transport-security
max-age=31536000; preload; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
7JdZ5baNCROLNhSgYQWfmoW+PUnMpmCcFD18dAz9keBMCW5xv0oG5iPE4HwdIJfEimIX223f1pfLGzgLwtEYCg==
x-fb-trip-id
1679558926
x-frame-options
DENY
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src 'self' data: blob: *.whatsapp.net *.whatsapp.com *.fbcdn.net;script-src 'self' data: blob: *.whatsapp.net *.whatsapp.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval';style-src 'self' data: blob: *.whatsapp.net *.whatsapp.com *.fbcdn.net 'unsafe-inline';frame-src 'self' data: blob: whatsapp:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 22:56:54 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
location
https://api.whatsapp.com/send/?phone=573162261500&text=SI+estoy+interesado+&type=phone_number&app_absent=0
pragma
no-cache
priority
u=3,i
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-type-options
nosniff
x-fb-debug
EwF/VJa62TmN//I8wUKB7YYcTgy1ITWeM6xyoyBb9vo+mzvplyUVpHxRztdzntnFlHyJxq5sAdbI29ArAUoy9w==
x-fb-trip-id
1679558926
x-frame-options
DENY
x-xss-protection
0
C2fHuK6eV5E.css
static.whatsapp.net/rsrc.php/v3/yI/l/0,cross/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.whatsapp.net/rsrc.php/v3/yI/l/0,cross/C2fHuK6eV5E.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: api.whatsapp.com
URL: https://api.whatsapp.com/send/?phone=573162261500&text=SI+estoy+interesado+&type=phone_number&app_absent=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f22d:c5:face:b00c:0:167 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
d1aa6c4ab2daba84e9082980e75f0bab05b5c126fe50ec98844a579585c5ba0f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://api.whatsapp.com/
Origin
https://api.whatsapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 22:56:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
k8V3InxfvjCMTYkVYlCuYg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1765
x-fb-rlafr
0
x-fb-debug
sQCByA8u1X6HjGGa7q9M5cbyiWzpkT+5HJEizQB/i1VNbcZR7IV/Yy70QKgGh64kQf+222Sf8s/ooSolY8vvRA==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sun, 10 Dec 2023 14:22:33 GMT
P7YLgwG7uVl.css
static.whatsapp.net/rsrc.php/v3/yV/l/0,cross/ 		134 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.whatsapp.net/rsrc.php/v3/yV/l/0,cross/P7YLgwG7uVl.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: api.whatsapp.com
URL: https://api.whatsapp.com/send/?phone=573162261500&text=SI+estoy+interesado+&type=phone_number&app_absent=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f22d:c5:face:b00c:0:167 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
de586fb1772e2c94d4f73a39224b8e45764a6b3d5330d9e900cb746b827ec09b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://api.whatsapp.com/
Origin
https://api.whatsapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 22:56:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
SQUIz9Hgh8kJl+sDzPLt1Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
26724
x-fb-rlafr
0
x-fb-debug
cj+msVEc4lsa0Z3XvZ4BGDCQYPTV6hbhCLYrwHOQiQWf7zSzP+F/lhfTYTJwb/DHsD1LnGmEWNUgFgHVhwsCCA==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Dec 2023 01:36:34 GMT
aeNVaTSlZx3.css
static.whatsapp.net/rsrc.php/v3/yE/l/0,cross/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.whatsapp.net/rsrc.php/v3/yE/l/0,cross/aeNVaTSlZx3.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: api.whatsapp.com
URL: https://api.whatsapp.com/send/?phone=573162261500&text=SI+estoy+interesado+&type=phone_number&app_absent=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f22d:c5:face:b00c:0:167 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
d47284b83a989820366cdb15ed6285d62e0235b153c7c58843033b1b95b82d97
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://api.whatsapp.com/
Origin
https://api.whatsapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 22:56:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
DPaDog8fWoFdW78wVheZ2g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2452
x-fb-rlafr
0
x-fb-debug
npkeZDa0Auu1LjeWANsPqraLdlGpltx7XVMNER+ECZm3GN4YF21I+nVW56OsuXB5BbPEUX9w1gL6+H9y1B5Ozg==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 13 Dec 2023 16:58:04 GMT
28bZN702Ikw.css
static.whatsapp.net/rsrc.php/v3/yc/l/0,cross/ 		761 B
522 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.whatsapp.net/rsrc.php/v3/yc/l/0,cross/28bZN702Ikw.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: api.whatsapp.com
URL: https://api.whatsapp.com/send/?phone=573162261500&text=SI+estoy+interesado+&type=phone_number&app_absent=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f22d:c5:face:b00c:0:167 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c6db3f25cef9d302542b41e0ed51aa8a7df470c38568a44606ee5ddfb0f9079
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://api.whatsapp.com/
Origin
https://api.whatsapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 22:56:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
VLzN3cDGGSC5C5stMHnv7A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
330
x-fb-rlafr
0
x-fb-debug
QOk+taoZ5zmKFx1ljjyfP82QOH9H+GWAw0HE916+9K8B7biPygst13ZU/te710Fe2Eiixlv5LQgNGrCZUNRf1Q==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 06 Dec 2023 20:42:13 GMT
BrbLRXK6ngn.js
static.whatsapp.net/rsrc.php/v3/yV/r/ 		305 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.whatsapp.net/rsrc.php/v3/yV/r/BrbLRXK6ngn.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: api.whatsapp.com
URL: https://api.whatsapp.com/send/?phone=573162261500&text=SI+estoy+interesado+&type=phone_number&app_absent=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f22d:c5:face:b00c:0:167 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9c47a188ee5d5f3faf4258ea33e236acc02ddf312572f25a94818e55057aa77
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://api.whatsapp.com/
Origin
https://api.whatsapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 22:56:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
uUSRrv2psMUL2UjlP6A3FQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
94923
x-fb-rlafr
0
x-fb-debug
deAKxfYrbmx5AqNDL4+9mwLHlS5Va+xLGydDuzWL6SNAjTBwBafamSbNY9VSdrdTAczfQxwf+m2D1bOAiz26PQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Mon, 11 Dec 2023 16:04:57 GMT
36B424nhiL4.svg
static.whatsapp.net/rsrc.php/ym/r/ 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.whatsapp.net/rsrc.php/ym/r/36B424nhiL4.svg
Requested by
Host: api.whatsapp.com
URL: https://api.whatsapp.com/send/?phone=573162261500&text=SI+estoy+interesado+&type=phone_number&app_absent=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f22d:c5:face:b00c:0:167 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
708f4f787db19dcb4cca817e1c38fba2baf0216b092c90d59648464791d57abb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.whatsapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 22:56:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
1PahtogH2TdrYgTecqnYJw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3483
x-fb-rlafr
0
x-fb-debug
mQDuv5cVhmIRs6S4cqpEVd9FzeRzz3YY3UZ/FLAirByzPZMdUy+fpuQwV/t+dF5e+fuQuQvP2QwV7C+QPJ3E5Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 10 Dec 2023 23:56:42 GMT
lOol7j-zq4u.svg
static.whatsapp.net/rsrc.php/yz/r/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.whatsapp.net/rsrc.php/yz/r/lOol7j-zq4u.svg
Requested by
Host: api.whatsapp.com
URL: https://api.whatsapp.com/send/?phone=573162261500&text=SI+estoy+interesado+&type=phone_number&app_absent=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f22d:c5:face:b00c:0:167 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
533ef6670e3d9c0e44718d0afa43f2edda11b58586e9da4e8f621145cf84d4d2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.whatsapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 22:56:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
fzJfYVRegc0rwTLMap2TrQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1223
x-fb-rlafr
0
x-fb-debug
+D0WkHEP5v2FugPDos5MyvruTaagAQyPt5OCcUfq08HldMDcA+IHV+sN4A2XPGdTFYO6xiotEd00zZKI2JJxug==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 10 Dec 2023 20:54:40 GMT
zLEOtkDd4p7.js
static.whatsapp.net/rsrc.php/v3i2aq4/ya/l/de_DE/ 		1 MB
294 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.whatsapp.net/rsrc.php/v3i2aq4/ya/l/de_DE/zLEOtkDd4p7.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.whatsapp.net
URL: https://static.whatsapp.net/rsrc.php/v3/yV/r/BrbLRXK6ngn.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f22d:c5:face:b00c:0:167 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e7653b2a0aa0c26df3a0487ddcab05745ad99189751ec49b6c07086cf8fb149b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://api.whatsapp.com/
Origin
https://api.whatsapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 22:56:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
s4UrPZbxY2uCQYR1TT/uOw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
300820
x-fb-rlafr
0
x-fb-debug
6cUmaaOlrlLnJeBX2Vv5DMuBq4mwNd0joHJ6pt2YMPkeyjgClIO/iVBNzmfd+J1eAlEsZjmAmVrqTu9IO7YZ0w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
timing-allow-origin
*
priority
u=1
expires
Thu, 14 Dec 2023 17:00:40 GMT
PyMoUs0-uTx.js
static.whatsapp.net/rsrc.php/v3/y2/r/ 		0
0
Yj6N6yD3D5b.js
static.whatsapp.net/rsrc.php/v3iN_84/yd/l/de_DE/ 		0
0
O4cwPJy7UQT.js
static.whatsapp.net/rsrc.php/v3/yG/r/ 		0
0
ZL1A46FYUm6.js
static.whatsapp.net/rsrc.php/v3/ya/r/ 		0
0
qd3BkPntgTu.js
static.whatsapp.net/rsrc.php/v3i2UN4/yl/l/de_DE/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.whatsapp.net
URL
https://static.whatsapp.net/rsrc.php/v3/y2/r/PyMoUs0-uTx.js?_nc_x=Ij3Wp8lg5Kz
Domain
static.whatsapp.net
URL
https://static.whatsapp.net/rsrc.php/v3iN_84/yd/l/de_DE/Yj6N6yD3D5b.js?_nc_x=Ij3Wp8lg5Kz
Domain
static.whatsapp.net
URL
https://static.whatsapp.net/rsrc.php/v3/yG/r/O4cwPJy7UQT.js?_nc_x=Ij3Wp8lg5Kz
Domain
static.whatsapp.net
URL
https://static.whatsapp.net/rsrc.php/v3/ya/r/ZL1A46FYUm6.js?_nc_x=Ij3Wp8lg5Kz
Domain
static.whatsapp.net
URL
https://static.whatsapp.net/rsrc.php/v3i2UN4/yl/l/de_DE/qd3BkPntgTu.js?_nc_x=Ij3Wp8lg5Kz

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontentvisibilityautostatechange function| delayRedirect object| CleverCore boolean| CleverCoreLoaded

19 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: 0d6e407936704bd380072f5891d28b0e
onx.la/ Name: clever-last-tracker-62980
Value: 1
onx.la/ Name: clever-counter-62980
Value: 0-1
gml-grp.com/ Name: CEK
Value: a
.onx.la/ Name: _ga
Value: GA1.2.1873211613.1671058612
.onx.la/ Name: _gid
Value: GA1.2.2011831902.1671058612
.onx.la/ Name: _gat_gtag_UA_72913840_5
Value: 1
gml-grp.com/ Name: XYZ
Value: 120&0&148&&&&0&1&&5d3b43a3-5840-4ce4-a333-0d1e5492b363&&a_1151b_904&
gml-grp.com/ Name: A_904
Value: a=904&r=0&fv=0&lv=0&vc=0&fc=20221214&lc=20221214105651&cc=1
gml-grp.com/ Name: PM_11
Value: c=YSABGYFLSRBAADE&s=1151&ad=904&md=0&pm=11&d=20221214225651&ip=2890330743&r=0&ref=https://lp.cleverwebserver.com/&RedirectParams=btag%3da_1151b_904c_YSABGYFLSRBAADE%26utm_medium%3d431%26utm_source%3d2%26siteid%3d1151
.betano.de/ Name: btag
Value: a_1151b_904c_YSABGYFLSRBAADE
.betano.de/ Name: __cf_bm
Value: YpKIOpMxi1tTdxSQ52nZEI71BIRXxboPhOPyQSaNto0-1671058612-0-AbPdRnxwm3u+Q6FAo3hzvWcMlsm4tCN3pzrTLhgrdvrVFfQYeOQe6PcpNZ2TP21Oer0Ii+l1Fh082S4UDCAgvJg=
.gmlinteractive.com/ Name: __cf_bm
Value: nfokDmUZy9HtYZKPLU0Ym6uCxOpQQRoLt1iWKXfX4CY-1671058612-0-AfgeZ8GC4OklL6pI3Wyd0BiarfYW2Oabvo1gDWY/ZVu3um+HGrN3Qso2aYG64kzdBMajShTnXrXppccZJg9565w=
.bing.com/ Name: MUID
Value: 2DC49D0BEF5B607928AD8F71EE5B61C1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.mgid.com/ Name: __cf_bm
Value: sxViJx3rHJhxcmhnsy81Pd28nCoj5TVbft_tV6LynT0-1671058612-0-AdFnbPtJw/j3stRV+6czSqW6I1j/puVmcVA6WVQQtaXCmB1upfCEd49ZdQ/tB6q4HSGp/USWWlojSgTclKPqbBg=
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAAXBgRUAIAQFwIm85ytinFSmMHx36aG3IunIBM3QolwKAr/Dsm8N8W7YAqsbpPkDyaXGezIAAAA=
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 1559126446230055049

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.mgid.com
api.whatsapp.com
apis.google.com
bat.bing.com
call.cleverwebserver.com
cdn.gmlinteractive.com
cdn.onurix.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
gml-grp.com
googleads.g.doubleclick.net
lp.cleverwebserver.com
onx.la
s2.adform.net
sc-static.net
scripts.cleverwebserver.com
sender.clevernt.com
static.whatsapp.net
tr.snapchat.com
track.adform.net
ui.cleverwebserver.com
wa.me
www.betano.de
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
static.whatsapp.net
13.225.77.245
148.69.64.76
2600:9000:20eb:8200:1e:e35f:100:93a1
2606:4700:1::6813:854e
2606:4700::6811:180e
2606:4700::6812:18f6
2606:4700::6812:8ce
2606:4700::6813:b110
2620:1ec:c11::200
2a00:1450:4001:803::2002
2a00:1450:4001:808::2004
2a00:1450:4001:808::2008
2a00:1450:4001:811::2003
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
2a00:1450:4001:82f::200e
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a03:2880:f21c:80c5:face:b00c:0:167
2a03:2880:f22d:c5:face:b00c:0:167
2a06:98c1:3121::3
35.190.43.134
37.157.2.247
37.157.4.41
52.22.106.250
0a228170a54e50ec31dd307582d3a5bb2ccb0d453454af5ece1b91fb4bf2733d
0c6db3f25cef9d302542b41e0ed51aa8a7df470c38568a44606ee5ddfb0f9079
0ea131a8a292456efa9e9a8915ddc9dda759229232fdda6f0166231aceed5766
127ed38a4225bf1e539654ce93433380bfe10c5796588d6309ecec6afe02a3c9
1353d3cfd641b4848f94b3bd3c3f936536718e2f53c91095d5f3cb9793e3354e
19d4fa5e5f7164cfa51ca5e06216f551c4905d14ee02301a5ad2bb70272b7a3e
1a293c17367401f95e0033f63690458c58408db245c695aa90fcdac702d9bf66
1b066d510c4090e83cec09026d4d5ab1ff2dbb08f68459761dad83ffec1774e9
26f357b4e833968ca9d297512bb595d650d89faff82f92581dfc8f189c21f078
275ad38575769a9c620913155a7bacf2636aae462f78a2d67db83c4d1461a60e
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ca91f61e60e1f54766cc8f4534ce9db9c9a05850fb39f3f9fbb9e5e3efff134
3198680c25a046472558836928539479ab06fe4d515a5b314c6bd60609a76b9f
45d4d6fe0a9cae467c6d81caef5edd008c13b70ba403979f979fb86d400378c7
4dae3cfcd0f2d91cd69bf264ed649eb1dd4e06bfb0b6fb02b06a447003b8254f
4e16cf57d5864a0923be893617f104cda5486ea3b4eb1f8a1d402a9debd74eb8
4ff44a828d3863f32d2facd2fce2881b2e50c9f1bbfb54504ab04937695bf676
50ae17bc5e9011822a19fcddf865d7110f35ddaba357960fd960b87d0fefe2cf
533ef6670e3d9c0e44718d0afa43f2edda11b58586e9da4e8f621145cf84d4d2
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
5957c5b418c1a2128adb6982bf2bebd2217eec361f0dbca241302756c72dd26e
5bf147816dd912f69bc4b5181eba3aadba92959bcceb7c2611d6ebfc71a6b5f8
5c7bf7bd941608a78b93872b8ac2508dc754dc6bf26271de549092826d7faa18
5c93b4e2e658d0e87dd6374842cd999aa2b26d5424cafdde1448a4fba535a626
5d63715c3e74f56f56f02445733f7d1e1ba3332d37d4e2cb0cfac2b14ef85dc7
5dc01eb027679fdf0f544924efc6512f44e990d550e55f9ef2292df92f389a3b
633b156edd6a32c425a6208ab23dd393267ba2ee301308afe7c64aca4d4dc223
6485b46ca315118bfcf650f4a86bac9e6135d68cf5a5fde6b933d5d75a02e825
677c7d98b2066fd6e4bd0da6f4f4e0e4e29e9181141e71bc3a788e604cd12798
6819939767e492cfe44998e97e1328cc121cb3b3167c80924dbdbe942fc1a77e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f92d2de12476e4800ece4cf4aae2ca4f45a56ae77e999e210a1363806723271
708f4f787db19dcb4cca817e1c38fba2baf0216b092c90d59648464791d57abb
73c1e253a02bb416439695b9430c05043e44d9c7fec6bf397fec9b99706250c7
74273066540e98f18789141f8c716b8c7a366956c420c9f5d4f60f49857c6bc6
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e0194519c661e2457b5eed727ddb9096a5b13778ba6c1a3813d97852ad8bcdf
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
89cab21c404ff0ef033e6d69329c5c57aad97a494375c8f0dfbaa15d479981f5
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
98af5e2d044165db4fe04e7a288c125ad78d50bd9e212ca6e520e5a55140e869
99de438a78b16dc0eab407baf55306f02e3775f09f428bac09ee5e13f0bc31eb
9d1d32f6fd1ed2900029c8afdf804a635950357b2c472d542333a1f6e4aa123e
9f312aead73c7059dc22bbff1a38210eaacd5e2d7beaaec586a32575c54bc35a
9f4e58943d7dc2696185b0610e03bfe9b612baffbd922e79ee274dc37e31e4db
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab0b457b80cef3e95cd052a050585750d385e355e6543c366c8c85ef299b5dfd
b0a65a77d1593668305691feb5f004c2599cb703916067e3a927b46c17058d3e
b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b61170c570b35792e6612ccb32cb828d644cb5a8a692ebc7656f4ce710451d68
c5e699934cfe12bf4a603217c46f701a31d4e6a3e11c0f32a83e2668b4d15e1f
c9c47a188ee5d5f3faf4258ea33e236acc02ddf312572f25a94818e55057aa77
cc75c92c970b9b9b4ea98bdce25142d32aee462d66d6e04090e78e299957f365
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf76deced8154c9bb5d86f892d81e6f8292d40900cdbdb484063dc0644019ef7
d14cf552496ba4036ec2a27b334679e2388e13f199c25a76101482eac970ea3f
d1948b809a04912efd39b9d82e7029245446aab614b635d9a59aa5c70746926a
d1aa6c4ab2daba84e9082980e75f0bab05b5c126fe50ec98844a579585c5ba0f
d47284b83a989820366cdb15ed6285d62e0235b153c7c58843033b1b95b82d97
d78c4fd516efd93e32056aa666f16bae5d21f65a51131c436b22d3f4fb117393
dcc6b633543bcc378409b05b180dd30d3d8104624c0948612f7ea501b103fe25
de586fb1772e2c94d4f73a39224b8e45764a6b3d5330d9e900cb746b827ec09b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7653b2a0aa0c26df3a0487ddcab05745ad99189751ec49b6c07086cf8fb149b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
f89c6e01dda9dce70ce27a525200928133bf6c1fd7267af651ace7f81c297b2e
f8d4dc8a2de390baede6c2ed7dcf8b105301cd30d4bb49eb5d8fe7b58cda36fc
fecc5917f95a4ba2c4e591ac7a2ca650eb142879f61a0194842496f5b6fbd366
fef08bb770de31e21a771b1683dda8d28d3c978f6e1159303c93ea1549fcc07c